RAC Audit & Appeals

Why healthcare professionals work with Oberheiden P.C. for RAC audits:

Lynette Byrd
Attorney Lynette Byrd
Healthcare Fraud Team Lead
Former Federal Prosecutor
Nick Oberheiden
Attorney Nick Oberheiden
Healthcare Fraud Team
Kevin M. Sheridan
Kevin M. Sheridan
Healthcare Fraud Team
Former FBI Special Agent
Wade McFaul
Wade McFaul
Healthcare Fraud Team
Former HHS-OIG Assistant Special Agent-in-Charge
  1. Our team has handled hundreds of healthcare audits successfully throughout the U.S.
  2. Lead Healthcare Audit Attorney, Lynette Bird, previously prosecuted healthcare fraud cases on behalf of the government. Now she’s on your side.
  3. Former FBI, OIG & DEA agents on your side to strengthen your defense.
  4. Running a healthcare company is challenging enough. Let us take some of the stress off your plate with our experienced team of healthcare professionals.

“When I was with the DOJ I saw what happened with poorly handled audits. Don’t make that same mistake.”

Call 888-680-1745 now to speak with Attorney Lynette Byrd (Former DOJ Trial Attorney), or Founder, Dr. Nick Oberheiden.

My Business or Practice is Being Audited. What Should I Do Now?

If your healthcare business or medical practice has been contacted by a Recovery Audit Contractor, there are several steps that you should begin taking as quickly as possible. A comprehensive defense strategy for a RAC program investigation, also called a Medicare audit, should include:

  • Communications – All personnel within your organization should be instructed on appropriate communications with the RAC, and appropriate employees should be designated as exclusive points of contact for funneling all inbound and outbound communications, including audit requests. The Recovery Audit Program auditors should also be instructed to refer relevant communications and RAC requests to the organization’s legal counsel.
  • Internal Assessment – It is always better to know what the auditors will find before they find it. Healthcare providers facing a RAC audit should conduct a thorough internal audit in a timely manner of their billing records, policies, and procedures to determine whether any billing violations may have occurred when providing services to Medicare beneficiaries.
  • Disclosure – In many circumstances, proactively addressing billing errors with auditors (and federal investigators) is the best way to mitigate the negative consequences of a Medicare or Medicaid services inquiry. Honest mistakes like an innocent documentation error are common, and both disclosing known issues and demonstrating that proactive measures are being taken to correct past improper payments and prevent future improper payments can significantly reduce the risk of facing federal charges. However, this requires a careful assessment of all of the potential legal implications, and is an issue that must be discussed with legal counsel.
  • Intervention – Intervening in RAC audits in order to challenge the use of inapplicable billing standards, faulty calculations, and other issues can help prevent an unnecessary unfavorable outcome. However, a tactful approach is critical, and providers need to be certain that their conclusions are correct.

How We Protect Providers During a Recovery Audit Contractors Audit

There are several steps we can take to help protect healthcare providers during RAC audits. Our comprehensive approach starts with intervening in the RAC audit process immediately, and reviewing the RAC’s actions to date in order to determine whether any legal violations or substantive errors against the healthcare provider have accrued. We have a multi-faceted approach to defense for RAC audits.

  • We conduct an internal assessment to identify any issues that may surface as an outcome of the RAC audit.
  • We work to identify safe harbors, statutory exceptions, and specific Medicare billing guidelines from CMS that apply to our clients’ billing practices and financial relationships.
  • We work closely with executive leadership and providing training to key personnel regarding appropriate and inappropriate communications with the RAC auditor.
  • We take action when the RAC auditor exceeds the scope of authority granted in their mandate from CMS.
  • We identify and challenge RAC auditors’ flawed methodologies and conclusions, and ensure that selective review of a provider’s Medicare billing records does not lead to a faulty audit determination.
  • We ensure that RAC auditors are applying the appropriate Medicare billing regulations, and not applying outdated CMS regulations to current billings or current regulations to past billings.
  • We preserve issues for appeal in the event of an unfavorable audit determination resulting in recoupments, prepayment review, program exclusion, and/or other penalties.

What Can I Do If I Receive an Unfavorable RAC Determination?

The RAC program has a five-tiered appeal process for business or practitioners that wish to challenge a determination.

Using documentation, an appeal may advance legal defenses to the adverse determination, may seek to justify medical necessity for claims that were deemed unnecessary, or may attack the RAC’s procedures or extrapolation.

