Prior Authorization, Without the Chaos
Learn how to manage prior authorization requests, track authorization numbers, avoid preventable authorization denials, and keep services from getting delayed or unpaid.
Prior authorization touches almost every part of a medical billing and healthcare administrative workflow. It affects scheduling, claim payment, patient communication, provider decisions, staff time, and appeal workload. When it goes wrong — when a service is rendered without required authorization, when an auth number expires mid-treatment, or when the wrong CPT code was approved — the consequences show up on the EOB weeks later.
The goal of this guide is not to make prior authorization easy. It is a time-consuming process by design. The goal is to make it trackable, repeatable, and less likely to fall through the cracks — so fewer services are denied for authorization-related reasons and fewer staff hours are spent cleaning up what could have been prevented.
Quick Reference
| Authorization Step | Why It Matters | What to Document |
|---|---|---|
| Verify insurance eligibility | Confirms active coverage and plan requirements before auth work begins | Coverage dates, payer, plan name, member ID |
| Check whether auth is required | Requirements vary by payer, plan, and CPT code | Who/what confirmed requirement, date verified |
| Gather clinical and provider information | Required for submission; incomplete requests cause delays | Patient demographics, diagnosis, CPT codes, provider NPI |
| Submit authorization request | Starts the clock on the payer's review timeline | Submission date, method, reference number |
| Record authorization number | Needed for the claim; without it the claim may deny | Full auth number, exactly as issued |
| Track valid date range | Services outside the approved dates may not be covered | Start date and end date of approval |
| Track approved units/visits | Exceeding approved units can cause denial | Number approved; update used count per visit |
| Confirm approved CPT/HCPCS codes | Auth for one code may not cover related codes | Exact codes on the authorization |
| Follow up before services are rendered | Pending auths need a decision before scheduling | Follow-up date, status, next action |
| Add auth number to the claim | Claim may deny without the number linked | Box 23 or equivalent electronic claim field |
| Monitor expiration dates | Expired auth causes denials even if services were authorized | Expiration date; renewal needed flag |
| Appeal if denied or not linked | Some auth denials can be overturned | Denial reason, deadline, documentation submitted |
Table of Contents
- What Is Prior Authorization?
- Why Prior Authorization Matters
- Authorization Does Not Guarantee Payment
- Start With Eligibility Verification
- How to Check Whether Authorization Is Required
- What to Gather Before Requesting Authorization
- Submitting the Authorization Request
- What to Document Every Time
- Tracking Pending Authorizations
- Approved Authorizations: What to Check Before Scheduling or Billing
- Adding Authorization Information to the Claim
- Common Prior Authorization Mistakes
- When Prior Authorization Is Denied
- Prior Authorization Denials on the EOB
- Simple Prior Authorization Workflow
- Key Takeaways
- Related Forms and Templates
- Related Guides
What Is Prior Authorization?
Prior authorization — also called prior auth, pre-auth, or pre-certification — is a process where a payer reviews and approves (or denies) a service before it is performed, or before the claim will be considered for payment. The payer is essentially saying: before this service happens, we need to confirm it meets our coverage criteria.
Authorization requirements exist for many services — certain diagnostic tests, imaging, specialist visits, surgical procedures, durable medical equipment, behavioral health services, physical therapy, and others. Requirements vary by payer, by plan, by CPT code, and sometimes by place of service. A service that requires authorization under one patient's plan may not require it under another patient's plan with the same insurance company.
In practical terms, prior authorization means:
- Verifying whether the payer requires it before the service
- Submitting a request with clinical and administrative information
- Waiting for a decision — approved, denied, or pending additional review
- Recording and tracking the authorization number once approved
- Linking the authorization to the claim at submission
- Monitoring authorized date ranges and visit/unit limits throughout treatment
Why Prior Authorization Matters
Prior authorization is not only a billing function. It affects the entire care delivery and revenue cycle process.
Scheduling. Services that require authorization cannot be safely scheduled without first confirming that authorization has been requested and is either approved or expected. Scheduling before confirming auth requirements is one of the most common sources of preventable denials.
Claim payment. Claims for services that required authorization but did not have it — or had it but didn't include it on the claim — typically deny with CO-15 or CO-167 codes. These denials are difficult to appeal and sometimes unrecoverable.
Patient balances. When a service is denied for missing authorization, the financial responsibility often shifts to the patient. Patients who were not informed of this risk in advance are difficult conversations to have after the fact.
