Industry News, September 2024

AMA Releases 2025 Procedure Code Set

​The American Medical Association (AMA) released the 2025 CPT® code set on September 9, 2024. The development of new technologies and innovative procedures prompted most of the annual changes. Key updates include: 

• Addition of new E/M subsection for Telemedicine services and 17 new telemedicine codes;
• 5 new codes for open excision/destruction of intra-abdominal tumors;
• 6 new codes for thoracic fascial plane blocks;

• 6 new codes for Magnetic Resonance (MR) safety services;
• 2 new codes for therapeutic drug delivery into the coronary arteries via drug-coated or drug-eluting balloon; and
• 7 new codes for Artificial Intelligence (AI) augmentative data analysis involved in electrocardiogram measurements, medical chest imaging, and image-guided prostate biopsy.

​A total of 11,321 codes are available for 2025. 420 editorial changes were made for the 2025 code set, including 270 new codes, 112 deletions, and 38 revisions. Category III codes for emerging medical services made up about a third of the new codes.
According to AMA President Bruce A. Scott, M.D., “The latest updates to the CPT code set reflect advancements in contemporary clinical practice and ensures the code set fulfills its vital role as the trusted universal language of medicine.”

---

FDA Guidance Issued on New Mammography Requirements

In their March 2023 Final Rule, the U.S. Food and Drug Administration (FDA) issued an amendment to the Mammography Quality Standards Act (MQSA). Among other changes, the new MQSA requires all patients be notified of their breast density status. This is important because a woman’s breast density, while a normal finding, can affect mammogram interpretations. It is now understood that greater breast density is an independent risk factor for developing breast cancer. Consequently, it is necessary for patients to understand their breast density status, and its potential for masking cancers.

In their March 2023 Final Rule, the U.S. Food and Drug Administration (FDA) issued an amendment to the Mammography Quality Standards Act (MQSA). Among other changes, the new MQSA requires all patients be notified of their breast density status. This is important because a woman’s breast density, while a normal finding, can affect mammogram interpretations. It is now understood that greater breast density is an independent risk factor for developing breast cancer. Consequently, it is necessary for patients to understand their breast density status, and its potential for masking cancers.

On August 8, 2024, the American College of Radiology (ACR) held a 2-hour Town Hall on the amended MQSA regulations. The Town Hall featured experts from the FDA Division of Mammography Quality Standards (DMQS) and is available online. The ACR Town Hall provided information regarding the exact verbiage that is required to satisfy the MQSA requirements in mammogram report documentation. This article includes a summary of the required documentation for breast density assessment notifications to the referring healthcare provider, and breast density notification lay summaries to the patient. While there are no specific requirements for the formatting of breast density assessment and patient notification in a mammogram report, the FDA does state that both elements should be “distinct and identifiable.”

Specific verbiage required to be documented in the mammography report to the referring healthcare provider for density assessment can be found in section 900.12(c)(1)(vi) of the 2023 MQSA Final Rule. One of the four density categories is required to be listed in the report. The exact verbiage found inside the following quotations is required to satisfy MQSA requirements. The addition of a breast density category letter code is neither required nor prohibited; however, a letter code alone does not satisfy the MQSA density assessment documentation requirements.

• Category (A) Fatty Tissue: “The breasts are almost entirely fatty.”
• Category (B) Few areas of dense tissue: “There are scattered areas of fibroglandular tissue.”
• Category (C) Heterogeneously Dense: “The breasts are heterogeneously dense, which may obscure small masses.”
• Category (D) Extremely Dense: “The breasts are extremely dense, which lowers the sensitivity of mammography.”

Specific language, referred to as “lay summaries”, is also required in the mammogram report to satisfy the MQSA requirements for breast density notification to the patient. Readability was taken into consideration for the lay summaries, which were kept below the 8th grade reading level to enhance patient understanding. The new MQSA requirements include notifying the patient of their breast density status as either “not dense” (Category A or B), or “dense” (Category C or D), using one of the lay summaries found in quotations below.

