If you treat Medicare patients, then you know all-too-well that the only thing worse than having to understand—and follow—Medicare’s thick book o’ rules is having to worry about the ever-present threat of a potential audit. After all, the national media love a good fraud story, and even if you’re fairly confident that you are doing everything right, each breaking audit headline probably plants a small seed of worry somewhere deep in your subconscious. With that in mind, here’s a quick rundown of what you absolutely must know about Medicare audits—and how to make sure that seed doesn’t grow into a big, ugly weed.

1. There are three major audit-worthy red flags for physical therapists.

As you know, Medicare policy is a web of super-confusing rules and regulations. But for PTs, the majority of audits result from one of the following triggers:

  • Excessive (i.e., above the norm) use of the KX modifier, which signals an automatic exception to the therapy cap on the basis of medical necessity
  • Multiple therapists billing under a single provider number rather than individual enrolled PTs billing separately
  • Billing a significantly greater-than-average number of codes per date of service

2. Sub-par documentation puts you at greater risk for an audit.

In addition to the suspect practices listed above, the following mistakes could land you in hot water with Medicare:

  • Missing certifications in a patient’s plan of care
  • Failure to provide adequate PTA supervision
  • Noncompliance with the 8-minute rule and/or CCI edits
  • Illegible signatures (either physicians’ or therapists’)
  • Reproduced signatures (i.e., using a stamp instead of physically signing the document)
  • Missing physician signatures
  • Failure to recertify the plan of care when appropriate
  • Noncompliance with frequency/duration rules indicated within Local Coverage Decision (LCD)
  • Insufficient documentation
  • Post-denial modification to documentation
  • Failure to supply records to Medicare when requested

To see a few real-world examples of documentation practices that could lead to Medicare claim denial or review, check out this article.

3. Certain billing practices increase the likelihood of an audit.

Even if your documentation is in tip-top shape, these billing no-nos could arouse Medicare’s suspicions:

  • Incorrectly billing for services provided by therapy techs or aides
  • Billing for one-on-one time when, in reality, the patient was participating in group therapy
  • Billing for co-treatment when co-treatment did not occur
  • Knowingly submitting claims for services that are normally covered by Medicare when they are “reasonable and necessary” without proving medical necessity in your documentation
  • Gaming the coding system by unbundling (e.g., billing separately for hot packs and dressings) or upcoding (i.e., billing for a more expensive service than the one you actually provided)
  • Failing to execute an advanced beneficiary notice of noncoverage (ABN) before providing non-medically necessary services and instead billing Medicare under the false premise of medical necessity
  • Billing for a duration or frequency that falls outside the norm for the service in question
  • Billing for services not furnished or services furnished by a student

4. There are measures you can take to protect your practice.

When it comes to avoiding audits, knowledge is power, so make it your mission to educate yourself and your staff on Medicare’s Local and National Coverage Policies. Seek out Medicare-related CEU courses, or sign up for Medicare compliance training through the PT Compliance Group or Gawenda Seminars (also be sure to check out the other educational resources these organizations provide). Additionally, you should have a compliance plan in place—headed up by your office’s designated compliance officer—to ensure that all staff members can recognize potential compliance issues and to develop processes and procedures for dealing with misconduct. The plan should:

  • Include a purpose/mission statement that succinctly describes the goal of the plan
  • Clearly define your practice’s standards of conduct, including:
    • How you will train new employees
    • How you will discipline those who do not follow the standards
  • List and describe the responsibilities of the compliance officer or committee
  • Explain how you will conduct internal audits and how you will deal with any violations identified as the result of an audit
  • Provide educational content specific to your services and risk areas, including advice on how to avoid raising red flags

5. There are different kinds of audits.

As this article explains, in 2010 President Obama announced an initiative to reduce the amount of money wasted on improper Medicare payments. As part of that goal, CMS has ramped up efforts to cut payment errors, even though, as the article notes, “Although all fraudulent claims are improper payments, not all improper payments are fraudulent claims; most are due to documentation errors.” Below you will find descriptions of some of the audit programs currently in place. For a complete list and more detailed information, check out this CMS resource.

Recovery Audit Contractor (RAC) audits

Developed as part of the Medicare Modernization Act of 2003, the RAC program reclaims money by conducting retrospective reviews of fee-for-service (FFS) claims—a process known as “claw back.” For this initiative, the country is divided into four regions. Each contractor conducts audits in a specific region and receives payment based on the amount he or she recovers. According to the above-cited article, “Although RAC audits previously focused on site of care and upcoding, they are increasingly addressing medical necessity.”   

Certified Error Rate Testing (CERT) audits

According to the CMS website, CERT audits are conducted annually using “a statistically valid random sample of claims.” Auditors review the selected claims to determine whether they “were paid properly under Medicare coverage, coding, and billing rules.”

Probe audits

As explained in this article, probe audits target “either particular services or particular specialties.” If you meet the criteria for a particular probe, auditors will pull a sample of your submitted claims for review prior to payment. You will then receive a request for additional documentation, along with a deadline for supplying the information. If you fail to comply, you will not receive reimbursement for the claim. If you do comply but your documentation does not support what you billed, you will not receive reimbursement for the claim. Furthermore, if the audit uncovers any actions deemed fraudulent, your Medicare Administrative Contractor (MAC) will refer your case to the appropriate agency for further investigation.


While you might not be able to avoid an audit, you can make sure you’re totally prepared to face one. Looking for more resources? Check out the APTA’s Medicare claim audit tools, this fact sheet on the Medicare appeals process, and these tips for getting your clinic audit-ready. Still have questions? Leave them in the comment section below.