Skip to main content

Exit WCAG Theme

Switch to Non-ADA Website

Accessibility Options

Select Text Sizes

Select Text Color

Website Accessibility Information Close Options
Close Menu
Law Offices of Art Kalantar Motto
  • HEALTHCARE LAW

Understanding Healthcare Audits in California: What Providers Need to Know

Close-up image showing a partial U.S. hundred-dollar bill with green and yellow capsules in blister packaging. It conveys themes of money and healthcare.Healthcare audits are a routine but high-stakes reality for medical providers, billing professionals, and healthcare organizations operating in California. While some audits are administrative in nature, others carry significant financial, licensing, and even criminal exposure. Understanding how healthcare audits work, who conducts them, and what legal authority governs the process is essential for minimizing risk and responding effectively when scrutiny arises.

This article provides a comprehensive overview of healthcare audits in California, including the most common audit types, the agencies and contractors involved, the statutory and regulatory framework that authorizes audits, and the typical audit lifecycle from initiation through resolution. If you have been notified of an audit of your medical practice in California or beyond, contact the Law Offices of Art Kalantar in Beverly Hills to speak with an experienced Los Angeles Medicare and Medi-Cal audit lawyer.

What Is a Healthcare Audit?

A healthcare audit is a review of a provider’s billing, coding, documentation, and compliance practices to determine whether claims submitted to public or private payors were accurate, medically necessary, and compliant with applicable laws. Audits may focus on a single issue, such as medical necessity or modifier usage, or they may involve a broad examination of billing practices over several years.

In California, audits frequently arise in connection with Medicare, Medi-Cal, managed care plans, and commercial insurers. Although many audits begin as civil or administrative reviews, adverse findings can lead to recoupment demands, civil penalties, exclusion from healthcare programs, professional discipline, or referral for criminal investigation.

Common Types of Healthcare Audits

Healthcare audits fall into several broad categories, each with distinct purposes and risk profiles.

Pre-payment audits occur before claims are paid. These audits are often used when a payor identifies potential billing irregularities and temporarily suspends payment pending review. While pre-payment audits can disrupt cash flow, they are sometimes less likely to involve large overpayment demands because claims have not yet been reimbursed.

Post-payment audits are more common and typically involve a retrospective review of claims that have already been paid. Auditors may extrapolate alleged overpayments across a large universe of claims, dramatically increasing financial exposure.

Targeted audits focus on specific billing codes, services, or providers identified through data analysis, complaints, or prior audit history. These audits often signal heightened concern and may serve as a precursor to broader investigations.

Random audits are conducted without a specific allegation of wrongdoing and are often framed as program integrity or quality assurance measures. Even random audits, however, can uncover issues that lead to further enforcement.

Key Auditing Entities in California Healthcare

Multiple agencies and contractors have the authority to audit healthcare providers in California, depending on the payor and program involved.

At the federal level, the Centers for Medicare & Medicaid Services (CMS) oversees Medicare audits, often carried out by private contractors. These include Recovery Audit Contractors (RACs), which focus on identifying and recovering improper payments, and Unified Program Integrity Contractors (UPICs), which investigate suspected fraud and abuse across Medicare and Medicaid.

The U.S. Department of Health and Human Services Office of Inspector General (HHS-OIG) plays a central role in audits that involve potential fraud, kickbacks, or false claims. OIG audits often have serious implications, including civil monetary penalties and exclusion from federal healthcare programs.

In California, Medi-Cal audits are administered through the California Department of Health Care Services (DHCS). DHCS contracts with various audit and investigation units, including the Audits and Investigations Division and the Medi-Cal Fraud Control Unit (MFCU), which is housed within the California Department of Justice. MFCU involvement is a strong indicator that criminal exposure may be suspected.

Commercial insurers and managed care plans also conduct audits under contractual authority. While these audits are not government-run, their findings can still lead to recoupment actions, network termination, and referrals to state or federal agencies.

Legal Authority Governing Healthcare Audits

Healthcare audits are grounded in a complex web of federal and California law, as well as contractual obligations between providers and payors.

At the federal level, the Social Security Act authorizes CMS and its contractors to review Medicare claims and recover overpayments. Federal regulations, including those found in Title 42 of the Code of Federal Regulations, set forth documentation requirements, medical necessity standards, and appeal rights.

The federal False Claims Act provides additional enforcement authority when audits uncover evidence that claims were knowingly false or fraudulent. Even in the absence of criminal charges, FCA liability can result in treble damages and substantial penalties.

Under California law, DHCS derives audit authority from the Welfare and Institutions Code, which governs Medi-Cal participation and compliance. California also has its own False Claims Act, which closely mirrors federal law but allows state enforcement and private whistleblower actions.

In addition to statutory authority, provider participation agreements and payor contracts typically grant audit rights. These contractual provisions often define lookback periods, record-retention requirements, and dispute-resolution procedures, making contract review a critical component of audit defense.

The Healthcare Audit Lifecycle

Although each audit is unique, most healthcare audits follow a predictable lifecycle.

The process usually begins with an audit notice or request for records. This initial communication identifies the auditing entity, the scope of review, and the deadline for producing documents. How a provider responds at this stage can significantly influence the outcome.

The document production phase follows, during which auditors review medical records, billing data, and supporting documentation. Inadequate or inconsistent records are a frequent basis for adverse findings, even when services were actually rendered.

After reviewing the records, the auditor issues preliminary findings or a draft audit report. This document outlines alleged overpayments, billing errors, or compliance violations. Providers are often given an opportunity to submit rebuttal evidence or written responses.

The final audit determination incorporates any rebuttal submissions and sets forth the auditor’s conclusions. If overpayments are identified, the determination will include a recoupment demand and instructions for repayment or appeal.

The appeal phase allows providers to challenge audit findings through administrative hearings or contractual dispute mechanisms. Appeal rights and timelines vary depending on the program and payor, and failure to act promptly can result in waiver of those rights.

In more serious cases, the audit may not end with a final determination. Instead, findings may be referred to law enforcement, licensing boards, or program integrity units for further investigation.

Why Healthcare Audits Carry Serious Risk

Healthcare audits are not merely billing exercises. Adverse findings can trigger cascading consequences that extend well beyond repayment demands. Providers may face allegations of fraud, breach of contract, or professional misconduct. Licensing boards may initiate disciplinary proceedings based on audit results. In extreme cases, audits can lead to criminal charges, exclusion from Medicare and Medi-Cal, or the effective shutdown of a medical practice.

Because audits often rely on sampling and extrapolation, relatively small documentation issues can translate into large financial liabilities. Statements made during an audit can also be used in subsequent enforcement actions, underscoring the importance of careful, legally informed responses.

Preparing for and Responding to Audits

Understanding the audit landscape is the first step toward effective risk management. Providers should maintain robust documentation practices, ensure billing compliance, and regularly review payor contracts and program requirements. When an audit arises, early legal involvement can help protect rights, manage communications, and reduce exposure.

Healthcare audits in California sit at the intersection of administrative law, healthcare regulation, and criminal enforcement. Treating them as routine paperwork exercises can be costly. A strategic, informed approach is essential to navigating audits and safeguarding both professional and financial interests.

Contact the Law Offices of Art Kalantar for advice and representation during a Medicare or Medi-Cal audit of your healthcare practice.

 

Share This Page:
Facebook Twitter LinkedIn

Request A FREE Consultation

By submitting this form I acknowledge that form submissions via this website do not create an attorney-client relationship, and any information I send is not protected by attorney-client privilege.

Skip footer and go back to main navigation