Provider workflow. Providers who see patients in good faith, not knowing auth was missing, are frustrated when claims return denied. Prior authorization management is part of protecting the provider-patient-payer relationship from administrative failures.
Staff time. Retroactive authorization requests, appeals, and patient balance disputes all consume more time than a completed authorization workflow would have. The downstream cost of a missed authorization is almost always higher than the cost of verifying it upfront.
Cash flow. Denials for missing or incorrect authorization delay payment. At volume, persistent auth-related denials have a measurable impact on practice revenue.
Authorization Does Not Guarantee Payment
This is one of the most important things to communicate to providers, schedulers, and patients — and one of the most misunderstood concepts in prior authorization.
An authorization number means the payer reviewed the request and determined the service meets their criteria for coverage consideration. It does not mean the claim will automatically pay. A claim with a valid authorization number can still deny for:
- Eligibility issues — patient's coverage was not active on the date of service
- Coding discrepancies — the CPT code on the claim doesn't match the authorized code
- Medical necessity — the claim-level documentation doesn't support the service
- Frequency limits — the service was authorized but the patient has reached an annual limit
- Documentation requirements — the payer requires attached records and none were submitted
- Coordination of benefits — another payer is primary; the secondary processed incorrectly
- Timely filing — the claim was not submitted within the payer's required window
- Payer-specific claim requirements — information missing from the claim form
Start With Eligibility Verification
Authorization work should begin with a current eligibility verification — not with assumptions based on prior visit history. Coverage changes, and the prior authorization requirements under a new plan may be completely different from the previous one.
When verifying eligibility before starting an authorization request, confirm:
- Active coverage on the anticipated date of service — effective date has passed; termination date has not
- Payer name and specific plan name — the plan name matters; auth requirements vary within the same payer family
- Member ID and group number — from the current insurance card; not from a prior visit
- Benefit limitations — visit limits, frequency limits, or exclusions that apply to the planned service
- Copay, deductible, and coinsurance — patient financial responsibility if the service is approved
- Referral requirement — some HMO and managed care plans require a referral in addition to or instead of authorization
- Authorization requirement — whether prior authorization is specifically required for this service under this plan
- Secondary coverage — if the patient has a secondary plan, verify COB order and whether the secondary has its own auth requirements
How to Check Whether Authorization Is Required
Authorization requirements are not universal. A service that requires authorization under one plan may not under another — even within the same insurance company. There is no reliable shortcut for this step.
Ways to verify authorization requirements:
- Payer provider portal — most large payers publish an authorization requirement list by CPT code on their provider-facing portal. This is usually the fastest and most reliable source.
- Call the payer's provider services line — ask specifically whether CPT code [X] requires prior authorization under this member's plan. Document the rep's name, reference number, and the date of the call.
- Provider manual or payer contract — payer-specific authorization requirements are often listed in the provider manual. Manuals are updated periodically; verify you are reading a current version.
- Benefit verification tools — some clearinghouses and billing platforms include eligibility and benefit verification that surfaces authorization requirements.
- Specialty vendor portals — some services (radiology, behavioral health, certain specialty drugs) route authorization requests through a dedicated specialty vendor rather than directly to the payer.
What to Gather Before Requesting Authorization
A complete authorization request submitted the first time is faster than an incomplete request that is returned for additional information. Before submitting, gather:
- Patient demographics — full legal name, date of birth, address
- Member ID and group number — from current insurance card
- Provider NPI and Tax ID — requesting and rendering provider information
- Rendering provider name and credentials
- Facility or practice location — name, address, NPI if applicable
- Diagnosis codes — ICD-10 codes supporting the service
- CPT or HCPCS codes — the specific procedure codes being requested for authorization
- Requested service date range — the dates during which the service is expected to occur
- Number of visits or units requested — the total anticipated volume
- Clinical notes and documentation — medical records, provider notes, or letters of medical necessity supporting the request; payer requirements vary
- Referring provider information — name and NPI if a referral is involved
- Payer submission details — portal URL, fax number, or phone number for authorization requests
Submitting the Authorization Request
The submission method should follow the payer's preferred or required process. Using the wrong submission channel can delay or lose the request.
