Close may count in horseshoes and hand grenades, but it won't get you paid if you participate in the EHR incentive program.
Close may count in horseshoes and hand grenades, but it won't get you paid if you participate in the EHR incentive program. Indeed, doctors who commit the resources required to demonstrate meaningful use, which is estimated to be well over $50,000 for Stage 3 alone, don't collect a penny of the incentive payments Medicare doles out to help defray the cost of IT upgrades if they fail to meet even a single metric.
"Some practices have made the effort to attest to meaningful use and at the end of the year find out they didn't do one thing correctly so they spent all that money on infrastructure and didn't collect the payment," says Tom Giannulli, a practicing physician who also serves as chief medical information officer for Kareo, a cloud-based medical office software and service provider.
Doctors who successfully attest to Stages 1, 2, or 3 also face audits of their supporting documentation, both random and targeted, for up to six years, which can result in their having to repay any incentive subsidy they received. The American Academy of Family Physicians maintains that's unreasonable and causes "undue hardship," noting it's tough to produce supporting documentation for family physicians who have made changes to their practices or whose offices have merged with a larger healthcare system. "In the case of employed physicians, their employment contracts often require that all Medicare payments flow directly through the practice," says Reid Blackwelder, AAFP board chair, in a letter earlier this year to CMS. He notes that creates problems when the individual physician is later held responsible for repaying the subsidy after a failed audit.
HIPAA highlights: 2 disturbing class actions, OCR risk analysis enforcement
April 24th 2025Two class-action lawsuits targeting the University of Maryland Medical Center and the University of Kansas Health System for years-long cyberstalking and unauthorized access to protected health information spotlight massive HIPAA risk-analysis failures and underscore the urgent need for stronger health care cybersecurity safeguards.