350 likes | 410 Views
Meaningful Use Audits: Are You Ready?. Claire Turcotte, Esq. Partner Bricker & Eckler LLP 9277 Centre Pointe Drive, Suite 100 West Chester, Ohio 45069 cturcotte@bricker.com (513) 870-6573. Today’s Agenda. EHR Incentive Program Background Legal and Compliance Concerns
E N D
Meaningful Use Audits:Are You Ready? Claire Turcotte, Esq.Partner Bricker & Eckler LLP 9277 Centre Pointe Drive, Suite 100West Chester, Ohio 45069 cturcotte@bricker.com (513) 870-6573
Today’s Agenda EHR Incentive Program Background Legal and Compliance Concerns Meaningful Use Medicare Audit Overview Hot Medicare Audit Issues Mock/Internal Medicare Audits Lessons Learned MU Program Resources Questions?
EHR Incentive Program Background Medicare and Medicaid EHR Incentive Program established by American Recovery and Reinvestment Act of 2009 Incentives paid to eligible professional (EPs), eligible professionals (ERs), and critical access hospitals (CAHs) for meaningful use of EHR Must meet ALL program requirements to receive payments Medicare payments from May 2011 through 2016 (Medicare) and January 2011 through 2021 (Medicaid)
EHR Program Trends Approximately 480,000 EPs, EHs and CAHs have registered for the Medicare and Medicaid MU Program Over 404,000 Medicare and Medicaid providers (EHs, CAHs, EPs) have received an EHR incentive payment as of May, 2014 Over $24 Billion in Medicare and Medicaid MU incentive payments since 2011 Source: http://www.cms.gov/Regulations-and-Guidance/Legistlation/EHRIncentivePrograms/Data
False Claims Act Liability • If the attestation is inaccurate, there is a risk of violating the Federal False Claims Act (32 U.S.C. § 3729) • Penalties under the False Claims Act are crippling ($5,500 to $11,000 per claim, plus treble damages) • Exclusion from Medicare program • Possible prison
Overpayment Liability If the attestation is inaccurate, the EH, EP, or CAH has received an overpayment from CMS Under the Affordable Care Act, if an overpayment is received, it must reported and returned to CMS or the Medicare contractor, as appropriate Within 60 days after the date the overpayment is identified An overpayment that is not returned within the 60 day period becomes an obligation under the False Claims Act
Recent Incentive Returns Health Management Associates (HMA) returned $31 million in MU incentives following an internal audit revealing that HMA failed to meet MU at some of its hospitals CIO and multiple VPs lost jobs after HMA returned the MU incentives May trigger CMS audits of HMA’s MU attestations Expect to see more MU incentive dollars returned in the future with increasing self-audits
Enforcement Climate February, 2014 Shelby Regional Medical Center, Tyler, Texas former CFO indicted for health care fraud Faces up to 7 years in prison and $500,000 in fines for making false statements to CMS on MU attestations to receive over $785,655 in MU incentives Allegedly CFO used another person’s identity to attest Allegedly attested to meaningfully using certified EHR when hospital used paper records Faces exclusion from Medicare
Enforcement Climate Federal law enforcement is focused on MU program in an effort to protect the Federal fisc “As more and more federal dollars are made available to adopt Electronic Health Record systems, our office is expecting to see more cases like this one … the Office of Inspector General is committed to protecting the millions of taxpayer dollars used to pay providers to adopt Electronic Health Record systems.” Special Agent in Charge Mike Fields of the U.S. Dept. of HHS, OIG, Dallas Regional Office
MU Medicare Audit Overview Any EP, EH or CAH that attests to having met MU requirements to receive MU incentives may be audited 5-10% of providers will be audited Assume WHEN not IF you will be audited Prepare from the START to BE audited CMS began post-payment audits in July 2012 Starting in January 2013, CMS began pre-payment audits (both random and targeted)
Medicare MU Audit Process Figliozzi & Company conducting Medicare MU audits Sends standard letter via email to individual who attested 10 business days to submit response Auditor reviews; may request additional info via email Insufficient response or anomalies may result in onsite visit
Medicare MU Audit Process • Auditors will request: • Source documentation used to attest • Certification info from ONC • Screen shots or other evidence • Evidence showing info was generated for the specific EP, EH, or CAH
Medicare MU Audit Process • Auditors will request (cont.): • Documentation showing the reporting method • Summary level reports for each measure • Numerators and denominators for each measure • Time period covered by report • Security Risk Analysis and plan to correct deficiencies
Medicare MU Audit Process • May result in onsite review of: • Demonstration of structured data and functionality of EHR • Medical record reviews • Billing information reviews • Census reviews • Screen shots • Audit Logs • Other
Hot MU Audit Issues Proof of certification for all modules Pay close attention to and include dates Narratives are critical Compare core/menu to attested Security review demands increasing
Hot MU Audit Issues Maintain security review mitigation list CQMs no longer being audited Focus will change from CAH & rural hospitals If you don’t hear from Figliozzi, contact them
Mock/Internal MU Audits • Before you attest • Assign accountable person for MU attestation • Build the right MU team, including • Clinical (CMO, physicians, nursing) • IT (including both EHR and IT services and security) • Legal • Compliance • Audit • Records/information management
Mock/Internal MU Audits • Maintain “book” of evidence for EACH EH and CAH • Hybrid “book” for EPs • Maintain documentation supporting payment calculations • Organize documentation by measure • Use multiple data/document types • Reports, screenshots, policies
Reports Generated by EHR • Primary source documents are reports generated by certified EHR • Report should contain: • Numerators and denominators for measures • Time period covered by report • Evidence to support report was generated for that provider, such as National Provider Identifier (NPI), CMS Certification Number (CCN), provider name, practice name • Snapshot vs. rolling reports
Documentation Examples Screenshots from certified EHR Indicate vendor’s name and EHR version Reports generated by certified EHR Medication administration records Denominator records (e.g., all patients/admitted/seen) Yes/No functionality verification Proof of meeting exception
Document Retention • Keep documentation for at least six years post-last year of attestation • Store in a centralized, easily retrievable yet secure manner for quick audit response
Lessons Learned • TIP 1: Confirm/update contact for audit letters; beware of spam filters • TIP 2: Be ready to respond quickly to documentation requests, follow up requests, or on-site visits • TIP 3: Cooperate with auditors • Ask for clarification • Ask for extension if needed
Lessons Learned • TIP 4: Confirm internally or obtain external validation and verification of metrics and security requirements • Recalculate percentages for meeting measures • Validate logic used to produce reports and data • Review security risk analysis and plan for deficiencies • TIP 5: Consider conducting review under attorney-client privilege • TIP 6: Plan ahead for process to upload documentation
MU Resources • Audits:EHR Incentive Programs Supporting Documentation for Audits • CMS Stage 2 Webpage ResourcesOverview Tip Sheet • Stage 2 Overview Tip sheet • Stage 2 Meaningful Use Specifications Sheet Table of Contents • Attestation Worksheet for Stage 2 • Payment Adjustments & Hardship Exceptions (EPs & Hospitals) • 2014 CQM Webpage
INCompliance Meaningful Use On-Line Compliance and Self-Audit Resources • For more information: • www.INComplianceConsulting.com and click on “Health Care Consulting” • Or contact us at: cturcotte@incomplianceconsulting.com.
8051055.1 Q & A? Claire Turcotte, Esq.Partner Bricker & Eckler LLP 9277 Centre Pointe Drive, Suite 100West Chester, Ohio 45069 cturcotte@bricker.com (513) 870-6573