AssuriumInsights
Assurium Insights Audits How to Prepare for a RAC Audit in 2026
Back to Insights
AuditsDecember 30, 20256 min

How to Prepare for a RAC Audit in 2026

A practical checklist for reducing recoupment exposure before auditors request records.

By Assurium Team

RAC audits aren't slowing down. They're accelerating heading into 2026. In April 2025, CMS awarded new RAC contracts to Cotiviti for Regions 3, 4, and 5, and approved 20 new audit topics targeting high-error billing patterns. Recovery Audit Contractors are now using AI-driven predictive analytics to flag anomalous billing before requesting a single record. Behavioral health providers are squarely in the crosshairs.

The clinics that survive these audits without significant recoupment share a common trait: they prepared before the audit letter arrived.

What RACs are actually looking for

RACs operate on contingency. They get paid a percentage of what they recover. This creates a specific behavioral pattern:

  • High-volume, high-dollar services get scrutinized first
  • Pattern anomalies (billing frequency, modifier usage, time-of-service clustering) trigger deeper reviews
  • Documentation gaps are the easiest wins for auditors

Understanding this incentive structure is step one. RACs aren't evaluating clinical quality. They're looking for technical deficiencies that justify recoupment.

The hidden cost of manual audits: Self-auditing 30 records takes 6-8 hours of provider time. At $150/hour (clinic labor cost), that's $900-1,200 per audit. Assurium audits 100% of your documentation in 5 minutes. Try free audit →

The preparation checklist

1. Audit your own documentation before they do

Pull a random sample of 20–30 records from the past 90 days. Review them as if you were the auditor:

  • Does the documentation support medical necessity?
  • Are time-based codes supported by explicit time notation?
  • Do progress notes demonstrate meaningful change between sessions?
  • Are signatures and credentials complete?

If you find gaps in your own sample, assume RACs will find them at scale.

What documentation gaps actually look like:

Here's the difference between audit-proof documentation and what gets flagged:

❌ Fails audit: "Patient continues therapy. Discussed anxiety. Will return next week."

✅ Passes audit: "Patient reported 3 panic attacks this week (down from 5 last week). Reviewed cognitive reframing techniques for catastrophic thinking. PHQ-9 score: 14 (previously 17). Patient demonstrated ability to identify triggers independently. Continue weekly CBT. Next session: breathing exercises practice."

Notice the difference: The passing note includes measurable progress, specific interventions, objective data, and clear clinical rationale—exactly what RAC auditors require for medical necessity.

2. Know your billing patterns

Run a report on your most frequently billed codes. Compare them to Medicare utilization data for your specialty and region. If you're billing 99215 at twice the regional average, you need a documented clinical rationale. Otherwise, you need to recalibrate.

The recoupment math: RAC audits recover an average of $1 million per hospital annually (about 3% of average Medicare inpatient revenue). For behavioral health clinics, even small-scale audits of 200-500 claims can trigger recoupments of $25,000-$75,000. The average cost to appeal a RAC denial is $110 per claim, while the average audited claim value is only $86. Many providers lose money even when they win appeals.

3. Train providers on documentation requirements

Most documentation failures aren't clinical failures. They're communication failures. Providers know what they did; they just didn't write it down the way payers need to see it.

Quarterly documentation training isn't overhead. It's insurance.

4. Establish a response protocol

When the audit letter arrives, you need to know:

  • Who is responsible for gathering records?
  • What's your internal review process before submission?
  • Who handles correspondence with the RAC?
  • What's your appeals strategy if findings go against you?

Don't build this process during an active audit. Build it now.

The bottom line

RAC audits are a when, not an if. And 2025's audit intensity is unlike anything we've seen before. With CMS rolling out 20 new audit topics, AI-powered claim screening, and expanded behavioral health scrutiny, the window for reactive preparation is closing.

The clinics that survive these audits share a common trait: they treat audit readiness as operational infrastructure, not crisis response. They audit 100% of documentation continuously, not 30 records annually. They identify gaps before payers do.

The documentation you write today is the evidence you'll rely on in 18 months. The question is: will you discover your gaps during an internal audit, or during a RAC recoupment?

90% of denials are preventable. Two-thirds of preventable denials can be successfully appealed, but only if you catch them before submission.

See your documentation risk before RAC auditors do

"We found 47 documentation gaps in our first Assurium audit—all before our RAC letter arrived. Fixed them in 3 weeks. Zero recoupment."

— Compliance Director, 12-provider behavioral health clinic

Download Assurium and audit your last 90 days of documentation in 5 minutes—not 8 hours.

First 10 audits free. No credit card required.

What you'll get:

  • Compliance score for every document
  • Flagged medical necessity gaps
  • Time/billing code mismatches
  • Missing clinical documentation elements
  • Audit-ready PDF reports for your board

Start free audit → — macOS & Windows — No signup required

(Already using automated documentation audits? See how Assurium's Vault Mode protects your PHI while auditing 100% of claims.)