OIG to CMS: ‘Trust, but Verify'
(Editor's Note: This guest blog was written by Chris Giancola, principal at CSC Healthcare Group.)
In November, the Health and Human Services Office of the Inspector General released an early assessment of the oversight of the national electronic health records adoption incentive program, more formally known as the meaningful use of certified health information technology within the HITECH section of the American Recovery and Reinvestment Act of 2009. In its assessment, the OIG took stock of how the two agencies chiefly responsible for administering the program, Central Medicare Services (CMS) and the Office of the National Coordinator of Health Information Technology (ONC), are doing.
After performing a careful study involving both interviews and the examination of work products, the OIG offered up four recommendations - two to each agency - as to how those agencies could correct the shortcomings that the OIG observed. Those recommendations were that:
- The ONC should require that certified EHR technology be capable of producing reports for all measures that a provider or hospital is attesting to.
- The ONC should improve the certification process for EHR technology to ensure that the reports coming out of the EHR in support of the attestation are accurate.
- CMS should issue guidance, with specific examples of documentation that professionals and hospitals should maintain, to support their compliance.
- CMS should conduct audits before issuing payments to providers and hospitals, as well as after the payment has been made.
The recommendations are reasonable, both agencies agreed with the OIG's assessment, and both have agreed to take all but one of these recommendations into consideration. The assessment was performed on Stage 1 processes and procedures, and the agencies had already taken steps to self-correct. In fact, ONC implemented the second recommendation when it issued its own test data for the 2014 edition of its EHR certification process here.
The sticking point has come on the fourth recommendation. Eligible physicians and hospitals in the meaningful use incentive program are asked to attest that they are satisfying the requirements of each objective in the rule in order to receive payment. The OIG believes that because there is no attempt made by CMS to verify that any of the information being submitted is actually true before issuing an incentive payment to the provider or hospital, that there is a possibility of fraud and waste that is too big to ignore. The OIG's recommendation to CMS is simple: Trust the provider or hospital to attest honestly, but verify the information they submit in their attestation.
But, the OIG has no authority to compel CMS to adopt its recommendation, and CMS has pushed back with the belief that audits that occur pre-payment are overly burdensome and would discourage or slow participation by providers.
Both parties have legitimate points. Given the tight timelines for achieving each stage of meaningful use, it would be unreasonable to expect that a material number of audits could take place in an appropriate and relevant timeframe. By the OIG's own assessment, fewer than 20 percent of all attestations contained information that could possibly flag the submission as being worthy of an audit. The resources that it would take to perform effective pre-payment audits might cost more to perform than the savings those audits might yield, making their net value actually negative.
However, OIG insists there are reasonable steps that CMS could take to add a modicum of oversight before payments are made, such as by modifying the attestation system itself to check the internal consistency of the information being submitted (e.g., check that the provider declares the same count of patients in the denominators of more than one measure when those counts are supposed to be the same across those different measures). The attestation website is wholly within CMS' control, and its validation logic would apply immediately to all participating organizations without having to allocate scarce resources, or delay payment to most EPs and hospitals, to learn their "story" in order to perform a thoughtful pre-payment audit.