CarevonixCarevonix
All articlesMedical Billing

Medical Billing Audit Checklist: Find Lost Revenue in 30 Days

The Carevonix TeamJune 8, 2026 10 min read
Editorial illustration of a magnifying glass scanning rows of claim records and highlighting recovered dollars, representing a billing audit finding lost revenue

Most billing audits are theatrical. This one is operational: a 30-day checklist that finds the lost revenue and shows you exactly where it leaked.

Most billing audits are theatrical. A consultant comes in, pulls a sample of 50 claims, points at a few coding errors, writes a report, and leaves. The practice owner reads it, nods, and almost nothing changes. The lost revenue is still lost.

A real billing audit is operational. It looks at the AR, the denials, the underpayments, the write-offs, the credentialing files, and the patient AR. It quantifies the money that leaked and shows where it leaked from. Done properly inside 30 days, it pays for itself many times over, even for a small practice. This is the checklist.

Why audits find so much money

Revenue leaks in a practice are almost always small holes adding up to a large number. A handful of denials never appealed. A few underpayments per payer per month, compounded across a year. Write-offs taken too quickly. Credentialing lapses on a single provider that quietly denied every claim for six weeks. None of these are dramatic in isolation. Together they routinely add up to 3 to 8 percent of annual collections, which on a million-dollar practice is meaningful money.

An audit is not about blame. It is about pattern recognition. The same handful of leaks tend to repeat, and finding them once protects revenue going forward. For context on the broader RCM mistakes that drive these leaks, our writeup of common revenue cycle management mistakes is worth reading alongside this checklist.

Week 1: Set the baseline and pull the data

Before you look at any individual claim, build a baseline of what good and bad look like for your practice. Pull these reports for the last 12 months at minimum:

  • AR aging by payer and by bucket (0 to 30, 31 to 60, 61 to 90, over 90).
  • Charges, payments, and adjustments by month, by payer, and by provider.
  • Denial detail with CARC/RARC codes for the last six months.
  • Write-off detail by reason code for the last 12 months.
  • Patient AR aging and statement history.
  • Credentialing status for every provider with every active payer.
  • Current fee schedules and contracted rates for the top five payers by revenue.

If your team cannot produce these in a week, that itself is a finding. A practice that cannot see its own AR cannot manage it. For comparison, an end-to-end revenue cycle management engagement should produce all of these on demand within a single business day.

Week 2: Audit the AR and the denials

With the baseline in hand, dig into the two biggest leak categories.

Aged AR review

Pull every account in the over-90 bucket. For each one, answer four questions: Why is it aged? When was it last touched? Is it actually collectible? What is the next action? This single exercise routinely surfaces six figures of recoverable money on a mid-sized practice. Claims that were denied and never reworked. Secondary claims that were never filed. COB issues that were never resolved. Aged AR is mostly forgotten AR, not uncollectible AR.

Denial trend review

Group denials from the last six months by CARC/RARC code. Identify the top five denial reasons and the dollar amount tied to each. Almost every practice has two or three denial codes that account for 60 percent of denial dollars. Those are the targets. A specific fix for each (eligibility tightening, modifier training, COB refresh, credentialing fix) prevents the next 60 days from repeating the last six months.

Week 3: Audit underpayments and write-offs

This is where most audits find the largest hidden number, because most practices never look here at all.

Underpayment review

Take the contracted fee schedule for each of your top payers and compare it line by line against actual paid amounts on a 90-day sample. Any line that paid below contract is an underpayment. You will find them. They cluster around recent fee schedule updates, complex codes, and modifier misapplication on the payer side. Each underpayment is appealable, often successfully, but only if you catch it.

Write-off review

Pull every write-off from the last 12 months and sort by reason code. Look for patterns: small balance write-offs that were taken without effort, timely filing write-offs that point at a process gap, contractual adjustments that look larger than they should. A subset of these were legitimate. A subset were premature. The premature ones are recoverable money sitting in plain sight on your own books.

If your write-off line is more than 2 to 3 percent of gross charges and most of it is anything other than contractual adjustment, that is the first place to dig. Write-offs are where revenue goes to die quietly.

Week 4: Audit credentialing, eligibility, and patient AR

The last week catches the upstream and patient-side leaks that the first three weeks did not surface.

Credentialing audit

Pull the credentialing file for every provider against every active payer. Confirm effective dates, taxonomy, NPI, and group affiliation. Look for any provider whose enrollment lapsed or whose taxonomy changed without an update. A credentialing gap on a single high-volume provider can silently cost more than the entire rest of the audit finds, because every claim from that provider denies in a way that looks like a billing problem rather than an enrollment problem.

Eligibility process audit

Sit with the front desk for a few visits and watch what an eligibility check actually consists of. Is it a real benefits inquiry or is it an active/inactive screen? Does it confirm coverage of the specific service? Does it capture accurate deductible and copay? Does it run again at check-in to catch coverage changes? Most eligibility failures upstream become CO-16, PR-204, and CO-50 denials downstream. Fixing the eligibility step is one of the highest leverage moves in the entire audit.

