Are you ready for an EHR meaningful use audit?
Health information management professionals have the knowledge and tools to assist a healthcare organization facing an electronic health records meaningful use audit, with skills that should be tapped but often are not, says Susan Clark, a consultant at the advisory firm eHealth Consulting. In a session at AHIMA16, she will explain why.
For instance, does your organization include meaningful use in its information governance initiatives? Who is keeping MU audit files and who is accountable for audit oversight activities? “This is more of a compliance project than an IT project,” Clark says.
Clark recalls a provider client that a person who was responsible for MU information governance issues, but the person moved to Hawaii and had to be tracked down and asked where the files were.
The Centers for Medicare and Medicaid Services isn’t saying what the criteria is for selecting an organization for a MU audit, but some issues have been found to be a good indicator, such as a covered entity that attested for meaningful use one time but hasn’t attested since.
Under the CMS audit program, each year of meaningful use documentation must be retained for six years. Covered entities also need to learn what state documentation demands will be necessary to produce if targeted for a Medicaid meaningful use audit.
Importantly, covered entities should make sure they have a security risk assessment and an overall HIPAA remediation plan before attesting for meaningful use, Clark cautions. “You have to show an annual risk assessment was conducted before the end of the reporting period.”
She also advises doing a mock audit with an outside firm to learn more about strengths and weaknesses before a real audit comes.
The session, Big Penalties Require Big Thinking: Meaningful Use Audit Readiness, is scheduled on October 19 in rooms 314-315.