CHIME Public Policy Briefing Surviving a Meaningful Use Audit with Updates from CMS October 22, 2013 22 October 2013 1
Welcome & Agenda CHIME Public Policy Agenda at a Glance 2:00 p.m. Introduction Russell Branzell, FCHIME, CHCIO President and CEO, CHIME 2:05 p.m. Surviving a MU Audit Pam McNutt, SVP & CIO, Methodist Liz Johnson, VP Applied Clinical Informatics & CCIO, Tenet Healthcare 2:45 p.m. CMS Update on MU Audits Jeff Smith, Director of Public Policy 2:50 p.m. Open Q&A ALL 3:00 p.m. Adjournment 22 October 2013 2
Surviving a Meaningful Use Audit Public Policy Briefing: October 22, 2013 Pamela McNutt Sr. VP & CIO Methodist Health System Liz Johnson VP of Applied Clinical Informatics & CCIO Tenet Healthcare
Meaningful Use Audits: THE BASICS 22 October 2013 4
Medicare Audits Figliozzi and Company Keep documentation for 6 years Proof required for attestation items One or more screen shots of dictionary settings (Figliozzi asked for proof of every day compliance ) Logs or reports showing alerts firing for the reporting period MU measure reports should have vendor and system name on it, but other documentation excepted from source systems and calculations Must include numerator and denominator, time period and evidence showing NPI or provider name 22 October 2013 5
Medicare Audits Figliozzi and Company Unexpected focus: Your HIPAA Security Risk Assessment Must be specific for your EHR modules and release level Must name each hospital or entity that it covers, ideally by NPI specifically Report should be dated prior to the end of the reporting period 22 October 2013 6
Medicare Audits Figliozzi and Company Quality measure reports must be directly from the Certified EHR module Proof you were on a Certified system the entire reporting period Show screen shots of date and time the release went into production Data exchange proof (CCD and public health) with screen shots from EHR Date of test, statement of transmission success or failure Letter or e-mail from receiving provider stating date, name of provider and success or failure of test 22 October 2013 7
Medicaid Audits Audit firm bid by State, CMS approval required Surprise interpretation: you must prove you completed your adoption, implementation or upgrade Produce contracts, POs and proof of payments Must reproduce all back up reports for your volume calculations Must be directly from a system with logos, spreadsheets cannot be used Can be asked for de-identified patient level claims 22 October 2013 8
Liz Johnson VP, Applied Clinical Informatics Tenet Healthcare TENET S EXPERIENCE 22 October 2013 9
Dear Tenet The first audit Tenet received was related to Medicare/CMS attestation for an Eligible Hospital. 22 October 2013 10
Tenet Audit the specifics Requested materials to be provided within 2 weeks Not much time to respond* To be uploaded electronically Binders of paper on someone s desk won t suffice * Now you should consider the option of asking for an extension
General Guidelines for response CMS recommends that eligible hospitals, eligible professionals and critical access hospitals retain all relevant supporting documentation, in either paper or electronic format, used to complete the Attestation process. It should be noted that: All attestation evidence of successful compliance with meaningful use objectives and clinical quality measures must be retained for six years post attestation. Documentation to support payment calculations (such as cost report data) are included in the current documentation retention requirements. 12
Tenet Audit Response Process Alert! Receive notification of Audit Communicate Audit to Tenet Audit Activation Team (TAAT)* Take Action Convene Audit response meeting within 36 hours Gather documentation and develop Audit response Finalize and Submit TAAT performs final audit of prepared documents/response and then approves Approved response and documents sent to requesting agency * TAAT has senior representation from Applied Clinical Informatics, Audit, Government Programs & Compliance. 13
Tenet EH Medicare Audit Response Audit Response Plan activated Response team meeting via conference call to review request and agree on what evidence should be provided Evidence pulled from Tenet s MU Document Repository Tenet preserves supporting documentation from all attestations in a central repository. The evidence requested was retrieved within 4 hours 22 October 2013 14
Tenet EH Medicare Audit Response Audit Response Plan activated Response team met the next day to review evidence and prepare a cover letter with any additional clarification necessary Materials uploaded as requested to the portal within 7 days 22 October 2013 15
Additional Information Requested: Approximately 3 weeks after submitting initial materials, Tenet received 2 additional questions: 1. Auditors were unclear as to whether the report provided for measure calculations came from CEHRT; asked for additional documentation 2. Asked for validation that the CDS rule had been active during the entire reporting period Response team gathered, reviewed and provided additional material via portal and FedEx within 5 days Screen shots from the CHPL site showing Tenet s self-certification Screen shots showing activation start and end for the rule 22 October 2013 16
Final Information Request Approximately one month later, Tenet received a third request asking for: Confirmation of the percent of patient encounters captured in the CEHRT. Since Tenet captures all encounters in CEHRT, this was answered by simply stating the following For the EHR Incentive Program, Hospital had 1,638 patient encounters occur (admitted or discharged) during the reporting period. All 1,638 patient encounters were entered into the EHR system, therefore the percentage is 100%. Documentation that CQMs had been submitted. This request was withdrawn the following day A copy of the security risk assessment. This had been provided previously as documentation with the first request but was provided again. 22 October 2013 17
Success! Determination letter received on October 23, approximately 3 weeks after the last information request, 3 months after the initial request. We have completed our meaningful use audit of the certified Electronic Health Record (EHR) technology of your hospital in accordance with Section 13411 of the Health Information Technology for Economic and Clinical Health Act (HITECH Act), as included in Title XIII, Division A, Health Information Technology and in Title IV of Division B, Medicare and Medicaid Health Information Technology of the American Recovery and Reinvestment Act of 2009. The HITECH Act provides the Secretary, or any person or organization designated by the Secretary, the right to audit and inspect any books and records of any organization receiving an incentive payment. We performed a desk review on your facility s meaningful use attestation for the Program Year 2011 and Payment Year 1. Based on our desk review of the supporting documentation furnished by the facility, we have determined that your hospital has met the meaningful use criteria. This audit does not preclude your hospital from future audits in this payment year or in subsequent years. Thank you for your assistance and cooperation. 22 October 2013 18
Dear Tenet Example of Audit of a Medicaid Attestation 22 October 2013 19
Dear Tenet Example of an OIG Audit Request 22 October 2013 20
Response from CMS CHIME received responses from nearly 100 members regarding MU audits Washington-based staff contacted CMS last week to ensure agency awareness CMS indicated a sensitivity to the timing and to the compliance burden The MU audits are on-going and they are done in rolling waves throughout the year Officials confirmed EHs and EPs can ask the auditors directly for an extension and CMS has communicated to the auditors that this is permissible Currently no resources available through CMS for an extension, must work directly with auditors CHIME will continue to work with members and agency officials to minimize audit / reporting burdens 22 October 2013 21
Questions? CHIME Public Policy Gretchen Tegethoff, Chair Athens Regional Health System Randy McCleese, Vice Chair St. Claire Regional Medical Center Sharon Canner, Senior Director of Public Policy, CHIME scanner@cio-chime.org Jeff Smith, Director of Public Policy, CHIME jsmith@cio-chime.org Angela Morris, Public Policy Coordinator, CHIME amorris@cio-chime.org Russ Branzell CHIME President and CEO October 10, 2013 22