Redetermination. A provider who wishes to dispute the RAC’s initial determination may file an appeal for a redetermination within 120 days. The redetermination will be assessed by the Medicare Fiscal Intermediary (FI) who processed the original disbursement. The FI then has 60 days to consider the appeal and issue a redetermination decision.

Reconsideration. Adverse redeterminations may be contested through a second level of appeal called a reconsideration. Reconsiderations are submitted to Qualified Independent Contractors (QICs), who are neutral arbiters that did not participate in the redetermination decision. A request for reconsideration must be filed within 180 days from receipt of the redetermination decision, and the QIC has 60 days to return a decision.

Administrative Law Judge Hearing. Unlike a redetermination or a reconsideration, the third level of Recovery Audit Contractor appeal involves a hearing and has a minimum amount in controversy requirement. The amount in controversy threshold is adjusted annually; in 2016 it was $150. The hearing is in front of an administrative law judge (ALJ) and may be conducted in person or via video-conference or telephone. An ALJ hearing must be requested within 60 days of receipt of the reconsideration and the ALJ has 90 days to issue a decision on the appeal.

Medicare Appeals Counsel Review. An adverse ALJ decision may be appealed to the Medicare Appeals Counsel (MAC) within 60 days of issuance for the Medicare Appeals Process. The MAC must issue its determination within 90s of the request for review; if the MAC misses this deadline, the provider may seek to have the appeal forwarded directly to the fifth and last stage of appeal, judicial review.

Judicial Review. The final stage of the Recovery Audit Contractor appeals process is judicial review by a federal district court. As a prerequisite for review, the appeal must be filed within 60 days of the MAC decision and there is an amount in controversy threshold. The amount in controversy requirement is adjusted every year; in 2016 the minimum amount was $1,500.

Put our highly experienced team on your side

Dr. Nick Oberheiden
Dr. Nick Oberheiden



Lynette S. Byrd
Lynette S. Byrd

Former Assistant U.S. Attorney


Ellen Comley
Ellen Comley

Senior Counsel


Roger Bach
Roger Bach

Former Special Agent (OIG)

Steven Taylor
Steven Taylor

Healthcare Compliance Consultant

Susan Sage
Susan Sage

Healthcare Auditor

How Does a Recovery Audit Contractor (RAC) Audit Work?


Any provider that submits claims to a government program for healthcare services provided may undergo a Medicare Recovery Audit Contractor audit. Every RAC team includes certified coders, nurses, therapists and at least one certified medical director (CMD) physician. The review is divided up regionally, with different RACs covering specific regions of the country. While all RACs rely on the same coding and billing policies, medical standards, and Medicare regulations, each program is responsible for designing its own auditing software and database. CMS supplies the RACs with claims files from their respective regions, and the RACs then scan the billing data for improper Medicare payments- both overpayments (usually caused by improper billing codes or medically unnecessary charges) and underpayments.

A RAC audit may be either “automated” or “complex.” An automated review simply runs billing data through the RAC’s software program and essentially amounts to data mining. Automated reviews search for facially evident errors in the claims, such as non-covered services or clearly incorrect coding. Complex RAC audits involve human review of patient medical files and are used to address situation where coverage of services is unclear or where the Medicare policy is ambiguous.

During the inspection process, the business or practitioner undergoing the inspection will have a chance to converse with the auditors about the apparent improper payments. If an auditor determines that there exists evidence of overpayment, the RAC will issue a demand letter detailing their findings and the amount of overpayment.

Once you have received the RAC’s demand letter, you may either agree to repay any discrepancies or you may gather documentation and appeal the findings. If you accept the RAC’s determination of improper payments, you have several options for to correct improper payments. You may pay the amount to CMS in one lump sum, you may agree to withholdings from future CMS payments to recover improper payments, or you may apply for a extended repayment schedule to CMS.

FAQs: Answers from Our Experienced RAC Audit Defense Attorneys

Q: Are RAC auditors qualified to assess the legal propriety of my healthcare company’s Medicare billing records?


In order to help ensure that the outcomes of RAC audits are as accurate as possible, CMS requires all Recovery Audit Contractors to employ personnel to conduct RAC audits who are expected to be experts in various facets of the Medicare billing system and Medicare’s clinical payment criteria. This includes certified coders, nurses, therapists, and a physician contractor medical director (CMD).

