Meaningful Use Audits: The Process and Your Responsibility
The Medicare and Medicaid electronic health record program has paid $4.5 billion to 76,612 physicians and hospitals in incentive payments through March 2012. Of that amount, CMS has paid out $339.9 million to Medicare eligible providers.” - Government HealthIT, April 2012
There may not be a large number of practices at risk for a pre or post payment audit on Meaningful Use, but if your practice is audited you could be at a higher risk to fail and owe CMS a significant amount of money if you are not prepared.
If you are selected to be audited, the practice will receive an email from Figliozzi and Company, the CMS authorized auditor, using a CMS email address. Be aware that the audit letter will go the email address that was used to attest for Meaningful Use. You have two weeks from receipt of the email. If you do not check that email or if it is an email assigned to one person and your staff member is on vacation, you still have only two weeks to submit your documentation from receipt of the email. Additional information may also be required by the auditor during or after the initial review process.
Conducting a review of the Security Risk Analysis to meet the HIPAA security rule is included in the audit. It has been reported that approximately 2025% of all practices fail the audit because of the security risk analysis. The analysis is required when certified EHR technology is adopted in the first reporting year, and in subsequent years when changes to electronic systems occur.
An onsite review at the provider’s location may be required, with a demonstration of the EHR during that review.
To be ready, documentation to support attestation data for MU objectives and clinical quality measures should be saved for six years post attestation. Most practices find it easier to print the supporting documentation as it is reported, saving the files as some HER systems do not allow for printing postreporting.
CMS has resources to help:
EHR Incentive Programs Supporting Documentation For Audits
EHR Incentive Programs Audits Overview