CMS issued the Program Audit Process that sets forth rules auditors must abide by in 2023.
The 2023 Program Audit Process Overview from the Centers for Medicare & Medicaid Services (CMS) was released recently. The report is published by the Division of Audit Operations. CMS will send engagement letters to initiate routine audits beginning February through July.
Meanwhile, engagement letters for ad hoc audits may be sent at any time throughout the year. The program areas for the 2023 audits include the following:
The Program Audit Process document is only 13 pages. Yet it is supposed to set forth the rules that the auditors must abide by in 2023. My question is this – what if they don’t? What if the auditors fail to follow proper procedures?
For example, similarly to last year, an audit consists of four phases.
I would like to add another phase: appeal.
According to the report, “the Audit Engagement and Universe Submission (the first stage) is a six-week period prior to the field work portion of the audit. During this phase, a sponsoring organization is notified that it has been selected for a program audit and is required to submit the requested data, which is outlined in the respective Program Audit Protocol and Data Request document.”
The sponsoring organization? CMS is referring to the provider getting audited as a “sponsoring organization.” Why does CMS do this? Is it because after the audit, the “sponsoring organization” will be paying recoupments?
It is interesting that the first phase, “Audit Engagement and Universe Submission,” lasts six weeks. At this point, I want to know, does the provider know that the facility has been targeted for an audit?
As an attorney, I get to see the process in the aftermath. Folks call me in distress because they got the results of an audit and disagree. I have never had the opportunity to be involved from the get-go. So, if any of you receive a notice of an audit, please call me. I won’t charge you. I just would love the experience of walking through an audit from the beginning. I think it would make me better at my job.
In other news, as you may know, CMS may issue civil monetary penalties to providers for alleged noncompliance. Other penalties exist as well, which may or may not be worse than civil penalties. On Jan. 23, CMS published a correction that Total Long term Care, Inc. d/b/a InnovAge Colorado PACE (InnovAge CO) corrected its violations. In 2021, CMS had suspended its ability to re-enroll.
Another facility was made subject to pre-payment review, which means that the facility must submit claims to an auditor prior to receiving reimbursements. Pre-payment review is probably the worst penalty in existence. A client of mine was told yesterday that pre-payment review is imminent. The only recourse is a federal or state injunction staying the suspension of reimbursements. You cannot appeal being placed on pre-payment review. But you do have a chance to stay the suspension.
The suspension makes no sense to me. It’s as if the government is saying that you are guilty before invoking an ability to claim innocence.
I had planned a different topic for this week, sequencing sepsis, based on feedback from my last article, but an article about OpenEvidence rolling out
EDITOR’S NOTE: The author of this article used artificial intelligence (AI)-assisted tools in its composition, but all content, analysis, and conclusions were based on the
Please log in to your account to comment on this article.
Gain clarity and confidence in OB‑GYN coding with this expert‑led webcast featuring Stacey Shillito, CDIP, CPMA, CCS, CCS‑P, CPEDC, COPC. You’ll learn how to apply global maternity package rules accurately, select the right CPT codes for procedures and visits, and identify documentation gaps that lead to denials. With practical guidance and real examples, this session helps you strengthen compliance, reduce audit risk, and ensure accurate reimbursement for women’s health services.
Uncover essential coding insights with nationally recognized coding authority Kay Piper, RHIA, CDIP, CCS. Through ICD10monitor’s interactive, on‑demand webcast series, Kay walks you through the AHA’s 2026 ICD‑10‑CM/PCS Quarterly Coding Clinics, translating each update into practical, easy‑to‑apply guidance designed to sharpen precision, ensure compliance, and strengthen day‑to‑day decision‑making. Available shortly after each official release.
Uncover critical guidance on the ICD-10-CM/PCS code updates. Kay Piper reviews and explains ICD-10-CM/PCS coding guidelines in the AHA’s fourth quarter 2026 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Uncover critical guidance on the ICD-10-CM/PCS code updates. Kay Piper reviews and explains ICD-10-CM/PCS coding guidelines in the AHA’s third quarter 2026 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Federal auditors are intensifying their focus on inpatient psychiatric facilities, using advanced data analytics to spotlight outliers and pursue high‑dollar repayments. In this high‑impact webcast, Michael Calahan, PA, MBA, Compliance Officer and V.P., Hospital & Physician Compliance, breaks down what regulators are really targeting in IPF-PPS admissions, documentation, treatment and discharge planning. Attendees will learn practical steps to tighten processes, avoid common audit triggers and protect reimbursement and reduce the risk of multimillion-dollar repayment demands.
In this timely session, Stacey Shillito, CDIP, CPMA, CCS, CCS-P, CPEDC, COPC, breaks down the complexities of Medical Decision Making (MDM) documentation so providers can confidently capture the true complexity of their care. Attendees will learn practical, efficient strategies to ensure documentation aligns with current E/M guidelines, supports accurate coding, and reduces audit risk, all without adding to charting time.
Join Ronald Hirsch, MD, FACP, CHCQM for The PEPPER Returns – Risk and Opportunity at Your Fingertips, a practical webcast that demystifies the PEPPER and shows you how to turn complex claims data into actionable insights. Dr. Hirsch will explain how to interpret key measures, identify compliance risks, uncover missed revenue opportunities, and understand new updates in the PEPPER, all to help your organization stay ahead of audits and use this powerful data proactively.
Stay ahead of the 2026-2027 audit surge with “Top 10 Audit Targets for 2026-2027 for Hospitals & Physicians: Protect Your Revenue,” a high-impact webcast led by Michael Calahan, PA, MBA. This concise session gives hospitals and physicians clear insight into the most likely federal audit targets, such as E/M services, split/shared and critical care, observation and admissions, device credits, and Two-Midnight Rule changes, and shows how to tighten documentation, coding, and internal processes to reduce denials, recoupments, and penalties. Attendees walk away with practical best practices to protect revenue, strengthen compliance, and better prepare their teams for inevitable audits.
Happy National Doctor’s Day! Learn how to get a complimentary webcast on ‘Decoding Social Admissions’ as a token of our heartfelt appreciation! Click here to learn more →
BLOOM INTO SAVINGS! Get 25% OFF during our spring sale through March 27. Use code SPRING26 at checkout to claim this offer.
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 1 with code CYBER25
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 2 with code CYBER24
