Navigating Compliance Landmines in EHR Documentation Brian T. Bates, CPA, CHC, Mac Corporate Compliance Officer University of Alabama Health Services Foundation, P.C. DISCLAIMER: The views and opinions expressed in this presentation are those of the author and do not necessarily represent official policy or position of HIMSS.
Conflict of Interest Disclosure Brian T. Bates, CPA, CHC, MAc Has no real or apparent conflicts of interest to report. 2013 HIMSS
Learning Objectives Describe the top compliance challenges created by using an EHR Discuss how EHR software functions can influence clinical documentation and the care delivery process Identify methods to monitor, audit and track the appropriate use of EHR efficiency tools Share lessons learned in how a large academic medical center adapted its compliance program as a result of an EHR implementation
Navigating Compliance Landmines in EHR Documentation
ARRA Meaningful Use Expectations of Providers PQRS and Commercial Payor Quality Reporting ICD-10 CMS Audit Programs (RAC; CERT) HIPAA Privacy and Security Expectation by Providers My EHR will help us comply!
Expectation of Providers The Dynamic Duo IT and Compliance Must work together at all stages of an EHR implementation and optimization Pre-Go Live Considerations Post-Go Live Considerations
Pre Go-Live Considerations Compliance must be at the table with IT to provide input in the system design and build process Scope of Practice Role-Based Access and Use Internal parties (ex., Medical Students, staff, MDs) External parties (ex. Billing companies, auditors, etc.) Documentation Template Development
Pre Go-Live Considerations (continued) Use of Efficiency Tools Copy and Paste Normal/Negative Templates EMR Policies and Procedures Provider Education and Training At this point You don t know what you don t know
Post Go-Live Considerations Scope of Practice Role-Based Access and Use (ex., Academic Secretaries) Flow of documentation through the system Resident to Attending CRNP to Attending Authorship Who did what? Attestations and Signatures Timeliness of Documentation Orders Written; Protocol; Proposed; Verbal, Medical Necessity
Post Go-Live Considerations (continued) Use of Efficiency Tools Copy and Paste (Cloned Documentation) Normal/Negative Templates Documentation errors and discrepancies Compliance Auditing Focus Quality Meaningful Use Unsigned Notes; Unsigned Orders; Test Authentication Cloned documentation Volume of Documentation versus Complexity of Patient The work for IT and Compliance is just beginning when an EHR system goes live!
Expectation of Providers The Dynamic Duo IT and Compliance Government s View On Use of EHRs Are Providers Gaming the System? Sebelius/Holder Letter OIG Work Plan 2013 OIG EHR Technology Questionnaire CMS and RAC focus
12
13
14 OIG Work Plan 2013 Annually OIG publishes its "targets" for the upcoming year. Cutting and Pasting Documentation in the EMR REMEMBER: More volume is not always better in the medical record, especially in the EHR with potential for cutting/pasting and copy forward. Ensure the billed code is reflective of the service provided on the DOS.
OIG Workplan 2013 CMS will review the extent of potentially inappropriate payments for E&M services Medicare Manual instructs providers to select the code for the service based upon the content of the service and says that documentation should support the level of service reported. Medicare (CMS) noted: Identical documentation across services. CMS will review multiple E&M services for the same providers and beneficiaries to identify electronic health records (EHR) documentation practices associated with potentially improper payments due to cloned, cut-paste or copy forward notes. Cloned documentation (i.e. a medical record entry worded exactly like or unreasonably similar to previous entries within an individual s medical record or between different individual s medical records) does not meet the medical necessity requirements for coverage of services due to the lack of patient and/or visit specific information 15
OIG EHR Technology Survey OIG letter to hospitals October 2012 18 page, 54 question survey Survey probing a hospital s EHR data entry habits, security practices, and more How dxs are coded-manually, automatically, etc. User authorization-passwords, tokens, etc. Access management-timeout, password rules, etc. Audit logs How physician notes are entered-free text, template EHR copy and paste policies
Recent CMS Transmittals Focused on EHR Documentation 438 (Effective Date December 10, 2012) SUBJECT: Progress Notes and Forms CMS does not prohibit the use of templates to facilitate record-keeping. CMS also does not endorse or approve any particular templates. A physician/lcmp may choose any template to assist in documenting medical information. Some templates provide limited options and/or space for the collection of information such as by using check boxes, predefined answers, limited space to enter information, etc. CMS discourages the use of such templates. Claim review experience shows that that limited space templates often fail to capture sufficient detailed clinical information to demonstrate that all coverage and coding requirements are met. Physician/LCMPs should be aware that templates designed to gather selected information focused primarily for reimbursement purposes are often insufficient to demonstrate that all coverage and coding requirements are met. This is often because these documents generally do not provide sufficient information to adequately show that the medical necessity criteria for the item/service are met. If a physician/lcmp chooses to use a template during the patient visit, CMS encourages them to select one that allows for a full and complete collection of information to demonstrate that the applicable coverage and coding criteria are met.
