Last week, our team supported two different covered entities during their HRSA audits—each conducted by a different auditor. Despite taking place on back to back days, the audits were vastly different in how they unfolded.

While HRSA follows a standard audit structure, the depth and focus of each auditor can vary significantly. These two audits underscored the reality that no two HRSA audits are exactly alike, and why preparation must go beyond checking the usual boxes.

Sample Review: Detail vs. Efficiency 

Auditor A spent a considerable amount of time digging into the sample claims. She wasn’t just verifying eligibility—she wanted a full story. This meant looking at visits before and after the prescription date, tracking referrals, and ensuring EMR documentation supported a clear continuum of care.

Auditor B took a more streamlined approach. If he could see the patient responsibility clearly established and required documentation was obvious, he moved on quickly.

Mixed Use Monitoring: The Importance of Timing 
Auditor B placed significant emphasis on exact time stamps during mixed use review—ensuring medication administration aligned precisely. Auditor A didn’t look at this at all.

TPA Settings: A Deep Dive vs. a Skip 

Auditor A spent over an hour reviewing the TPA platform’s rules and filters—even requesting info directly from the vendor. Auditor B didn’t touch this area.

Credentialing Documentation: Expanding the Ask 

Historically, HRSA auditors have requested credentialing documentation only for sampled providers. Auditor A asked for credential documentation for every provider on the entity's provider list. Auditor B followed the older precedent.

Medicare Cost Report: Deep Dive for One

Auditor B spent a significant portion of the audit on the Medicare Cost Report; reviewing line items, asking detailed questions, and engaging in in-depth discussions.

Auditor A did not mention the MCR at all.

Self-Audit Documentation: Level of Detail Varies

Another noteworthy difference was around self-audit documentation.

Auditor A requested to see the physical audit files, including the actual spreadsheet showing which claims were audited, when, and how many.

Auditor B took the more traditional route. He asked to see the folder where audits are stored, reviewed naming conventions, and accepted that as evidence of routine auditing. He did not request to open individual audit files.

Final Reflection The audits reinforced one major truth: you can’t predict which details your HRSA auditor will focus on. Your best bet? Build a flexible audit preparation process that can stand up to any review style.

At RxTrail, we help covered entities strengthen their documentation, validate systems, and align practices with P&P—so they’re prepared for whichever audit path unfolds.

‍