Medical Billing Compliance Checklist 2026

What Is a Compliance Checklist?

An annual compliance checklist ensures billing departments meet all CMS and payer requirements. The checklist covers 10 critical areas: coding accuracy, documentation standards, NCCI edits, modifier usage, timely filing, prior authorization, payer credentialing, OIG exclusion checks, HIPAA compliance, and claim status tracking. Systematic compliance auditing reduces audit risk by 60-80%, according to CMS reports. Practices completing annual checklists report 40% fewer denials and 30% faster payment cycles.

Who Needs a Compliance Checklist?

Every medical billing department. Large hospitals employ dedicated compliance officers. Medium practices assign compliance to revenue cycle directors. Small practices delegate to senior billing staff. Regardless of size, all providers must audit compliance quarterly at minimum. Lack of documented compliance program increases audit penalty assessments by 25-50%.

Key Requirements

1. Coding accuracy: Audit monthly. Sample 50 claims. Check diagnosis and procedure codes match documentation. Error target: under 2%.
2. Documentation: Audit monthly. Verify E/M codes supported by complexity or time. Check for cloned notes. Error target: under 3%.
3. NCCI edits: Update quarterly. Verify no Column 1/Column 2 bundles billed without modifiers. Check MUE compliance. Error target: under 2%.
4. Modifier usage: Audit monthly. Verify Modifier 25 applied clinically. Check NCCI allowed modifiers. Modifier 25 should be under 50% of procedure claims.
5. Timely filing: Track all claims. Ensure submission within 120 days of service. Compliance target: 100%.
6. Prior authorization: Verify PA obtained before service. Maintain approval documentation. PA compliance target: 95%+.
7. Payer credentialing: Verify provider credentialing current with all payers. Update yearly. Target: 100% current.
8. OIG exclusion: Check SIED/LEIE database monthly. Verify no employees, contractors, or referring physicians are excluded. Target: 100% clear.
9. HIPAA: Verify standard transactions (837/835). Check minimum necessary on claims. Annual training mandatory. Compliance: 100%.
10. Claim status: Track claim volume, days in accounts receivable, denial rates, and appeals. Monthly reporting to management.

Timeline & Enforcement

Compliance audits should run monthly with quarterly summary reports. Annual comprehensive review required by management. CMS expects documented compliance programs. Lack of compliance documentation increases penalties and suggests institutional negligence. Practices with compliance programs receive reduced penalties in enforcement actions.

How to Comply

1. Assign a compliance coordinator. Designate senior billing staff responsible for audit coordination and documentation.
2. Create audit templates for each of the 10 areas. Document sample selection, findings, error rates, and corrective actions.
3. Schedule monthly audits on high-risk areas. Quarterly comprehensive audits covering all 10 areas.
4. Report audit findings monthly to department managers. Quarterly summary to executive leadership. Document management responses.
5. Implement corrective actions on any finding exceeding error thresholds. Re-audit corrected area in following month.
6. Maintain all audit documentation. Organize by month/quarter/year for easy retrieval during regulatory review.

Common Questions

Related Resources

• ICD-10 CPT Coding Compliance
• Documentation Requirements
• Modifier Usage Compliance
• Claim Bundling Compliance
• High-Risk Billing Audit Areas