9.3 Coding Accuracy Validation Controls

Validation as a Managed Control

Domain 4 Task 2 makes coding accuracy a leadership responsibility, not a coder-by-coder hope. Validation compares the codes actually assigned against four reference points, in this priority order: the health record documentation, the ICD-10-CM/PCS and CPT Official Guidelines, facility policy, and payer requirements. When these conflict, documentation plus official guidelines govern code assignment; payer policy governs how the claim is built and billed, not whether the code is clinically and grammatically correct.

A defensible coding audit program has named components. Memorize the cycle, because exam stems often ask which step is missing.

Measuring Accuracy and DRG Integrity

Many programs target a coding accuracy rate of 95% or higher, but the exam cares more that you measure the right things than that you memorize one number. Distinguish two views: per-record accuracy (was the entire record coded correctly?) is stricter and lower than per-code accuracy (what fraction of individual codes were correct?). For inpatients, run a separate DRG validation that checks the principal diagnosis, code sequencing, CC/MCC assignment, present-on-admission indicators, and the resulting DRG. A single wrong principal diagnosis or a missed MCC changes the DRG even when most individual codes are right.

A Worked Example

An auditor reviews 30 inpatient records and finds 27 fully correct and 3 with a single miscoded secondary diagnosis. Per-record accuracy is 27/30 = 90%; if those 30 records contained 300 total codes and only 3 were wrong, per-code accuracy is 297/300 = 99%. The same audit can look excellent or marginal depending on which metric is reported — the RHIA must report both and explain the difference to stakeholders, then check whether any of the three errors changed the DRG.

Prioritizing and Escalating

Use payment impact to prioritize what gets reviewed first — high-weight DRGs, outlier cases, codes with frequent denials — but never to decide whether a code is right. The compliant logic is: documentation supports the code, the code follows the guideline, therefore it is correct, regardless of whether it pays more or less.

Follow this validation workflow:

1. Define the standard before reviewing (guidelines, Coding Clinic, policy).
2. Sample with both random and risk-targeted records.
3. Score per-record, per-code, and DRG accuracy separately.
4. Trend variances by coder, service line, and error type.
5. Educate on the specific pattern, not generic refreshers.
6. Escalate systematic upcoding, unbundling, or pattern fraud to compliance — do not quietly rebill and move on.

Common Exam Traps

The wrong answers usually treat the higher-paying code as automatically correct, skip the documentation check, or fix one account without addressing the pattern. A repeated error across coders is a process or education failure, not just a single mistake. When a stem shows the same DRG error recurring, the best answer targets the root cause — a flawed coding edit, an ambiguous policy, or a training gap — not a one-record correction. And whenever an audit reveals a possible pattern of upcoding or unbundling, the administrator escalates to the compliance program rather than resolving it informally.

Building a Defensible Sampling Plan

The credibility of a validation program rests on how records are selected. A pure random sample estimates the overall accuracy rate fairly, but it can miss concentrated risk. The administrator therefore blends two approaches: a random sample to measure the true error rate across all coding, and a targeted (judgmental) sample aimed at known risk — high-weight DRGs, claims with a single CC or MCC that swings the DRG, new or recently retrained coders, services with frequent payer denials, and codes flagged in the OIG Work Plan.

Sample size should be large enough to detect a pattern; many programs review a fixed number of records per coder per quarter so each staff member is evaluated consistently.

Distinguish a routine internal audit from an external or probe audit. A routine internal audit is educational and improvement-focused. When CMS, a Recovery Audit Contractor, or another payer requests records, the administrator follows a defined response workflow: pull the exact documentation, verify the codes against the guidelines before responding, and never alter the record to match the claim after the fact.

Closing the Loop With Education and Trends

Validation has no value unless its findings change behavior. After scoring, trend the errors so isolated mistakes are separated from patterns. A single transposed code is a coaching note; the same error across five coders is a policy or training gap; the same error tied to one DRG is likely a flawed coding edit or ambiguous guideline. Map each error type to an action: individual feedback, group training, a coding-policy clarification, an edit reconfiguration, or compliance escalation. Re-audit the same risk area after education to confirm the rate improved, and report accuracy trends to the coding-compliance committee.

This closed loop — sample, score, trend, educate, re-audit, report — is what the exam means by validating coding accuracy as a managed control rather than a one-time spot check.