All audits are questionable, contends the author, so appeal all audit results.
Providers ask me all the time – how will you legally prove that an alleged overpayment is erroneous? When I explain some examples of mistakes that Recovery Audit Contractors (RACs) and other health care auditors make, they ask, how do these auditors get it so wrong?
First, let’s debunk the notion that the government is always right. In my experience, the government is rarely right. Auditors are not always healthcare providers. Some have gone to college. Many have not. I googled the education criteria for a clinical compliance reviewer. The job application requires the clinical reviewer to “understand Medicare and Medicaid regulations,” but the education requirement was to have an RN. Another company required a college degree…in anything.
Let’s go over the most common mistakes auditors make that I have seen. I call them “oops, I did it again.” And I am not a fan of reruns.
1. Using the Wrong Clinical Coverage Policy/Manual/Regulation
Before an on-site visit, auditors are given a checklist, which, theoretically, is based on the pertinent rules and regulations germane to the type of healthcare service being audited. The checklists are written by a government employee who most likely is not an attorney. There is no formal mechanism in place to compare the Medicare policies, rules, and manuals to the checklist. If the checklist is erroneous, then the audit results are erroneous. The Centers for Medicare & Medicaid Services (CMS) frequently revises final rules, changing requirements for certain healthcare services. State agencies amend small technicalities in the Medicaid policies constantly. These audit checklists are not updated every time CMS issues a new final rule or a state agency revises a clinical coverage policy.
For example, for hospital-based services, there is a different reimbursement rate depending on whether the patient is an inpatient or outpatient. Over the last few years there have been many modifications to the benchmarks for inpatient services. Another example is in behavioral outpatient therapy; while many states allow 32 unmanaged visits, others have decreased the number of unmanaged visits to 16, or, in some places, eight. Over and over, I have seen auditors apply the wrong policy or regulation. They apply the Medicare Manual from 2018 for dates of service performed in 2016, for example. In many cases, the more recent policies are more stringent that those of two or three years ago.
2. A Flawed Sample Equals a Flawed Extrapolation
The second common blunder auditors often make is producing a flawed sample. Two common mishaps in creating a sample are: a) including non-government paid claims in the sample and b) failing to pick the sample randomly. Both common mistakes can render a sample invalid, and therefore, the extrapolation invalid. Auditors try to throw out their metaphoric fishing nets wide in order to collect multiple types of services. The auditors accidentally include dates of service of claims that were paid by third-party payors instead of Medicare/Medicaid. You’ve heard of the “fruit of the poisonous tree?” This makes the audit the fruit of the poisonous audit. The same argument goes for samples that are not random, as required by the U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG). A nonrandom sample is not acceptable and would also render any extrapolation invalid.
3. A Simple Misunderstanding
A third common blooper found with RAC auditors is simple misunderstandings based on lack of communication between the auditor and provider. Say an auditor asks for a chart for date of service X. The provider gives the auditor the chart for date of service X, but what the auditor is really looking for is the physician’s order or prescription that was dated the day prior. The provider did not give the auditor the pertinent document because the auditor did not request it. These issues cause complications later, because inevitably, the auditor will argue that if the provider had the document all along, then why was the document not presented? Sometimes inaccurate accusations of fraud and fabrication are averred.
4. The Erroneous Extrapolation
Auditors use a computer program called RAT-STATS to extrapolate the sample error rate across a universe of claims. There are so many variables that can render an extrapolation invalid. Auditors can have too low a confidence level. The OIG requires a 90 percent confidence level at 25 percent precision for the “point estimate.” The size and validity of the sample matters to the validity of the extrapolation. The RAT-STATS outcome must be reviewed by a statistician or a person with equal expertise. An appropriate statistical formula for variable sampling must be used. Any deviations from these directives and other mandates render the extrapolation invalid. (This is not an exhaustive list of requirements for extrapolations).
5. That Darn Purple Ink!
A fifth reason that auditors get it wrong is because of nitpicky, nonsensical reasons such as using purple ink instead of blue. Yes, this actually happened to one of my clients. Or if the amount of time with the patient is not denoted on the medical record, but the duration is either not relevant or the duration is defined in the CPT code. Electronic signatures, when printed, sometimes are left off – but the document was signed. A date on the service note is transposed. Because there is little communication between the auditor and the provider, mistakes happen.
The moral of the story — appeal all audit results.
EDITOR’S NOTE: The author of this article used AI-assisted tools in its composition, but all content, analysis, and conclusions were based on the author’s professional
While the coverage of telehealth is definitely a good thing, it has caused needless confusion. I would like to address a little of that today.
