Surprise Billing: 2026 Guide for Practice Owners

June 6, 2026
Blog
18 min read

This guide is for practice owners, not patients. The counterintuitive part of surprise billing today is that the biggest risk often isn't patient backlash. It's payer underpayment, longer A/R, and avoidable write-offs after the No Surprises Act moved the fight from the patient statement to the reimbursement workflow.

That shift matters because your old out-of-network playbook may now create compliance exposure where you expected an advantage. Research has shown the surprise billing market changed from a patient-payment issue to a provider-payer pricing and dispute-resolution issue, and billed and paid prices to providers dropped significantly after reform, with some prior state-level laws associated with a 13.6% decline in prices for affected services, as discussed in this Health Affairs review. If your team still treats NSA claims as ordinary OON billing, revenue leaks into denials, short-pays, and stale accounts. That is a revenue cycle problem, not just a legal one. If you need a refresher on the mechanics, this overview of revenue cycle management frames why NSA compliance now belongs inside core RCM, not off to the side with policy binders.

The New Reality of Surprise Billing for Practice Owners

Before federal protection, surprise billing was common enough to shape national policy. A JAMA infographic reported that 1 in 5 insured adults had received an unexpected out-of-network bill in the prior two years, and 18% of emergency department visits produced at least one surprise bill, according to JAMA. That history explains why payers now push hard on NSA-governed reimbursement and why regulators take enforcement seriously.

For an independent practice owner, the operational change is simple to describe and difficult to execute. You can no longer assume that an out-of-network encounter creates a collectible patient balance. In many covered scenarios, the patient's cost-sharing is limited, and your practice's real financial outcome depends on intake accuracy, documentation discipline, payer response management, and whether your team can defend value in dispute resolution.

What changed inside the revenue cycle

The old question was, "Can we bill the patient for the remainder?"

The new question is, "Is this service protected under the NSA, what amount is the payer obligated to treat as the patient's in-network responsibility, and do we have a clean path to challenge an underpayment?"

That change affects several revenue drivers at once:

  • Charge capture risk: If your team misclassifies a protected service as ordinary OON billing, you may send the wrong statement and trigger rework.
  • Underpayment risk: If you accept the payer's first payment without review, you may lock in a weak reimbursement benchmark.
  • A/R risk: If open negotiation and dispute steps aren't tracked tightly, protected claims age while staff chase the wrong balance.
  • Penalty risk: If notice, disclosure, and consent workflows are sloppy, one front-desk error can turn into a forced write-off plus enforcement exposure.

Practical rule: Treat surprise billing as a reimbursement governance issue. The money is no longer on the patient ledger. It's in classification, documentation, negotiation, and follow-through.

What works and what doesn't

What works is a rules-based workflow. Your team needs to know which encounters are protected, which ancillary services are effectively locked into the NSA framework, and which claims belong in a payer dispute queue rather than patient collections.

What doesn't work is relying on generic financial responsibility forms, manual memory, or a biller who only looks at CPT posting after the visit. In anesthesiology, radiology, pathology, emergency medicine, and facility-based subspecialties, the NSA touches the part of the claim where revenue is either preserved early or lost unobserved.

Which Services Fall Under NSA Protections

The fastest way to lose revenue under the No Surprises Act is to misread scope. If your team cannot identify a protected encounter before the claim goes out, you will either bill the patient when you should be disputing payment with the payer, or accept a payer underpayment that should have gone into review.

A flowchart explaining services covered under the No Surprises Act for emergency and non-emergency medical care.

Services that are generally protected

The NSA applies to a defined set of out-of-network scenarios, not every expensive medical bill. At the practice level, the core protected categories are out-of-network emergency services, air ambulance services, and many non-emergency services furnished by out-of-network clinicians at an in-network facility. In those cases, the patient's share is generally limited to the in-network cost-sharing amount, and the reimbursement fight shifts to the provider-payer side.

