As you’ve probably heard, CMS is conducting pre-payment audits for 5 percent to 10 percent of all eligible professionals attesting for meaningful use of a certified EHR. Some records selected for audit will be chosen randomly, while others will be chosen because they contain “suspicious or anomalous data.”
In an interview with Physicians Practice earlier this week, Rob Anthony, deputy director of the HIT Initiatives Group for CMS’ Office of E-Health Standards and Services, stopped short of defining what, exactly, is meant by “suspicious or anomalous data.” He did, however, offer a wealth of other information for physicians with pre-audit jitters.
Here are a few things CMS wants providers to know about the meaningful use audits:
The purpose of the audits: Though some media reports had suggested the pre-payment audits, which were announced about the time sequestration went into effect, were sequester-related, that isn’t the case, said Anthony. (It should be noted, though, that meaningful use payments are subject to the same 2 percent cut under the sequester that affects all Medicare payments). The pre-payment audits, do, however, take into account a 2012 OIG Report’s recommendations. “With the incentive payments, a robust audit program is an essential component of that oversight,” Anthony told Physicians Practice. “The idea with pre-payment audits was really to initiate an additional level of oversight with the program. There were comments and we heard from the OIG report, this idea of verifying some of this documentation beforehand. You obviously can’t do that for every single provider. But you can do what we’re doing with the pre-payment audits, both with a random and a targeted sampling of providers.”
What CMS is looking for: The agency is selecting parties to audit at random, and based on its own criteria for “suspicious or anomalous data.” “Unfortunately, this is one area where you can’t [give examples],” said Anthony. “When you talk about what we look for and what we target, then you give away to people the exact ways they can bypass the rules. Instead, we’ve been telling people, ‘make sure the information you put down is correct, and that it is coming out of your system correctly and that you have the documentation to support it. If you are reporting accurately those numbers and you have the documentation to show where those numbers came from, then you don’t have anything to be concerned about.'”
How audits will go down: To educate physicians and other healthcare organizations, CMS has put together a Supporting Documentation for Audits fact sheet providing information about the audit process and what electronic or paper documentation to save to support attestation, and offers sample audit request letters for physicians. Healthcare providers can expect initial communications by e-mail by the auditing agency. “If we don’t receive a reply after a certain point, we’ll follow up with regular mail and phone call,” said Anthony. “So it’s important the information you put in during registration for attestation is a valid e-mail.” For the pre-payment audits, CMS asks providers to respond within a two-week period. “If people need additional time, we encourage people to reach out to the audit contractor and talk to them,” he said. It’s important to note that CMS’ audit guidance applies specifically to those attesting for the meaningful use of an EHR for the Medicare program. For physicians attesting for the Medicaid program, how audits will go down/transpire depends on the state.
What you’ll need to produce: Physicians are responsible for maintaining documentation that fully supports the meaningful use and clinical quality measure data submitted during attestation. To ensure you are prepared for a potential audit, CMS advises physicians to save any electronic or paper documentation that supports their attestation (plus the documentation that supports the values entered in the Attestation Module for clinical-quality measures). However, it’s important to note that, depending on your EHR, you may need to also save dated screen shots, or other data not produced by the EHR in an electronic or printable report. “There are some EHR systems that have what is essentially an audit log and will be able to demonstrate or show through a report that a particular functionality, like drug-drug or drug-allergy interaction checks, were enabled for the duration of that reporting period,” said Anthony. “But there are a number of EHRs that don’t have that built in and it is not a certified [requirement] to have that in there. So If your particular EHR isn’t one that has that capability, we suggest providing a dated screen shot during that reporting period to show that was implemented during that reporting period.”
If you’re audited, when you can expect payment: While it’s difficult for Anthony to answer questions on when audited physicians can expect payment (that really depends on factors such as how quickly a provider responds), it’s fair to assume that the quicker a provider responds, the more quickly she’ll get paid. “If you provide [supporting documentation] within two weeks … that’s an audit that could be resolved very quickly,” said Anthony. “If you are unable to locate certain documents … that could obviously make an audit last longer.”
For further guidance from CMS and health IT experts on meaningful use audits read our recent piece on the EHR audit advice.