Recent CMS Transmittals Focused on EHR Documentation 442 (Effective Date: January 8, 2013) SUBJECT: Update for Amendments, Corrections and Delayed Entries in Medical Documentation Electronic Health Records (EHR): Medical record keeping within an EHR deserves special considerations; however, the principles wed above remain fundamental and necessary for document submission to MACs, CERT, Recovery Auditors, and ZPICs. Records sourced from electronic systems containing amendments, corrections or delayed entries must: a. Distinctly identify any amendment, correction or delayed entry, and b. Provide a reliable means to clearly identify the original content, the modified content, and the date and authorship of each modification of the record. If the MACs, CERT or Recovery Auditors identify medical documentation with potentially fraudulent entries, the reviewers shall refer the cases to the ZPIC and may consider referring to the RO and State Agency.
In The News United States of America vs. William King Dr. King (GYN physician) developed an office visit template that included all required elements for a comprehensive level 5 visit after attending a coding in-service. Dr. King completed the form on all patients and billed level 5 visits. Problem: Dr. King checked off elements of the exam that he did not perform. Patients testified that they did not receive the exams noted. Result: Dr. King incarcerated 36 months $800,851 in False Claims. 24
25 Health and Human Services (HHS) Fraud and Abuse Initiatives: Expanded Office of Inspector General focus on EMRs Expanded CMS Integrity Program Hiring Special Program Integrity Contractors Efforts by DOJ Return on Investment- $1: $8 Investigating healthcare fraud and abuse is worth their efforts. February All 2012 healthcare - announced sectors recoupment subject of over to the $4 Billion government s in healthcare ongoing fraud in 2011 scrutiny this is not a fad. CERT Reviews (Comprehensive Error Rate Testing) RAC Reviews (Recovery Audit Contractor) Focused Reviews MIC (Medicaid Integrity Contractor) Fiscal Cliff Bill Increase look-back period from 3 years to 5 years
Expectation of Providers The Dynamic Duo IT and Compliance Government s View On Use of EHRs Cloning Copy and Paste Pre-Populated Normal or Negative templates Top Compliance Risk Areas for EHRs Authorship Timeliness of Medical Record Completion
CMS IS WATCHING EMR DOCUMENTATION Once you sign your note, YOU ARE RESPONSIBLE FOR ITS CONTENT
1. Use Copy Forward with caution 2. Don t dump irrelevant information. into your note 3. Never copy ANYTHING from one patient s record into another patient s note
4. Only Past/Family/Social History and Review of Systems may be used from a medical student or nurse s note 5. Never copy documentation from another provider without clearly identifying the original author
6. Utilize the your organizations Approved Attestations for resident/fellow/ mid-level provider notes 7. Be careful with pre-populated No or Negative templates
8. Authenticate all documentation and orders per your organization s policy 9. Link diagnosis to each test ordered (lab, imaging, cardiographics, referral)
ARRA 2009: Provider Incentives for Meaningful Use of EHR Government s View Expectation of On Use of EHRs Providers CMS Physician Quality Reporting System (PQRS) Penalties begin 2015 The Dynamic Duo IT and Compliance Top Compliance Risk Areas for EHRs Mandatory Electronic Health Records and Personal Health Records
Mandated for October 1, 2014 68,000 new codes (currently Government s 13,500 in ICD-9) View Expectation of On Use of EHRs Providers Alpha-numeric with up to 7 characters per code Example: E09.52 drug-induced diabetes mellitus with diabetic peripheral angiopathy with gangrene The Dynamic Duo IT and Compliance Essentially forces change to an electronic billing system (no more paper charge tickets) Top Compliance Risk Areas for EHRs Mandatory Electronic Health Records and Personal Health Records New ICD-10 Coding System October 2014
Expectation of Providers Government s View On Use of EHRs New ICD-10 Coding System October 2014 The Dynamic Duo IT and Compliance How To Audit Your EHR Top Compliance Risk Areas for EHRs Mandatory Electronic Health Records and Personal Health Records Taking Care of Patients
Auditing Your EHR Work with IT to create Compliance reports within your EHR Identify your report generating capabilities Example: CERNER Message Center and PowerInsight Unsigned Notes Unsigned Orders Unauthenticated Test Results HIPAA access ARRA Meaningful Use Metrics
Auditing Your EHR Focus on use of efficiency tools Template Use Cloned Documentation Conflicting information in the clinic notes Authorship Nurse Medical Student Advanced Practitioner (CRNP/PA) Clerical Staff Attending Physician Scribes
Expectation of Providers The Dynamic Duo IT and Compliance Top Compliance Risk Areas for EHRs Government s View On Use of EHRs It takes a village New ICD-10 Coding IT System October 2014 Compliance Clinical Informatics Providers Leadership How To Audit Your EHR Mandatory Electronic Health Records and Personal Health Records
Thank You! Brian T. Bates, CPA, CHC, MAc UAHSF, Corporate Compliance Officer 500 22nd Street South, Suite 504 Birmingham, AL 35233-2023 Phone: (205) 731-9671 Email: btbates@uabmc.edu