Guess What? OIG DOES Care about EHRs and Meaningful Use

Today marks the last day for hospitals to return an 18-page, 54 question survey inquiring about their EHR practices, security, coding and other potential EHR fraud and abuse vulnerabilities.  Hospitals using certified EHR technology who received Meaningful Use incentive payments between January 1, 2011 through March 31, 2012 received the survey from the HHS Office of the Inspector General (OIG) last week/early this week and were asked to return it by the end of today. 

The survey is part of the OIG's 148-page FY2013 Work Plan that summarizes OIG's fraud and abuse focus areas and planned reviews and activities for the year. Whether coincidental or not, the survey's timing comes on the heels of three hotly contested letters surrounding EHRs and the CMS Meaningful Use Incentive Programs. 

First came the warning letter issued by Secretary of the Department of Health and Human Services, Kathleen Sebelius, and U.S. Attorney General, Eric Holder, to hospital associations warning them of EHR fraud and abuse through cloning medial records and upcoding.  This was quickly followed by a letter from House Representatives calling for the suspension of the Meaningful Use program, and then a second letter from four Senators requesting a meeting, by no later than today, to discuss Stage 2 of Meaningful Use. 

CMS has explicitly made it clear from the beginning that false claims associated with Meaningful Use will be subject to recoupment of any incentive payments received and may result in further liability. Now, not only will CMS or state Medicaid agencies audit providers to identify payments which were improperly made, but OIG may not be far behind. 

The majority of the survey questions focus on areas that could potentially implicate inappropriate EHR practices, including "copy and paste" functions and policies, diagnoses and procedure coding, physician and nursing progress notes, as well as security practices, such as user authorization and access controls, third-party accesses to EHRs and patient EHR access.  However, it is clear from OIG's Work Plan that it is carefully examining both Meaningful Use payments received by providers and CMS safeguards in place to identify erroneous payments. Likewise, the Work Plan states OIG plans on reviewing OCR oversight activities of HIPAA and HITECH. 

The American Hospital Association is asking all hospitals to copy it on their answers by email at oigsurvey@aha.org. 

"Final Countdown" to the HITECH Omnibus Rule

The date for publication of the HITECH "Omnibus Rule" has become a contest for some. Data breach consultant, IdExperts, has launched a "Final Coundown" contest for individuals to guess the date on which the Omnibus Rule will actually be published as well as the total page count of the rule.   

Originally submitted to the Office of Management and Budget back in March, the Omnibus Rule was due at the end of summer according to Farzad Mostashari but has been delayed indefinitely pending further review.  The Omnibus Rule would implement HITECH modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules, as well as address the Genetic Information Non-Discrimination Act (GINA).  Ordinarily, the OMB has 90 days to review regulations, subject to certain extensions.

Contestants who enter have a chance to win an Amazon giftcard, as well as have $2,500 donated in his or her name to the Wounded Warrier Project, a non-profit organization that provides benefits and services to veterans wounded during service.  To guess the date of publication and final page count, visit IdExperts.