That shift matters more than many owners expect. A protected claim is no longer a collections problem. It becomes a classification, payment posting, and underpayment review problem.

The service lines that usually carry the most exposure include:

  • Emergency department professional claims: Out-of-network emergency physicians and groups usually cannot use the patient balance as a backstop for low payer reimbursement.
  • Ancillary services at in-network facilities: Anesthesiology, radiology, pathology, neonatology, assistant surgery, hospitalist care, and intensivist services are common trouble spots because patients do not meaningfully choose those clinicians.
  • Air ambulance claims: Federal protections are explicit here, so billing and payment workflows need to follow the NSA framework from the start.

If your staff still mixes up permitted out-of-network billing with prohibited patient billing, this guide to balance billing under different claim scenarios is a useful reference point.

Services that are not fully protected

Not every out-of-network service falls under the federal rules. Ground ambulance services are a major exception. Some non-emergency services can also fall outside the default protection rules if a valid notice and consent process is completed in the limited situations where the law allows it, as described in the Department of Labor's guidance on avoiding surprise healthcare expenses.

For owners, that creates a mixed reimbursement model across the same practice. One claim may be fully subject to NSA payment limits. Another may still support out-of-network billing if the service type and documentation qualify. That is why service-level classification has to happen before charge entry and again before the patient statement cycle.

Service scenario NSA exposure Revenue implication
Emergency professional service Usually protected Patient balance billing is generally barred
Non-emergency service at in-network facility by OON clinician Often protected Payment disputes move to payer review and dispute workflow
Ground ambulance Not covered by federal NSA protection Billing rules may differ by state and contract setup
Selected non-emergency OON care with valid consent exception Limited exception Revenue depends on strict operational compliance

The owner-level test

Use three filters for every encounter:

  1. Was the service emergency care?
  2. Was the service performed at an in-network facility by an out-of-network clinician or group?
  3. Was the service one of the limited non-emergency situations where a lawful notice and consent exception could apply?

Those questions sound simple. Operationally, they are not. Scheduling may know the facility status, registration may know the plan, the clinician roster may show network participation, and billing may not see the problem until the remittance arrives short.

Practices that protect revenue under the NSA build this logic into intake, claim editing, and payment review. Practices that do not usually find the issue after the patient complains, after the statement is voided, or after the payer has already set the reimbursement floor.

Preserving OON Revenue with Notice and Consent

The notice and consent process is where many OON and partially OON practices either protect reimbursement or accidentally surrender it. A signed financial policy doesn't solve this. A generic waiver doesn't solve it. For non-emergency care, the exception only works when the workflow is compliant from scheduling through claim submission.

A female doctor pointing to a consent form while a female patient prepares to sign it.

Practices that rely on out-of-network reimbursement for elective procedures, procedural consults, or facility-based care need a formal process tied to scheduling, registration, and documentation. If your team treats notice and consent as a front-desk courtesy, the payer will treat it as defective when reimbursement is challenged. That usually leaves you collecting only the protected amount for a claim you thought could support full OON billing. For a broader operational view, this primer on out-of-network billing helps frame where NSA exceptions sit inside the larger OON model.

What a compliant workflow needs

The safest approach is to build notice and consent into pre-service operations, not post-service cleanup. In practice, that means:

  • Early identification: Scheduling must flag whether the encounter is emergency or non-emergency, whether the facility is in network, and whether the rendering provider is OON.
  • Correct document set: The patient needs the required notice and consent materials, not just your standard financial responsibility paperwork.
  • Timing control: The form has to be delivered within the required window for the exception to hold. Waiting until check-in invites failure.
  • Supportive estimate: The financial disclosure has to align with the expected services and charges, so the consent record isn't disconnected from the actual claim.
  • Retention discipline: If your team can't retrieve the signed record quickly during a payer dispute or audit, it might as well not exist.

Where practices usually fail

The most common error isn't bad intent. It's process drift.