• Not Dense (Category A or B): “Breast tissue can be either dense or not dense. Dense tissue makes it harder to find breast cancer on a mammogram and raises the risk of developing it. Your breast tissue is not dense. Talk to your healthcare provider about breast density, risks for breast cancer, and your individual situation.”
• Dense (Category C or D): “Breast tissue can be either dense or not dense. Dense tissue makes it harder to find breast cancer on a mammogram and also raises the risk of developing breast cancer. Your breast tissue is dense. In some people with dense tissue, other imaging tests in addition to a mammogram may help find cancers. Talk to your healthcare provider about breast density, risks for breast cancer, and your individual situation.”

It should be emphasized that the required verbiage is exact, as any alteration will affect readability. The FDA provided an example in the August 8, 2024, ACR Town Hall, stating altering patient notification sentence “Your breast tissue is dense” to “Your breast tissue is extremely dense” would not meet the new MQSA notification requirements.

​In addition to the implemented MQSA amendments, the Policy Guidance Help System (PGHS) was retired and replaced with the Small Entity Compliance Guide (SECG) on September 10, 2024. The SECG is a 54-page document that explains the actions small entities need to take to remain compliant with the new MQSA rule. The SECG also includes information previously found in the PGHS. According to the  FDA, they have “developed this Small Entity Compliance Guide (SECG) to explain the actions a small entity is required to take to comply with the MQSA rule and its implementing regulations. The March 2023 MQSA rule modernized mammography regulations and specifies that the mammography report given to patients specifies if the patient has dense or not dense breast tissue and includes a prescribed paragraph on the significance of breast density.”

The FDA is providing further resources to help facilities achieve compliance with the amended regulations in the updated Important Information: Final Rule to Amend the Mammography Quality Standards Act (MQSA) and Frequently Asked Questions About MQSA on their website.

Facilities with any questions related to the amended regulations should contact the MQSA facility hotline by phone 1-800-838-7715, fax 1-443-285-0689, email [email protected], or online form. 

---

CMS Issues RFI on Potential Consolidation of MAC Jurisdictions

The Centers for Medicare and Medicaid Services (CMS) issued a recent request for information (RFI) concerning the potential jurisdiction consolidation of 4 Medicare Administrative Contractor (MAC) jurisdictions into 2 jurisdictions, and potential extension of MAC contracts to 10 years:

• Consolidation of A/B Medicare Administrative Contractors (MACs) for Jurisdiction 5 (Iowa, Kansas, Missouri and Nebraska) and A/B Home Health and Hospice (HH+H) MAC Jurisdiction 6 (Illinois, Minnesota, and Wisconsin plus HH+H claims for Alaska, American Samoa, Arizona, California, Guam, Hawaii, Idaho, Michigan, Minnesota, Nevada, New Jersey, New York, Northern Mariana Islands, Oregon, Puerto Rico, US Virgin Islands, Wisconsin and Washington)  into “Jurisdiction G”;
• Consolidation of A/B MAC Jurisdiction 8 (Indiana and Michigan) and A/B HH+H MAC Jurisdiction 15 (Kentucky and Ohio plus HH+H claims for Colorado, Delaware, District of Columbia, Iowa, Kansas, Maryland, Missouri, Montana, Nebraska, North Dakota, Pennsylvania, South Dakota, Utah, Virginia, West Virginia and Wyoming) into “Jurisdiction Q”; and
• Extension of 5-year MAC contract awards to 10 years. 

​According to CMS, the purpose of this RFI is to assist in identifying the benefits and challenges of jurisdiction consolidation and awarding MAC contract awards for 10 years based on “experience and industry best practices”. For jurisdiction consolidation, topics include analysis for development and implementation, communication issues, potential system and non-system impacts, and workflow impacts over time. For awarding future MAC contracts, topics include recommendations for incentivizing and rewarding exceptional MAC performance, specific metrics or criteria to measure MAC performance and relationships with providers, and impacts of possible re-negotiation with each MAC contract each option year. CMS clarified it will use this information obtained from this RFI “at its discretion and will not provide comments to any vendor’s submission. However, responses to the RFI may be reflected in future MAC procurements.”

---

MAC Data Breach Notification

In a press release issued by the Centers for Medicare & Medicaid Services (CMS), Wisconsin Physicians Service Insurance Corporation (WPS), the Medicare Administrative Contractor (MAC) for Iowa, Kansas, Missouri, Nebraska, Indiana, and Michigan was involved in a data breach that exposed patients’ protected health information (PHI) involving MOVEit software, a third-party application used by WPS for file transfers in providing Medicare services. This breach potentially affects the PHI of approximately 946,801 current Medicare beneficiaries, as well as some individuals who received healthcare services from providers audited by CMS. Notifications are being mailed to those affected, while a substitute notice will be posted for individuals with outdated contact information.

