One of the Advocacy Council’s consultants recently attended a Medicare (CMS) presentation on Meaningful Use (MU) of electronic health record (EHR) audits. What are the failures of Meaningful Use audits for Stage I and Stage II Meaningful Use requirements that you need to know about?
The presenter reported emails from the CMS contractor conducting the audit are not being received by, or are being ignored by, some practices and physicians. The only way practices will get notices that they are being audited is by an email from the contractor, Figliozzi. Add their name to your email address book so Figliozzi.com does not get caught in your spam filter. Also, make sure to promptly notify CMS if your email address changes. While Figliozzi is the MU auditor for CMS, you also could be subject to a MAC or RAC audit and their notification process is similar. Please do not ignore these notices because it could be costly to you if you fail to respond. If you are subject to an audit, your notice will most likely have the CMS logo on the letterhead.
Figliozzi, in the case of an MU audit, uses the email address you provided when your practice attested to Meaningful Use compliance. If you ignore the audit letter, the next notice you receive will be a request for recoupment.
The session presenter also discussed the three major reasons practices are failing audits.
For Stage I MU:
- Practitioners do not have documentation supporting the required security risk assessment. This assessment is also a HIPAA requirement.
- Practitioners did not meet the requirement related to clinical summaries for 50 percent of patients, within three days of an office visit.
- Practitioner did not have a certified EHR.
For Stage II MU:
- An inability to provide a list of patients by diagnosis.
- Failing the requirement related to protection of health information.
- Not being able to meet the secure messaging requirements.
If you have questions regarding these requirements, please contact the Advocacy Council at email@example.com – we are here to help!