Types of Audits

Routine Audits and Claim Verifications

Routine audits usually take the form of a claim verification request. Insurers might direct these requests for information to the patient or to you, the patient’s health care professional. For example, the insurer may request proof of payment. They may also ask you to confirm other details of the service or product you provided, such as time, date, duration, or nature of the service provided (e.g., initial assessment, follow-up treatment and so forth).

Claim verifications may be random, routine checks or they may be triggered by an apparent anomaly in claims data patterns. Insurers may request additional information by phone or email. If they contact you for information by phone, we recommend that you ask the insurer to resend the request by email. This will enable you to verify that the insurer has the patient’s permission to obtain the requested information and confirm the insurer’s credentials.

In all cases, keep detailed and accurate records of the audit process itself. Keep a record of who requested what information and when. Also, keep track of when you responded and who you responded to. If any miscommunications, discrepancies, or conflicts arise, create and securely store detailed records of this as well.

In-Depth Audits

Other audits may involve a more in-depth investigation of you and/or your clinic. An insurer may initiate these types of audits to answer questions they have about specific claims or claim patterns they observe in their data. Reasons an insurer decides to pursue an investigation include:

  • Claims data that suggests you are charging patients different rates for the same services according to the details of their EHC coverage. Insurers refer to this approach as “treating the plan, not the patient” and it’s considered a form of benefits abuse.
  • Claims data or other information to suggest that you are using incentives to drive utilization of services. For example, claims data show a sudden or dramatic increase in claim volumes when compared with a preceding period, or an insurer receives a tip from a member of the public.[1]
  • Claims data that suggest you are targeting a particular group for treatment. For example, you are treating a large percentage of patients from the same employer or members of the same family for the same issue (e.g., an orthotic is prescribed for every family member).

When an insurer decides to undertake an in-depth audit, it doesn’t necessarily mean they suspect Fraud or abuse. It means they need further information to understand the data or data patterns they see.

It’s standard practice for insurers to establish a contractual right with plan members (patients) to ask for further information, including receipts, clinical notes, billing and payment records.

“To process claim submissions in an effective and efficient manner the insurer/benefit administrator always requires plan members to authorize the release and exchange of information between a health care provider and the insurer/benefit administrator.”

Canadian Life and Health Insurance Association [2]

If you are registered for direct billing, then you have also agreed to certain information sharing and disclosure conditions. We suggest that you read and keep a copy of the terms and conditions of all direct billing arrangements that you enter into.

Remember to always keep a detailed record of the audit process itself.

[1] The Canadian Life and Health Insurance Association (CLHIA) has rolled out a multi-year Benefits fraud and abuse campaign, directed at members of the public. This includes a reporting portal for members of the public.
[2] CLHIA (2019). “Provider Audits” in Supplementary Health Insurance Explained. See also: Standard of Practice S-002: Record Keeping section 5 (3): “A member with primary responsibility for a record of personal health information shall provide, on request, copies of or access to a record of personal health information to any of the following persons, or any person authorized by…the patient…”