Hospitals Beware: Medicare Electronic Health Records Incentive Payments to Hospitals are in the OIG’s Crosshairs

Hospitals that participated in the Medicare Electronic Health Records (EHR) Incentive Program (also known as the Meaningful Use Program) will be the subject of a national audit by the Department of Health and Human Services, Office of the Inspector General (OIG). Under the Medicare Meaningful Use Program, the Centers for Medicare & Medicaid Services (CMS) made EHR incentive payments to hospitals totaling $14.6 billion. The OIG review is focusing on hospitals that received Medicare EHR incentive payments between January 1, 2011 and December 31, 2016.

Earlier this month, the OIG modified its 2017 Work Plan to “review the hospitals’ [Medicare EHR] incentive payment calculations to identify potential overpayments that the hospitals would have received as a result of the inaccuracies.” The July modification to the 2017 Work Plan follows last month’s report that CMS improperly paid an estimated $729 million in Medicare EHR incentives. In our prior client alert, we flagged these findings as a potential area for significant overpayment recovery actions and noted that such actions could pose risks for incentive payment recipients. The Government Accountability Office identified improper incentive payments as the primary risk to the EHR incentive programs. The OIG identified the complexity of the EHR incentive program as well as obstacles CMS faces overseeing the program as factors increasing the risk of improper payment.

Last year, OIG conducted a series of audits of payments state agencies made to hospitals under the Medicaid EHR incentive programs. The OIG found that state agencies overpaid hospitals by $66.7 million and in the future would overpay hospitals an additional $13.2 million. For example, OIG’s audit of the California Department of Healthcare Services found that the Medi-Cal program, California’s Medicaid program, made incorrect payments to 61 of the 64 hospitals reviewed, totaling an estimated net overpayment of more than $28 million. As noted in the update to the OIG 2017 Work Plan, the agency is now turning its attention to Medicare EHR incentive payments made to hospitals around the country.

In light of the increased scrutiny, OIG audit findings, and the OIG Work Plan update, hospitals that participate in the EHR incentive program should evaluate their past and current compliance related to the incentive programs. Recipients of EHR payments may have administrative, civil, and even criminal exposure if they make false statements regarding their compliance with the Meaningful Use Program. An EHR program participant also could be liable under the “reverse false claim” provision of the False Claims Act (FCA) if it “knowingly conceals or knowingly and improperly” avoids repayment of an identified overpayment.

The Supreme Court’s recent recognition of the “implied certification” theory in Escobar may expand FCA exposure for EHR program participants. Under the implied certification theory, a claim submitted to the government can be deemed false for purposes of liability under the FCA based on an implied representation that the claim is in compliance with all material technical requirements imposed by rules, regulations and contractual terms. Given the tens of thousands of such requirements for EHR, the false certification theory of liability could have particular significance for organizations operating in the health IT industry. 

Participating hospitals should conduct an EHR program review and assess ongoing compliance with federal rules and program requirements to ensure that their attestations are truthful. EHR program participants also should consider reviewing past submissions to determine whether they were mistaken or false. The Meaningful Use Program requires hospitals to retain documentation supporting their demonstration of Meaningful Use for six years. As we previously noted, whether providers should conduct a retrospective compliance review will depend on the specific facts and circumstances of each hospital’s practices and representations in connection with the EHR incentive payments.

We recommend obtaining guidance from experienced FCA and health care attorneys on investigating, reporting, and returning potential overpayments under the EHR incentive programs. Integrated approach and practical counsel are keys to navigating enforcement risks.