CERT Reviews of Palmetto GBA Medical Records Signature Requirements

Published 02/05/2018

Special Alert: While CMS guidelines mandate the presence of signatures specifically for all 'medical review' purposes, modifiers, etc., records pertaining to all procedures submitted to Medicare Part B are potentially subject to review by not only Palmetto GBA, but other CMS contractors such as CERT. Because of this, we are alerting you to the importance of these signature requirements and if changes are needed, we suggest you take immediate action.

The contents of this article are applicable to every Medicare claim processed by Palmetto GBA on or after April 28, 2008, for dates of service beginning with September 3, 2007. These instructions do not address CMS documentation requirements for specific situations.  

Signature’s Purpose
Medicare requires the individual who ordered/provided services be clearly identified in the medical records. The signature for each entry must be legible and should include the practitioner’s first and last name. For clarification purposes, we recommend you include your applicable credentials (e.g., P.A., D.O. or M.D.).

The purpose of a rendering/treating/ordering practitioner’s signature in patients’ medical records, operative reports, orders, test findings, etc., is to demonstrate the Part B services have been accurately and fully documented, reviewed and authenticated. Furthermore, it confirms the provider has certified the medical necessity and reasonableness for the service(s) submitted to the Medicare program for payment consideration.  

Medicare Requirements for Valid Signatures
Acceptable methods of signing records/test orders and findings include: 

  • Handwritten signatures or initials
  • Electronic signatures
    • Digitized signature an electronic image of an individual’s handwritten signature reproduced in its identical form using a pen tablet
    • Electronic signatures usually contain date and timestamps and include printed statements (e.g., 'electronically signed by,' or 'verified/reviewed by') followed by the practitioner’s name and preferably a professional designation. Note that the responsibility and authorship related to the signature should be clearly defined in the record. See below example.    
Electronically Signed By:  John Doe, M.D.  08/01/2013 @ 06:26 A  
    • Digital signature an electronic method of a written signature that is typically generated by special encrypted software that allows for sole usage
Unacceptable Signatures
  • Signature 'stamps' - alone in medical records are no longer recognized as valid authentication for Medicare signature purposes and may result in payment denials by Medicare 
  • Reports or any records that are dictated and/or transcribed, but do not include valid signatures - 'finalizing and approving' the documents are not acceptable for reimbursement purposes. Corresponding claims for these services will be denied. 

Note: Be aware that electronic and digital signatures are not the same as 'auto-authentication' or 'auto-signature' systems, some of which do not mandate or permit the provider to review an entry before signing. Indications that a document has been 'signed but not read' are not acceptable as part of the medical record.   

For a listing of acceptable and unacceptable examples please go to our article named 'Medical Records: Signature Requirements, Acceptable and Unacceptable Practices.'

The electronic system you select should include a process that verifies the individual signing their name has reviewed the contents of the entry and determined it contains what they intended.

Safeguards must be in place to protect against unauthorized access and inappropriate use of your electronic signatures, by whatever method, by anyone other than the designated individual to whom it is assigned. It is to be unique to him/her, and not reassigned nor reused by someone else. Furthermore, measures should be in place to protect the 'links' between electronic health information and signatures which prevent unapproved alteration through removal, copying or transfer.

To avoid unnecessary payment denials, rejections or overpayment situations, we strongly urge providers to check with their technical staff or software vendors to verify their current record-keeping and signature processes are in compliance with CMS instructions. Software/hardware should meet or exceed industry standards to avoid compromising the integrity of documentation and signatures.

For reference and exceptions, please refer to the Medicare Program Integrity Manual, Pub. 100-08, Chapter 3, Section B (PDF).