OIG Report Warns of EHR System Fraud Vulnerabilities
January 15, 2014 | Risk Management News
The Centers for Medicare and Medicaid Services (CMS) has adopted few program integrity practices and provided limited guidance to its contractors to address electronic health record (EHR) system fraud vulnerabilities, states a January 2014 report from the U.S. Department of Health and Human Services’ Office of Inspector General (OIG). According to the report, some EHR software has features that can mask true authorship of the medical record and distort information in the record to inflate healthcare claims. OIG believes that these new vulnerabilities require CMS and its contractors to further revise their approaches to protect against potential fraud and abuse. One EHR documentation practice discussed in the report, copy-pasting, also known as cloning, enables users to select information from one source and replicate it in another location. Although it can save clinicians time, when they copy and paste information but fail to update it or ensure accuracy, inaccurate information can enter the patient’s medical record and inappropriate charges may be billed to patients and third-party healthcare payers. Another practice highlighted in the report, overdocumentation, is the practice of inserting false or irrelevant documentation to bill for higher level services.