On July 8, 2024, WPS notified CMS about a cybersecurity incident involving MOVEit, which compromised files containing PHI and other personal data from May 27 to May 31, 2023. Although there are no reports of identity fraud, WPS is informing affected individuals about the incident and providing resources. The compromised information may include names, social security numbers, dates of birth, addresses, and health-related identifiers. A vulnerability in MOVEit was discovered on May 31, 2023, and a patch was released. Initial investigations found no unauthorized access, but a later review revealed that some files with personal information had been copied before the patch was applied.

In response to this incident, CMS has offered beneficiary resources including enrolling in the free 12-month use of Experian Identity Protection Monitoring Services. CMS also recommends beneficiaries obtain one free credit report annually from each of the three major credit reporting companies, review credit reports for unauthorized accounts or errors, and report any suspicious activity to local law enforcement and the Federal Trade Commission (FTC).

S has not received any reports of identity fraud linked to this incident, specifically with Medicare Beneficiary Identifiers (MBIs). Beneficiaries are recommended to continue using their existing cards. New Medicare cards will be issued to those who may have been affected. For further questions, contact the Experian response line at 833-931-5700 or call 1-800-MEDICARE for general inquiries.

---

NRC Advocates for Awareness Regarding Therapeutic Radiopharmaceutical Delivery

The U.S. Nuclear Regulatory Commission (NRC) is an independent federal agency that ensures the “safe use of radioactive materials for beneficial civilian purposes while protecting people and the environment.” Last month, the NRC issued an information notice (IN) to medical-use licensees and state radiation program directors regarding recent adverse medical events related to the use of therapeutic radiopharmaceuticals. The NRC emphasizes the importance of reviewing these incidents to prevent future occurrences, as adverse medical events can indicate problems with the administration of radioactive materials, despite often not causing patient harm. Licensees are required to report such events under regulatory guidelines; and the NRC, along with the Advisory Committee on the Medical Uses of Isotopes (ACMUI), analyzes these reports to identify underlying issues. The increase in FDA-approved radiopharmaceuticals has led to a rise in reported adverse medical events, with 29 incidents noted from fiscal years 2021 to 2023.

The inadequate training of staff and failure to confirm adherence to protocols were identified as root causes of several adverse medical events during radiopharmaceutical administrations. Instances included nurses improperly handling equipment, leading to patients receiving significantly lower doses than prescribed due to leaks and incorrect setups. Specific examples involved issues with infusion systems and incorrect cap placements, which caused leakage during treatments. Additionally, some events were linked to insufficient saline flushes and improper administration of medications. Overall, this lack of procedure adherence and inadequate staff training should prompt corrective actions to improve staff training and procedural compliance in the future.

The NRC stressed the importance of licensees developing and maintaining written procedures to ensure administrations align with written directives, especially when introducing new treatment protocols. This is in accordance with NRC regulation 10 CFR 35.41. In addition, the NRC provided recommendations for improvement to include validating written directive information before each administration, utilizing time-outs to review processes, and verifying the correct radiopharmaceutical and prescribed dosage. Training staff on new procedures and conducting mock runs before initial treatments can also help minimize risks. Licensees are encouraged to ensure all involved staff are adequately trained and to communicate with peers and manufacturers to identify best practices for avoiding medical events when adopting new therapies or protocols.

---

CMS Releases E/M Add-On Code G2211 Clarification

In response to numerous questions raised by the American Medical Association (AMA), physicians, and medical specialty societies, CMS has released frequently asked questions (FAQs) about the Evaluation and Management (E/M) Visit Complexity Add-On HCPCS Code G2211. The FAQs address several topics, including when the code can be reported, what constitutes a serious or complex condition, what documentation is required to report the code, and the application of patient cost-sharing.  