Common submission methods:
- Payer provider portal — most efficient for tracking; creates a digital audit trail; often the fastest method
- Phone — useful when clinical review is needed quickly, or when the portal is unavailable; always get a reference number
- Fax — still used by many payers; use a cover sheet; confirm receipt when possible
- Electronic authorization tools — some clearinghouses and practice management platforms offer electronic prior auth submission integrated into the workflow
- Referral portal — some HMO plans use a separate referral and authorization system
- Specialty vendor portal — certain services route through specialty review vendors; verify which vendor the payer uses for the specific service
Regardless of method, document the submission: the date, the method, who submitted it, and any reference number or case number issued at submission.
What to Document Every Time
Incomplete documentation is the reason most authorization-related problems are difficult to resolve. Document these fields for every authorization request:
| Field | Why It Matters |
|---|---|
| Date submitted | Establishes when the request was made; important for follow-up timelines |
| Payer | Identifies which payer the request was submitted to |
| Patient name and DOB | Confirms whose authorization this is |
| Member ID | Links the request to the correct insurance record |
| CPT/HCPCS codes requested | Authorization must cover the exact codes being billed |
| Diagnosis codes | Supports the clinical basis for the request |
| Provider name and NPI | Authorization is typically tied to a specific rendering provider |
| Location or facility | Some authorizations are location-specific |
| Auth or reference number | The number that must appear on the claim if approved |
| Pending case number | Tracking number before a final decision; needed for follow-up |
| Approved or denied status | The payer's decision on the request |
| Valid date range | Start and end dates of the approved authorization |
| Units or visits approved | How many services were approved; don't exceed without requesting more |
| Representative name | Name of the payer rep if submitted by phone |
| Call reference number | Confirmation number from the payer for phone submissions |
| Documents submitted | List of records or clinical notes included with the request |
| Follow-up date | When to check back if no decision has been received |
Tracking Pending Authorizations
A submitted authorization request is not a closed task. Pending requests need to be followed up before services are scheduled or rendered. A request that sits unacknowledged for a week may have been lost — and the patient may have a scheduled appointment in two days.
Maintain a tracking log for every open authorization request. Review it daily or at minimum every other business day.
Suggested status values for your authorization tracker:
| Status | Meaning |
|---|---|
| Not Started | Authorization requirement confirmed; request not yet submitted |
| Submitted | Request submitted; awaiting payer acknowledgment |
| Pending Clinical Review | Payer is reviewing; no decision yet |
| Additional Info Requested | Payer has asked for more documentation; follow-up needed |
| Approved | Authorization granted; number issued; claim can proceed |
| Denied | Payer declined the request; review denial reason |
| Peer-to-Peer Requested | Provider is requesting a clinical review call with the payer medical director |
| Expired | Valid date range has passed; renewal may be needed |
| Used / Closed | All approved units used or treatment complete; no further tracking needed |
Approved Authorizations: What to Check Before Scheduling or Billing
When an authorization is approved, do not assume everything is in order before verifying the details. Errors in the authorization itself — wrong CPT code, wrong provider, wrong date range — will cause a claim denial even if the number is present on the claim.
Before scheduling or billing a service against an approved authorization, confirm:
- Authorization number — recorded completely and accurately; no transposed digits
- Patient name and member ID match — the authorization is for this patient with this plan
- Provider and facility match — the authorization names the correct rendering provider and location
- CPT/HCPCS codes match — the authorized codes are the same codes that will be billed
- Units or visits approved — the planned service does not exceed what was authorized
- Date range covers the service date — the planned DOS falls within the approved valid dates
- Diagnosis or condition matches — the authorized condition is the same as what will be documented
- Payer-specific notes or limitations — some authorizations include conditions or restrictions; read the full approval
Adding Authorization Information to the Claim
When a payer requires prior authorization and an authorization has been obtained, that authorization number must appear on the claim for the claim to be processed correctly.
For professional claims submitted on a CMS-1500 or electronically as an 837P, the authorization number is typically entered in Box 23 of the CMS-1500 or the equivalent prior authorization field in the electronic claim. Requirements for where and how to enter the number vary by payer.
Verify the correct field and format with the payer's claim submission instructions or provider manual. When in doubt, call the payer's provider services line and confirm how authorization numbers should appear on claims for this service type.
Common Prior Authorization Mistakes
These are the errors that lead to the most preventable authorization-related claim denials.
- Assuming no auth is required. Authorization requirements are plan-specific and service-specific. Never assume — verify every time.