Patient AR audit

Review the patient aging report and the statement cadence. How long after the EOB posts does the first statement go out? How many statements before the account is escalated? Is there a text payment link, an online payment option, a payment plan offering? Patient AR collected at the desk or in the first 30 days is worth significantly more than the same balance chased at 120 days, and the operational fixes are usually small.

Quantify the findings and prioritize

At the end of the four weeks, the audit should produce a single page that lists the findings, the dollars associated with each, and the recommended action with an owner and a due date. The format does not need to be fancy:

  1. 1.Finding: Top three denial codes account for 62 percent of denial dollars. Estimated recoverable: $X. Action: Targeted training and pre-bill edits. Owner: Billing lead. Due: 30 days.
  2. 2.Finding: Underpayments on Payer A and Payer B totaling $Y over 90 days. Action: Appeal queue and contracted rate loaded into edits. Owner: Senior biller. Due: 45 days.
  3. 3.Finding: Provider C credentialing lapsed with Payer D from March 15 to April 30. Estimated impact: $Z. Action: Backdate enrollment if possible, resubmit affected claims. Owner: Credentialing. Due: 14 days.
  4. 4.Finding: Over-90 AR includes $W in unworked secondary claims. Action: Project sweep. Owner: AR team. Due: 30 days.
  5. 5.Finding: Patient statement cadence averages 18 days post-EOB. Action: Shorten to seven days. Owner: Front office. Due: 14 days.

The 30-day audit checklist at a glance

Print this and work it linearly. The exercise gets easier each subsequent quarter you run it.

  • Pull 12 months of AR, charges, payments, adjustments, denials, write-offs, patient AR, credentialing, and contracted rates.
  • Review every account over 90 days with a four-question framework.
  • Group denials by CARC/RARC for six months and target the top five.
  • Compare paid amounts to contracted rates on a 90-day underpayment sample for your top five payers.
  • Review every write-off by reason code for 12 months and flag premature write-offs.
  • Confirm credentialing status for every provider and every payer, including effective dates.
  • Observe eligibility checks in real time. Confirm depth, not just active/inactive.
  • Audit patient statement cadence and digital payment options.
  • Quantify each finding in dollars. Assign owner and due date.
  • Re-baseline 90 days later to confirm the leaks were actually fixed.

Who should run the audit

There is a fair question about whether an internal audit ever finds the same things an external auditor would. In our experience, an internal team running this checklist for the first time will find roughly two-thirds of what an experienced external reviewer finds, because the internal team is blind to a few patterns by familiarity. The remaining third is usually the most lucrative: write-off conventions that have become invisible, modifier misapplications nobody questions, and credentialing edge cases that look normal because they have always looked that way.

The practical answer is to run the audit internally every quarter and to bring in an external set of eyes at least once a year. The internal cadence catches drift. The external review catches blind spots. Both are cheaper than the lost revenue of doing neither.

Common mistakes that sink an audit

Audits fail for predictable reasons. Watch for these as you run yours:

  • Pulling a sample of 50 claims instead of the full data set. Sampling hides the systemic patterns that matter.
  • Focusing only on coding accuracy. Coding is one of seven categories. The other six often hold more money.
  • Treating the findings as a report rather than an action list with owners and due dates.
  • Failing to re-baseline 90 days later. Without the follow-up, you do not know whether the leaks were actually closed.
  • Letting the audit become a blame exercise. The pattern is the target, not the person.

The bottom line

A real billing audit is not a report on a shelf. It is a 30-day exercise that finds money you have already earned and shows you exactly where the process leaked it. Run the checklist above once and you will recover meaningful revenue from the leaks of the last 12 months. Run it every quarter and the leaks stop reopening, which is when the audit goes from a one-time recovery to a permanent uplift in net collections.

Have Carevonix run your billing audit

Want this kind of operating rhythm in your practice?

Book a 20-minute call. We'll walk through your current workflows and exactly what we'd change.

More from Carevonix

Editorial illustration of a single claim form passing through a clear quality gate while others are routed for rework, representing a high clean claim rateMedical Billing

What Is a Good Clean Claim Rate and How to Hit 95%

A 95 percent clean claim rate is the difference between getting paid in two weeks and getting paid in two months. Here is what it takes to get there.

Editorial illustration of a calendar timeline shrinking from a long bar to a short one, representing a falling days in AR metricMedical Billing

How to Reduce Days in AR: A Step-by-Step Playbook

Days in AR is the single best gauge of how fast your practice turns work into cash. Here is the playbook to pull it down, step by step.

Editorial illustration of a stack of claim forms with colored tabs sorted into recovery bins, representing organized denial managementMedical Billing

The Most Common Claim Denial Codes and How to Fix Each One

Most practices see the same handful of claim denial codes again and again. Here is what each one actually means and the exact fix that gets the money in the door.