OCTOBER 15, 2025
Understanding CPT Code Changes for 2026
The American Medical Association (AMA) has announced significant CPT code changes for 2026 that will impact medical billing across all specialties. These updates include the addition of 253 new codes, deletion of 87 outdated codes, and revisions to 149 existing codes. Understanding these changes is crucial for maintaining clean claims and avoiding denials.
Major changes include expanded codes for remote therapeutic monitoring (RTM), new evaluation and management codes for complex chronic care coordination, and updated codes for minimally invasive surgical procedures. The cardiology section sees substantial revisions with new codes for advanced cardiac imaging and electrophysiology procedures. Orthopedics receives updates for joint replacement procedures and sports medicine interventions.
To prepare your practice, start by reviewing the complete CPT 2026 code set and identifying which changes affect your specialty. Update your practice management systems and electronic health records to include new codes before January 1, 2026. Train your clinical and billing staff on proper code selection and documentation requirements. Review payer-specific guidelines as commercial insurers may have different effective dates than Medicare. Conduct internal audits in January and February 2026 to ensure accurate implementation and identify any coding issues early.
OCTOBER 8, 2025
Maximizing Medicare Reimbursements
Medicare reimbursement optimization requires a strategic approach combining accurate coding, comprehensive documentation, and proactive denial management. With proper techniques, practices can increase their Medicare collections by 15-25% while reducing administrative burden and audit risk.
Documentation is the foundation of maximum reimbursement. Ensure every encounter note clearly supports the level of service billed with detailed history of present illness, comprehensive review of systems, and thorough assessment and plan. Use appropriate E/M code levels based on medical decision-making complexity rather than defaulting to mid-level codes. Document time-based billing when counseling and coordination exceed 50% of the encounter. For procedure codes, include detailed operative notes with clear descriptions of technique, complexity, and any complications addressed.
Leverage modifier usage strategically to capture additional reimbursement for services that might otherwise be bundled or denied. Modifier 25 allows separate payment for E/M services on the same day as procedures when documentation supports a significant, separately identifiable service. Modifier 59 unbundles procedures performed at different anatomic sites or separate patient encounters. Understanding modifier requirements and proper application can significantly increase revenue while maintaining compliance. Additionally, stay informed about Medicare's Quality Payment Program (QPP) and participate in Merit-based Incentive Payment System (MIPS) to earn positive payment adjustments. Track your performance on quality measures, cost metrics, and meaningful use of certified EHR technology to maximize your composite performance score.
SEPTEMBER 30, 2025
Provider Credentialing Best Practices
Provider credentialing is a critical process that can take 90-120 days when properly managed, but delays and errors can extend this timeline to six months or more, resulting in significant revenue loss. Implementing best practices streamlines enrollment and ensures providers can begin seeing patients and receiving reimbursements as quickly as possible.
Start the credentialing process immediately upon hiring a new provider—don't wait for their start date. Create a comprehensive credentialing checklist including all required documents: medical school diploma and transcripts, residency and fellowship certificates, board certification, state medical licenses (current and historical), DEA certificate, malpractice insurance (occurrence or claims-made with tail coverage), work history with no gaps for the past 10 years, three professional references, NPDB report, and OIG/SAM exclusion checks. Maintain a complete CAQH profile with current information, as most commercial payers use this database for primary source verification.
Common pitfalls include incomplete applications (the leading cause of delays), unexplained gaps in work history, expired credentials, and failure to respond promptly to payer requests for additional information. Assign a dedicated credentialing specialist who tracks all applications, follows up regularly with payers, and maintains detailed documentation of all communications. Create a master calendar tracking expiration dates for all credentials and start re-credentialing processes 120 days before expiration to prevent lapses. For new practices, prioritize credentialing with payers that represent your largest patient populations. Consider credentialing with all major payers even if you don't immediately need all contracts, as having them in place provides flexibility and negotiating leverage. Finally, don't forget about facility credentialing if your providers will have hospital privileges or work at ambulatory surgery centers—these processes run parallel to insurance credentialing and have their own timelines and requirements.
SEPTEMBER 22, 2025
Denial Management Strategies That Work
Claim denials cost healthcare practices millions in lost revenue annually, with the average practice experiencing denial rates between 5-10%. However, studies show that 90% of denials are preventable, and 63% of denied claims are never reworked, representing significant missed revenue opportunities. Implementing effective denial management strategies can recover 60-70% of denied claims and prevent future denials.
Begin by categorizing denials to identify patterns. Common denial reasons include registration/eligibility errors (27% of denials), missing or invalid prior authorization (11%), coding errors (10%), timely filing limits exceeded (8%), and medical necessity issues (6%). Track denial reasons by payer, provider, and service type to identify systematic problems. Create a denial log capturing date of service, claim submission date, denial date, denial reason code, amount, and current status. This data reveals trends that guide preventive measures.