- Checking auth requirements after the service is rendered. Retroactive authorization is harder to obtain and not always available. Verify before the appointment is scheduled when possible.
- Obtaining authorization for the wrong CPT code. If the code billed on the claim is different from the code authorized, the claim may deny even with a valid authorization number.
- Authorization date range does not cover the date of service. If the service is rendered before the authorization start date or after the end date, the authorization does not apply.
- Units or visits exceeded. Rendering more visits or units than were authorized causes the excess to deny. Request additional authorization before exceeding approved amounts.
- Wrong rendering provider or facility. Some authorizations are provider- or location-specific. Verify that the authorization is for the same provider and location as the claim.
- Authorization number not added to the claim. The number must appear in the correct field on the claim. A valid authorization in the payer's system does not help if it is not on the claim.
- Referral required but missing. Some plans require both a referral and a prior authorization. Missing either one can cause the claim to deny.
- Not documenting call reference numbers. If you call to check auth status and the rep gives you information, document the rep's name and reference number. This is your only record if the information is later disputed.
- Not tracking pending requests. A request submitted and not followed up may sit unanswered past the appointment date.
- Letting authorization expire mid-treatment. For ongoing services, monitor expiration dates and request renewal before the authorization period ends.
- Not submitting requested clinical documentation. If the payer requests supporting records and they are not submitted within the required timeframe, the authorization request may be closed or denied.
- Assuming authorization guarantees payment. It does not. See the section above.
When Prior Authorization Is Denied
An authorization denial is not always the end of the road — but it does require a timely response. The longer you wait, the fewer options you have.
When a prior authorization request is denied:
- Review the denial reason — identify the specific reason the payer gave for the denial; this determines the path forward
- Check whether more information is needed — some denials indicate that additional clinical documentation would support reconsideration
- Request a peer-to-peer review if available and appropriate — a direct conversation between the treating provider and the payer's medical director may help resolve some medical necessity denials; most payers offer this within a defined window following a denial
- Correct and resubmit if the wrong information was submitted — if the request had a coding error, wrong provider, or missing clinical details, resubmitting correctly may resolve the issue
- Appeal if supported by documentation and payer rules — most payers have a formal prior authorization appeal process; follow their specific requirements for submission
- Communicate with the scheduling and provider team — if an authorization is denied and services have not yet been provided, the clinical team needs to know before the appointment
- Document all actions and deadlines — every step taken, every call made, and every submission should be logged with dates and reference numbers
Prior Authorization Denials on the EOB
When a claim is submitted and subsequently denied for authorization-related reasons, the most common codes on the EOB are:
CO-15 — the authorization number on the claim is missing, invalid, or does not match payer records.
CO-167 — the authorization was denied (prior to claim submission, or the claim-level auth review did not pass).
If you received a valid authorization but the claim denied with CO-15 or CO-167, the first step is to verify:
- The authorization number on the claim is exactly correct — no transposed digits, no missing characters
- The authorization number was entered in the correct claim field
- The provider or facility on the claim matches the provider or facility named in the authorization
- The CPT codes on the claim match the codes that were authorized
- The date of service falls within the valid date range of the authorization
- The payer's authorization system shows the auth as active and linked to this patient
If authorization was never obtained for a service that required it, the appeal path is more difficult. Whether an appeal is available, and what documentation it requires, depends on the payer's specific policies. Verify with the payer before proceeding.
Simple Prior Authorization Workflow
A repeatable workflow that the whole team can follow:
- Verify eligibility — confirm active coverage, plan details, and member ID before starting
- Check auth and referral requirement — use the payer portal, provider manual, or call; document the source and date
- Gather documentation — patient demographics, diagnosis, CPT codes, provider info, clinical notes
- Submit the request — use the payer's required method; document submission date and reference number
- Record the reference or case number — immediately; do not wait for a final decision
- Track status — log in your authorization tracker; update status as it changes
- Follow up — before the appointment date; do not let pending requests age without a decision
- Confirm approval details — auth number, valid dates, approved codes, authorized units
- Communicate to the team — notify scheduling and the clinical team of approval or denial
- Add authorization to the claim — correct field, correct number, verify before submitting
- Monitor expiration and units — update used count after each visit; flag renewals early
- Document outcome — record final status in the tracker; close completed authorizations
Key Takeaways
- Prior authorization is a payer's review and approval process before certain services are performed or paid. Requirements vary by payer, plan, and service.
