CMS Program Audit Findings & Key Preparation Tips

CMS released the 2021 Part C and Part D Program Audit and Enforcement Report on June 7, 2022. Highlights of the report indicate the average audit scores increased over the last report, stating 2020 average overall audit score of 0.15 to 2021 average overall audit score of 0.44. It’s worth noting, there were 27 plans audited in 2021, compared to 6 plans in 2020.
CMS Program Audit

The civil money penalties (CMPs) also increased, with CMS imposing 16 CMPs for 2021 totaling $1,043,953 and as compared to six CMPs totaling $514,969 for 2020.

Throughout this report, CMS encourages plans to review the results and tips to continue performance improvement at your plan. The ability to generate accurate universes is key. An internal review of the data should be completed prior to submission. A reminder to include delegates in the collection and consolidation of universes is highlighted. CMS also encourages plans to perform mock audits that may help identify problematic areas or where non-compliance is present.

CODY® Tips for a Successful Audit

  • Look for data issues every month. Run data universes regularly to avoid surprises. Train key staff to identify issues and look for corrections. Use an internal quality review process to review data reports and outputs to ensure your data is up-to-date.
  • As CMS noted, include your delegates in data reporting. Have your delegates produce reports on a scheduled basis, in the correct format, layout, data fields, etc. Also practice combining their data with yours to ensure everything lines-up and fields populate correctly.
  • The use of software or a tool can only get you so far. Be knowledgeable on the workflows, how data moves in the process, the staff involved, and who gets the next step. These processes should be in place to understand what needs to happen and when. Software will not fix broken processes. Also, don’t try to rush and implement software during an audit. System implementation should only occur after a complete processes review has been done.
  • If software is in your remediation plan, inform your CMS account manager of any new technology implementations that may affect reporting. Keep CMS apprised of potential issues, including if putting new software in place will affect reporting, or even the validation after an audit. The 2021 audit report identifies transitions to new systems, or updates to legacy systems, as a vulnerability.
  • Engage with a partner for a mock audit. Use a proven company that will dig deep to follow the CMS audit protocols, requirements, and regulations to provide an unbiased report of your plan’s performance.

We’re here to help Part C and Part D plans prepare for CMS Program Audits. Preparation is critical to produce accurate universes and achieve a successful audit.

Your readiness for a program audit should begin well in advance of an audit notice. However, if you have a notice, we can support and guide you through the data collection and responses to CMS. With vast years of experience, CODY’s experts support end-to-end readiness and all aspects of the Program Audit.

Universe Design Development – we perform systems reviews to help design universes and ensure you get the right data out of your system(s) and into the right universe. We also help map data from your systems and database tables to the universes for reliable data pulls.

Universe Validation – we help evaluate universes for adherence to instructions. Your files are loaded into our analytic tools to provide detailed-accuracy and quality checks. We advise on any necessary data clean-up and recheck results as often as-it-takes to get it right.

Universe Compliance Review – we review your universes for timeliness standards or other potential compliance issues. Our analytic tools perform timeliness checks against compliance standards and can identify potential processing issues. A detailed report of results and recommended corrective actions is provided. Your team can use our actionable lists, or we can assist with process enhancements.

Compliance Program Effectiveness (CPE) Universe – this area can be the most challenging during an audit without proper preparation. CODY’s Readiness Review can help identify gaps in your organizations ability to detect, correct, and prevent compliance issues. We perform in-depth interviews of your operational areas, monitor their performance, and evaluate your internal auditing process.

Mock Audits – we take the ‘mock’ CMS auditor role to ensure your staff is confident and knows how to respond to questions when the actual occurs. We share best practices and tips for a successful audit and make sure any problems are corrected BEFORE the CMS audit begins.

FDR Readiness – FDR failures represent a sizable portion of corrective actions from CMS. All readiness activities should actively involve vendors that perform functions under the purview of a program audit.

Since 2006, CODY® has bridged the knowledge gap between health plans serving the Medicare market and the government agencies where they contract. We understand the complexity of working with government healthcare programs. Our team has led the industry for decades—and we have the tools and resources to serve you. To learn more, contact us today for a consultation.


About CODY: CODY® works with over 70 government-funded, commercial, and ACA health plans across 50 states and Puerto Rico. We help align internal operations with CMS guidelines to improve regulatory compliance, maximize performance, and streamline member/provider communications across the enterprise. CodySoft® and Synchronicity™, our proprietary suites of software, are designed specifically for health plans. www.codyconsulting.com