Audit Defense
The organized process of preparing for and responding to a payer or government audit.
1 min read · Last reviewed May 23, 2026
At a glance
- Category
- Denials & Appeals
- Primary sources
- 3
- Workspace handoff
- compliance binder →
Where this comes up
This is denial-workbench territory. A remit posts with a CARC/RARC, the biller decides whether to rebill, appeal, or write off, and the appeal packet has to cite the chart, the order, and the payer's own policy language. Recurring patterns trace back to an upstream workflow gap.
Full definition
What it is in practice
A defensible response starts with complete documentation, clear ICD-to-CPT mapping, signed and dated notes, and a thorough audit log. The response timeline is short (typically 30 days for records).
How it shows up in your practice
Designate an audit coordinator. Maintain a "audit packet" template that pulls the right artifacts quickly when a request arrives.
Sources
- CMS — Recovery Audit Programhttps://www.cms.gov/medicare/audits-compliance/recovery-audit-program
- CMS — CERThttps://www.cms.gov/medicare/audits-compliance/cert
- CMS — Medicare Claims Appealshttps://www.cms.gov/medicare/appeals-grievances/fee-for-service/original-medicare-ffs-appeals
Use the audit-defense playbook in the Compliance Binder
Open compliance binder →Related terms
- Denials & AppealsRecovery Audit Contractor (RAC)CMS contractors who identify and recover improper Medicare payments through review of paid claims.
- Denials & AppealsCERT (Comprehensive Error Rate Testing)The CMS program that measures the Medicare fee-for-service improper payment rate.
- Denials & AppealsRAC Audit TriggerDocumentation or coding pattern that increases the likelihood of a Recovery Audit Contractor review.
- DocumentationSignature RequirementsMedicare's requirements that medical records be authenticated by the author with a handwritten or electronic signature.
D3rx is a healthcare-billing and compliance research aid maintained by D3rx Inc. Articles are drafted by an LLM (Anthropic Claude) against primary HHS, OCR, CMS, eCFR, NIST, and state-regulator publications, and reviewed for restraint and source fidelity by the D3rx team.
Reviewer status: a named credentialed reviewer (CHC, CHPC, or healthcare attorney) is being engaged. Until that engagement is finalized, this page does not claim credentialed review.
Related across the archive
- GlossaryCERT (Comprehensive Error Rate Testing)The CMS program that measures the Medicare fee-for-service improper payment rate.
- GlossaryRAC Audit TriggerDocumentation or coding pattern that increases the likelihood of a Recovery Audit Contractor review.
- GlossaryRecovery Audit Contractor (RAC)CMS contractors who identify and recover improper Medicare payments through review of paid claims.
- GlossarySignature RequirementsMedicare's requirements that medical records be authenticated by the author with a handwritten or electronic signature.
- GlossaryALJ HearingThe third level of the Medicare claims appeal process, before an Administrative Law Judge at OMHA.
- GlossaryAppeal LetterThe written request to a payer to reconsider a denied or partially-paid claim.
- GlossaryExtrapolationThe statistical projection of overpayment findings from a sample of claims to a larger universe of claims, used in many Medicare audits.
- BillingHow to Appeal an Insurance Denial: Step-by-Step GuideClaim denied? Step-by-step appeal process with payer deadlines, denial code fixes, appeal letter template, and escalation options.
This glossary entry is a research aid for billing and compliance staff. It does not provide legal, medical, or financial advice and does not replace counsel. References cited link to primary sources at HHS, OCR, CMS, eCFR, NIST, and the relevant payer or industry body.