Why OIG will continue to find faulty EHR incentive payments
Improper incentive payments made by the Centers for Medicare and Medicaid Services to eligible professionals and hospitals for adopting electronic health records will continue to be scrutinized by the Department of Health and Human Services’ Office of Inspector General.
OIG has been vigilant in identifying payments, which it sees as the primary risk to the Medicare and Medicaid EHR incentive programs. The agency’s just-released work plan for Fiscal Year 2017, which lays out its new and ongoing reviews/activities, reveals a continued focus on incorrect payments among its initiatives.
“We will review Medicare incentive payment data to identify payments to providers that should not have received incentive payments (e.g., those not meeting selected meaningful-use criteria),” states OIG’s work plan. “We will also assess CMS’s plans to oversee incentive payments for the duration of the program and corrective actions taken regarding erroneous incentive payments.”
The Medicare and Medicaid EHR incentive programs “may be at greater risk of improper payments than other programs because they have complex requirements,” contends the agency.
In addition, OIG indicated that it will review the security of certified EHR technology (CEHRT) as part of the meaningful use program.
“A core meaningful-use objective for eligible providers and hospitals is to protect electronic health information created or maintained by certified EHR technology by implementing appropriate technical capabilities,” states the plan. “To meet and measure this objective, eligible hospitals must conduct a security risk analysis of certified EHR technology as defined in Federal regulations and use the capabilities and standards of certified EHR technology.”
As a result, OIG reported that it will conduct audits of covered entities that have received EHR incentive payments from CMS to determine whether they have adequately protected electronic health information created or maintained by CEHRT.