Medicare Medical Records: Signature Requirements, Acceptable and Unacceptable Practices

Published 02/13/2023

The Centers for Medicare & Medicaid Services (CMS) guidelines mandate the presence of signatures for medical review purposes. However, records pertaining to any procedures billed to Medicare are potentially subject to review by not only Palmetto GBA, but other CMS contractors. Because of this, we are alerting you to the importance of these signature requirements and if changes are needed, we suggest you take immediate action.

Signature Requirements
Medicare requires that services provided/ordered be authenticated by the author. The signature for each entry must be legible and should include the practitioner’s first and last name. For clarification purposes, we recommend you include your applicable credentials (e.g., P.A., D.O. or M.D.).

The purpose of a rendering/treating/ordering practitioner’s signature in patients’ medical records, operative reports, orders, test findings, etc., is to demonstrate that services submitted to Medicare have been accurately and fully documented, reviewed and authenticated. Furthermore, it confirms the provider has certified the medical necessity and reasonableness for the service(s) submitted to the Medicare program for payment consideration.

Exceptions to the Above Requirements

Exception 1: Facsimiles of original written or electronic signatures are acceptable for the certifications of terminal illness for hospice.

Exception 2: There are some circumstances for which an order does not need to be signed. For example, orders for some clinical diagnostic tests are not required to be signed. The rules in 42 CFR 410 and Pub.100-02 chapter 15, §80.6.1 state that if the order for the clinical diagnostic test is unsigned, there must be medical documentation (e.g., a progress note) by the treating physician that he/she intended the clinical diagnostic test be performed. This documentation showing the intent that the test be performed must be authenticated by the author via a handwritten or electronic signature.

Exception 3: Other regulations and the CMS’ instructions regarding conditions of payment related to signatures (such as timeliness standards for particular benefits) take precedence. For medical review purposes, if the relevant regulation, NCD, LCD and CMS manuals are silent on whether the signature needs to be legible or present and the signature is illegible/missing, the reviewer shall follow the guidelines listed below to discern the identity and credentials (e.g., M.D., RN, etc.) of the signator. In cases where the relevant regulation, NCD, LCD and CMS manuals have specific signature requirements, those signature requirements take precedence.

Exception 4: CMS would permit use of a rubber stamp for signature in accordance with the Rehabilitation Act of 1973 in the case of an author with a physical disability that can provide proof to a CMS contractor of his/her inability to sign their signature due to their disability. By affixing the rubber stamp, the provider is certifying that they have reviewed the document.

Acceptable Signatures

Acceptable methods of signing records, test orders and findings include:

  • Handwritten
  • Electronic 
    • Electronic signatures usually contain date and timestamps and include printed statements (e.g., "electronically signed by" or "verified/reviewed by") followed by the practitioner’s name and preferably a professional designation. Note that the responsibility and authorship related to the signature should be clearly defined in the record.
    • Digital signatures are an electronic method of a written signature that is typically generated by special encrypted software that allows for sole usage

Be aware that electronic and digital signatures are not the same as "auto-authentication" or "auto-signature" systems, some of which do not mandate or permit the provider to review an entry before signing. Indications that a document has been "Signed but not read" are not acceptable.

Signature stamps: stamped signatures alone are not acceptable unless requirements are met under exception 4.

Acceptable Electronic Signature Examples

  • Chart "Accepted by" with provider’s name
  • "Electronically signed by" with provider’s name
  • 'Verified by" with provider’s name
  • "Reviewed by" with provider’s name
  • "Released by" with provider’s name
  • "Signed by" with provider’s name
  • "Signed before import by" with provider’s name
  • "Signed: John Smith, M.D." with provider’s name
  • Digitized signature: Handwritten and scanned into the computer
  • "This is an electronically verified report by John Smith, M.D."
  • "Authenticated by John Smith, M.D."
  • "Authorized by: John Smith, M.D."
  • "Digital signature: John Smith, M.D."
  • "Confirmed by" with provider’s name
  • "Closed by" with provider’s name
  • "Finalized by" with provider’s name
  • "Electronically approved by" with provider’s name 
  • "Signature derived from controlled access password"
Acceptable Written Signatures
  • Legible full signature
  • Legible first initial and last name
  • Illegible signature over a typed or printed name
  • Illegible signature where the letterhead, addressograph or other information on the page indicates the identity of the signator. Example: An illegible signature appears on a prescription. The letterhead of the prescription lists three physicians’ names. One of the names is circled.
  • Illegible signature not over a typed or printed name and not on letterhead, but the submitted documentation is accompanied by either a signature log or an attestation statement
  • Initials over a typed or printed name
  • Initials not over a typed or printed name but accompanied by either a signature log or an attestation statement
  • Unsigned handwritten note where other entries on the same page in the same handwriting are signed 

Unacceptable Signatures

  • Signature stamps alone in medical records are not recognized as valid authentication for Medicare signature purposes and may result in payment denials by Medicare 
  • Reports or any records that are dictated and/or transcribed, but do not include valid signatures "finalizing and approving" the documents are not acceptable for reimbursement purposes. Corresponding claims for these services will be denied. 
  • Illegible signature not over a typed/printed name and not on letterhead, and the documentation is unaccompanied by neither a signature log nor an attestation statement
  • Initials not over a typed or printed name unaccompanied by neither a signature log nor an attestation statement
  • Unsigned typed note with provider’s typed name
  • Unsigned typed note without provider’s typed or printed name
  • Unsigned handwritten note, the only entry on the page 

Unacceptable Signature Examples

  • "Signing physician" when provider's name is typed

Example: Signing physician: ______________________
                                                        John Smith, M.D.

