- EHR technology has brought a significant amount of benefits to the healthcare industry from improving data accuracy and patient care to simplifying health information exchange and ensuring greater safety regarding medication prescriptions. However, there are certain risks that EHR systems also bring to the medical sector. Misuse of the copy-and-paste functionality, for example, can lead to fraudulent Medicare claims.
Even though the Office of the Inspector General (OIG) released recommendations regarding ways to solve some of these EHR issues, the Centers for Medicare & Medicaid Services (CMS) has yet to incorporate these suggestions. Attorneys Daniel Gottlieb and Tony Maida from the McDermott Will and Emery LLP law firm spoke with EHRIntelligence.com about some of the major risks EHRs pose on both Medicare claim inaccuracy and patient safety.
“Copy-and-paste functionality implicates two policy objectives: reducing billing fraud and abuse; and improving the efficiency and cost-effectiveness of the health care system. First, the focus of the regulators is preventing false documentation of services that either weren’t provided or aren’t medically necessary,” Gottlieb said. “The other side of the coin is that one of the promises of EHR technology and health information exchange is to bring efficiency to the practice of medicine. The government (including the OIG) has acknowledged that efficiency is the goal as well.”
“The government is concerned about instances where physicians copy and paste a medical record entry for one visit into the documentation for a new patient encounter,” Gottlieb continued. “The last appointment is usually not exactly what happened on the subsequent visit. If there is a copy-and-paste without any editing, there is a possibility of reporting services that didn’t occur.”
Gottlieb goes on to give an example of a patient encounter in which family history is jotted down. The patient mentions that a family member had a particular chronic disease like diabetes. That information is not going to change from one visit to the next. Therefore, this type of data can be copied into future appointments.
However, if there is a patient who visits a psychiatrist, it is very unlikely that they will discuss the exact same points in subsequent visits. In this scenario, using the copy-and-paste functionality without editing information is a direct misuse of this tool and may risk patient care.
“The main concern from the OIG perspective is whether medical records are accurate and reflect what services are provided,” Maida said. “You can’t bill for something you didn’t do. There is a danger that a copy-and-paste function that isn’t used appropriately could lead to billing for services that weren’t performed on a specific visit.”
“Copy-and-paste can lead to some efficiencies but if it’s not managed well, it can lead to submitting improper Medicare and Medicaid claims,” according to Maida, a former senior OIG official. “And the second reason is that it could have patient care implications. If things are copied-and-pasted from other patients into a patient’s record, it could reflect inaccurate medical history or other care issues. It’s both a billing issue and a patient care issue.”
The attorneys spoke about another major problem taking place in the health IT space. Currently, EHR vendors and laboratory facilities are developing financial arrangements that lead to a competitive advantage that is harming certain labs. Since the EHR Incentive Programs require computerized physician order entry for radiology and other lab tests, EHR vendors have begun setting up interfaces with laboratories.
Both major laboratory facilities and EHR vendors are creating relationships to catalyze greater competition among labs. The issue at hand is that vendors have set up both participating and non-participating laboratories. While the participating labs are free of charge, vendors charge physicians $1.00 for using non-participating labs. Even though this charge may seem miniscule, a high volume of lab tests can create a large enough monetary incentive for physicians to change their radiology or imaging provider.
Attorney Daniel Gottlieb went on to speak about some recommendations the OIG put forth to solve some of the EHR risks such as the issues associated with the copy-and-paste functionality.
“OIG wanted CMS to provide guidance to the Medicare administrative contractors that process claims about how to distinguish between inappropriate and appropriate copy-and-pasting. This hasn’t happened yet but there is guidance from some of the Medicare administrative contractors to providers,” Gottlieb said. “The second suggestion from OIG is to enhance the audit capability of certified EHR technology to require the audit logs in the EHR to record the use of copying-and-pasting.”
“From a fraud and abuse standpoint, one of the problems that an EHR can have [absent unique user IDs and user authentication controls] is that you can’t tell who the author was or who made changes to a record or the date changes were made,” Maida mentioned. “With paper-based records, sometimes one could tell [changes were made] because the handwriting would be different or the ink would be different. In electronic records, the only way to tell that is to have metadata that shows who [altered information] and when the change was made.”
What should hospitals, physician practices, and other providers do to ensure their staff is utilizing EHR tools appropriately? How can providers avoid misuse of the copy-and-paste functionality? The attorneys spoke on some best practices healthcare managers should follow.
“Provider organizations should provide training to clinicians such as the difference between appropriate copying-and-pasting for efficiency gain versus improper cloning of records,” Gottlieb said. “The emphasis should be on the need to individualize medical record entries for each particular patient and particular visit. Providers can then include these issues in their internal audit program to help find those clinicians who may need more training.”