Please enable JavaScript to view all aspects of this website.

Healthcare Audits

The Unparalleled Need for Auditing 


The purpose of healthcare auditing is to evaluate performance in healthcare organizations. Healthcare audits can cover any aspect of the industry, but most audits assess payer reimbursement processes to determine compliance with payer guidelines and federal and state regulations. As a crucial component of a healthcare organization's compliance plan, the medical audit identifies errors and devises measures to eliminate them. 


Those who represent healthcare providers need to audit healthcare claims to prevent errors in coding and billing. The audit not only identifies incorrect coding but also prevents it from happening again. Persistent claim errors damage an organization in the long run, but they also invite federal scrutiny.  

Healthcare auditing resolves ignorance by identifying areas of non-compliance, and ignorance is a liability. To understand why the provider organization is responsible for detecting improper coding and billing practices, consider the following:  

1. Error patterns resulting in higher reimbursements can look like fraud and are often indistinguishable from it.  

2. Error patterns leading to higher reimbursements for providers have the same effect on payers as fraud.  

The False Claims Act (FCA), which deals with healthcare fraud, compensates for the ambiguity of intent in habitual over coding and over-billing. According to the FCA, it is not necessary to have the intention to defraud to be prosecuted or punished.  

Submitting a claim to Medicare or Medicaid might benefit you if what you are trying to accomplish is entitling the payment of the claim as your own. When you submit a claim to Medicare or Medicaid, you are certifying that you are entitled to the payment stated on your claim. Moreover, the OIG reiterates the mandate of the FCA, insisting, “If you knew or should have known the submitted claim was false, then the attempt to collect payment constitutes a violation.”  

What is the reason auditing would play such a vital role in healthcare? In the case of violating the FCA, fines can total three times the loss of a program plus as much as $23,331 per claim, according to the 2020 regulations.  

CMS (Centers for Medicare & Medicaid Services) - the largest payer of health insurance in the U.S. - is required by law to protect taxpayer-sponsored Medicare Trust Funds. Provider organizations file medical claim errors every year, which results in inappropriate payments costing the fund tens of billions each year.  

CMS works with Part A and Part B Medicare Administrative Contractors (MACs), Durable Medical Equipment Administrative Contractors (DME MACs), and Fiscal Intermediaries (FIs) to keep the Medicare Trust Fund safe from inappropriate payments. CMS partners with a wide range of third parties whose goal is to protect taxpayers and Medicare beneficiaries.  

These contracted entities are assigned a variety of jurisdictions and analyze claims data to identify questionable billing patterns and ensure CMS reimbursements are only given for services meeting coding, medical necessity, and Medicare coverage requirements.  

CMS well fortifies Medicare Trust Fund protections. As the government's largest Office of Inspector General (OIG), CMS is administered by the U.S. Department of Health and Human Services (HHS). OIG focuses exclusively on preventing healthcare waste, abuse, and fraud from siphoning money from taxpayers. 

Non-compliance entails a financial cost. The cost of improper payments, as well as recoupment and investigation programs, affects federal and commercial payers. Paybacks and penalties are used by provider organizations to pass these costs down to their customers.  

In addition to its work with MACs and other auditors, the OIG collaborates with the DOJ and states' Attorneys General to facilitate legal actions. Those who violate state or federal laws while coding and billing for medical services can incur significant financial losses, including:  

  • Civil monetary penalties  
  • Fulfillment of a Corporate Integrity Agreement (CIA)  
  • Criminal Penalties  
  • Prosecution under the False Claims Act and other federal/state laws  
  • Payback demands  
  • Exclusion from Medicare and Medicaid programs  
  • Employment of an Independent Review Organization (IRO)  

For CMS, the CERT examines Medicare Fee-for-Service (FFS) payments to ensure there were no improper payments. The goal of the examination is to reduce medical claim payments.  

Each reporting period, CERT selects a stratified random sample of claims submitted to A/B MACs and DME MACs. CERT passes sampled claims along to an independent medical review contractor to be reviewed against their documentation once they have been submitted.  

The claim will be classified as an improper payment if coding, billing, and/or Medicare coverage criteria were not met by the medical review contractor.  

During this annual review, CMS determines the overall improper payment rate of Medicare FFS. After all data is gathered, it is itemized in the Improper Payment Rates for Centers for Medicare & Medicaid Services (CMS) Programs, otherwise known as the CERT Report.  

From the small physician practice to the large health system, CMS suggests that all member organizations carefully review the annual CERT Report for potential exposures. As with payer-provider bulletins, RAC identified vulnerabilities (listed on their websites), and the OIG Work Plan, auditors gain insight from these sources as well.  

Understanding Government Auditors  

Auditors must be able to work effectively with a variety of healthcare professionals and patients. They should always act with professionalism, objectivity, and ethical principles. They must thoroughly document findings and issues within the auditing practice.  

In the audit report, the auditor must document all unsupported or unbilled charges found. The remuneration of audit personnel, their benefits, contingency fees, and other instructions should not lead to a situation where their findings are questioned. Therefore, audit personnel should be compensated in a way that does not induce them to make questionable audit findings. If a provider or payer encounters an individual who has a conflict of interest, they should contact the appropriate management.  

