Inspector General Slams Medicare Oversight Of EHR Program
Office of Inspection General asserts that lack of prepayment audits of Meaningful Use leaves the Medicare program vulnerable to abuse.
12 EHR Vendors That Stand Out
(click image for larger view and for slideshow)
A government watchdog agency has issued a scathing report about the Centers for Medicare and Medicaid Services' (CMS) review processes in its electronic health record incentive program.
The report from the Office of Inspector General (OIG) of the Department of Health and Human Services (HHS) arrives only a month after OIG announced that it was going to audit EHR incentive payments to providers as part of its 2013 work plan. The report also follows criticism of the CMS program by House Republican leaders, who were calling for its suspension just two months ago.
According to the OIG report, "CMS faces obstacles to overseeing the Medicare EHR incentive program that leave the program vulnerable to paying incentives to professionals and hospitals that do not fully meet the Meaningful Use requirements. Currently, CMS has not implemented strong prepayment safeguards, and its ability to safeguard incentive payments postpayment is also limited. The Office of the National Coordinator for Health Information Technology (ONC) requirements for EHR reports may contribute to CMS’s oversight obstacles."
However, OIG did not look for or find any cheating by providers who attested to Meaningful Use.
OIG's conclusions are based on a multi-pronged review process in which it examined Meaningful Use data for 26,553 eligible professionals and 668 hospitals. At the time of the OIG study in December 2011, CMS had approved payments to these providers of about $1.7 billion. OIG also scrutinized CMS' auditing processes and interviewed its staff.
In the report, OIG advises CMS to:
-- Obtain and review supporting documentation from selected professionals and hospitals prior to payment to verify accuracy of self-reported information.
-- Issue guidance with specific examples of documentation that professionals and hospitals should maintain to support their compliance.
OIG also recommends that ONC should:
-- Require that certified EHR technology be capable of producing reports for yes/no Meaningful Use measures where possible.
-- Improve the certification process for EHR technology to ensure accurate EHR reports.
The most controversial of these recommendations is the one that CMS conduct prepayment reviews of attestation to Meaningful Use. OIG said that this would strengthen CMS' oversight of the estimated $6.6 billion in Medicare incentive payments that are expected between 2011 and 2016. In addition, OIG said, it would "reduce the need to identify and recover erroneous payments after they are made."
In an official response to the OIG report, CMS said it did not believe prepayment audits were warranted. The agency already validates the eligibility of providers to apply for incentive payments, as well as the certification of their EHRs, CMS noted. The incentive program is based on attestation at this point, and CMS' systems are geared to that. To change the process now to accommodate prepayment audits could lead to significant delays in incentive payments, CMS argued.
CMS accepted the second recommendation of OIG. Noting that it had already provided some guidance on the supporting documentation required for postpayment audits, it said that it was developing a more detailed FAQ list on the topic.
CMS has been doing postpayment audits of providers who have attested to Meaningful Use in the Medicare program since June 2012, CMS spokesman Joseph Kuchler told InformationWeek Healthcare.
According to the OIG report, CMS has proposed a "risk analysis" to select postpayment audit targets that include 14% of attesting eligible professionals and 17% of hospitals that have attested. "These professionals and hospitals reported different denominator values across selected meaningful use measures that should have the same denominator," the report said. It is not known whether CMS is using this method in its current retrospective audits.
ONC accepted both OIG recommendations with regard to EHR certification. The office said that it would request recommendations from its health IT policy and standards advisory committees on requiring certified EHRs to generate reports on "yes/no" Meaningful Use measures, such as whether an EHR's clinical decision support features have been turned on. Currently, certified EHRs are required only to supply reports on measures that involve percentages, such as what percentage of prescriptions have been sent electronically.
In addition, ONC noted that its most recent rule requires more rigorous testing requirements for EHRs. The office said it would continue to work with certification bodies to develop more comprehensive testing procedures.
The report noted that in postpayment audits, "CMS cannot verify self-reported information using only reports from certified EHR technology." Aside from the fact that these reports don't cover all Meaningful Use measures, OIG observed, certified EHRs may produce inaccurate information. The document cited an unnamed EHR vendor (believed to be GE) that had admitted its products could produce inaccurate reports on three Meaningful Use measures. But CMS has always intended to use other supporting documentation in its audits.
While this report covers the Medicare incentive program, an earlier OIG report from July 2011 looked at what the states were doing to ensure the integrity of their Medicaid EHR incentive programs. All of the 13 states that had launched their programs when that study was done said they planned to do prepayment auditing. None of that entailed Meaningful Use because Medicaid providers only had to meet CMS' adopt/implement/upgrade criteria in the first year of the program. But some states were asking for copies of receipts showing that the EPs and hospitals had, in fact, purchased certified EHR technology.
Clinical, patient engagement, and consumer apps promise to re-energize healthcare. Also in the new, all-digital Mobile Power issue of InformationWeek Healthcare: Comparative effectiveness research taps the IT toolbox to compare treatments to determine which ones are most effective. (Free registration required.)
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.