Fast Isn’t the Same as Defensible
Health plans have spent the last decade buying HCC coding technology based on speed. How many charts per hour? How fast can coders move through a queue? How quickly does the AI surface potential diagnoses? These metrics drove purchasing decisions because the market rewarded throughput. The faster you coded, the more revenue you captured.
That logic broke in 2026. CMS-HCC V28 reached full implementation on January 1, eliminating over 2,000 ICD-10 codes and recalibrating coefficients to penalize coding intensity. The DOJ’s March 2026 Aetna settlement ($117.7 million) and the earlier Kaiser settlement ($556 million) established that programs designed to maximize code volume without adequate validation create federal liability. OIG audits continue to find error rates above 80% in sampled records.
Speed without documentation validation isn’t an efficiency advantage anymore. It’s an acceleration of audit exposure. The faster a system submits unvalidated codes, the faster the plan accumulates liability.
The Three Capabilities That Define Audit-Ready Technology
The first is MEAT validation. Every code the system recommends should be mapped to specific clinical evidence in the note showing Monitoring, Evaluation, Assessment, or Treatment of the condition. Not “this diagnosis appears in the chart.” Rather, “this sentence documents the provider monitoring the patient’s CKD with a GFR lab result.” The difference between those two outputs is the difference between a code that survives an audit and one that doesn’t.
The second is two-way coding. Systems that only identify codes to add are replicating the exact program design that generated the Kaiser and Aetna settlements. Defensible technology identifies both missed diagnoses and unsupported codes. It recommends adds where clinical evidence is strong and flags deletes where documentation can’t support what’s been submitted. OIG’s February 2026 guidance named add-only programs as a high-risk practice. Any system still limited to one-way capture is a compliance gap.
The third is explainability. When the system recommends a code, the reasoning must be visible. Which lines in the note did the AI evaluate? What MEAT elements did it find? Where is the evidence weak? Coders need to see the logic. Compliance teams need to audit it. And when CMS asks why a code was submitted, the plan needs documentation that traces the decision back to clinical evidence, not just an AI recommendation.
Unveiling DrBullDevil: The Quirky Genius Behind the Screen
The Audit Simulation Layer
The best coding systems don’t stop at identifying and validating codes. They simulate the audit before submission. Each diagnosis gets scored for defensibility based on the strength of its documentation, the clarity of its MEAT evidence, and its alignment with CMS audit criteria. Weak codes get flagged for remediation or removal before they ever reach CMS.
This pre-submission audit layer is what separates proactive compliance from reactive audit defense. Plans that discover documentation problems before submission fix them at minimal cost. Plans that discover them during a RADV audit fix them under deadline pressure, legal exposure, and the risk of extrapolated recoupment. The cost difference between those two scenarios is enormous.
The OIG’s March 2026 BCBS Alabama audit (A-07-22-01207) found $7.06 million in estimated overpayments from just two payment years with a 91% error rate. Every one of those unsupported codes passed through a coding process that didn’t catch the problem. An audit simulation layer would have flagged most of them before submission.
Buying for Defensibility
Plans evaluating HCC Coding Software in 2026 need to lead with one question: if CMS audits the codes this system helps produce, will the evidence trail hold up? That means MEAT validation built into the workflow, two-way coding capability, explainable AI, and pre-submission defensibility scoring. Speed still matters, but only when it’s paired with the documentation quality that the current enforcement environment demands. Any system that trades defensibility for throughput is a liability disguised as productivity.