A scheduler tells the patient the physician is out of network. A registrar gets a signature. The clinical team assumes the file is complete. Then the claim crosses into a protected category, or the document language doesn't match the service setting, or the timing requirement wasn't met. At that point, your practice has no meaningful right to balance bill even if everyone internally believed the patient "agreed."

A valid NSA consent workflow has to survive payer scrutiny, not just front-desk review.

Practical controls for owners

Owners should audit this process the same way they audit high-dollar denials:

  • Tie notice and consent to appointment type, place of service, and network status
  • Require a pre-service checklist for OON non-emergency encounters
  • Store signed documents in a retrievable location inside the patient account
  • Train physicians on which services cannot rely on consent exceptions, especially ancillary care at in-network facilities
  • Review final claims against the original service scenario before patient statements go out

This is one of those areas where "mostly right" is still financially wrong. If the consent fails, you don't just lose optional paperwork. You lose pricing advantage.

Navigating the Independent Dispute Resolution Process

The No Surprises Act did not eliminate out-of-network payment disputes. It changed who the dispute is with. Once a protected claim is underpaid, the patient usually drops out of the collection equation and the main fight shifts to the payer's reimbursement position. For practice owners, that is the operational change that matters. Revenue that once depended on patient billing now depends on whether your team can challenge underpayments on time, with the right support, and only on the claims worth pursuing.

A six-step infographic illustrating the federal Independent Dispute Resolution process for settling healthcare billing disagreements.

A lot of independent groups still treat these claims like ordinary out-of-network A/R. They post the payment, note that it is low, send an internal complaint up the chain, and leave the balance unresolved. That approach trains the payer to keep paying at the floor. NSA claims need a separate workflow with ownership, deadlines, documentation standards, and decision rules for escalation. Practices that want a clearer view of the process should study the mechanics of independent dispute resolution as part of core revenue cycle management, not as an occasional legal exercise.

What the QPA means for your reimbursement

The qualifying payment amount, or QPA, is the payer's benchmark. It is not your charge amount, your usual collection rate, or the rate you need to sustain margin in a difficult service line. It often drives the payer's initial payment logic and the patient's cost-sharing calculation, which means it can anchor the dispute before your team has made its case.

That is why passivity gets expensive.

If staff members treat the first payment as a rough market answer, the practice absorbs reimbursement compression one claim at a time. Owners need a review standard that asks harder questions. Was the case unusually complex? Did the setting require specialized coverage? Does the physician's training, availability, or local scarcity matter? Is the payer using a benchmark that is technically compliant but still materially below a defensible payment level?

How the dispute process works in real operations

The process is administrative, but the stakes are financial and cumulative. A weak approach does not just affect one encounter. It can reset expectations across an entire payer and service line.

A practical internal sequence looks like this:

  1. Confirm federal NSA applicability so the team does not waste time on a claim governed by state law or a standard out-of-network contract issue.
  2. Review the initial payment package carefully, including any payment rationale and benchmark references tied to the claim.
  3. Open negotiation quickly before the account ages and attention shifts to newer work.
  4. Build the case around the actual service performed, not a generic statement that the payer paid too little.
  5. Escalate to IDR only when the economics support it, especially for repeated underpayment patterns or higher-value professional claims.
  6. Log outcomes by payer, CPT group, facility, and provider so future escalation decisions are based on yield, not frustration.

That last step gets overlooked. It should not. If your team cannot tell you which payers underpay repeatedly, which CPT families produce favorable determinations, and which disputes consume staff time without a return, you do not have an IDR strategy. You have isolated reactions.

What strengthens an IDR file

Winning files are specific. Losing files are usually vague, late, or internally inconsistent.

