If You’re Only Scoring the Level, You’re Missing the Risk.

Why E/M Audits Need the Next Layer.

Ever since the 2021–2023 E/M guideline changes, we’ve all been saying the same thing:

“Bill the level based on time or MDM.”

And yes that’s correct from a coding standpoint.

But in real-world auditing, everyone in compliance, physician education, and utilization review knows the same truth:

E/M Level ≠ Documentation Quality.

And it definitely doesn’t equal audit defensibility.

Right now, most audit tools force us to evaluate only what’s in the MDM table number/complexity of problems, data reviewed, and management risk. That captures the billing logic, but it does not always capture the integrity of the note itself.

And that’s where audit exposure actually lives.

There are documentation patterns that increase vulnerability, even when the level is technically supported. We see this every day in E/M audits across specialties and settings.

Where MDM-based auditing falls short

There are common documentation issues that don’t alter the MDM score — but absolutely raise risk:

• Copy forward or cloned phrasing that no longer reflects the visit
• Auto-generated language that’s technically correct but not clinically meaningful
• HPI that tells one story while the Assessment & Plan tells another
• Generic, vague wording that doesn’t demonstrate clinical thinking
• Documentation that reads like a template not an encounter

None of these issues change the CPT level. But all of them reduce defensibility under payer review, integrity audit, or appeal.

Right now, we are scoring codes  while payers are evaluating patterns.

The two are not the same.

How we got here: the EMR template era

Before electronic medical records, documentation was handwritten or dictated which meant the note naturally reflected the provider’s own clinical reasoning, in their own voice. It wasn’t always polished, but it was personal and encounter specific.

When EMRs introduced templates, smart phrases, copy-forward, and auto-generated plan language, the goal was efficiency and consistency and those are good goals.
Most providers adapted exactly as the system encouraged them to.

But these tools also changed the shape of documentation.

A note can now look complete and appropriately structured while still not clearly showing why the provider made the decisions they made that day.
Not because the provider didn’t think through it but because the system didn’t require that thinking to be written in real time.

So we now have:

• Correct E/M levels
• Valid coding
• But less visible clinical reasoning

This didn’t happen because anyone did something wrong.
It happened because the tools changed, the workflows adapted, and the audit frameworks did not evolve with them.

This is exactly why we need a second score in E/M auditing:
One that identifies documentation clarity and clinical coherence not just billing level accuracy.

We need a second score: documentation integrity

Years ago, I had a mentor who described documentation risk the same way you pick salsa:
mild, medium, or hot.

I have carried that with me ever since because it works.
It communicates exposure in a way that providers and leaders understand immediately.

Here’s how it applies to today’s E/M audits:

Mild (Low Risk):
The documentation is patient-specific, cohesive, and the clinical reasoning supports the billed level.

Medium (Needs Reinforcement):
The level is supportable, but the note has areas where clarity, specificity, or reasoning could be strengthened through education.

Hot (High Risk):
The level is technically supported, but the documentation reads generic, contradictory, or non-patient-specific making the note vulnerable in audit review.

This is not about nitpicking.
It’s about transparency and defensibility.

Example: When the level Is right, but the note is not

A provider selects 99214 based on moderate MDM. The complexity is truly there worsening symptoms of a chronic condition, medication review, and expanded discussion of impact on functioning.

But inside the note:

• The HPI describes symptom escalation and discussion of increasing or change in meds, yet
• The Assessment & Plan simply says:
  “Patient stable. Continue current treatment.”

No rationale.
No acknowledgment of what changed.
No explanation linking the decision to the patient's presentation.

On top of that, the language is:

• Generic (“doing well overall” despite documented distress)
• Non-specific (could apply to any patient, on any day)

We do not need to compare prior notes to see the problem. The misalignment is visible within the single encounter.

Documentation Risk Rating: Medium → Hot

Because when the story in the HPI does not match the Plan, the encounter becomes difficult to defend even when the level is right.

What typically MDM can and cannot tell us

What MDM does tell us:

• Complexity of the problem(s)
• Data considered and reviewed
• Risk of decisions made

What MDM does not tell us:

• Whether the documentation reflects today’s encounter
• Whether the clinical reasoning is clear and individualized
• Whether vague or templated language replaced actual thinking

And that is exactly why E/M auditing needs a second score:

1. Billing Level Support (Time or MDM)
2. Documentation Integrity (Mild / Medium / Hot)

The Bottom Line

Auditing only the level gives a false sense of compliance security.

Auditing both the level and documentation integrity gives:

• Clear education targets
• Visibility into documentation culture
• Early detection of payer-sensitive patterns
• Stronger audit resilience
• Better support for providers

We don’t need more rules. We need better clarity.

E/M level is how we bill. Documentation integrity is how we protect.

And it’s time our audit models reflected both.