Deeper Than the Headlines: EHR Incentive Payments

In 2009, the HITECH Act was passed as a part of the American Recovery and Reinvestment Act. It provided the authority for the government to establish the Medicare and Medicaid Electronic Health Record (HER) incentive programs to promote the adoption of EHRs. As of June 2014, Medicare had paid out approximately $6 billion to eligible professionals (EPs) and hospitals that attested to the “meaningful use” of EHRs. That’s a lot of money. Most conscientious compliance officers knew back in 2009 that audits following that money would eventually occur. Well, the OIG just released a report as a result of their audits in which an estimated $729,424,395 in incentive payments were inappropriately paid by CMS to EPs who did not meet meaningful use requirements.

The OIG review covered EHR incentive payments totaling $6,093,924,710 that Medicare made to 250,470 EPs from May 2011 to June 2014 (audit period). They selected a simple random sample of 100 EPs who received 1 or more payments during the audit period and reviewed support for their attestation(s) to meaningful use measures.

To receive an incentive payment, EPs attested that they met program requirements by self-reporting data through the National Level Repository (NLR). The NLR is a CMS web-based provider registration and verification system that contains information on providers participating in the Medicare and Medicaid EHR incentive programs. Federal regulations established meaningful use core and menu measures meant to improve healthcare quality and efficiency. Each meaningful use measure had specified criteria that involved (1) performing a one-time action (yes/no measure) or (2) performing a certain action for a specified percentage of unique patients, patient visits, or other events. Examples of the required EHR capabilities or measures included computerized provider order entry (CPOE), drug interaction checks, problem lists, and electronic prescribing, patient electronic access, patient-specific education resources and protection of electronic health information (by conducting a security risk analysis).

The OIG findings concluded that many EPs did not meet the meaningful use requirements because of insufficient attestation support, inappropriate reported meaningful use periods, or insufficiently used certified EHR technology. According to the OIG, these errors occurred because sampled EPs did not maintain support for their attestations.

Some of the specific errors identified stated that EPs could not provide:

• Evidence of a security risk assessment
• Support that they had generated at least 1 report listing patients with a specific condition
• Required documentation in the form of patient encounter data for the measures to which they self-attested

Another example included an EP in the second program year, who was required to attest to a full calendar year’s worth of encounter data, but based his attestation of meaningful use on 90 days of encounter data instead of a full calendar year.

Medicare defined meaningful EHR users as EPs who had at least 50% of their patient encounters during the EHR reporting period at a location equipped with certified EHR technology. However, one sampled EP had less than 20% of his patient encounters at a location that used certified EHR technology and did not meet the 50% or more threshold. Therefore, the EP was not entitled to the $25,840 EHR incentive payments he received.

This OIG report, like most, concluded with recommendations. One recommendation was that CMS review EP incentive payments to determine which EPs did not meet meaningful use measures for each applicable program year to attempt recovery of the $729,424,395 in estimated inappropriate incentive payments. CMS partially agreed and reported that CMS has implemented targeted risk-based audits to strengthen the program integrity of the EHR Incentive Program, and continues to perform these targeted risk-based audits in 2017. Any EPs who received some EHR incentive payments should seriously considered having a self-assessment performed to know where they stand in regards to the payments they have received.

The full OIG report can be viewed here https://oig.hhs.gov/oas/reports/region5/51400047.pdf