A CMS Audit Checklist for Hospital Price Transparency
Below is a CMS Audit Readiness Checklist designed for hospital CFOs, written to survive an actual enforcement review—not a slide deck review. It is operational, data-backed, and quote-ready. Bookmark this. CMS auditors effectively run this list already.
CMS Hospital Price Transparency Audit Readiness Checklist (45 CFR Part 180)
“CMS is no longer asking whether prices are published. They are verifying whether prices are real.”
This checklist reflects how Centers for Medicare & Medicaid Services actually evaluates compliance today—based on enforcement actions, corrective action plans, and public noncompliance findings.
1. Governance & Ownership
Audit Question | Pass Criteria | Common Failure |
|---|---|---|
Is there a named executive owner? | CFO or Revenue Cycle VP documented | “Owned by marketing / IT” |
Is compliance reviewed quarterly? | Standing review cadence | One-time implementation |
Is audit response pre-planned? | Written response playbook | Scramble after notice |
“Hospitals fail audits not because data is missing—but because no one owns its accuracy.”
2. Machine-Readable File (MRF) Integrity
Requirement | CMS Expectation | Audit Red Flag |
|---|---|---|
Publicly accessible | No login, no gating | CAPTCHA, forms, portals |
All items & services | 100% CDM coverage | “Top services only” |
Dollar amounts only | Explicit numeric prices | Percent-of-charge formulas |
Valid file structure | CSV, JSON, XML | PDFs or broken schemas |
Audit Reality: CMS runs automated parsers before humans ever look at your file.
3. Standard Charges Completeness (All Five Required)
Standard Charge Type | Must Exist? | Verified Against |
|---|---|---|
Gross Charge | Yes | Chargemaster |
Discounted Cash Price | Yes | Self-pay policy |
Payer-Specific Negotiated | Yes | Contracts + claims |
De-identified Minimum | Yes | Cross-payer comparison |
De-identified Maximum | Yes | Outlier detection |
“Missing one price invalidates all five.”
4. Claims-to-Disclosure Reconciliation
Test | CMS View | CFO Risk |
|---|---|---|
Do disclosed prices match 835 adjudications? | Expected | High |
Are bundles reflected correctly? | Required | Severe |
Are units consistent (per day vs per service)? | Scrutinized | Frequent failure |
Are carve-outs handled explicitly? | Mandatory | Often ignored |
“If your transparency data cannot reconcile to claims, it is not defensible.”
5. Payer-Specific Negotiated Rates
Check | CMS Expectation | Typical Gap |
|---|---|---|
Payer + plan specificity | Fully enumerated | Aggregated by payer |
Numeric values | Explicit dollars | Contract logic |
Coverage of all plans | Complete | ‘Major payers only’ |
CMS assumes hospitals can extract this data. “Contract complexity” is not a valid defense.
6. Discounted Cash Price Validity
Test | Pass Condition | Failure Mode |
|---|---|---|
Usable without calling | Price is final | “Call billing” |
Reflects real policy | Matches self-pay billing | Placeholder values |
Updated regularly | Annual minimum | Stale pricing |
“A cash price that requires a phone call is not a price.”
7. Shoppable Services Display
Requirement | CMS Check | Risk |
|---|---|---|
≥300 services | Counted | Immediate citation |
Plain-language descriptions | Consumer-readable | Technical jargon |
Upfront pricing | Before scheduling | Post-visit estimates |
CMS evaluates this from a patient perspective, not a finance one.
8. Data Freshness & Version Control
Area | Expectation | Audit Finding |
|---|---|---|
Update frequency | At least annually | Outdated files |
Change logs | Traceable updates | No history |
Internal validation | Signed-off review | No attestation |
CMS assumes stale data = misleading data.
9. Public Discoverability
Test | Requirement | Failure |
|---|---|---|
Link from homepage | One-click access | Buried pages |
Searchable | “price transparency” | Broken indexing |
Consistent URLs | Stable links | Version sprawl |
CMS actively checks discoverability. Obscurity is treated as avoidance.
10. Audit Defense Readiness
Question | Required Answer |
|---|---|
Can you explain how prices are derived? | Step-by-step |
Can you prove linkage to claims? | Documented logic |
Can you remediate in 45 days? | Operational plan |
“If your price transparency cannot survive a claims-based challenge, it will not survive a CMS audit.”
Bottom Line for CFOs
Audit readiness under 45 CFR Part 180 is not a web exercise. It is a pricing governance discipline. Hospitals that treat it as such pass quietly. Those that don’t learn publicly.
Relevant reading: 45 CFR Part 180 explained