Email:  info@globaltechbilling.com   Call: (424) 231-4181

  Business hours: 9:00 AM to 5:00 PM | Monday to Friday

Request a demo

Cardiology Audit Risk Checklist

By /

Cardiology is one of the highest-audit specialties due to the volume of diagnostic testing, high-value procedures, complex bundling rules, and wide variation in physician documentation styles. RAC, MAC, commercial payers, CERT, ZPIC/UPIC, and OIG compliance units frequently review cardiology claims.

This checklist outlines major audit triggers, documentation must-haves, and coding scenarios that require special attention across non-invasive diagnostics, nuclear imaging, E/M, interventional cardiology, electrophysiology, and device management.

High-Level Audit Risk Categories in Cardiology

Auditors typically target:

1. Overuse or Misuse of Diagnostic Testing

Especially:

  • Stress tests
  • Echo and Doppler studies
  • Nuclear cardiology (SPECT/PET)
  • Holter / extended ECG services
  • ABI / vascular ultrasound

2. Documentation Insufficiencies

Missing:

  • Indications
  • Interpretation elements
  • Signatures
  • Medical necessity justification

3. Component Billing Errors

Incorrect use of:

  • 26 (professional)
  • TC (technical)
  • Global billing

4. Modifier Misuse

Especially 25, 59, XS, RT/LT, 76/77, 24/57/79.

5. Invasive Procedure Bundling Errors

Cath lab, PCI, EP, PVI, and device-related services are heavily audited.

6. Upcoding / Downcoding

Missing documentation to support complete vs limited, or single vs multiple studies.

The following sections provide specific, detailed triggers + required documentation for each cardiology area.

Echocardiogram & Doppler (TTE/TEE) Audit Triggers

Risk Trigger 1: Using 93306 without documenting Doppler + color flow

93306 requires:

  • 2D
  • M-mode (if used)
  • Spectral Doppler
  • Color flow Doppler
  • Missing any of these may lead to downcoding to 93307 or 93308.

Documentation Must Include:

  • Valve morphology + function
  • Chamber dimensions
  • LV function + EF
  • Doppler velocities/gradients
  • Color flow interpretation
  • Pericardial findings
  • Aortic root and IVC when medically relevant

Risk Trigger 2: Billing limited echo (93308) repeatedly without justification

Repeated limited studies within short intervals flag:

  • Overutilization
  • Lack-of-medical-necessity audits

Risk Trigger 3: TEE reports missing sedation information

Required elements:

  • Sedation type & dosage
  • Probe insertion details
  • Indications
  • Complete interpretation
  • Complications (if any)

Stress Testing Audit Triggers (93015–93018 + Stress Echo)

Risk Trigger 1: Stress tests without documented indications

Auditors commonly deny stress tests with indications such as:

  • “Routine follow-up”
  • “Check-up”
  • “Chest pain” without characterization

Indications must include:

  • Symptoms (exercise intolerance, dyspnea, exertional pain)
  • Risk factors
  • Equivocal ECG/Echo findings
  • Preoperative assessment (with justification)

Risk Trigger 2: Billing 93015 when components are divided

Use only when:

  • Supervision
  • ECG tracing
  • Interpretation
  • are done by the same entity.

Risk Trigger 3: Stress echo without required stress parameters

MUST include:

  • Type of stress (exercise or pharmacologic)
  • Duration, METs, peak HR/BP
  • Reason for termination
  • Baseline & post-stress echo findings
  • Wall motion analysis

Missing wall motion assessment is a leading audit failure.

Nuclear Cardiology (SPECT/PET) Audit Triggers

Risk Trigger 1: Incorrect use of 78451 vs 78452

  • 78451 = single study
  • 78452 = multiple studies
  • If rest + stress were done → 78452 only.

Risk Trigger 2: Missing tracer dose + timing documentation

Auditors check for:

  • Radiopharmaceutical name
  • Dose (mCi)
  • Injected times
  • Imaging start times

Risk Trigger 3: Missing stress protocol details

Especially for pharmacologic stress.

Risk Trigger 4: Overutilization of nuclear overecho

Auditors compare:

  • Prior stress echo or TTE results
  • Clinical appropriateness

Prior authorization is crucial with commercial payers.

Cardiac Catheterization & PCI Audit Triggers

Cardiac catheterization is one of CMS’s most scrutinized services due to bundling rules.

Risk Trigger 1: Billing diagnostic cath when prior images exist

Diagnostic cath is NOT billable if:

  • Recent angiography exists (90–180 days depending) AND
  • No change in clinical status AND
  • The decision for PCI was already made

Documentation must explicitly state:

  • Why was repeat angiography necessary
  • What changed clinically

Risk Trigger 2: Unbundling PCI components

PCI includes:

  • Catheter placements
  • Angioplasty
  • Imaging used to guide therapy in the same vessel

IVUS/OCT + FFR are separately billable only when medically necessary and documented.

Risk Trigger 3: Incorrect coronary modifiers

Required for each treated vessel:

  • LD (LAD)
  • LC (circumflex)
  • RC (right coronary)
  • LM (left main, payer dependent)
  • RI (ramus intermedius, payer dependent)

Missing or mismatched modifiers → automatic denials.

Risk Trigger 4: Lack of medical necessity for staged PCI

Auditors flag staged PCI within 90 days unless:

  • Clearly staged for clinical reasons
  • Documented as staged in the original cath report
  • Different lesions were treated

Modifiers:

  • 58 = staged
  • 78 = complication requiring return to the cath lab

Electrophysiology (EP) Audit Triggers

Risk Trigger 1: Ablation procedures without documented arrhythmia

Documentation must include:

  • Type of arrhythmia (AF, SVT, VT, atrial flutter)
  • Evidence of arrhythmia
  • Mapping performed
  • Ablation details
  • Endpoints & post-ablation outcomes

Risk Trigger 2: Mapping codes improperly billed

If mapping is bundled into the primary ablation code, separate billing is disallowed.

