DisclaimerThis webinar may be recorded. This webinar presents a sampling of best practices and overviews, generalities, and some state laws. This should not be used as legal advice. Itentive recognizes that there is not a “one

size fits all” solution for the ideas expressed in this webinar; we invite you to follow up directly with us for more personalized information as it

pertains to your specific practice and issues. Thank you, and enjoy the webinar.

Upcoming WebinarICD10 - It’s Back! • January 6, 2014• 12:00-1:00 Eastern Time

CMS Meaningful Use Audits are Coming…

Are You Ready?

AgendaThis session will cover:• CMS Audit Overview• Maintaining Documentation• Documentation for Non-Percentage Based

Objectives• Pre and Post Payment Audits• Audit Process• Recommendations

Audit Overview

CMS Audit Overview

Eligible Professionals (EP) may be subject to an audit if they have received, or are eligible to receive EHR incentive payment for either the Medicare or Medicaid programs

CMS Audit Overview• Audits may be conducted either pre or post

incentive payment.• Documentation to support attestation data for

meaningful use objects and clinical quality measures should be retained for six years

CMS Audit OverviewDocumentation to support payment calculation, such as cost report data, should continue to follow the current documentation retention process

CMS Audit Overview• Figliozzi and Company is the contracting

organization performing audits on behalf of Centers for Medicare &Medicaid Services (CMS)

• States and their contractors will perform audits on any provider attesting to the Medicaid incentive program

CMS Audit OverviewWhen a practice or organization is selected for an audit, a letter will be received from Figliozzi and Company. The letter will include the CMS and EHR incentive program logos on the letterhead

Maintaining Documentation

Maintaining DocumentationIt is the responsibility of the EP to maintain documentation that supports the data submitted during the attestation

Maintaining Documentation• To ensure preparedness for an audit, save any

electronic or paper documentation that supports your attestation

• Save the documentation that supports the attestation of the clinical quality measures reported

Maintaining Documentation• The source documentation will be the primary

documentation requested in all reviews• The documentation needs to provide a

summary of the data entered during the attestations

Maintaining Documentation• The preferred documentation would be a

report from the certified EHR. However, other documentation may be used if a report is not available or the information entered is different from the report

Maintaining Documentation• Providers who use a source document other than

a report from the certified EHR system to attest to Meaningful Use data should retain all the documentation that demonstrates how the data was collected and calculated

• Including: The numerators and denominators for the measures The time period the data is collected Evidence to support the information is specific to the

EP• Identified by National Provider Identifier, CMS Certification

Number, provider name, practice name, etc.

Maintaining Documentation

CMS suggests that providers download and /or print a copy of the report used at the time of attestation for their records

Maintaining DocumentationThere could be additional information requested that may include reviewing the medical records

Documentation for Non-Percentage Based Objectives

Documentation for Non-Percentage Based Objectives

There are several Meaningful Use measures that require a “Yes” attestation in order for the provider to successfully meet the objective. Not all certified EHRs track non-compliance based measures. To validate the reporting attestation, CMS or Figliozzi and Company may request additional supporting documentation

Documentation for Non-Percentage Based Objectives

Examples of suggested documentation:

Objective Audit Validation Suggested Documentation

Clinical DecisionSupport Rule

Functionality is available, enabled, and active in the system for the duration of theEHR reporting period.

One or more screenshots from the certified EHR system that are dated during the EHR reporting period selected for attestation.

Documentation for Non-Percentage Based ObjectivesObjective Audit Validation Suggested Documentation

Protected Electronic Health Information

Security risk of analysis of the certified EHR technology was performed prior to the end of the reporting period

Report that documents the procedures performed during the analysis and the results. Report should be dated prior to the end of the reporting period and should include evidence to support that it was generated for that provider’s system (e.g., identified by National Provider Identifier (NPI), CMS Certification Number (CCN), provider name, practice name, etc.). Note: The Stage 2 measure for Protect Electronic Health Information also requires providers to address encryption/security of data stored in certified EHR technology.

Generate Lists of Patients by Specific Conditions

One report listing patients of the provider with a specific condition.

Report with a specific condition that is from the certified EHR system and is dated during the EHR reporting period selected for attestation. Patient-identifiable information may be masked/blurred before submission.

Documentation for Non-Percentage Based Objectives

Objective Audit Validation Suggested DocumentationImmunization Registries Data Submission, Reportable Lab Results to Public Health Agencies, Syndromic Surveillance Data Submission, Reporting Cancer Case Registries, and Reporting to Specialized Registries

Ongoing submission of electronic data using certified EHR technology for the entire EHR reporting period.

Dated screenshots from the EHR system that document successful submission to the registry or public health agency. Should include evidence to support that it was generated for that provider’s system (e.g., identified by National Provider Identifier (NPI), CMS Certification Number (CCN), provider name, practice name, etc.).

A dated record of successful electronic transmission (e.g., screenshot from another system, etc.). Should include evidence to support that it was generated for that provider (e.g., identified by National Provider Identifier (NPI), CMS Certification Number (CCN), provider name, practice name, etc.).

Documentation for Non-Percentage Based ObjectivesObjective Audit Validation Suggested Documentation

Immunization Registries Data Submission, Reportable Lab Results to Public Health Agencies, Syndromic Surveillance Data Submission, Reporting Cancer Case Registries, and Reporting to Specialized Registries

Ongoing submission of electronic data using certified EHR technology for the entire EHR reporting period.

