Direct Answer
Government billing audits — whether from Recovery Audit Contractors (RACs), Medicare Administrative Contractors (MACs), the OIG, or Medicaid Integrity Contractors — demand significant documentation, can result in substantial overpayment demands, and can trigger provider audits or, in serious cases, exclusion from Medicare/Medicaid. Preparation before an audit arrives is far more effective than responding reactively once records are requested.
Table of Contents
Types of Government Billing Audits
The major government billing audit programs:
- RAC (Recovery Audit Contractor): CMS contractors that identify Medicare overpayments and underpayments through automated and complex reviews. RACs receive a contingency fee on overpayments recovered — giving them financial incentive to audit aggressively. RAC findings can be appealed through Medicare's five-level appeals process.
- MAC (Medicare Administrative Contractor): The regional contractors that process Medicare claims also conduct prepayment and post-payment audits through their Program Safeguard work. MAC audits may result in prepayment review (claims held pending documentation) or post-payment demand letters.
- OIG (Office of Inspector General): The OIG conducts investigations and audits of Medicare and Medicaid fraud and abuse. OIG audits can result in civil monetary penalty (CMP) settlements, corporate integrity agreements, or referral for criminal prosecution in egregious cases.
- MIC (Medicaid Integrity Contractor): CMS contractors focused on Medicaid overpayment identification and recovery in conjunction with state Medicaid agencies.
- Zone Program Integrity Contractors (ZPICs/UPICs): Program integrity contractors focused on identifying potential fraud patterns for referral to law enforcement.
Pre-Audit Preparation
Effective pre-audit preparation means operating as if an audit could arrive tomorrow. Best practices: maintain organized, complete medical records for all billed encounters (the record must support the code at the time of billing — amendments after an audit request are viewed skeptically); conduct regular internal coding audits to identify and correct billing errors before external auditors find them; know the OIG Work Plan and RAC approved issues list — these publicly available documents identify current audit focus areas, allowing proactive self-review of your own billing in those areas; maintain documentation retention policies that ensure records are available for the full audit look-back period (6 years for Medicare); and train clinical staff on documentation standards for the most common audit targets in your specialty.
Responding to Audit Requests
When an audit records request arrives: respond within the specified deadline (missing audit response deadlines results in automatic unfavorable findings on the records not submitted); submit complete, legible records in the required format; include all documentation that supports the claims under review — not just the office note, but also test results, consultation notes, prior records referenced in the note, and any other documentation that establishes medical necessity; and track exactly what was submitted, to whom, and when. If the records request is broader than the auditor has authority to require (RAC limits are defined in their scope of work), consulting with a healthcare attorney before responding is appropriate.
Appealing Audit Findings
Medicare audit findings are appealed through a five-level process: Level 1 (Redetermination by the MAC); Level 2 (Reconsideration by a Qualified Independent Contractor — QIC); Level 3 (ALJ hearing before an Office of Medicare Hearings and Appeals ALJ); Level 4 (Medicare Appeals Council review); Level 5 (Federal District Court). Win rates improve significantly at higher appeal levels — Level 3 (ALJ) has historically produced favorable outcomes for well-documented appeals. Pursuing appeals through all appropriate levels is worthwhile for significant findings — many providers accept audit findings without appeal when the finding might have been overturned.
Extrapolation and Statistical Sampling
For audits involving a statistical sample (rather than 100% claims review), the auditor may extrapolate findings from the sample to the full population of claims — multiplying the per-claim error rate from the sample across all claims in the audit period to calculate the alleged overpayment. Extrapolation can turn a finding of $50,000 in sampled claims into a $500,000 overpayment demand. Challenging the statistical validity of the sampling methodology — the sample selection, the sample size, the confidence interval, and the extrapolation calculation — is an important part of appealing extrapolated audit findings. This typically requires a statistical expert who can evaluate whether CMS's sampling was properly conducted.
FAQ
What happens if an audit finds a legitimate overpayment?
If a post-payment audit identifies an overpayment, Medicare requires repayment within 60 days of the date the overpayment is identified or a valid claims adjustment period (the 60-day rule). Failing to repay a known overpayment within the 60-day window creates False Claims Act exposure — the retained overpayment becomes a "reverse false claim." The appropriate response to a confirmed audit overpayment finding is to appeal findings that are disputable, pay confirmed overpayments promptly, conduct root cause analysis to understand what generated the overpayment pattern, and implement corrective action to prevent recurrence.
Can a provider be excluded from Medicare for billing errors?
OIG exclusion (from Medicare, Medicaid, and all federal healthcare programs) is the most severe administrative sanction and is reserved for egregious conduct — conviction of healthcare fraud, patient abuse or neglect, or repeated violations of Medicare billing requirements. Billing errors discovered in audit — particularly those self-reported, immediately repaid, and addressed with corrective action — rarely result in exclusion. Mandatory exclusions apply for providers convicted of certain crimes; permissive exclusions are at OIG's discretion for less severe violations. A compliance program that identifies and corrects problems is the best protection against exclusion risk arising from billing errors.
Billing Practices That Withstand Audit Scrutiny
Valiant Lifecare's compliance-first approach to medical billing means every claim is documentable, defensible, and audit-ready — reducing your exposure before external auditors arrive.
Build Audit-Ready Billing Practices