Risk Trigger 3: Add-on EP codes without supporting documentation

Examples:

  • Additional linear lesions
  • 3D mapping
  • Intracardiac echo
  • Ensure clear indication & benefit.

Pacemaker & ICD Audit Triggers

Risk Trigger 1: Generator changes without ERI/EOL documentation

MUST include:

  • Battery life
  • Generator status
  • ERI/EOL evidence from interrogation

Risk Trigger 2: Billing lead replacement vs repositioning incorrectly

  • Replacement = removal + insertion
  • Reposition = adjustment

Misclassification is a major audit target.

Risk Trigger 3: Interrogation vs programming confusion

  • Interrogation = review only
  • Programming = actual parameter changes

Must document specific setting changes for programming codes.

Risk Trigger 4: Missing device serial numbers

Implant and revision procedures require:

  • Lead serial numbers
  • Generator model + serial
  • Manufacturer

Peripheral Vascular Intervention (PVI) Audit Triggers

Risk Trigger 1: Wrong initial vs add-on code assignment

Each territory (iliac, fem-pop, tibial-peroneal) allows one initial code per session.

Risk Trigger 2: Poor documentation of vessel/segment

Reports must identify:

  • Vessel
  • Segment
  • Lesion length
  • % stenosis
  • Pre/post results

Risk Trigger 3: Using atherectomy + stent combination codes without justification

E.g., 37227 or 37235 requires documentation of both atherectomy AND stenting in the same vessel.

Risk Trigger 4: Unsupported diagnostic angiography

Rarely separately billable unless criteria are met.

E/M Visit Audit Triggers (Office & Inpatient)

Risk Trigger 1: Modifier 25 misuse

Modifier 25 should only be used when:

  • A procedure is performed
  • AND a significant, separately identifiable E/M occurs

Auditors look for:

  • Template-based notes
  • Bullshit/filler symptoms
  • No separate assessment/plan beyond procedural consent

Risk Trigger 2: Use of time-based coding without total time documentation

For time-based visits, you must include:

  • Total time spent
  • What time was spent doing (counseling, data review, care coordination)

Risk Trigger 3: High-level coding (99214–99215 / 99223)

Expect to justify:

  • Complexity
  • Risk
  • Data review
  • Decision-making elements

Telehealth Cardiology Audit Triggers

Risk Trigger 1: Missing patient consent documentation

Required once per year by most payers.

Risk Trigger 2: Incomplete telehealth-specific documentation

Must state:

  • Location of the patient
  • Location of clinician
  • Mode of telehealth (audio or audio/video)

Risk Trigger 3: Billing in-person-only codes via telehealth

E.g., stress test monitoring or interpretation without proper data transmission.

General Compliance Checklist (Daily Use)

Documentation MUST:

  • Include complete indications
  • Identify the anatomy or vessel
  • Include quantifiable findings (severity, size, gradients, EF, etc.)
  • Reflect interpretation and medical decision-making
  • Be signed and dated
  • Match the CPT/HCPCS codes billed

Coding MUST avoid:

  • Double-billing bundled services
  • Using modifiers to bypass NCCI edits without justification
  • Unnecessary add-on codes
  • Billing diagnostics without required interpretation

Operational MUST:

  • Track global periods
  • Maintain prior authorization logs
  • Match ordering vs interpreting provider roles
  • Validate technical vs professional components
  • Reconcile radiopharmaceutical doses and units

Conclusion

Cardiology billing carries significant audit exposure because of high-cost imaging, complex procedural coding, and dependencies on detailed physician documentation. Many denials and audit findings stem from missing indications, unclear vessel anatomy, incorrect CPT selection, or misuse of modifiers.

Standardizing report templates, training clinicians on documentation essentials, and performing internal audits greatly reduces risk. Practices often collaborate with specialized cardiology RCM teams—such as Global Tech Billing LLC—to maintain accurate, compliant, audit-ready workflows.

FAQs

1. What is the biggest audit trigger in cardiology?

Missing or insufficient medical necessity documentation for diagnostic testing and imaging.

2. Why are nuclear cardiology studies frequently audited?

Because they involve high cost, strict indications, and complex multi-phase CPT codes.

3. How can PCI documentation fail an audit?

When vessel anatomy, stenosis %, modifiers, or medical necessity for staged PCI are not clearly documented.

4. What is the difference between interrogation and programming audits for device checks?

Programming must show parameter changes; interrogation requires review only.

5. Why do stress tests often get denied?

Insufficient symptoms, vague indications, or incomplete stress parameters.

6. Are diagnostic angiograms always billable with PCI?

No. They require separate indications and decision-making criteria.

7. Why is modifier 25 heavily audited in cardiology?

It is often overused for visits that do not meet “significant and separately identifiable” criteria.

8. What documentation helps reduce audit risk across cardiology?

Clear indications, vessel specificity, complete interpretations, quantifiable findings, and accurate CPT alignment.

A trusted medical billing partner, providing secure, efficient, and results-driven solutions that support the financial health of healthcare practices nationwide.

Facebook-f Youtube Linkedin
Services
Quick Links
Get In Touch

Phone: (424) 231-4181
Email: info@globaltechbilling.com

5396 N Reese Ave Fresno, CA 93722 (Virtual Address)

A trusted medical billing partner, providing secure, efficient, and results-driven solutions that support the financial health of healthcare practices nationwide.

Facebook-f Youtube Linkedin
Services
Get In Touch

23600 Mercantile Rd, Beachwood, OH 44122

© 2026 All Rights Reserved.

Scroll to Top