What happens if your sleep lab is selected for an audit? What should your sleep lab do? What should your lab expect during the audit process? Which documents will be requested by the auditor from your lab? How should your lab respond to a document request during an audit? Who is involved during the audit process? All of these questions should be addressed and answered well before an audit request letter arrives in your mailbox. If your lab receives an audit letter, that audit request most likely will trigger a frenzy of activity and may even be the cause of several sleepless nights for the lab’s administrator and staff. Audit letters and the actual audit process can strike fear in the hearts of even the most well-managed and efficiently operated sleep labs. An audit letter may also trigger a primal “fight or flight” response by the sleep lab’s owners, administrator, and staff. While catching the next flight to a Caribbean island may sound appealing while you think about a pending audit, that really is not a viable option. Your best bet is to be prepared. Following a nine-step action plan that includes diligent documentation, communication, education, and training can secure your readiness.


Given the current climate of increased government scrutiny and the complex regulatory landscape, sleep labs and sleep professionals must ensure ongoing compliance with all applicable state and federal regulations. It’s best to adhere to the Scouts motto, “Be prepared.” Sleep labs need to be ready for an audit prior to receiving a letter from the Centers for Medicare and Medicaid Services (CMS) or from one of CMS’ contractors that conduct audits. Preparedness will also serve you well in the event that a third-party payor (commercial insurer) may also periodically conduct an audit to review claims submission, billing practices, and utilization of services by the payor’s enrolled members.

Medicare “in-house” and “field” audits are conducted to provide reasonable assurance that Medicare payments are based on CMS’ guidelines, regulations, and reimbursement principles, and to assist the agency in developing other information it needs to fulfill its responsibilities.

An in-house audit is an examination by CMS of the sleep lab’s financial transactions, accounts, and reports that relate to the Medicare payment made by CMS to the lab to test the lab’s compliance with applicable Medicare regulations, manual instructions, and directives. A field audit examines the same areas but the audit is on-site.

While sleep labs are not required to file cost reports with CMS, audits can take several shapes and forms, and the audit process may include aspects of both an in-house and field inspection of the lab’s financials, billing, and documentation.

There may be certain factors that trigger a Medicare audit, including receipt of new provider status, change of ownership, a fraud and abuse investigation directed by the Office of Inspector General (OIG) or the Department of Justice (DOJ), or the fact that your lab has never been audited and your number is up. The likelihood that your sleep lab will receive an audit request letter in the future also stems from the increasing annual number of sleep studies reimbursed by CMS for Medicare patients; several years ago, the OIG began including sleep providers on the annual OIG Work Plans.

Sleep providers should be aware that the US Attorney General and Department of Health and Human Services (DHHS) announced the creation of the Health Care Fraud Prevention and Enforcement Action Team (HEAT) on May 20, 2009. HEAT is a new interagency effort to combat Medicare fraud and abuse. HEAT includes senior officials from the DOJ and DHHS who will build upon existing programs to investigate Medicare fraud. The team will employ new resources and technology in an effort to prevent fraud, waste, and abuse. HEAT’s efforts will also include the expansion of the joint DOJ/DHHS Medicare Fraud Strike Force teams that have been working in South Florida and Los Angeles with expansion to Detroit and Houston. It is anticipated that HEAT’s enforcement efforts will trigger future audits for Medicare providers.


Sleep labs should consider the following nine steps in order to be prepared for an audit and to avoid any potential pitfalls:

  1. Conduct a periodic review of the lab’s policies and procedures, and ensure that all policies and procedures are implemented, updated, and executed. Make sure there is corresponding documentation that provides evidence of compliance with the policies and procedures. Such documentation should be readily available.
  2. Frequently conduct education and training for the lab’s staff regarding regulatory compliance issues. It is imperative that all reimbursement procedures conducted by the lab, specifically billing and coding policies and procedures, be fully understood by the lab’s staff to ensure compliance.
  3. Consistently conduct patient chart reviews. Conducting an internal patient chart review can be a very effective tool for targeting areas that need to be improved and continually monitored. Subsequent patient chart reviews should address any previous concerns or cited deficiencies. Make sure the patient charts are stored and retained in compliance with all applicable state and federal regulations.
  4. Make sure that all employees and independent contractors of the sleep lab understand the audit process and what they can expect to happen if the sleep lab receives an audit request letter. Provide information and guidance to the lab’s employees to assist your staff in understanding how they should interact with CMS or CMS’ contractors during the audit process.
  5. Periodically walk through your sleep lab and observe how patients are receiving care from the lab’s staff. Consider who has access to the patient’s records, including financial documentation, and make sure to protect the confidentiality of all patient records pursuant to the federal HIPAA privacy and security regulations and applicable state regulations.
  6. Ensure that HIPAA Business Associate Agreements are executed with any third party or vendor who has access to patients’ protected health information. The signed Business Associate Agreements should be maintained in a binder for review by the auditor. Copies of all signed contracts, including lease, equipment, professional service, and consulting agreements, should be retained by the sleep lab.
  7. If your sleep lab has a compliance plan, make sure that the compliance plan is available for review by the auditor. It is important that the lab’s compliance plan is not just a document placed in a binder on a shelf that gathers dust. An effective compliance plan should contain written standards of conduct; an education and training plan and related objectives; identification and enforcement procedures for disciplinary procedures; internal auditing, monitoring, and reporting procedures; and provisions for investigations and corrective action.
  8. Conduct employee background checks prior to employment by the sleep lab. Make sure that all employee personnel files are maintained and updated throughout the course of the employee’s tenure at the lab. Ensure that employees have the appropriate licensure, registration, and/or certification to provide services to Medicare patients. Documentation of licensure, registration, and/or certification should be maintained in the employee’s personnel files and available for review by the auditor.
  9. Ensure that copies of all licensure, accreditation, registration, and certification for the sleep lab are available and readily accessible to the auditor. It is also imperative that the sleep lab keep copies of all correspondence with state and federal agencies.


Some of the common elements of these nine “Be Prepared” steps for an audit is documentation, communication, education, and training. Your sleep lab should develop, maintain, and retain comprehensive documentation that tracks the services provided to the lab’s patients and demonstrates compliance with all applicable state and federal regulations. The sleep lab’s policies and procedures and corresponding compliance plan also should be utilized to demonstrate regulatory compliance. Sleep labs should always strive for professional, thorough communication with its patients and staff. Educating and training the sleep lab’s staff, including independent contractors, regarding regulatory compliance issues is a key step in being prepared for an audit.

An auditor who conducts an in-house or field audit of your lab most likely will not have any previous knowledge of the administration and operations of the facility. The documentation provided by the lab to an auditor will be the auditor’s first impression of how the lab operates and provides medical services to its patients. Keep in mind that any verbal or written communication that you have with the auditor during the audit process will be utilized by the auditor and will be factored into their findings and report.

Make sure that you are not caught off guard if your lab receives an audit request letter. You do not want to scramble to find documents during the audit process. Be prepared for an audit prior to receiving a letter to avoid undue anxiety and stress-induced insomnia. Your sleep lab also may consider consulting with a health care attorney who is well versed in regulatory compliance, including reimbursement issues, regarding the lab’s operations and documentation. Careful and meticulous preparation by the lab’s administrator and staff should enable the lab to avoid potential difficulties and be prepared if an audit request letter is received by your lab.

Jayme R. Matchinski, Esq, is a partner with the law firm of Hinshaw & Culbertson LLP, in Chicago. She concentrates her practice on health care law and has counseled sleep disorder centers, physicians, and health care providers nationally. The author can be reached at [email protected].