D.C. Report: HHS OIG Looks Into EHR Fraud, Upcoding | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

D.C. Report: HHS OIG Looks Into EHR Fraud, Upcoding

October 29, 2012
by Jeff Smith, Assistant Director of Advocacy at CHIME
| Reprints

Federal Survey Seeks Info on EHR Fraud, Privacy Issues News broke last week during CHIME’s Fall Forum that the HHS Office of Inspector General (OIG) had circulated a survey to hospitals that had demonstrated Meaningful Use.  The OIG's review of the incentive program and potentially inappropriate Medicare payments related to EHR use are both included in its recently issued fiscal 2013 work plan, according to public officials.

Included in some of the over 50 questions asked by OIG, hospitals were expected to respond to inquiries related to:

  • How diagnoses and procedures are coded (manually, automatically with coding software, or other)
  • Whether the hospital has plans to adopt computer-assisted coding
  • User authorization methods (unique user ID, password, tokens, biometrics, public key)
  • Access management (session time-out, minimum password configuration rules, regular changing of passwords, user agreements or contracts to prevent sharing of passwords, or other)
  • Whether outside entities such as payers can access the EHR, and if so, how such access is tracked
  • Barriers to allowing outside entities access (lack of software or hardware support, insufficient staffing, funding restrictions, performance concerns, privacy concerns, etc.)
  • Numerous questions about audit log practices and availability
  • How physician progress notes are entered into the EHR (free text, via structured templates)

Despite the insistence by OIG that this survey had been planned for some time, it comes at a point when increased scrutiny is being placed on EHRs and the Meaningful Use policy program.  Frequent readers will recall past coverage of a New York Times article and Center for Public Integrity report that described the use of EHRs for upcoding and cloning practices of patient records.  Additionally, House and Senate members of Congress have decided to weigh-in on health IT policy – with members of the House calling for the immediate suspension of incentive payments and Senators asking for more Meaningful Use program details.

CHIME Advocacy originally responded to House calls for suspension by circulating sign-on letters and will continue to monitor House and Senate concerns with all matters related to health IT.

CMS Releases CQM e-Specifications, Additional Resources Officials from CMS this week unveiled a number of technical specifications and resources needed to compute clinical quality measures for 2014 Edition certified EHR technology.  An updated website, available here, contains tables that define and describe each measure and will allow for “version control” to make changes or updates to CQMs, officials said.  Also released were electronic specifications for the 2014 electronic CQMs that will allow systems to be programmed to automate capture, calculation and reporting of CQMs.  These eSpecifications will be packaged in a way that provides more information – in response to feedback to Stage 1 measures.  Each e-specification will have three pieces to it or three ways to express the CQM:

  • XML file – as the HQMF computer syntax
  • HTML version – as the human readable component
  • Value Sets – which will be specific clinical codes used to create an individual measure

According to CMS officials, the National Library of Medicine will be the oversight authority for value sets, overseeing validation and support and warehousing a controlled collection of publicly-available value sets.

Lawmakers Want CMS to Do More on Identity Theft This week two lawmakers from the House Ways & Means Committee highlighted a recent report finding that CMS should be doing more to protect seniors from identity theft in Medicare.  The HHS Office of the Inspector General found the CMS was complacent in notifying affected beneficiaries of a data breach within 60 days, as required by law and that contractors are not effectively using a CMS database that contains information on Medicare beneficiaries and providers who have been affected by identity theft.

In statements released this week, Sam Johnson (R-Texas) and House Ways and Means Subcommittee Chairman for Social Security said the report should serve as a "wakeup call" for CMS to "take immediate action to develop a new system for protecting seniors from medical identity theft."  He added, "Seniors are urged not to carry their Social Security card to protect their number, but at the same time they need to carry their Medicare card at all times to get health care. This makes no sense."  Ways and Means Chairman of the Health Subcommittee Wally Herger (R-Calif.) said, "Though years of CMS indifference and delay make me skeptical, my hope is that this report finally persuades the agency to stop use of the SSN as the Medicare identification number"


Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More