About CERT/HIPAA
CERT Process Overview:
The CERT contractor randomly requests an average of 200 claims each month. At that time they also receive the provider address listed on the system so they may request the record for review. CERT will send up to four letters requesting the records, one every 20 days or so. The providers have 90 days before the claim is counted toward the Provider Compliance Error Rate.
The medical review specialists at the CERT contractor will review each claim and determine the following:
- Does the service fit a Medicare benefit category
- Is the service statutorily excluded
- Is the service medically reasonable and necessary
- Is there documentation to support the service was performed
- Is the service coded and billed correctly
Twice a month the CERT contractor sends a file to CIGNA Government Services that includes all the denied claims for that month. CIGNA will adjust the claims and notify providers.
If the provider disagrees with the CERT initiated denial, the claim may be appealed. The same Medicare guidelines for the appeal process at CIGNA Government Services apply to the appeals process for CERT initiated denials. All appeals for CERT initiated denials will be processed through CIGNA.
HIPAA:
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a Federal law that allows people to immediately qualify for comparable health insurance coverage when they change their employment relationships. Along with the standardization of the exchange of electronic data and the requirement for the use of national identification systems, HIPAA has also specified the types of measures required to protect the security and privacy of personally identifiable health care information.
All HIPAA regulations have been met regarding the AdvanceMed contracts with CMS. When Medicare beneficiaries enroll in the Medicare program, they are informed of Medicare's use of their personal health information to carry out health care operations. AdvanceMed performs health care operations as a business associate of CMS with respect to the HIPAA Privacy Rule. Providing the requested documentation does not violate the minimum necessary provision of the HIPAA Privacy Rule and does not require further beneficiary authorization.
