Despite the fact that CMS has outlined the do’s and don’ts for the Recovery Auditors (RAs) in its September 2011 “Statement of Work for the Recovery Audit Program,”1 we have come across several examples of contractors that have not met their contractual obligations. One would think that these RA “administrative errors” such as missed deadlines, incorrect addresses and the like would be sufficient basis for a sound appeal, but unfortunately, this does not seem to be the case. As we warned in our book, The RAC Toolkit for Hospitals and Health Systems, even when the RAs and other contractors don’t play by the rules, a denial still may stand.

Before we get into examples, consider this question: what can you, as a provider, do to protect your organization? We encourage you to report these issues to your contacts at CMS, to the RAs and MACs, and to other advocates for providers such as the American Hospital Association. You also can send your issues and questions to us at PACE Healthcare ( for inclusion in future informational articles and further discussion on the subject. As more information comes to light, CMS may issue clarifications or make modifications to the program, but only if we work together to communicate problems and ask questions when something isn’t working.

Missed Deadlines: We first experienced this when message boards lit up with example after example of RAs not making a determination on complex audits within the 60-day window set by CMS (see p. 23 of the statement of work, or SOW1). Per the SOW, any extensions of this timeframe were to be approved by CMS, and providers were to be notified in writing – but this didn’t seem to happen in all cases. Although the RA is not to recoup its contingency fee for cases in which the 60-day window is not met, a denial still will stand. Per CMS’s Q&A website: “Lack of adherence to the 60-day requirement of notification does not negate the improper payment finding or the recoupment of the improper payment by CMS.”2

But what happens if you, the provider, miss a deadline without an approved extension? An automatic denial or upheld appeals, of course. 

Flawed Addresses: As of Jan. 3, 2012, demand letters started coming from the Medicare Contractors (MACs), not the RAs. This, according to the CMS, is in an effort “to increase consistency and efficiency,”3 but we’ve come across examples in which administrative burden is increased by this process, not decreased. Although the MACs should be sending these letters to the individuals identified as per the RAC contact, we have heard of multiple cases in which a MAC sent a letter to a hospital without specifying a department or individual – or cases in which a letter was sent to the wrong individual altogether. This may be because the MACs don’t want to send correspondence to post office boxes, or because they previously had communicated with facilities about non-RA billing issues and are sending the notifications to their billing or facility contacts (rather than sending information specifically to the individual tasked with RAC responsibility).  This points to a clear gap in communication between the RAs and MACs; meanwhile, precious time is wasted as these letters make their way to the appropriate individual, assuming they get there at all.

Missing Information: Other providers have pointed out problems with the MAC demand notifications, such as missing account numbers for claims, no indications of which RA was the originator of the audit and no indications of steps the provider should take to start the discussion period or to appeal.   According to a January 2012 MLN Matters piece (, “the Medicare Contractor (MAC) will include the name of the initiating Recovery Auditor and his/her contact information in the related demand letter.” This seems like another contractual obligation not specifically being met, but unfortunately, this is not likely to be a valid basis for appeal. Although not an administrative problem per se, we also have heard that these notifications have a significantly higher page count than similar notifications from the RAs.

Misunderstandings: There are also cases in which it may seem that the RA is overstepping its bounds, but read the fine print. Many providers, even those that are very familiar with the RA program, are still under the impression that RAs are not allowed to review a claim more than once – but they are. They just cannot review the “exact claim line.”4 The RA can review the same claim multiple times, for the same reason or for a different reason, as an automated or a complex audit, as long as the same claim line is not reviewed. They even can request the same medical record for complex review more than once. For example, they can request such a record once under a DRG validation review, then separately request it for a medical necessity review. Under such a scenario, you even may need to compile and resend the same record to the same individual.

Although RAs can review the same claim (but different claim lines) more than once, they should not be reviewing claims already reviewed by another government entity or contractor, however. The RAs should not submit records requests or demand letters for these “excluded claims,” but if you have an example of a claim reviewed by an RA that previously was reviewed, denied or paid upon appeal, notify the RA immediately to establish whether the new audit should be allowed. This exclusion also should apply to claims under investigation for fraud (SOW, pages 12 and 131). We do not have a specific report of this occurring, but we want to encourage providers to be aware of claims that already may have been reviewed by another entity. Audit tracking software may be extremely helpful in this effort.


Even if not listed here as an actual or potential problem with the Recovery Audit program, we encourage you to keep track of any examples in which you feel the CMS contractors may be overstepping their bounds. Ask questions, communicate with colleagues inside and outside of your organization, and make your issues known. It may just be that a clarification needs be made and that the contractors are well within the rules – or it may be an area CMS needs to address to improve the program. Only by making providers’ voices heard will changes be made.

About the Author

Amanda Berglund, MS, MBA, is a partner in PACE Healthcare Consulting. Prior to joining PHCC, Amanda was Associate Administrator and Chief Business Development Officer at North Fulton Regional Hospital near Atlanta, GA. She is a former Manager of Business Development for Tenet Healthcare Corporation. Amanda received a BS from Columbia University and an MS from Georgia Institute of Technology. She also has an MBA in entrepreneurial leadership from Nova Southeastern University.

Contact the Author

To comment on this article please go to


1.    CMS Statement of Work for Recovery Auditors, CMS website, retrieved April 2, 2012.

2.    Question: “What happens if the recovery auditor does not meet the 60-day requirement?” CMS Q&A website. Retrieved April 2, 2012.

3.     CMS Transmittal 202, retrieved April 2, 2012.

4.    Questions “Can the Recovery Auditors do a medical necessity review on a claim that they originally reviewed for DRG validation?” and “Can a Recovery Audit Contractors (RAC) review a claim more than once?”CMS Q&A website. Retrieved April 2, 2012.

The sources of provider-specific experience were either communications to us verbally or emails from our clients and contacts, or items reviewed on HCPro’s Audit Talk email message distribution. Special thanks to RAC expert Sandy Newstein, RN of EXP Healthcare Consulting, LLC for her help in writing this article.

Tenet Healthcare to Pay Almost $43 Million Settlement

Share This Article