For prevention, verify insurance eligibility in real-time at scheduling and again at check-in using automated verification tools. Obtain prior authorizations before services are rendered and document authorization numbers in claims. Implement coding reviews with certified coders conducting regular audits to catch errors before submission. Train front desk staff on accurate demographic data collection and proper secondary insurance identification. For denied claims, prioritize high-dollar denials and those within timely filing limits. Write compelling appeal letters that address the specific denial reason, reference relevant policy provisions, and include supporting documentation such as medical records, operative notes, and medical necessity rationale. For complex or high-value denials, consider peer-to-peer reviews where the treating physician speaks directly with the payer's medical director. Track appeal success rates by payer and denial reason to refine your strategies. Finally, don't ignore small-balance denials—they accumulate quickly and may indicate systematic issues affecting larger claims.
SEPTEMBER 15, 2025
Telehealth Billing in 2025
Telehealth services have become a permanent fixture in healthcare delivery, with utilization stabilizing at about 20-25% of outpatient visits following pandemic-era peaks. However, reimbursement policies continue to evolve rapidly, with significant variations between Medicare, Medicaid, and commercial payers. Understanding current requirements is essential for proper billing and optimal reimbursement.
Medicare policies allow telehealth services for established patients without geographic restrictions through December 31, 2025, with audio-only visits covered for behavioral health and certain E/M services. Use place of service code 02 for synchronous telehealth services and append modifier 95 to the procedure code. Audio-only services should use place of service code 02 with appropriate telephone E/M codes (99441-99443). Remote patient monitoring (RPM) and remote therapeutic monitoring (RTM) services have specific time and device requirements—ensure you meet minimum thresholds and document accordingly.
Commercial payer policies vary significantly. Many follow Medicare guidelines but some require specific modifiers (GT, GQ, or 95), restrict services to certain specialties, or limit visit frequency. State Medicaid programs have their own rules, with some offering enhanced telehealth coverage beyond federal requirements. Before providing telehealth services, verify patient-specific coverage including originating site requirements, technology specifications (two-way audio-video vs. audio-only), provider eligibility (some plans only allow MDs/DOs, excluding NPs/PAs), and consent documentation requirements. Maintain detailed notes documenting the telehealth encounter including patient location, technology platform used, start and stop times, and any technical difficulties encountered. For behavioral health services, be particularly careful about state licensure requirements when treating patients across state lines. Finally, stay informed about policy changes—several telehealth flexibilities currently in place have sunset dates, and new permanent policies are being developed by CMS and state legislatures throughout 2025 and 2026.
SEPTEMBER 5, 2025
HIPAA Compliance Checklist for 2025
HIPAA compliance remains a critical concern for healthcare organizations, with OCR (Office for Civil Rights) conducting increasingly sophisticated audits and imposing substantial penalties for violations. Recent enforcement actions have resulted in multi-million dollar settlements, particularly for breaches involving unencrypted devices, inadequate business associate agreements, and insufficient risk assessments. Ensuring comprehensive compliance protects both patients and your organization.
The Privacy Rule requires designated Privacy Officer, written privacy policies and procedures, Notice of Privacy Practices provided to all patients with documented acknowledgment, patient rights processes for access requests (response within 30 days), amendment requests, accounting of disclosures, and restriction requests. Train all workforce members on privacy policies at hire and annually thereafter with documented completion records. The Security Rule mandates comprehensive risk assessments updated annually or when significant changes occur, written security policies covering administrative, physical, and technical safeguards, workforce security training, access controls limiting system access based on role and need-to-know principle, encryption for data at rest and in transit (particularly for mobile devices and email), audit controls tracking system activity, and incident response procedures with breach notification protocols.
Business Associate Agreements (BAAs) must be executed with all vendors having access to PHI including billing companies (like Quentas RCM), EHR vendors, cloud storage providers, transcription services, shredding companies, and IT support contractors. BAAs must include required provisions specifying permitted uses of PHI, safeguard obligations, breach reporting requirements (within 60 days of discovery), and termination provisions. Review BAAs annually and update as needed. For breach response, have documented procedures defining what constitutes a breach (acquisition, access, use, or disclosure not permitted under HIPAA), investigation protocols to determine scope and cause, mitigation measures to limit harm, notification requirements (to individuals within 60 days, to OCR if affecting 500+ individuals, to media if affecting 500+ individuals in a state), and documentation requirements (maintain records for six years). Conduct regular compliance audits including quarterly review of access logs, semi-annual testing of security controls, annual privacy training completion verification, and mock breach response drills. Stay informed about emerging compliance issues such as AI and machine learning tool usage, cloud service security, telehealth privacy considerations, and cybersecurity threats including ransomware attacks targeting healthcare.
