Mildred L. Johnson, JD, CPC - Health Care Compliance Association
Mildred L. Johnson, JD, CPC - Health Care Compliance Association
Mildred L. Johnson, JD, CPC - Health Care Compliance Association
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
matter experts to develop suitable guidelines to<br />
prevent fraud in electronic health record documentation.<br />
The participants included fraud<br />
investigators, physicians, attorneys, information<br />
technology specialists, health information<br />
management professionals, coding and<br />
reimbursement specialists, compliance officers,<br />
audit managers, and technology vendors. The<br />
work group produced a set of guidelines (available<br />
at http://library.ahima.org/xpedio/groups/<br />
public/documents/ahima/bok1_033097.<br />
hcsp?dDocName=bok1_033097), an EHR<br />
fraud checklist, and three case studies that are<br />
helpful for compliance education and discussion<br />
starters.<br />
The identified areas of concern regarding<br />
some EHR environments centered around<br />
the following functions:<br />
n Authorship integrity<br />
n Auditing integrity<br />
n Documentation integrity, and<br />
n Patient identification and demographic<br />
accuracy<br />
Avoiding the path towards dirty data<br />
<strong>Health</strong> records are generally a composite of<br />
observations made by physicians, nurses, pharmacists,<br />
therapists, social workers and others<br />
who record the interventions made while<br />
providing patient care services. All these clinicians<br />
have a role in data quality and document<br />
completeness. It is important for the record<br />
data set to reflect who is responsible for the<br />
entries made. Any EHR features or tools that<br />
allow unrestricted changes to released documents,<br />
or allow authors or others to change or<br />
eradicate the work documentation, must be<br />
prohibited or carefully controlled.<br />
Determining who is responsible for providing<br />
services is a concern in both a paper chart<br />
environment and its electronic replacement.<br />
One method of healthcare fraud includes<br />
using unlicensed or otherwise unqualified<br />
individuals to perform services while submitting<br />
claims under the provider number of a<br />
legitimate practitioner.<br />
Another authorship and documentation<br />
integrity issue that is well known to the compliance<br />
profession involves academic medical<br />
centers and Medicare payments. Teaching<br />
institutions must provide evidence pursuant<br />
to 42 CFR 415.172 (b) that the documentation<br />
must identify, at a minimum, the service<br />
furnished, the participation of the teaching<br />
physician in providing the service, and<br />
whether the teaching physician was physically<br />
present. Students may document services,<br />
but for evaluation and management (E&M),<br />
the documentation is limited to review of<br />
systems and/or past family/social history. The<br />
teaching physician should not copy and paste<br />
student documentation of physical exam findings<br />
or medical decision making into their<br />
own notes. If a medical student documents<br />
E&M, the teaching physician must verify and<br />
re-document the history of present illness as<br />
well as perform and re-document the physical<br />
exam and medical decision making.<br />
Tool time<br />
Documentation tools, such as templates and<br />
other forms of automated text production,<br />
must be used with care. Appropriate safeguard<br />
policies, best practices, or the assistance<br />
of software functionality must be applied to<br />
prevent degradation of data quality.<br />
Computer-generated “macros” are acceptable<br />
for shortening data input for busy clinicians;<br />
however, their use should be monitored to<br />
make sure the results accurately represent the<br />
services provided and will not compromise the<br />
integrity of the record in court. To ensure that<br />
the record meets legal requirements, appropriate<br />
audit trails are required in electronic systems<br />
to track changes made in documentation<br />
and to preserve the integrity of the content.<br />
Auto-authentication means that a physician<br />
or other authorizing person in an electronic<br />
health record environment signs multiple<br />
documents at one time without opening<br />
them. With auto-authentication, judicious<br />
review for accuracy falls short of federal and<br />
state authentication requirements and this<br />
could place the organization at legal risk<br />
when accuracy of the record and its ability to<br />
serve as a legal document are required. 5,6,7<br />
Thou shalt not steal<br />
“Borrowing” data from other sources (where<br />
copy-and-paste or “pull forward” techniques<br />
are used) must be carefully monitored,<br />
particularly when this involves E&M service<br />
coding for reimbursement. The resulting<br />
billing codes are based on work intensity elements<br />
and the expectation that the documentation<br />
correctly reflects the service rendered<br />
at the encounter in question. For example,<br />
when a patient comes to a physician office<br />
with a new problem, the physician is expected<br />
to perform a complete review and update<br />
of the family and social history, a history of<br />
the present illness, and a current review of<br />
systems. This is followed by a physical exam<br />
appropriate to the chief complaint, and then<br />
medical decisions are made. Finally, a plan of<br />
care is developed. If a physician were to “pull<br />
forward” the history elements from the initial<br />
visit into a subsequent follow-up visit, there<br />
is a risk that the E&M may include elements<br />
that were not provided during the second<br />
encounter. It would be inappropriate to consider<br />
the history review in the level of service,<br />
despite the fact that the physician note makes<br />
it appear that the history elements were<br />
repeated at the subsequent visit and should<br />
be a factor in the service intensity level. E&M<br />
calculation software tools must also be used<br />
with care to assure that any documentation<br />
generated reflects services actually provided at<br />
the level represented.<br />
Continued on page <br />
<strong>Health</strong> <strong>Care</strong> <strong>Compliance</strong> <strong>Association</strong> • 888-580-8373 • www.hcca-info.org<br />
<br />
February 2007