Providers and payer auditors should adhere to the following recommendations to ensure a fair, efficient, and effective audit process:  

  • Any unsupported or unbilled charges that are discovered by the parties to the audit, regardless of the original intended purpose, should be recognized, recorded, or presented by all parties. 
  • The scheduling of an audit should not preclude late billing.  
  • Discrepancies, questions, or errors should be resolved within a predetermined period that is agreed upon by the parties involved in the audit.  
  • A written report and exit conference should be included in every audit. The auditor should note in the report if the provider waives the exit conference. Parties involved in the audit should only be allowed to see the specific content of the final report.  
  • All findings must be contested within 60 days, otherwise the audit will be considered final.  The audit results are final after both parties agree.  
  • All personnel should act in a professional and courteous manner and settle any misunderstandings amicably.  
  • Audits can sometimes reveal ongoing problems with the billing or documentation process. It is important to identify this situation, and to take appropriate steps to resolve the identified problem, when it occurs. This cannot be done as part of the exit process. As part of an audit, parties should eliminate ongoing problems or questions where possible.  

Regarding confidentiality of patient information, federal and state laws as well as contractual agreements must be adhered to by all parties to a billing audit. The codes of ethics of all payers, audit, and provider organizations that conduct or participate in billing audits must outline their obligation to protect the confidentiality of patient information. They should also have policies and procedures protecting the confidentiality of the information they possess and dispose of.  

Authorization from the patient is required before medical records can be released. The hospital shall obtain this authorization upon admission of the patient in the admission condition or equivalent statement. In the absence of such an authorization, a billing audit will be required. It is not necessary that authorization be specific to the insurer or auditor conducting the audit.  

The billing audit company or payer should obtain this authorization, which includes at least the following information:  

  • Patient’s full name, address, and date of birth  
  • Purpose for releasing/obtaining the information  
  • Date that consent is signed  
  • Signature of patient or legal representative  

When a patient's benefits are assigned, he or she is presumed to have authorized the review of records. For the audit representative to schedule the audit, the audit coordinator or medical records representative must confirm that a condition of admission statement is available.  

A timely notice will be provided to the requester if there are any federal or state laws prohibiting or restricting the review of the medical record and if there are institutional confidentiality policies and procedures affecting the review. It is prohibited to develop these institutional confidentiality policies specifically for the purpose of delaying an on-site audit.  

Verification of charges will include the investigation of whether: 


  • A physician's plan of treatment was followed by the institution (in appropriate situations, professional staff may provide supplies or follow procedures that are in accordance with established institutional policies, procedures include items that may not be specifically documented in records, but that are referred to in medical or clinical documents). The Joint Commission Accreditation of Healthcare Organizations or other accreditation agencies should review, approve, and document these policies. Policies should be available for review to the auditor.)  
  • A health record or other appropriate document confirms that the patient has received the service
  • Charges are reported on the bill accurately 
  • Health records contain clinical information about diagnoses, treatments, and outcomes. It was not designed to be a billing document. Health records document relevant information concerning a patient. Each individual charge on the patient invoice may not be supported by the health record. A provider's ancillary departments may also have signed documentation for services provided to the patient in the form of departmental treatment records, daily billing records, individual service and order tickets, and other related documents.  
  • Other documents may need to be reviewed by auditors to determine if charges are valid. Using these sources of information as reasonable evidence that the physician's orders were fulfilled is important for auditors. It is vital that providers have policies and procedures in place to specify what documentation and authorization must be included in the health record and in ancillary records and/or logs. Documentation of proper order-to-delivery procedures is essential.  

Are You On the Compliant Path?  

It is crucial for healthcare providers to strike a balance between their priorities: providing quality patient care, generating positive margins, complying with laws and regulations, and controlling costs. The healthcare industry is undergoing dramatic and unprecedented changes, which include new reimbursement models, increased compliance and reporting burdens, and frequent third-party investigations. Ensure you don't fall behind and expose your practice to public scrutiny. Get your compliance program in place TODAY! 

Our Services

Our healthcare experts provide you the following services:

Alt Text


Healthcare Practice Audits.

Healthcare Billing Audits.

Controlled Substance Audits.

Healthcare Sampling and Extrapolation.

Alt Text

Practice Information

Healthcare Practice Startup and Formation.

Staff and Provider Training.

Policies and Procedures.

Chief Compliance Officer Functions.

Alt Text


Compliance Plans.

Medical Expert Services.

Healthcare Fraud Litigation Support.

False Claims Act Litigation Support.

Get In Touch

Let's discuss your needs and how we can assist you.

Sarasota Office

Phone: (800) 653-2106

6841 Energy Ct, Sarasota, FL 34240

Miami Office

Phone: (800) 653-2106

701 Waterford Way Suite 340, Miami, FL 33126

Michigan Office

Phone: (800) 653-2106

Fax: (248) 644-6324

1441 W Long Lake Rd Suite 310, Troy, MI 48098

Alt Text

Fast Deliver
Alt Text

Great Quality
Alt Text

Best Service