What it Takes to be UPIC Audit-Ready (and Who Can Help)

Let’s be clear: A UPIC investigation is serious, and it takes much more than good intentions to survive one.

As a Medicare and Medicaid provider, you’re expected to be audit-ready at all times—but a CMS UPIC audit isn’t like anything you’ve seen before.

UPIC audits are:

And that’s even before you have a chance to truly defend yourself. To protect your organization, you need more than just an ordinary compliance plan.

UPICs are private contractors hired by CMS to detect and investigate non-justice related fraud, waste, and abuse.
Specialized providers are more likely to be targeted—especially home health, hospice, behavioral health, wound care, and private equity-backed providers.
You won’t know you’re being audited until it’s already in motion. By the time you get formal notice, auditors have already built their case behind the scenes.
UPIC audits are punishingly long—6-18 months—which often includes a five-step appeals process.
CMS can suspend payments or begin recoupment before you’ve had your day in court. Some providers have lost millions. Others have lost their licenses, or worse.

UPIC auditors aren’t clinical experts in your area. They don’t know your business, and they likely won’t give you the benefit of the doubt.

That’s why your best chance for surviving a UPIC audit is having the right support team. Here’s who you need by your side:

UPIC audit experts who can review your compliance risk, audit readiness, and documentation.
Legal counsel with direct experience managing UPIC audits and appeals.
Technology to help ensure pristine documentation.
CMS and policy advocates who can work with regulators on your behalf.

A successful UPIC audit defense doesn’t happen alone.