The strongest submissions usually include:

  • Accurate claim framing: Place of service, provider details, and service classification must match across the claim, medical record, and dispute materials.
  • Service-specific justification: The argument should explain why this item or service deserves more than the initial payment.
  • Provider qualifications: Training, subspecialty expertise, and unique service capability can matter if they are relevant to the case.
  • Clear complexity support: Operative detail, acuity, intensity, and unusual clinical demands carry more weight than broad reimbursement complaints.
  • Consistent records: If the chart, billing logic, and negotiation position point in different directions, the payer's position becomes easier to defend.

A payer does not need your frustration explained. It needs a reason to pay more under the rules that govern the dispute.

When practices should escalate

Every underpayment should be reviewed. Not every underpayment should go to IDR.

Owners should weigh claim value, frequency, documentation strength, payer behavior, and internal labor cost. A recurring pattern of low anesthesia, emergency, radiology, or surgical reimbursement from the same payer deserves a different response than a one-off low-dollar claim with thin support. The first can justify a repeatable dispute workflow. The second may not survive the time and administrative burden required to pursue it.

This is the trade-off. Practices that escalate everything waste staff time and dilute focus. Practices that escalate nothing give payers a free pricing strategy. The right model is selective pressure, applied consistently, with enough reporting discipline to protect margin over time.

Common Compliance Failures and Their Financial Penalties

The biggest NSA losses usually come from routine workflow mistakes, not edge-case legal questions. For practice owners, the financial risk is larger than the civil penalty. A single compliance failure can trigger refund work, patient complaints, payer disputes, extra staff time, and lost out-of-network revenue that was never preserved correctly in the first place.

An infographic detailing five common No Surprises Act compliance failures and the associated financial penalties.

The statute allows penalties of up to $10,000 per violation in some cases. In practice, many groups feel the hit sooner through write-offs and repayment exposure. The No Surprises Act changed the economics of surprise billing. What used to become a patient balance issue now turns into a provider-payer pricing dispute, and practices that miss the compliance step often lose position before the reimbursement fight even starts.

Failure patterns we see repeatedly

These are the breakdowns that create the most financial exposure:

  • Improper balance billing on protected claims: A facility-based specialist uses an old patient statement workflow even though the claim is federally protected.
  • Defective notice and consent records: The form is incomplete, used in the wrong clinical setting, signed too late, or stored where the billing team cannot retrieve it.
  • Missed disclosure requirements: Required notices are absent from patient-facing materials, intake packets, or the practice website.
  • IDR deadline failures: The underpayment may be real, but the practice loses its chance to press the dispute because a timeline was missed.
  • Claim classification mistakes: Staff post and bill the encounter before anyone confirms whether NSA rules apply.

These failures rarely stay isolated. A classification error at scheduling can become an illegal patient bill, then a refund, then an A/R delay while the payer keeps the claim at its initial payment amount.

Practices that already struggle with front-end accuracy usually see NSA issues show up in the same places. The operational fixes overlap with denial prevention, especially around intake discipline, insurance verification, and account routing. Owners reviewing NSA exposure should also review their process for reducing claim denials before they hit A/R.

How these failures hit the bottom line

A common example is anesthesia, emergency, radiology, or assistant surgeon billing tied to an in-network facility. The group sends a patient statement based on the old out-of-network logic. The patient objects. The payer points to NSA protection. The practice then has to reverse the balance, correct the account, respond to the complaint risk, and start the reimbursement dispute late instead of addressing payment adequacy at the payer level from the start.

The same pattern shows up in elective care where notice and consent was supposed to preserve out-of-network billing rights. Staff used a homegrown waiver, the timing did not meet the rule, or the form was not tied clearly to the scheduled service. That expected patient balance is no longer collectible. The account often moves from projected revenue to write-off because the practice never created an enforceable exception.

That is the operational lesson. NSA compliance is not separate from revenue cycle performance. It determines who the practice can bill, what amount can be pursued, and whether an underpaid claim can still be challenged effectively.

Owner takeaway: Most NSA penalties begin as process failures in scheduling, intake, billing, or payment review.

