Building a prior authorization tracking process
A prior authorization tracking process is the documented, repeatable system a practice uses to record every prior authorization request, follow it from submission through the payer's decision, and connect the resulting approval to the claim it is meant to protect. It exists because an approval that no one logged — or one that expired, exhausted its authorized units, or never arrived before the date of service — commonly becomes an avoidable denial. A well-built tracking process turns scattered sticky notes, emails, and portal screenshots into a single source of truth that any team member can read, act on, and hand off without losing the thread.
Updated 8 min read
On this page
Key takeaways
- A tracking process is the system of record that follows each request from submission to decision to billing.
- It centralizes reference data — payer, service, request date, authorization number, and unit and date limits — in one place.
- Deadlines, unit caps, and expiration dates vary by payer and plan and must be actively monitored, not assumed.
- Closing the loop means matching the authorization to the billed claim before submission.
- The same tracking data feeds performance measurement and denial prevention.
What a tracking process is
A tracking process is the structure that sits on top of the day-to-day prior authorization workflow. The workflow describes the sequence of obtaining a single approval — verifying whether a service requires authorization, gathering documentation, and submitting the request. The tracking process, by contrast, records the state of every open request at once and makes that state durable and shareable. One describes how a request moves; the other is the ledger that keeps the practice from losing any request along the way.
The goal is continuity. Authorizations often span days or weeks, cross shifts and staff, and involve back-and-forth with the payer. A tracking process ensures that when the person who submitted a request is unavailable, the next person can see exactly where it stands and what to do next. This article covers designing that system; the ongoing act of checking payer responses and watching due dates is covered in tracking authorization status and deadlines.
System of record, not a second workflow
The core data a tracking log captures
Whatever tool holds the log — a shared spreadsheet, a practice-management worklist, or a dedicated module — it should capture a consistent set of fields for every request. Standardizing these fields is what makes the log searchable, auditable, and safe to hand off. The specific fields a practice needs vary by specialty and payer mix, but most tracking logs record the following.
- Encounter and patient reference
- A non-identifying internal record number that ties the request to the scheduled service, without storing unnecessary detail in the log itself.
- Payer and plan
- The specific payer and plan, because requirements, submission channels, and timeframes are set by each payer's contract and can differ even within one payer's product lines.
- Requested service or item
- The service, procedure, or medication being requested, described in plain terms; the log should reference the concept rather than reproduce licensed code descriptors.
- Submission date and method
- When and how the request went out — portal, fax, phone, or an electronic transaction — which anchors any follow-up clock the payer applies.
- Authorization number
- The authorization number the payer issues on approval, which later must appear on the claim.
- Approved scope and dates
- The approved units or visit count and the valid date span, since approvals are frequently limited to a set quantity and window that vary by payer and plan.
- Status and next action
- The current state (pending, approved, denied, or in appeal) and the date of the next follow-up, so no request goes silent.
Building the process step by step
Define scope and triggers
Identify which services and payers require authorization so the right encounters enter the log in the first place. Requirements change over time and differ by payer, so this list should be reviewed against current payer policies rather than treated as fixed; the sibling article on which services require prior authorization explains how to make that determination.Choose one system of record
Select a single place where every request lives. Consolidating in one tool prevents the divergence that happens when status is scattered across inboxes and portals. A structured authorization status log or a prior authorization request tracker can serve as a starting point.Standardize the data fields
Require the same core fields on every entry so the log is consistent and searchable. Incomplete entries are where requests fall through the cracks.Assign ownership and a cadence
Name who monitors the log and how often it is reviewed. The right follow-up frequency depends on payer response times, which vary and are set by each payer, so the cadence should reflect current payer expectations rather than a single universal rule.Build reminders for deadlines and expirations
Add prompts for approaching decision deadlines, expiring approvals, and near-exhausted units. Whether these are manual or automated, they must be watched actively.Close the loop to billing
Confirm that the approval reaches the claim. An approval that never makes it onto the submitted claim protects nothing.
Monitoring deadlines, units, and expirations
Much of the value of a tracking process comes from what it prevents. Approvals are typically bounded in three ways — a decision deadline the payer works within, a valid date range for the authorization, and a cap on approved units or visits. All three vary by payer, plan, and the service in question, and all three change over time, so the tracking process should surface them rather than assume them.
- Pending requests that are approaching or past the payer's expected response time and need follow-up.
