OIG Report Estimates CMS Overpaid $729M in MU Payments; How Concerning are the Findings? | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

OIG Report Estimates CMS Overpaid $729M in MU Payments; How Concerning are the Findings?

June 13, 2017
by Rajiv Leventhal
| Reprints
The report is based on a sample of 100 EPs over a three-year span, but AMIA’s Jeffrey Smith cautions stakeholders not to panic

During a three-year span starting in 2011, the Centers for Medicare & Medicaid Services (CMS) overpaid an estimated $729 million in Medicare electronic health record (EHR) incentive payments to eligible professionals (EPs) who did not comply with federal meaningful use requirements, according to a report released this week from the Department of Health and Human Services’ Office of Inspector General (OIG).

In addition, CMS paid $2.3 million in inappropriate EHR incentive payments to eligible professionals who switched incentive programs, according to the report from OIG, the largest inspector general's office in the federal government.

As part of the federal EHR incentive program, the government has made $6 billion in payments as of June 2014 to EPs who demonstrate “meaningful use” of the technology (This specific report did not include eligible hospitals, as CMS had paid out some $36 billion in incentive payments to all program participants). But after a random sample of 100 EPs who received at least one payment during the three-year audit period and reviewed support for their attestations to meaningful use measures—as well as a review of all payments made to deceased EPs and to EPs who switched between Medicare and Medicaid programs—OIG revealed that CMS did not always make EHR incentive payments to EPs in accordance with federal requirements. 

On the basis of the sample of 100 EPs, OIG identified 14 EPs with payments totaling $291,222 that did not meet the meaningful use requirements “because of insufficient attestation support, inappropriate reported meaningful use periods, or insufficiently used certified EHR technology.” On the basis of these sample results, OIG estimated that CMS inappropriately paid $729,424,395 in incentive payments to EPs who did not meet meaningful use requirements—or 12 percent of total payments made in this time period.

According to the report, these errors occurred because sampled EPs “did not maintain support for their attestations.”  Furthermore, CMS conducted minimal documentation reviews of self-attestations, “leaving the EHR program vulnerable to abuse and misuse of federal funds.” CMS also made EHR incentive payments that were not in accordance with the program-year payment requirements when EPs switched between Medicare and Medicaid incentive programs, OIG reported. Specifically, they identified 471 EHR incentive payments totaling $2,344,680 that CMS made to EPs for the wrong payment year. “These errors occurred because CMS did not have edits in place to ensure that EPs who switched from one program to the other were placed in the correct payment year upon switching,” OIG reported.

Drilling down into the specifics of the report, and why the sampled EPs should not have been awarded these incentive payments, some of them did not maintain or provide attestation support when OIG asked for it. Of the 100 EPs in the sample, 12 could not provide support for the measures to which they attested: six EPs could not provide a security risk assessment; four EPs could not provide support that they had generated at least one report listing patients with a specific condition; and three EPs could not provide required documentation in the form of patient encounter data for the measures to which they self-attested. This resulted in $253,622 in “inappropriate” incentive payments, according to OIG.

Meanwhile, another statistically sampled EP based his attestation of meaningful use on 90 days of encounter data instead of a full calendar year, as required, resulting in an inappropriate incentive payment of $11,760. Another had less than 20 percent of his patient encounters at a location that used certified EHR technology and did not meet the 50 percent or more threshold, resulting in faulty payments of $25,840.

What’s the Fallout?

When he first heard about OIG’s findings, Jeffrey Smith, vice president of public policy at the Washington, D.C.-based American Medical Informatics Association (AMIA), thought about how these results compare to those of other CMS programs. He referenced a 2015 Government Accountability Office (GAO) report on Medicare which found that roughly 10 percent of the program’s budget was lost to fraud, abuse and improper payments. So in that sense, the 12 percent estimation in this OIG report is in line with previous findings, Smith notes.

But Smith also ponders a key question that many others are likely wondering too: are the results of this report more a problem of EPs receiving inappropriate payments or is it an issue of failing to provide sufficient enough proof when audited? He notes that on the physician side, the meaningful use program requirements from 2011 to 2014 were very similar to what was required for hospitals. “So having worked with CIOs around the audit issue for a while, it was an intensive program and you needed to have a lot of systems and controls in place to ensure that your audits went smoothly,” says Smith.

For example, he notes that one thing the meaningful use program used to require was having clinical decision alerts; to meet the threshold physicians had to have five of these alerts, such as having your system flag a high medication dosage. So if an auditor comes into the organization and asks the provider to show that these alerts are working, the provider might be able to prove it at that point in time, but then the auditor might ask to prove that these alerts have been in effect throughout the entire meaningful use reporting period. And in that case, the EP would have had to take a screenshot of the alert every day of the year to prove that. “So you can see where this might become a problem,” says Smith.


Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More