In today’s healthcare environment, the terms RADV audit and OIG audit are surfacing more frequently – often with a fair amount of confusion. While both serve as oversight mechanisms, their goals, scope, and implications for health plans and providers differ. Understanding those distinctions has never been more critical as regulatory scrutiny intensifies.
What is a RADV audit?
Conducted by the Centers for Medicare & Medicaid Services (CMS), a Risk Adjustment Data Validation (RADV) audit focuses on whether diagnosis codes submitted by Medicare Advantage (MA) plans – and in some cases Medicaid and ACA plans – are accurately supported by clinical documentation.
Put simply: Does the provider’s note align with the Hierarchical Condition Category (HCC) codes listed in the patient’s risk profile?
If not, CMS may clawback payments from risk-bearing organizations. With new policies expanding RADV to all MA plans annually and CMS hiring thousands of coders, the audit risk exposure is higher than ever.
What is an OIG audit?
By contrast, the Office of Inspector General (OIG), operating under Health and Human Services (HHS), conducts audits that are broader in scope and emphasize program integrity. These audits can encompass payers, providers, or risk-bearing entities and address diverse compliance risks, including billing accuracy, prescribing practices, and potential fraud, waste, and abuse.
OIG also zeroes in on diagnoses tied to improper payments. As the agency recently noted, “Inaccurate diagnoses may cause CMS to pay improper amounts to MAOs. For this audit, we will focus on diagnoses that are at high risk for not being supported by medical records for a face-to-face encounter with an acceptable provider type and resulted in increased risk-adjusted payments from CMS to MAOs.”
This focus underscores three critical points:
- Legitimacy matters: Diagnoses must be based on valid, in-person visits with qualified providers
- High-risk codes get extra attention: Auditors check these first because they can increase payments without enough proof
- Consequences are costly: Unsupported codes can result in significant revenue clawback
In short, RADV audits verify documentation accuracy, while OIG audits investigate the appropriateness and integrity of the entire program.
Key differences at a glance
| RADV audit | OIG audit |
|---|---|
| Governed by CMS | Governed by HHS OIG |
| Narrow focus: diagnosis codes vs. clinical documentation | Broad focus: fraud, waste, abuse, prescribing, improper payments |
| Primarily Medicare Advantage; also Medicaid & ACA | Applies across payers, providers, and risk-bearing entities |
| Outcome: Payment validation, potential clawbacks, and reputational risk | Outcome: Compliance enforcement and penalties |
| Now an annual, routine process | Risk-based, targeted investigations |
Implications for health plans
For payers, the risks are distinct but equally critical. RADV audits require precise alignment between clinical documentation and submitted codes. Meanwhile, OIG audits call for stronger governance, including robust compliance programs, proactive monitoring, and the ability to demonstrate integrity across care delivery. Both types of audits emphasize the need to shift from reactive fixes to proactive preparation.
Implications for health systems
While providers may not directly lose money in a RADV audit, payer partners often respond with stricter record requests and documentation standards. OIG audits can hold providers directly accountable for billing, prescribing, or quality-of-care issues. For clinicians, the safest path is using the M.E.A.T. framework – Monitor, Evaluate, Address, Treat – to ensure compliant documentation and quality care.
Looking ahead: mitigating audit risk
With the increase in RADV audits now annual across all Medicare Advantage organizations and OIG’s expansive oversight, nearly every health plan will face scrutiny. The question is not if, but how prepared you are.
Key steps include:
- Leveraging terminology solutions that ensure diagnosis specificity at the point of care
- Reconciling clinical documentation with submitted codes through internal reviews
- Using clinical AI to proactively flag anomalies before regulators do
- Building governance structures that emphasize compliance and fraud prevention
At IMO Health, our solutions are designed to capture the required level of specificity to ensure clinical intent, giving providers and payers confidence that what is documented during encounters matches patients’ risk profiles. This level of precision not only improves patient care but also ensures a stronger defense against audit risk.
IMO Health impact on HCC capture and reimbursement
RADV is narrow but relentless, while OIG is expansive and enforcement-driven. Together, they signal that in an era of heightened oversight, accuracy and integrity are non-negotiable.
By streamlining systems that improve documentation precision and compliance readiness, health plans and providers can not only withstand audits, but also build more resilient and trustworthy care organizations.
Set up time with an IMO Health expert today and ensure your organization is ready for a RADV audit.
