#What an ABA audit packet has to prove

A payer audit or record request is not only asking whether a note exists. It is testing whether the record supports the service billed: eligibility, authorization, provider scope, service code, units, medical necessity, treatment-plan connection, objective response, and signature.

CMS's Documentation Matters materials emphasize complete, accurate, timely records and note that Medicaid documentation should support claims, medical necessity when required, and availability for review or audit. ABA providers still have to follow the stricter rule when a state Medicaid program, commercial payer, agency policy, or contract adds requirements.

#The ABA documentation audit checklist

Start with the date range and claim list. Then build a packet that proves each paid claim from the top down: authorization, treatment plan, service note, data, provider credential, and unit reconciliation. Do not wait until the reviewer asks twice; missing records are often treated differently from imperfect records.

The checklist below is designed for internal QA, payer record requests, Medicaid reviews, and commercial insurance audits. It is not a legal standard, but it covers the documents most ABA teams need to reconcile before submission.

  • Audit request letter, payer, client, date range, deadline, requested codes, and submission method
  • Authorization or reauthorization letter with approved dates, units, service codes, settings, modifiers, and provider type
  • Treatment plan or plan of care active on each billed date
  • Medical necessity summary, assessment report, FBA, BIP, and progress report when requested or clinically relevant
  • Signed session notes for every billed date of service
  • Start time, end time, total duration, breaks, service code, modifier, units, setting, provider, and client presence
  • Goals or targets addressed, procedures implemented, objective client response, barriers, and next-step plan
  • Supervision, protocol modification, caregiver training, and coordination-of-care records when those services were billed or required
  • Provider credentials, NPI or agency identifiers, signatures, dates, and late-entry or amendment history
An audit-ready ABA record is not one perfect note. It is a reconciled packet: every billed date, unit, goal, provider, authorization, and signature tells the same story.

#Session note review

Session notes are usually the first place a documentation audit finds problems because they have to reconcile clinical work and billing detail on the same page. Every note should make the billed service clear without requiring the reviewer to infer what happened from data sheets alone.

For timed ABA codes, reconcile the unit math before reviewing prose. A beautifully written note with a time mismatch is still a problem.

  • Client, date, setting, provider name and credential are present
  • Start and end times support the billed units after breaks or non-billable time are removed
  • CPT or service type matches the service actually documented
  • Goals, programs, or behavior targets match the active treatment plan
  • Interventions are specific enough to show what was implemented
  • Objective data are included: trials, percentage, frequency, duration, latency, ABC data, or caregiver-performance data
  • Client response and barriers are session-specific
  • Next-step plan is clinically reasonable and within provider scope
  • Narrative is not cloned across dates

#Authorization and medical necessity review

A record can have complete notes and still fail if the authorized service period or requested intensity is unclear. Reviewers often compare the authorization, treatment plan, progress report, and session notes for contradictions.

The safest audit packet tells one story: the assessment identified the need, the treatment plan described the service, the authorization approved it, and the session notes show it was delivered as billed.

  • Authorization dates cover the audited services
  • Requested and approved units match the claim history
  • Service setting and provider type match the payer approval
  • Treatment plan includes goals, baselines, mastery criteria, service intensity, caregiver involvement, and review dates
  • Medical necessity language is supported by assessment findings and functional impact
  • Progress report supports continued need during reauthorization periods
  • Discharge, step-down, or transition plans are documented when services changed

#Supervision and protocol-modification review

Supervision and protocol-modification records should not read like ordinary direct-service notes. They should show oversight, data review, clinical decision-making, treatment-integrity findings, direction to staff, and follow-up.

If 97155 or another supervision/protocol code is part of the audit, separate the BCBA's clinical work from the technician's direct implementation so the reviewer can see why the service was billed.

  • Supervisor, supervisee, client, date, setting, contact format, and time are documented
  • Direct observation or client-focused supervision activity is clear
  • Data reviewed and clinical rationale are documented
  • Protocol change, direction, or decision to maintain the protocol is stated
  • RBT or staff feedback, modeling, rehearsal, or coaching is described
  • Treatment-integrity or fidelity findings are included when observed
  • Follow-up owner and next review date are documented

#What to fix before submission

An internal audit should separate fixable administrative gaps from clinical record problems. Administrative gaps might include missing signatures, wrong attachment order, or missing authorization letters. Clinical problems include unsupported units, copied narratives, undocumented medical necessity, or services that do not match the plan.

Do not rewrite history. If your agency allows late entries or amendments, follow the policy exactly: identify the author, date, reason, and original record. Records should never be altered in a way that hides the original content.

  • Missing signatures or credentials
  • Wrong date range, wrong client, or incomplete claim list
  • Notes that do not reconcile with billed units
  • Cloned wording across multiple dates
  • Treatment plan expired before the billed service date
  • Authorization period or code mix does not match the claim
  • Medical necessity, caregiver training, or supervision rationale is not supported by the record
  • Late entries or amendments are not clearly identified

Frequently asked

3 questions
What documents are needed for an ABA audit?
An ABA audit packet commonly includes the audit request, authorization letter, treatment plan, assessment or medical-necessity documentation, progress report, signed session notes for each billed date, data sheets when requested, supervision or protocol-modification notes, caregiver-training records, provider credentials, billing-unit reconciliation, and signatures.
What makes ABA documentation audit-ready?
ABA documentation is audit-ready when each billed service is supported by the active authorization and treatment plan, the note includes accurate time and units, the goals and interventions are specific, objective data show client or caregiver response, provider scope is clear, signatures are complete, and copied language is avoided.
Can cloned ABA notes cause a clawback?
Yes. Cloned notes can make it look like the record does not reflect the unique service delivered on each date. They are especially risky when the copied language does not match the data, billed time, treatment-plan goals, or client response for that session.

Filed by the BxScribe Clinical Team · Updated May 19, 2026