OIG Announces Multi-year Meaningful Use Audits Coming Soon
Lost in the furor and excitement of the recently released Proposed Stage 3 Meaningful Use (MU) Rule something slipped by us. Robert Frost would say it “came on little cat feet”. John Lennon would say it came in “like a lizard on a window pane”. What is it that crept in through the cracks in the floor and why should we care?
The arrival of a new twist in MU audits came with little warning. The Office of Audit Services of the Office of Inspector General (OIG) had dropped a few hints in their 2015 Work Plan. They let us know they intended to closely examine payments made to providers through the CMS EHR Incentive programs. This oversight would be in addition to the audits currently being performed by Figliozzi & Company, the awardee of the contract to perform audits across the country.
First we had the post-payment audits for those Eligible Hospitals (EH) and Professionals (EP) who had received incentives for jumping the hoops of certified EHRs and MU. The OIG was not satisfied and so a while back we saw the addition of pre-payment audits. Just like McDonalds. Pay at the first window and get your happy meal at the second. In the past few months we have recently seen large numbers of pre-payments audits in which numerous audit engagements were initiated against groups of EPs at large practices or EHs. One of our client hospitals recently recently received 33 EP pre-payment audits in a single day. Thankfully this was rolled backed and a “sample” of 5 EPs were audited. A failure in one of those would have triggered full audits against all the rest. The hospital was prepared and the 5 EPs passed their audits with minimal issues.
Just what is the latest permutation of the audit process? Last week the OIG announced that multi-year meaningful use audits are coming soon to an inbox near you. The OIG announced a “random sample” of audits are to be performed nationwide. Some of the audits may be focused on specific MU measures, like the annual requirement for performance or review of a Security Risk Assessment. Until recently an audit only put a specific attestation at risk but this will not always be the case going forward. I can envision an OIG MU audit request to a provider for proof on their claimed Public Health exclusions or the presence of that Risk Analysis for the past 4 years. The financial risk to a practice can suddenly become a multiple of what is was a few short months ago. Now is a good time to review all those past attestations and make sure your “Book of Evidence” is up to speed.