Meaningful Use violations represent a new frontier in healthcare fraud

March 1, 2019

Recent False Claims Act settlement underscores the importance of accurate Meaningful Use attestations.

For the second time in less than two years, the U.S. Attorney for Vermont announced a major settlement with an electronic health records company.

The United States Department of Justice (DOJ) filed a complaint Feb. 6 seeking $57.2 million in damages from Greenway Health, LLC. The company is accused of submitting false statements to the Department of Health and Human Services and related Medicaid agencies for incentive payments available through the EHR Meaningful Use Incentive Program. U.S. Attorney Nolan said “[t]his is the new frontier in health care fraud.”

In early 2017, a similar announcement was made in relation to a $155 million settlement with eClinicalworks for submitting false attestations that its EHR met the necessary requirements, including being compliant with HIPAA and the HITECH Act. The company received millions of dollars in incentive payments from HHS.

In both instances, the United States government indicated that providers relied on these companies’ attestations, which in turn led HHS to certify them as an accepted EHR provider.

The basis for these two cases involved false Medicare claims. “[The companies] secured the payout of federal funds designed to improve patient care by deceptively attaining certification for software that created risk to patient safety, risks in the form of inaccurate prescription ordering and doctors denied access to full patient medical history,” Nolan said.

This could also be an issue for physicians, hospitals, and health systems,. As the 21st Century Oncology case taught us, physician practices are not immune from False Claims Act cases based on Meaningful Use violations. And, given that various agencies often times reach out and ask for substantiation of the attestations, sometimes years afterward, it could result in the repayment of funds.

For providers, prevention is the best route to take and being compliant with HIPAA and the HITECH Act is the first step.

Rachel V. Rose, JD, MBA, advises clients on compliance and transactions in healthcare, cybersecurity, corporate and securities law, while representing plaintiffs in False Claims Act and Dodd-Frank whistleblower cases. She also teaches bioethics at Baylor College of Medicine in Houston. Rachel can be reached through her website, www.rvrose.com.