Medicare and Medicaid Recovery Audit Contractors… Continue Their Efforts

Protecting the Medicare Trust Fund is an important priority for the Department of Health and Human Services (HHS) Centers for Medicare and Medicaid Services (CMS), the Office of Inspector General and thus we have Recovery Audit Contractors or “RACs”. Through the Medicare Modernization Act of 2003, CMS established the Recovery Audit Contractor program with a focus on fee-for-service (Medicare Part A and B) improper claims or combating “ fraud, waste and abuse”, and the initial pilot was conducted back in 2005 as many of you may recall.

The RAC’s detect and correct past improper payments so that CMS and Carriers, and Medicare Administrative Contractors or MACs  can implement actions that will prevent future improper payments, which essentially helps providers to be proactive with medical record documentation, coding and claim processing. Estimates in 2016 stated that there was $404,463,429 collected through the RAC program due to improper payments made by Medicare.

Today we have four (4) CMS contractors within five national regions:

Region 1               


Performant Recovery, Inc.


CT, IN, KY, MA, ME, MI, NH, NY, OH, RI, and VT

Region 2

Cotiviti, LLC


AR, CO,  IA, IL, KS, LA, MO, MN, MS, NE, NM, OK, TX, and WI

Region 3

Cotiviti LLC



AL, FL, GA, NC, SC, TN, VA, WV, Puerto Rico, and U.S. Virgin Islands

Region 4

HMS Federal Solution



AK, AZ, CA, DC, DE, HI, ID, MD, MT, ND, NJ, NV, OR, PA, SD, UT, WA, WY, Guam, American Samoa, and Northern Marianas

Region 5

DME/HHE/ Performant Recovery, Inc


Nationwide for DMEPOS/HHA/Hospice

The RACs conduct data analysis and audits on a variety of targets or risk areas that CMS has approved and will audit to identify, confirm and correct payment errors. There is an assorted types of errors that can occur, from duplicate billing to diagnosis and MS-DRG error (documentation and coding), to CPT codes (documentation and coding), to medical necessity, etc. Since January 2021, the following topics have been added to the RAC target list (the full list is available on the CMS RAC website):

Within the RAC program you will find a section for “appeals” which has continued to be a pain point for providers about the RAC program itself. There are five standard levels for the appeals process, and this applies to all Medicare audit contractors.

  • Level One: Redetermination by a Medicare Contractor
  • Level Two: Reconsideration by a Qualified Independent Contractor (QIC)
  • Level Three: Hearing Before an Administrative Law Judge (ALJ)
  • Level Four: Review by the Appeals Council
  • Level Five: Judicial Review in Federal District Court

The CMS RAC website to visit for more information is: Medicare Fee for Service Recovery Audit Program | CMS


For “Medicaid”, the Recovery Audit Contractor program is also in place under the Affordable Care Act (ACA) of 2010. Section 1902(a)(42)(B)(i) of the Social Security Act requires States and territories to establish Medicaid RAC programs. Medicaid Recovery Audit Contractors (RACs) identify and correct improper Medicaid payments through the collection of overpayments and reimbursement of underpayments made on claims for health care services provided to Medicaid beneficiaries. Visit this link to read over an informational summary on Medicaid RACs: The Medicaid Recovery Audit Contractor Snapshot (

In addition, visit the following website for educational resources regarding the Medicaid Program Integrity: Medicaid Program Integrity Educational Resources | CMS At this site there will be resources relating to:

  • State Medicaid Agencies
  • Resources for Providers
  • Resources for Pharmacies
  • Resources for Beneficiaries

One particular resource that I find extremely interesting is the “Documentation Matters Toolkit”. These nine (9) tools (files) can help with meeting medical record documentation compliance and aide in provider education. Another online resource that is helpful, is the “Medicare Overpayment Brochure”, which is available at: Medicare Overpayments (

So, the question now is, “What are you and your organization doing to meet documentation and coding compliance and avoid a RAC audit?” Now is the time to ensure that your internal AND external audits are also looking at the Medicare and Medicaid RAC areas of risk. Be proactive, rather than reactive to the RAC areas of focus.

Subscribe to our MRA Newsletter

Bringing peace of mind to healthcare since 1986

Share this post with your friends

You may be interested in...

AHIMA Approved

This program has been approved for continuing education unit(s) (CEUs) for use in fulfilling the continuing education requirements of the American Health Information Management Association (AHIMA). Granting of Approved CEUs from AHIMA does not constitute endorsement of the program content or its program provider.