Conn. doctors wary of faxes seeking patient data
■ Concerns from members about violating privacy laws led the state medical society to ask insurers to clarify their requests in writing.
By Emily Berry — Posted Feb. 15, 2010
- WITH THIS STORY:
- » Related content
Connecticut physicians and the state's department of insurance are asking UnitedHealth Group to explain why its Ingenix subsidiary sent faxes to physicians that requested medical records for review.
Connecticut State Medical Society Executive Vice President Matthew Katz said many of the dozens of physicians who received the faxes were convinced the inquiry was fraudulent because it came by fax. Some were hesitant to send the records as requested because Health Net, whose Connecticut operations United recently absorbed, has reported the loss of identifying information for thousands of members and physicians, leaving them vulnerable to phishing or other scams.
After receiving hundreds of calls from members about the letter, Katz wrote to United, Health Net and Ingenix, copied to the state's attorney general, insurance commissioner and the Centers for Medicare & Medicaid Services. The letter asked the companies to stop the reviews and send letters to doctors clarifying the nature and purpose of the records request. Katz said that as of Feb. 4, he hadn't received any response from United other than, "We're looking into it."
Also on Feb. 4, an attorney with the Connecticut Insurance Dept. wrote to United requesting a response to the CSMS's questions and documentation of the language in any relevant contracts that allowed for such reviews.
United deferred comment to Ingenix. Ingenix responded to an inquiry from American Medical News about the letters with an e-mailed statement, which said in part:
"The requests were made by Ingenix on behalf of several different health plans' Medicare Advantage Organizations, with the goal of improving the accuracy of diagnosis-related data in claims that are used to support Medicare risk adjustments for the plans.
"Ingenix performed this service under contract with the health plans and consistent with CMS and HIPAA regulations. We will continue working with Connecticut physicians to ensure they fully understand the intent of this records request and to make it as easy as possible to gather the necessary information."
The letter faxed to physicians reads, in part, "Ingenix, on behalf of Health Net, Evercare and/or SecureHorizons is requesting your cooperation in providing access to your office medical records in order to facilitate a risk adjustment chart review."
Evercare and SecureHorizons are subsidiaries of UnitedHealth Group that sell Medicare Advantage plans. Health Net also offers Medicare Advantage plans in Connecticut.
The letter does not explain what the purpose of the review is, or say under what authority Ingenix or the health plans are making the request.
According to CMS' manual for Managed Medicare Organizations, because CMS risk-adjusts its capitated payments to managed care organizations, it requires audits of medical records to ensure that the risk is properly scored. MCOs are supposed to require network physicians to share records, and have the option of compensating physicians for sharing those records. The contracted managed care companies are responsible for ensuring that the audit process complies with federal privacy laws.
But the letter that went out to physicians didn't cite the CMS manual. It also did not say whether physicians' contracts allowed for the reviews. And there is no mention of compensating physicians.
Katz said physician inquiries to MediConnect, whose number is listed in the faxed letter as the appropriate contact, were no help.
"They pretty much just say, 'everything is good, just send us the records,' " Katz said.
MediConnect spokesman Jacob Moon referred questions to Ingenix.