CMS explains that all medical professionals who can bill Medicare for office/outpatient (O/O) E/M visits (i.e., Current Procedural Terminology (CPT®) codes 99202-99205, 99211-99215) may report the HCPCS code G2211 add-on code to O/O E/M base codes. HCPCS code G2211 may not be reported without reporting an O/O E/M base code. “HCPCS code G2211 captures the inherent complexity of the O/O E/M visit that is derived from the longitudinal nature of the practitioner and patient relationship.” (CY 2024 physician fee schedule (PFS) final rule, 88 FR 78818, 78970)

CMS also describes situations in which the add-on code would not be appropriate, such as when the care furnished during the E/M visit is of a discrete, routine, or time-limited nature. Examples of a limited relationship include one-time illnesses and injuries, like mole removals, fractures, or simple viruses. It is also not appropriate to report the code when comorbidities are either not present, not addressed, or when the provider does not plan to take responsibility for subsequent, ongoing medical care for the patient with consistency and continuity over time. 

CMS clarifies multiple providers in the same practice may also serve as the continuing focal point for all needed services or provide ongoing care for a single, serious condition, or a complex condition. In such circumstances, when a patient sees another physician or practitioner in a team-based care practice and all other requirements are met, it may be appropriate to report G2211. 

G2211 will also be denied if it is billed with an E/M visit that has been reported with a modifier 25 on the same date of service, for the same patient, by the same physician or nonphysician practitioner (NPP). However, CMS is proposing to allow payment of G2211 when the E/M base code is reported by the same practitioner on the same day as a vaccine administration or any preventive service, furnished in the office or outpatient setting in 2025.  

For additional information, review MM13473. 

---

CCHP Provides Medicare Fee-for-Service 2024 Telehealth Billing Guide

The Center for Connected Health Policy (CCHP), a program under the Public Health Institute and currently the federally designated National Telehealth Policy Resource Center, has provided its 2024 Medicare Fee-for-Service Billing Guide for telehealth encounters. This publication is being released later in the year due to updates issued by the Centers for Medicare and Medicaid Services (CMS).

Many of the temporary Medicare telehealth policies have been extended through the end of 2024 as a result of the Consolidated Appropriations Act of 2023 (CCA, 2023). As such, this billing guide covers the information effective until December 31, 2024, for Medicare. CCHP recommends subscribing to the Medicare Learning Network Newsletter, as well as other CCHP resources and regional telehealth resource centers to keep current on CMS updates. Topics covered in this user-friendly billing guide include:

• Medicare Basics: Telehealth Policy
  • Permanent Medicare Telehealth Policy
  • Current/Temporary Medicare Telehealth Policy
  • What a distant site practitioner needs to know
  • What the originating site needs to know
  • What a hospital/facility needs to know
• Communication Technology-Based Services (CTBS)
  • Remote Evaluation and Virtual Check-In
  • Remote Physiological or Patient Monitoring (RPM)
  • Remote Therapeutic Monitoring (RTM)
  • eConsult or Interprofessional Consultation Codes & eVisit
  • Chronic Care Management, Transitional Care Management, and Principal Care Management

As in past editions, this guide also includes Medicare billing examples to simplify telehealth billing scenarios, and in some instances, examples of telehealth billing for other payers are provided.

---

All rights reserved. No part of this newsletter may be reproduced in any form whatsoever without written permission from the publisher. This newsletter may reflect coding information from the 2024 Physician’s Current Procedural Terminology (CPT® Manual). CPT is a registered trademark of the American Medical Association. CPT® five-digit codes, nomenclature and other data are copyright 2023 American Medical Association. All Rights Reserved. No fee schedules, basic units, relative values or related listings are included in CPT®. This product should not be considered a substitute for the codes, cross-references and exclusions located in the CPT® Manual.  AMA does not directly or indirectly practice medicine or dispense medical services. AMA assumes no liability for the data contained herein or not contained herein. All rights reserved. No part of this newsletter may be reproduced in any form whatsoever without written permission from the publisher. This newsletter may reflect coding information from the 2024 Physician’s Current Procedural Terminology (CPT® Manual). CPT is a registered trademark of the American Medical Association. CPT® five-digit codes, nomenclature and other data are copyright 2023 American Medical Association. All Rights Reserved. No fee schedules, basic units, relative values or related listings are included in CPT®. This product should not be considered a substitute for the codes, cross-references and exclusions located in the CPT® Manual.  AMA does not directly or indirectly practice medicine or dispense medical services. AMA assumes no liability for the data contained herein or not contained herein.