The Medicare Audit: Tips from a Healthcare Attorney

Medicare audits are serious matters.

If a healthcare provider receives a notice from a Medicare contractor along with a request for medical records, it is a signal that the provider may not be complying with billing, coding, or documentation guidelines.  An audit determination could cause recoupments of overpayments, ; actions for fraud, including criminal prosecution, ; and/or revocation of Medicare billing privileges.  Healthcare providers are encouraged to act swiftly in the event of a Medicare audit.  Below is a basic list of suggestions that healthcare providers to should consider:

Hire a healthcare attorney.

The very first step that a healthcare provider should take is to search for and retain an experienced healthcare attorney.  Healthcare attorneys who have experience in these matters are more valuable than an attorney who handles other areas of legal practice.  Medicare audits are governed by a strict set of laws and guidelines, and an attorney’s and attorneys who have experience with these laws are is invaluable.  In addition, healthcare attorneys often have established relationships with coding and documentation experts that the attorney can utilize.  The healthcare attorney can also explain to you the nature of the audit, the appeal process, expectations, and defenses to an adverse determination, and help you navigate through the legal challenges to an overpayment demand.  In the end, a good healthcare attorney can save you a lot of time and a lot of money.

Respond quickly.

A healthcare provider should timely respond response to a records request is important.  This may include require delegating activities to staff, but the provider should still take the time to supervise the staff and make sure that all of the records are copied without delay.  When the records are sent, the provider should draft a cover letter that explains what is being submitted (see below).

Cover Letter.

When the records are copied and organized, a cover letter should be included.  The cover letter should, at a minimum, include the date, the certified mail tracking number, and a detailed description of the medical records being submitted.  The cover letter should identify the patient and what makes up the medical records for each patient, i.e.e.g., exam forms, radiology reports, daily notes, treatment plans, orders, etc.  The cover letter should also identify and explain other documents being submitted, such as patient summaries and supporting medical literature.

Patient Summaries.

Healthcare providers often decide to prepare a brief summary of the treatment and overall care provided to each patient.  This may be helpful.  Patient summaries are not a part of the medical records and the healthcare provider should include a written statement confirming that.  The summaries should also include the date and the author.  There should be absolutely no confusion on the intended purpose of the patient summaries and it should be clear that the summaries are not a part of the original patient records.

Supporting Literature.

If the healthcare provider uses uncommon procedures or billing, then it may be helpful to include any relevant medical literature, including journal articles or other supporting documentation.  It may also be helpful to include the CMS Local Coverage Determination (LCD) to tie together how the procedure or billing is compliant with the LCD.

No alteration.

In no event should medical records be altered or changed.  This could lead to fraud prosecution.  If the records are not properly signed or authenticated or if the records are illegible, a healthcare attorney can assist you with taking appropriate, legal steps to address the issue.

Communications and Correspondence.

All telephone calls with the Medicare contractor should be documented in a letter and sent to them to confirm the discussion.  Any written correspondence, including the submission of the medical records, should be sent by certified mail, return receipt.  This will do two things: Iit will allow the provider to track the shipment, in the event it does not reach the intended destination, and it will provide proof that the shipment was sent and received.


When medical records are copied in response to the audit, two copies should be made – one for Medicare and one for the healthcare attorney.  A sample of the records should be reviewed by the attorney and a coding expert to make sure that the records are properly authenticated, are legible, and complete.  The records should also be reviewed for identification of potential risk areas.  This will allow for immediate corrective action on future claims so that any mistakes do not continue.  Medical records cannot be altered or changed, but identifying potential risks now can help avoid problems later on.

Healthcare Reimbursement Compliance Program.

The Department of Health and Human Services’ Office of Inspector General (OIG) urged healthcare providers to implement a compliance program.  This includes individual physicians and small group practices.  The compliance program should incorporate the recommended compliance steps suggested by the OIG and it should provide a detailed and comprehensive roadmap to identifying risk areas and how the practice can conform to billing, coding and documentation requirements.  A compliance program should be done prior to receiving a Medicare audit, but it is never too late to implement one.  A compliance program will help the practice avoid an audit and it can help to mitigate the financial exposure of the practice to overpayment determinations and recoupment if an audit does occur.

Tell Us About Your Case

Please submit the form and an attorney will contact you shortly.
Please indicate how you would like to be contacted in the form.