Make sure the way you use an EMR doesn't unwittingly look like fraud

Physicians might not realize it, but how they and their staffs use an electronic medical record system could open themselves up to accusations of fraud or misrepresentation.

The problem isn't that physicians are intentionally trying to double-bill or make it appear that they are trying to alter patient records. It's that systems are vulnerable to being used in a way that makes it seem as if they are. Or the systems might not have certain features that would help protect the practice from these allegations.

A 2007 document from the American Health Information Management Assn. warns physicians that they should not expect unintentional deception or misrepresentation to be viewed more favorably by payers, evaluators or litigators than actual fraud, which, by definition, requires intent. Some of the issues at play are authorship integrity, auditing integrity and documentation integrity, according to the AHIMA report.

Reed Gelzer, MD, COO of Advocates for Documentation Integrity and Compliance, an education, training and consultancy firm focused on EMR quality and information integrity standards, said that to protect themselves, physicians need to know how their systems work and how they can address any pitfalls.

Generally, the potential for problems falls into three areas.

Authorship integrity. EMRs should have the ability to show who entered what data and when. A common problem occurs when nurses document history, medication lists and complaints in the record, then the physician enters his or her own notes on the same open screen. Without an audit function showing who entered what, the record will show only one author. Dr. Gelzer said potential fraud allegations could come into play if the record indicates that services were performed by an unauthorized person.

Other potential problems are caused from copying and pasting information from other sources, or pulling information from notes taken during a previous patient visit.

Diana Warner, manager of professional practice resources at AHIMA, said pulling information from another visit could cause coding and billing issues if, for example, the pulled information that becomes part of the record of the second visit contains services provided only during the first visit. If that pulled information is used for coding, the physician could be paid twice for services performed only once.

These situations happen because physicians, to boost efficiency, don't match their EMRs to the workflow. "They are taking shortcuts -- not to game the system, but just to get their work done and treat the patient and be able to move on and not get stuck at the office every night trying to document," she said.

Auditing integrity. EMR systems should not only have the ability to see who accessed what records when, but also to track changes, amendments and additions made to patient records.

Dr. Gelzer said there are legitimate reasons why a record would be amended, such as lab results and additional information that arrive after a visit. Many physicians assume that their EMR systems keep a copy of original records after they have been changed, but many systems do not.

If the records that already have been authenticated by the physician are changed, but the changes are not recorded as an official amendment, it could create the perception that the physician routinely makes changes to records. "If someone were of a suspicious mind about why records are being changed, having strong audit functions is very protective," Dr. Gelzer said.

Attorney Louis Saccoccio, executive director of the National Health Care Anti-Fraud Assn., said the ability to change a record without an audit creates the potential for fraud. One example is changing the record to help substantiate services that were billed but not performed. Adding something that was forgotten is a different circumstance and one that is perfectly fine, but it needs to be clear in the record and audit trail what changes were made and why, he said.

Documentation integrity. Many systems are created with templates intended to save physicians time. But faulty information often makes its way into a record because the system was set to certain defaults. Systems should have a limited number of auto-generated data, according to the AHIMA report. Any inaccurate auto-generated data that makes its way into the record could be used by coding professionals, resulting in inaccurate coding and payment.

Not only do physicians need to look for systems that can improve the integrity of the record, they also need to know how to use those systems properly. A common complaint about auditing functions, for example, is that they slow systems down.

Apparently many vendors advise practices to shut off the audit function to help speed up the system, Dr. Gelzer said. But turning off the audit function means the physician is not HIPAA compliant, Warner warned.

These potential problems are being exacerbated, some say, by the financial incentives created under the Health Information Technology for Economic and Clinical Health Act of 2009 to encourage EMR use. To qualify for incentives, physicians must demonstrate meaningful use of EMRs that are certified by organizations approved by HHS.

Meaningful use certification is designed only to ensure that EMRs meet the individual meaningful use objectives and measures, said Karen Bell, MD, chair of the Certification Commission for Health Information Technology, one of the organizations contracted with the ONC to test and certify EMRs for meaningful use. But Dr. Gelzer is concerned that physicians may feel a false sense of security knowing that their systems were certified to meet government-mandated standards.

The Dept. of Health and Human Services Office of the Inspector General included in its 2012 Work Plan a look at the relationship between certified EMRs and fraud and abuse vulnerabilities.

"I would take this to mean that the OIG is seeing problems," Dr. Gelzer said.

Dr. Bell said it's really about buying a system that doesn't slow the doctor down but "allows physicians who really do want to do the right thing to keep tabs on their practice."