- Approved authorizations whose valid date range is about to end before the service is rendered.
- Authorizations whose approved units or visits are nearly used up, which is closely tied to matching authorized units to billed services.
- Denied requests that may warrant a peer-to-peer review or an appeal, along with the applicable response window.
An approval is not a payment guarantee
Manual versus integrated tracking
Practices generally track authorizations either in a manually maintained log or within a system that is integrated with scheduling and billing. Neither is inherently correct; the right fit depends on volume, specialty, and existing systems. The comparison below highlights the trade-offs across common dimensions.
| Dimension | Manual spreadsheet log | Integrated system tracking |
|---|---|---|
| Visibility across staff | Depends on staff opening a shared file; versions can diverge | State is visible to all users in real time within one system |
| Deadline and expiration reminders | Must be built and watched by hand | Can be automated with worklists and alerts, subject to configuration |
| Data entry risk | Higher risk of duplicate, missing, or mistyped entries | Structured fields and validation reduce, though do not eliminate, error |
| Scaling with volume | Harder to maintain as request volume grows | Absorbs higher volume with less manual effort |
| Performance reporting | Requires manual tallying to measure outcomes | Supports built-in metrics that feed performance review |
The best choice varies by practice size, specialty mix, and the systems already in place, and many organizations use a blend. No single approach is required.
Closing the loop and improving
A tracking process is only complete when it connects back to revenue. Before a claim goes out, the authorization number, approved units, and valid dates should be verified against what is being billed so the two agree. Handling of approvals, denials, and peer-to-peer review then flows from the same log, keeping decisions and their follow-up in one place. When a request is denied or an approval lapses, the log becomes the record of what happened and why, which is exactly the input that authorization-related denials work depends on.
Finally, the accumulated data is worth mining. A consistent log makes it possible to see approval and turnaround patterns, spot payers or services that generate the most friction, and target improvements — the foundation of measuring prior authorization performance. As electronic exchange of authorizations expands, some of this tracking can shift toward electronic prior authorization, though the underlying discipline of capturing, monitoring, and closing out every request stays the same.
Common questions
Is a tracking process the same as the authorization workflow?
No. The workflow is the sequence of steps for obtaining a single approval — checking requirements, gathering documentation, and submitting the request. The tracking process is the system of record that holds the status of every open request at once and makes that status shareable and durable across staff and shifts.
What is the minimum a tracking log should capture?
At a minimum, a log should identify the payer and plan, the requested service, the submission date and method, the current status with a next-action date, and, once issued, the authorization number along with the approved units and valid date range. Standardizing these fields is what makes the log reliable to hand off.
How often should authorization status be checked?
There is no universal cadence. Payer response times and follow-up expectations vary by payer, plan, and service and change over time, so the review frequency should reflect current payer guidance rather than a fixed rule. The point is that every pending request has a scheduled next follow-up so none goes silent.
Does an approved authorization guarantee the claim will be paid?
No. An authorization addresses one requirement, but the claim is still adjudicated for eligibility, medical necessity, correct coding, and timely filing, among other factors. A tracking process reduces authorization-related risk; it does not remove every reason a claim can be denied.
Who should own the tracking process?
Ownership varies by organization. Many practices assign designated staff to maintain the log and monitor deadlines, with clear escalation for denials and peer-to-peer requests. What matters is that responsibility is named and not left ambiguous, so requests do not fall through the gaps.
Key terms in this article
Defined once, on their own pages.
Continue learning
Where to go next in the prior authorization cluster.
Tracking authorization status and deadlines
The day-to-day work of checking payer responses and watching due dates.
Matching authorized units to billed services
Reconciling approved units and dates against what is actually billed.
Measuring prior authorization performance
Turning tracking data into metrics that reveal friction and improvement.
Electronic prior authorization
How electronic exchange is changing where and how requests are tracked.
Set up an authorization tracking workflow
A step-by-step guide to standing up the tracking process described here.
Authoritative sources
- Centers for Medicare & Medicaid Services (CMS) (opens in a new tab)
Federal agency that administers Medicare and Medicaid and publishes coverage, claims-processing, and prior authorization rules.
- CMS Medicare Learning Network (MLN) (opens in a new tab)
CMS education program that issues booklets and fact sheets on Medicare billing, documentation, and program requirements.
- Healthcare Financial Management Association (HFMA) (opens in a new tab)
Professional membership organization that publishes revenue cycle management guidance and leading practices.