Please log in to your account to comment on this article.
Sepsis sequencing continues to challenge even experienced coding and CDI professionals, with evolving guidelines, documentation gaps, and payer scrutiny driving denials and data inconsistencies. In this webcast, Payal Sinha, MBA, RHIA, CCDS, CDIP, CCS, CCS-P, CCDS-O, CRC, CRCR, provides clear guideline-based strategies to accurately code sepsis, severe sepsis, and septic shock, assign POA indicators, clarify the relationship between infection and organ dysfunction, and align documentation across teams. Attendees will gain practical tools to strengthen audit defensibility, improve first-pass accuracy, support appeal success, reduce denials, and ensure accurate quality reporting, empowering organizations to achieve consistent, compliant sepsis coding outcomes.
Expert presenters Kathy Pride, RHIT, CPC, CCS-P, CPMA, and Brandi Russell, RHIA, CCS, COC, CPMA, break down complex fracture care coding rules, walk through correct modifier application (-25, -57, 54, 55), and clarify sequencing for initial and subsequent encounters. Attendees will gain the practical knowledge needed to submit clean claims, ensure compliance, and stay one step ahead of payer audits in 2026.
Accurately determining the principal diagnosis is critical for compliant billing, appropriate reimbursement, and valid quality reporting — yet it remains one of the most subjective and error-prone areas in inpatient coding. In this expert-led session, Cheryl Ericson, RN, MS, CCDS, CDIP, demystifies the complexities of principal diagnosis assignment, bridging the gap between coding rules and clinical reality. Learn how to strengthen your organization’s coding accuracy, reduce denials, and ensure your documentation supports true medical necessity.
Denials continue to delay reimbursement, increase administrative burden, and threaten financial stability across healthcare organizations. This essential webcast tackles the root causes—rising payer scrutiny, fragmented workflows, inconsistent documentation, and underused analytics—and offers proven, data-driven strategies to prevent and overturn denials. Attendees will gain practical tools to strengthen documentation and coding accuracy, engage clinicians effectively, and leverage predictive analytics and AI to identify risks before they impact revenue. Through real-world case examples and actionable guidance, this session empowers coding, CDI, and revenue cycle professionals to shift from reactive appeals to proactive denial prevention and revenue protection.
In this timely session, Stacey Shillito, CDIP, CPMA, CCS, CCS-P, CPEDC, COPC, breaks down the complexities of Medical Decision Making (MDM) documentation so providers can confidently capture the true complexity of their care. Attendees will learn practical, efficient strategies to ensure documentation aligns with current E/M guidelines, supports accurate coding, and reduces audit risk, all without adding to charting time.
Join Ronald Hirsch, MD, FACP, CHCQM for The PEPPER Returns – Risk and Opportunity at Your Fingertips, a practical webcast that demystifies the PEPPER and shows you how to turn complex claims data into actionable insights. Dr. Hirsch will explain how to interpret key measures, identify compliance risks, uncover missed revenue opportunities, and understand new updates in the PEPPER, all to help your organization stay ahead of audits and use this powerful data proactively.
Stay ahead of the 2026-2027 audit surge with “Top 10 Audit Targets for 2026-2027 for Hospitals & Physicians: Protect Your Revenue,” a high-impact webcast led by Michael Calahan, PA, MBA. This concise session gives hospitals and physicians clear insight into the most likely federal audit targets, such as E/M services, split/shared and critical care, observation and admissions, device credits, and Two-Midnight Rule changes, and shows how to tighten documentation, coding, and internal processes to reduce denials, recoupments, and penalties. Attendees walk away with practical best practices to protect revenue, strengthen compliance, and better prepare their teams for inevitable audits.
As AI reshapes healthcare compliance, the risk of biased outputs and opaque decision-making grows. This webcast, led by Frank Cohen, delivers a practical Four-Pillar Governance Framework—Transparency, Accountability, Fairness, and Explainability—to help you govern AI-driven claim auditing with confidence. Learn how to identify and mitigate bias, implement robust human oversight, and document defensible AI review processes that regulators and auditors will accept. Discover concrete remedies, from rotation protocols to uncertainty scoring, and actionable steps to evaluate vendors before contracts are signed. In a regulatory landscape that moves faster than ever, gain the tools to stay compliant, defend your processes, and reduce liability while maintaining operational effectiveness.
Happy National Doctor’s Day! Learn how to get a complimentary webcast on ‘Decoding Social Admissions’ as a token of our heartfelt appreciation! Click here to learn more →
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 1 with code CYBER25
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 2 with code CYBER24