- Authorization does not guarantee payment. A claim with a valid authorization number can still deny for eligibility, coding, documentation, timely filing, or other reasons.
- Eligibility verification is the first step — confirm active coverage and plan-specific auth requirements before starting the authorization process.
- Never assume that authorization is not required. Verify for every service, every payer, every patient — and document who confirmed it, how, and when.
- Gather complete information before submitting. Incomplete requests cause delays.
- Document every step: submission date, method, reference number, auth number, valid dates, approved codes and units, and any calls made.
- Track every pending authorization. A submitted request is not a closed task.
- Confirm the authorization details before scheduling or billing: auth number, provider match, CPT code match, date range, and approved units.
- Add the authorization number to the correct claim field before submitting. A valid auth not linked to the claim is the same as no auth on the claim.
- Monitor expiration dates and unit counts throughout the treatment course. Expired or exceeded authorizations cause denials on later claims.
- When authorization is denied, respond quickly: review the reason, request peer-to-peer if available, appeal if supported, and communicate with the clinical team.
Related Forms and Templates
Use these free resources from MedicalBillingForms.com to support your prior authorization workflow.
Prior Authorization Request Checklist
A checklist for gathering all required patient, provider, payer, and clinical information before submitting a prior authorization request. Includes a post-submission tracking section.
Open form →Prior Authorization Follow-Up Log
A structured log for tracking every open authorization request — from submission through approval, denial, or expiration. Includes a denial and appeal tracker section and status key.
Open form →Referral Authorization Tracker
A log for tracking active referral authorizations — authorization number, approved visits, units used and remaining, expiration date, and renewal status.
Open form →Authorization Call Script
A step-by-step phone script for requesting prior authorizations by phone — covers IVR navigation, identity verification, eligibility confirmation, request submission, and call documentation.
Open form →Prior Authorization Denial Appeal
A template appeal letter for prior authorization denials — includes multiple argument options for authorizations that were obtained but not linked, authorizations that were not required, emergent services, and formal appeal situations.
Open form →Insurance Verification Form
A structured form for documenting eligibility verification results — including authorization and referral requirements, deductible and copay details, and secondary coverage information.
Open form →Clean Claim Checklist
A pre-submission checklist covering all CMS-1500 fields — including Box 23 for authorization numbers and all other required claim elements.
Open form →Claim Correction Worksheet
A worksheet for documenting what was wrong on a denied claim and what was corrected before resubmission — useful for CO-15 and CO-167 corrections.
Open form →Denial Follow-Up Tracker
A structured log for tracking denied claim lines from denial date through resolution — with fields for CARC/RARC codes, deadlines, actions taken, and final outcome.
Open form →Related Guides
Clean Claim Fundamentals
LiveCovers the full pre-submission claim workflow — including how authorization numbers fit into the claim, where common errors enter the process, and how to reduce first-pass rejections and denials.
Read Guide →Working Denials: A Step-by-Step Workflow
LiveWhen an authorization-related denial reaches the EOB, this guide covers the complete denial management workflow — triage, action selection, appeal preparation, and tracking.
Read Guide →Reading an EOB: A Practical Guide
LiveCovers CO-15, CO-167, and other denial codes in context — explaining what each section of an EOB means and what to do when authorization-related denials appear.
Read Guide →Coordination of Benefits Explained
LiveCovers COB order rules and how they interact with prior authorization when a patient has more than one insurance plan.
Read Guide →Patient Billing & Collections Basics
LiveAuthorization-related denials often surface as patient balance questions. This guide covers when (and when not) to bill the patient, payment plans, and balance follow-up.
Read Guide →
Disclaimer
This guide is for educational and organizational purposes only. It is not legal, medical, coding, reimbursement, payer-contract, Medicare, Medicaid, prior authorization, medical necessity, or compliance advice. It does not guarantee authorization approval, claim acceptance, claim payment, appeal approval, reimbursement, or compliance. Always verify payer-specific authorization requirements, current medical policies, documentation requirements, appeal rules, official form instructions, and practice policies.
MedicalBillingForms.com is an independent educational resource. It is not affiliated with CMS, Medicare, Medicaid, NUCC, NUBC, HHS, or any insurance payer.
Last reviewed: 2026 · MedicalBillingForms.com · Published by Sunshine Summit Network