The right control model

A defensible NSA process usually depends on three checkpoints with one accountable owner overseeing all three:

Checkpoint What staff must verify Financial purpose
Scheduling Service type, network status, facility status Prevent the wrong billing path from starting
Pre-service review Notice, consent, disclosure, estimate alignment Preserve allowed OON revenue and avoid invalid waivers
Post-adjudication review Protected claim status, payer payment, dispute deadlines Catch underpayments early and keep them from aging in A/R

The trade-off is straightforward. Assigning these tasks across disconnected teams may look efficient, but it creates gaps no one owns. Practices protect revenue better when one revenue leader can trace the account from scheduling through payment posting and confirm that compliance decisions match the reimbursement strategy.

Protecting Your Practice Revenue in the Post-NSA World

The post-NSA market doesn't reward practices that are merely compliant on paper. It rewards practices that can identify protected services early, preserve valid OON opportunities when allowed, and challenge underpayments without letting claims stall in A/R.

For independent groups, that usually means reworking three operating habits. First, classify encounters correctly before the claim goes out. Second, stop relying on generic forms where notice and consent rules are specific. Third, treat payer payment on protected claims as the beginning of a reimbursement review, not the end of it.

The operational burden is real. A generalist billing setup can post the claim, but that doesn't mean it can protect margin in an NSA-governed environment. Owners who still have unexplained short-pays, rising write-offs on OON facility-based work, or repeated confusion around patient responsibility should assume the process is leaking money somewhere between scheduling and payment posting.

The fix isn't guesswork. It is a deliberate NSA revenue strategy with clean classification, disciplined documentation, and a dispute model that is selective, fast, and evidence-driven. If your current process can't do that consistently, your practice is giving up reimbursement you likely won't recover later.

Frequently Asked Questions for Practice Owners

Does the No Surprises Act make an OON practice model unworkable

No. It makes a careless OON model unworkable.

Practices can still operate with an out-of-network strategy, but they need to separate protected services from billable non-protected services with much more precision. The model works best when leadership understands where federal protections block balance billing, where valid notice and consent may preserve OON reimbursement, and where payer dispute capability is strong enough to support the remaining business.

Should we stop disputing low NSA payments and just contract in network

Not automatically. That decision should be service-line specific.

Some practices will conclude that certain protected services are more stable in network. Others will keep an OON position because the payer's offered contracts are still unattractive or because the practice can support reimbursement through disciplined dispute work. The wrong move is making a network decision without analyzing payer behavior by specialty, facility, and claim type.

How should we handle CPT coding and modifiers under NSA workflows

Keep coding discipline separate from NSA eligibility analysis, but make sure they talk to each other.

The law doesn't replace normal coding standards. Your CPT selection, modifier use, place of service, and payer-specific claim rules still affect whether the claim is paid correctly and whether your dispute file is credible. For example, anesthesia groups still need clean modifier logic and concurrency documentation. Surgical and procedural specialties still need accurate place-of-service reporting and defensible claim construction. A protected claim with weak coding is still a weak claim.

What should I audit first if I think we're losing money under the NSA

Start with a targeted file review of accounts that share three traits: out-of-network status, facility-based care, and unexpected payment compression. Then look for the pattern behind the loss.

Review whether the claim was correctly identified as protected, whether any notice and consent exception was valid, whether the patient responsibility was calculated correctly, and whether the payer's payment was challenged when it should have been. If your team can't produce that audit trail quickly, the revenue problem is bigger than one claim.

If your practice handles out-of-network or partially out-of-network care, Happy Billing can review whether your current process is exposing you to NSA penalties, underpaid protected claims, and avoidable write-offs. Request a free NSA compliance and OON revenue audit to identify workflow gaps, IDR opportunities, and specialty-specific billing risks. If you want a partner that already understands the reimbursement pressure points in facility-based and procedural groups, explore the specialty workflows on the Happy Billing specialties page.

You may also like

Get a Free Audit