Coding audits: what they are and how to be audit-defensible
A coding audit is a systematic review of coded claims and the documentation behind them, to confirm the codes are accurate, supported, and compliant. Audits can be prospective (before the claim is billed, to catch errors) or retrospective (after submission, to measure real-world accuracy), and internal or external — including payer and Recovery Audit Contractor (RAC) audits. The goal is audit-defensible coding: every code provably supported by the chart.
What a coding audit is for
A coding audit is a first line of defense. It surfaces inaccurate or outdated codes, services billed without documentation, over- and under-coding, and modifier misuse — before they turn into overpayment recovery, denials, or fraud-waste-and-abuse exposure. Done well, it protects revenue and compliance at the same time.
Prospective vs retrospective
| Prospective (concurrent) | Retrospective | |
|---|---|---|
| When | Coded but not yet billed | After the claim is submitted |
| Value | Fix errors before they leave the door | Measure real-world accuracy under pressure |
| Trade-off | Prevents problems; needs to keep up with volume | Most common; finds issues after the fact |
Internal vs external (including RAC)
Internal audits are run by the organization to find and fix issues on its own terms. External audits come from outside — payers and CMS Recovery Audit Contractors (RACs), whose selections are increasingly driven by machine-learning models that flag aberrant patterns such as E/M up-coding and modifier misuse across provider groups. The difference in posture is everything: you want to find your issues internally, prospectively, before an external auditor finds them retrospectively.
What auditors look for
- Unsupported codes — billed but not substantiated by the documentation.
- Over-coding and under-coding — the level billed doesn't match the work documented.
- Modifier misuse — e.g., modifier 25 applied without a separately identifiable E/M.
- Missed or mis-sequenced codes — unreported procedures, missed secondary diagnoses.
- Documentation gaps — the chart doesn't tell the story the codes claim.
What makes coding audit-defensible
Audit-defensibility comes down to one question an auditor will keep asking: “show me where the chart supports this code.” Coding is defensible when every code can be traced to the specific documentation that supports it, with a clear record of the rule applied and how it has changed over time. If that trace is one click away, audits stop being fire drills.
How Capsa makes coding audit-ready by design
Capsa is essentially a continuous prospective audit on every encounter. Each recommended code links to the rule that produced it and the verbatim chart text that triggered it, at the exact version that ran — and rules, codes, and examples are versioned together with full history and side-by-side diffs. So the “show me where the chart supports this” answer is built in, and accuracy is tracked with scope-aware precision and recall against what your coders actually billed.