Letter or email from registry or public health agency confirming receipt of submitted data, including the date of the submission and name of sending and receiving parties.

For exclusions to public health reporting objectives, a letter, email, or screenshot from the registry that demonstrates EP was unable to submit and would therefore qualify under one of the provided exclusions to the objective.

Exclusions Documentation to support each exclusion to a measure claimed by the provider.

Report from the certified EHR system that shows a zero denominator for the measure or otherwise documents that the provider qualifies for the exclusion

Pre and Post Payment Audits

Pre and Post Payment AuditsCMS began conducting pre-payment audits in 2013

Pre and Post Payment Audits• The pre-payment audits are random and may

target suspicious or anomalous data• Providers selected for a pre-payment audit

will need to present supporting documentation to validate submitted attestation data before CMS will release payment

Pre and Post Payment Audits• CMS and Figliozzi and Company will continue

to conduct post-payment audits during the course of the EHR incentive program

• Providers that are selected post-payment audits will be required to submit supporting documentation to validate their submitted attestation data

Audit Process

Audit Process• The audit request letter will be sent

electronically from Figliozzi and Company and will include the audit contractor’s contact information

• The audit request letter will be sent to the email address that was provided during the registration process

• Sample audit letter http://www.cms.gov/regulations-and-

guidance/legislation/ehrincentiveprograms/downloads/sampleauditletter.pdf

Dr. John Smith MD, FAAFP 123 East Blvd Dallas, Texas 75206

RE: HITECH EHR Meaningful Use Audit Engagement Letter & Information Request

Dear Dr. Smith, The Centers for Medicare and Medicaid Services (CMS) has contracted with Figliozzi & Company, CPAs P.C.1 to conduct meaningful use audits of certified Electronic Health Record (EHR) technology as required in Section 13411 of the Health Information Technology for Economic and Clinical Health Act (HITECH Act), as included in Title XIII, Division A, Health Information Technology and in Title IV of Division B, Medicare and Medicaid Health Information Technology of the American Recovery and Reinvestment Act of 2009. The HITECH Act provides the Secretary, or any person or organization designated by the Secretary, the right to audit and inspect any books and records of any person or organization receiving an incentive payment. This letter is to inform you that you have been selected by CMS for an audit of your meaningful use of certified EHR technology for the attestation period. Attached to this letter is an information request list. Be aware that this list may not be all-inclusive and that we may request additional information necessary to complete the audit.

Sample – Audit Notification Letter

ProcessThe initial review process will be conducted at the audit contractor’s location, using the information provided based on the initial request letter

Audit Process• A secure process will be established to send

sensitive data• Additional information may be requested after

the initial review process

Audit Process• Occasionally it may be necessary to conduct

an on-site audit, which may include a demonstration of the certified EHR system

• States will have a separate audit process to conduct Medicaid audits

Audit ProcessAt the conclusion of the audit the provider will receive an Audit Determination Letter . The letter will communicate if the provider has successfully met the Meaningful Use requirements

Audit ProcessIf the provider received EHR incentive payment prior to the audit and was found to be ineligible for an EHR incentive payment, the payment will need to be refunded

Audit Process• CMS may also pursue additional measures

against providers who attest fraudulently to receive EHR incentive payments

• Punishment may include: Imprisonment Severe fines Providers may loose their license Exclusion from Medicare participation for a

specified length of time

Medicare Audit Appeals

Medicare Audit Appeals• CMS has an appeals process for EP’s.• An electronic appeals form must be

completed and submitted to: EHRappeals@provider-resource.com

Medicare Audit Appeals• The appeals submission process is time

sensitive, with a 30 day window for the submission period

• The appeal will only be processed if all documentation is provided at the time of submission

Medicare Audit Appeals• States have implemented an appeals process

for the Medicaid EHR incentive program and providers should contact their State Medicaid Agency for additional information

Recommendations

Recommendations• Create a check list of all required documentation • Print the documentation and put in a binder• Save the documentation electronically • Keep the documentation separated from year-to-

year. (Remember the documentation needs to be kept for six years)

• Keep the documentation in a safe place• Ensure there are policies in place to transition the

documentation, should an employee leave the practice or organization

Resources• Figliozzi and Company’s http://www.figliozzi.com/

• Centers for Medicare and Medicaid Services http://cms.gov/

• Providers may contact the EHR information system through a toll free number:

(888)734-6433The EHR information center is open Monday through Friday 9:00 am and 5:00 pm EST.

Resources• Appeals documentation http://www.cms.gov/Regulations-and-

Guidance/Legislation/EHRIncentivePrograms/Appeals.html

• Educational Resources http://www.cms.gov/Regulations-and-

Guidance/Legislation/EHRIncentivePrograms/EducationalMaterials.html

This does not have to be difficultjust organized!

Need Help?• Organizing your data?• Conducting your security assessment?• Validating your results?

We have assisted a number of clients with all or any of these items and can help

Questions• Cynthia Kincade Vice President, Client Solutions ckincade@Itentive.com 224-220-5575

• Ann McGuire Managing Consultant amcguire@Itentive.com 224-220-5615

• Llyod Taylor Strategic Account Manager ltaylor@Itentive.com 224-220-5616

Thank you