  • "Confirmed by" when a provider's name is typed

Example: Confirmed by: ______________________
                                                    John Smith, M.D.

  • "Signed by" followed by provider's name typed and the signing line above, but done as part as the transcription
  • "This document has been electronically signed in the surgery department" with no provider name
  • "Dictated by" when provider's name is typed

Example: Dictated by: ______________________
                                              John Smith, M.D.

  • "Signature on file"
  • "Filled by"
  • "Electronically signed by agent of provider"
If the signature requirements are not met, Palmetto GBA will contact the person or organization that submitted the claim(s) and ask him/her to submit an attestation statement or signature log. The attestation or signature log must be received in our office within 20 calendar days of the call or the date the written request is received by the post office. 

Signature Log

A signature log lists the typed or printed name of the author associated with initials or an illegible signature. The signature log might be included on the actual page where the initials or illegible signature are used or might be a separate document. The provider should also list his/her credentials in the log.

Signature Examples
Attestation Statement: An attestation statement may be submitted to authenticate an illegible or missing signature on medical documentation. In order to be considered valid for Medicare medical review purposes, your attestation statement must include the following elements:

  • The printed full name of the physician or practitioner
  • Sufficient information to identify the beneficiary
  • Date of service
  • Signature and date by the author of the medical record entry


“I, (print full name of the physician/practitioner), hereby attest that the medical record entry for (date of service) accurately reflects signatures/notations that I made in my capacity as (insert provider credentials, e.g., M.D.) when I treated/diagnosed the above listed Medicare beneficiary. I do hereby attest that this information is true, accurate and complete to the best of my knowledge and I understand that any falsification, omission, or concealment of material fact may subject me to administrative, civil, or criminal liability.”

While the above statement is an acceptable attestation format, at this time Palmetto GBA is neither requiring nor instructing providers to use a certain form or format.

  • You will not be contacted if the claim is or will be denied for reasons unrelated to the signature requirement
  • If the signature is missing from an order, Palmetto GBA will disregard the order during the review of the claims and the submitter will not be contacted
  • An attestation must be associated with a specific medical record
  • Attestation statements may not be signed by someone other than the author of the medical record entry in question (even in cases where two individuals are in the same group, one should not sign for the other in medical record entries or attestation statements)
  • Do not add late signatures to the medical record (beyond the short delay that occurs during the transcription process), but instead should make use of the signature authentication process (listed above)

Unique Signature Situations

Situation Performed by Signature Requirement
Incident to Ancillary Staff Must be signed by supervising provider (billing).
Nonphysician Practitioner May be signed by the NPP or the supervising physician.


Office/Clinic Setting

NPP and Physician May be signed by the NPP or the supervising physician. If this service is billed under the physician’s NPI, the billing physician must sign the record. Additionally, the documentation must include a statement that the billing provider had face-to-face contact with the patient and performed a substantive portion of the E/M visit. (A substantive portion of the E/M visit includes at least one of the three key components — history, exam or medical decision-making.)
  NPP and Physician Must be signed by billing provider. If this service is billed under the physician’s NPI, the billing physician must sign the record. Additionally, the documentation must include a statement that the billing provider had face-to-face contact with the patient and performed a substantive portion of the E/M visit. (A substantive portion of the E/M visit includes at least one of the three key components — history, exam or medical decision-making.)
Surgery Assistant at Surgery Must be signed by the surgeon and the operative report must reference the surgical assistant.
Co-Surgeon Each co-surgeon must sign his/her operative report.
Scribe Ancillary Staff The signature of the scribe is not required; however, the billing provider must sign.

Electronic Medical Records: Recommendations

The electronic system you select should include a process that verifies the individual signing his or her name has reviewed the contents of the entry and determined it contains what he or she intended.

Safeguards must be in place to protect against unauthorized access and inappropriate use of your electronic signatures, by whatever method, by anyone other than the designated individual to whom it is assigned. It is to be unique to the individual, and not reassigned nor reused by someone else. Furthermore, measures should be in place to protect the links between electronic health information and signatures which prevent unapproved alteration through removal, copying or transfer.

To avoid unnecessary payment denials, rejections, or overpayment situations, we strongly urge providers to check with their technical staff or software vendors to verify their current record-keeping and signature processes are in compliance with CMS instructions. Software and hardware should meet or exceed industry standards to avoid compromising the integrity of documentation and signatures.


For more information please review the  Signature Requirements: Acceptable Examples Job Aid (PDF).

Was this article helpful?