EHR fraud: A slippery slope

The future of health IT was looking pretty rosy this week in the afterglow of last week's annual Healthcare Information and Management Systems Society conference in Chicago. Interoperability. Coordinated care. Personalized medicine. And we have all of this related legislative and regulatory activity occurring in 2015 moving EHRs and health IT forward. Everything is filled with promise.

But then I chanced upon an announcement from the U.S. Department of Justice which sheds light on a terrible reality that could upend all of this progress in health IT--and which deserves much more attention than it's receiving.

The announcement, also published last week, reveals the sentencing of healthcare fraudster Tariq Mahmood, the physician who owned several Texas hospitals and got caught bilking the government. According to the DoJ, Mahmood and others:

"Added, changed, and incorrectly sequenced diagnostic codes in a way that did not reflect the actual diagnoses and conditions of the patients and often did so without reviewing the medical records. They submitted false and fraudulent claims to Medicare and Medicaid based on the added, changed, and incorrectly sequenced diagnostic codes."

Mahmood was sentenced to 155 months in federal prison and ordered to repay almost $600,000.

This is the same healthcare outfit that fraudulently attested to meeting Meaningful Use in order to obtain a $785,655 incentive payment. The CFO responsible has pled guilty. He'll be sentenced next week.

Healthcare fraud is a very serious crime, and arguably it's easier to game the system and manipulate records when they're electronic.

But it's one thing to upcode a procedure on a claim, or to bill for a service that wasn't medically necessary. It's really sinister to manually alter the data in the EHRs, as Mahmood and his colleagues were doing.

Manipulation at such a granular level makes "copy and paste" look like child's play.

It's much more evil than simply defrauding the government and private payers. It alters the patients' actual medical records. They're no longer accurate and reliable. What good are interoperability and telehealth if the records can't be trusted?

It's not only detrimental to the patient, it taints the analytics of "big data." All of those secondary uses of EHR data, such as research and public health, now are at risk, too. If the records don't accurately reflect the patients' clinical conditions, then the results of these analytics are unbelievable. So these falsified records will undermine patient safety, both individually and population-wide.

The government has been working very hard to ferret out healthcare fraud. The Departments of Justice and Health and Human Services recently announced that they have recovered $3.3 billion in fiscal year 2014, a whopping $7.70 return on investment for every dollar spent in the fight. Overall they have recovered more than $27.8 billion, and have upped their game with new tools to increase their enforcement efforts. The Office of Inspector General is also now specifically looking at fraud in the Meaningful Use program.

But let's not kid ourselves. Mahmood is not the only fraudster tampering with EHRs and manipulating individual codes. Thousands, if not millions of records may have been compromised and can no longer be trusted.

And no matter how much fraud the government uncovers, that doesn't correct the patients' records.   

This is a very serious problem, and I'm not sure how it can be resolved. But I do know that if it's not dealt with quickly, then all of the promise of the future of health IT is at risk. - Marla (@MarlaHirsch and @FierceHealthIT)