Faster isn't always better: Recognizing EHR fraud risks

While the country moves toward fully automated healthcare documentation, electronic healthcare technology may make fraud and abuse schemes easier through cut and paste shortcuts, according to an Office of Inspector General report.

As many as 90 percent of doctors copy and paste electronic health record (EHR) encounter data, a Health IT Exchange blog post noted. And up to 78 percent of physicians' notes are copied text, according to a Sedgwick Connection blog post.

This raises the question of whether providers hear the concerns of each patient and record them in unique notes, or if providers try to save time by using copy and paste commands to document typical complaints and treatment plans. "Risk managers shudder when they think about the potential fallout from this practice," Sedgwick Connection noted.

Another program integrity hazard, physicians can make macros that autopopulate certain parts of the chart and document all aspects of a physical exam whether doctors performed them or not. Concerns such as this led one hospital executive to conclude that too many EHR features are tied to billing as opposed to patient care.

The electronic environment also can make it simple to inflate claimed procedure codes by copying and pasting either prior visit information or a template of canned information to meet added documentation standards. "A few clicks can generate a pages long note that's not only difficult for other physicians to decipher but for regulators [to interpret] as well," Health It Exchange noted.

Further, providers may copy information into multiple systems, moving material from an office practice EHR into a hospital EHR, for example. Auditing these entries may be difficult, because some insurers can't spot copied language and overdocumentation in an electronic record, the OIG report stated.

So what's the solution?

One option is requiring programs to flag copied and pasted material and link it to its original source, Health It Exchange suggested. Another idea is setting and enforcing policy limits on use of copy and paste functions, Segwick Connection noted.

Payers also could use audit log data unique to EHRs to examine medical record evidence that supports claims, according to the OIG. And the Centers for Medicare & Medicaid Services could work with contractors to develop tools and best practices to find fraud associated with EHRs, the OIG concluded, with specific guidance focused on EHR documentation and electronic signatures.

For more:
- here's the Sedgwick Connection blog post
- read the Health IT Exchange blog post
- see the OIG report (.pdf)