OIG to CMS: Make EHR fraud prevention efforts a priority

01 Apr OIG to CMS: Make EHR fraud prevention efforts a priority

Posted at 22:18h in Health Technology, IT by

The Office of Inspector General is once again calling out CMS for failing to adequately address fraud vulnerabilities in electronic health records. Despite submitting recommendations back in 2013, a new OIG report underscored that the agency is still dragging its feet with implementing EHR fraud safeguards.

Part of the Office of Inspector General’s role is to audit and evaluate HHS processes and procedures and put forth recommendations based on deficiencies or abuses identified. Turns out, a lot of these recommendations are ignored, disagreed upon or unimplemented, according to OIG’s new Compendium of Unimplemented Recommendations report. And EHR fraud is on that list.

“HHS must do more to ensure that all hospitals’ EHRs contain safeguards and that hospitals use them to protect against electronically enabled healthcare fraud,” OIG officials wrote in the report.

Specifically, audit logs should actually be operational when an EHR is available. And CMS should also develop concrete guidelines around the use of copy-and-paste functions in an electronic health record. According to OIG data, most hospitals using EHRs had RTI International audit functions in place, but they were significantly underutilized. What’s more, only some 25 percent of hospitals even had policies in place regarding copy-and-paste functions.

These recommendations have come up repeatedly in recent OIG reports, and despite CMS officials agreeing with the outlined recommendations, the agency is still not making it enough of a priority.

In a January 2014 report, OIG also called out CMS for failing to make EHR fraud a priority. Specifically, OIG said, the CMS neglected to provide adequate guidance to its contractors tasked with identifying said EHR fraud, citing the fact that the majority of these contractors reviewed paper records in the same manner they reviewed EHRs, disregarding the differences. Moreover, only three out of 18 Medicare contractors were found to have used EHR audit data in their review process.
Read full article>>