Office of Inspector General of the Dept. of HHS to Review Nationwide Medicare Electronic Health Record Incentive Payments Made

OIG-HHS

Initial Information Request for Attestation Documentation is being sent to several Eligible Professionals

 

Office of Inspector General (OIG) is conducting an audit of Medicare electronic health record (EHR) incentive payments made to Eligible Professionals (EP) nationwide. The objective of OIG audit is to determine whether Medicare expenditures for Medicare EHR incentive payments made to EPs were made in accordance with Federal requirements. The audit period includes all EHR incentive payments made from 2011 through 2014. OIG is randomly selecting the Medicare EHR incentive payments made to EP based on NPI No.

The OIG performs independent reviews of HHS programs and operations pursuant to the Inspector General Act of 1978. As a recipient of U.S. Department of Health & Human Services (HHS) grant funds, EPs are subject to OIG audits and other reviews. OIG has the right to timely and unrestricted access to all books, documents, papers, or other records that are pertinent to the Federal grant award. Under the health information privacy regulation that implements the Health Insurance Portability and Accountability Act of 1996, EPs are requested to provide the information as it is a permitted disclosure because it

(1) is “required by law” to be produced to OIG as part of EPs participation in a Government benefits program and

(2) will be used for “health oversight” activities by OIG

 

Following documentation are currently being requested:

 

  1. As support of the use of a Certified Electronic Health Record Technology system, EPs to provide a copy of licensing agreement with the vendor or invoices. Licensing agreements or invoices should identify the vendor, product name and product version number of the Certified Electronic Health Record Technology system utilized during the attestation period. If the version number is not present on the invoice/contract, EPs need to supply a letter from the vendor attesting to the version number used during the attestation period.

 

  1. EPs to provide documentation of all Electronic Health Record (EHR) incentive payments received including but not limited to:

a. The amount of the individual payment(s);

b. The date of each payment(s) including the EHR payment year it applied too;

c. Whether payment was assigned to a group practice, if so, EPs to provide the name and NPI of the practice.

 

3. EPs to provide a response to the following questions:

a. Number of offices or other outpatient facilities EP see patients

b. List of each office or other outpatient facility where patients are seen and to indicate whether or not Certified Electronic Health Record Technology (CEHRT) system in each office or other outpatient facility was utilized.

Office or Other Outpatient Facility Utilize CEHRT

1._________________________________________ YES NO

2._________________________________________ YES NO

3._________________________________________ YES NO

 

c. If EPs utilize more than one office or other outpatient facility, EPs to supply documentation which supports that 50% or more of your patient encounters during the EHR reporting period have been seen in offices or outpatient facilities where a CEHRT system was utilized

d. Maintainenance of any patient medical records outside of CEHRT system

EPs to supply documentation which supports that more than 80% of the medical records of unique patients seen during the attestation period are maintained in a CEHRT system at each office or other outpatient facility where a CEHRT system is used.

 

CORE SET OBJECTIVES/MEASURES

  1. For Core Measures Nos.:
  2. CPOE for Medication Orders
  3. Maintain Problem List
  4. e-Prescribing
  5. Active Medication List
  6. Active Medication Allergy List
  7. Record Demographics
  8. Record Vital Signs
  9. Record Smoking Status
  10. Patient Electronic Access and
  11. Clinical Summaries

provide the supporting documentation (in either paper or electronic format) used in the completion of the Attestation Module responses (i.e. a report from your EHR system that ties to attestation).

 

If EPs are providing a summary report from EHR system as support for numerators/ denominators,  EPs to ensure that OIG can identify that the report has actually been generated by the  EHR (i.e. EHR logo is displayed on the report, or step by step screenshots which demonstrate how the report is generated by EHR are provided.)

 

  1. Core Measure No. 13. Protection of Electronic Health Information: EPs to provide proof that a security risk analysis of the Certified EHR Technology was performed prior to the end of the reporting period (i.e. report which documents the procedures performed during the analysis and the results of the analysis). If deficiencies were identified in this analysis, EPs to supply the implementation plan; this plan should include the completion dates.

 

 

MENU SET OBJECTIVES/MEASURES

  1. If attested to Menu Set Measures Nos.
  2. Clinical Lab Test Results
  3. Patient Reminders
  4. Patient- Specific Education Resources
  5. Medication Reconciliation or
  6. Transition of Care Summary

provide the supporting documentation (in either paper or electronic format) used in the completion of the Attestation Module responses (i.e. a report from EHR system that ties to attestation).

 

If EPs are providing a summary report from EHR system as support for numerators/denominators, EPs to ensure that OIG can identify that the report has actually been generated by the EHR system (i.e. EHR logo is displayed on the report, or step-by-step screenshots which demonstrate how the report is generated by the EHR are provided.)

If attested to Y/N Menu Set Measures

Nos.    3. Patient Lists

  1. Immunization Registries Submission, or
  2. Syndromic Surveillance Data Submission,

EPs to supply supporting documentation.

Share this in :
  •  
  •  
  •  
  •  
The following two tabs change content below.
Our mission is to assist healthcare organizations and business associates in the development, design, and implementation of practices to secure IT systems and comply with HIPAA/HITECH privacy, security, breach and enforcement rules by protecting patient health information.

Subscribe for Updates

Upcoming Events

  1. Cloud Computing and HIPAA – Are you covered?

    August 9 @ 12:00 pm - 1:00 pm