Court dismisses FCA lawsuit involving security breach and Meaningful Use incentives

An appeals court upheld a lower court's decision to dismiss a lawsuit against Kettering Health System by saying the provider violated the False Claims Act (FCA) by incurring a security breach after accepting Meaningful Use incentives.

A whistleblower that received two security breach notifications from Kettering claimed the provider violated the FCA by falsely attesting to electronic health records Meaningful Use requirements by failing to protect patient information. The court ruled that the whistleblower failed to state a plausible FCA claim or identify an inappropriate payment, adding that the Centers for Medicare & Medicaid Services did not require hospitals to "fully mitigate all risks" prior to accepting incentive payments. Article