Healthcare News & Insights

Get ready for a Meaningful Use audit

Some healthcare providers receiving incentive payments for Meaningful Use of EHRs may find themselves subject to an audit soon. 

Several healthcare providers that have attested to Meaningful Use in order to receive federal incentives for adopting electronic health records (EHRs) have gotten notices of audits requesting certain documents related to their Meaningful Use attestations.

The letters are being sent by Figloiozzi and Company, the firm the Centers for Medicare and Medicaid Services (CMS) has contracted with for the EHR incentive program. However, no official announcement of the audits has been given by either CMS or the contractor.

However, CMS has posted general information about the Meaningful Use audits on its website. The information states that audits will be conducted after incentive payments are made, and if a provider is found to ineligible based on the audit, the payment will be recouped.

According to the law firm Ober Kaler, the audit letters received asked providers for:

  • A copy of the certification for the EHR system that they’re using to meet Meaningful Use requirements
  • Documentation of the method they chose to report emergency department admissions (i.e., observation services or all emergency department visits), and
  • Documentation regarding their completion of Meaningful Use’s core and menu set objectives — presumably meaning information beyond what was already given to CMS as part of the attestation process.

The audits don’t give providers much time to respond — just two weeks, according to Ober Kaler.

As of now, it’s not clear how the providers who received letters were chosen to be audited, so there’s no way for organizations to predict whether they’ll be audited in the future.

However, there are some steps hospitals and healthcare professionals can take to prepare for a possible audit. According to CMS, organizations attesting to meaningful use should retain all relevant documentation, in either electronic or paper form, for six years after the attestation.

Ober Kaler points out that the audit notices don’t ask providers to send any identifiable patient data or other protected health information (PHI) — and organizations that are audited should avoid sending any unnecessary PHI.

Subscribe Today

Get the latest and greatest healthcare news and insights delivered to your inbox.

css.php