Unfortunately, mistakes during the RAC process remain common, and providers frequently find themselves forced to challenge flawed liability determinations.

Q: What is involved in an RAC audit?


There are three types of RAC audits: automated, semi-automated, and complex. An automated audit does not involve review of the provider’s medical records. However, a semi-automated review may involve manual review of records by RAC personnel, and a complex review can entail a comprehensive and invasive in-person review that can significantly disrupt your company’s day-to-day operations.

Auditors may request to speak with billing personnel and other key employees as well; and, while providers are entitled to information about their audits, the process is often not as transparent as most providers would expect. These are among the numerous reasons why intervention and legal representation are critical, and why all providers need to be prepared to take proactive measures to protect themselves during the audit process.

Once the auditors have completed their review and the required discussion period has passed, the RAC will issue a determination of liability. If the RAC determines that that actions are needed and recoupments are owed, the provider must pay quickly (or quickly file an appeal) in order to avoid interest and other penalties.

Q: Who are the RACs?


The CMS awarded the current RAC contracts to the following entities:

  • Region 1 (Northeast) – Performant Recovery, Inc.
  • Region 2 (South and Central States) – Cotiviti, LLC
  • Region 3 (Eastern Seaboard and Southeast) – Cotiviti, LLC
  • Region 4 (West Coast, Midwest, and Northwest) – HMS Federal Solutions
  • Region 5 (Nationwide for Durable Medical Equipment Suppliers (DME) and Home Health Agencies/Hospice (HHH) Services) – Performant Recovery, Inc.

Q: What is meant by the “fee-for-service” audit recovery program?


The Medicare “fee-for-service” (FFS) recovery audit program means that RACs are paid on a contingency-fee basis to perform audits. In other words, while they are going to perform post payment review and are working on identifying improper payments, they are financially-incentivized from Medicare to identify overpayments, and they have no direct financial incentive to award underpayments to providers.

During the 2015 fiscal year, RACs collected nearly $360 million in overpayments while awarding just $81 million in underpayments to Medicare. From 2010 to 2015, RAC audits have resulted in liability of more than $8.9 billion for providers nationwide.

Q: Can an attorney help prevent an unfavorable RAC audit determination?


Potentially, yes. An attorney who has intimate knowledge of the Medicare billing regulations and who has extensive experience in healthcare fraud defense will be able to identify flaws in RAC auditors’ processes and procedures and challenge inaccurate findings before they are formalized in a final determination and payments are needed.

While one option is to let the process run its course and then file an appeal, the less-risky (and typically less-expensive) option is to take a proactive approach to defending against an RAC examination. The goal to this approach is to avoid the need to rely on the appellate process.

Q: What should I expect if I need to file an appeal?


If you have already received an unfavorable determination, or if it is too late to prevent the imposition of recoupment liability by a RAC, you will need to promptly begin gathering documentation to file your appeal. We have covered what healthcare providers need to know about the appeals process in a separate set of Medicare Appeal FAQs.

Q: Can a RAC impose penalties besides recoupment of overbilled claims?


Yes. In addition to demanding recoupments and payments, Recovery Audit Contractors can also deny payment of pending reimbursement claims and initiate payments review. These can lead to substantial cash flow issues for providers who rely on regular reimbursements from Medicare.

If a RAC finds evidence of healthcare fraud, it can also refer providers to CMS, the U.S. Department of Justice (DOJ), the Office of Inspector General (OIG), and other federal authorities – and these referrals can lead to federal investigations that may ultimately result in civil or criminal charges.

Are You Facing a RAC Audit? Contact Oberheiden P.C. Right Away

The sooner we get involved, the more we can do to help. While every case’s facts are different, audit response teams are beneficial to your case. Our goals and actions are to help resolve your inspection without an unjustified determination of liability. Our RAC audit attorneys offer free initial case assessments. Our team of healthcare fraud defense attorneys is available to take responsive action to your RAC audit immediately.

Trust the experience and expertise of our RAC audit defense and compliance attorneys and former federal prosecutors. We are available to speak with you about your RAC audit. We represent healthcare providers in RAC audits and appeals across the county. You can call us 24/7 at 888-680-1745, or request a case assessment online and we will be in touch with you shortly.

Last Updated:

If you need help
defending your medical license
you should contact us today

Contact the
Experienced Attorneys of Oberheiden P.C.
Now for a Confidential Consultation

Contact Us Now