A Kansas-based hospital has agreed to pay $250,000 to settle allegations that it submitted false claims to Medicare and Medicaid for incentive payments for meaningfully using electronic health records, according to the Department of Justice.
The lawsuit, as reported by Becker's Hospital Review, alleged Coffey Health System submitted false claims pursuant to the Electronic Health Records Incentive Program, which was established to encourage healthcare providers to adopt and demonstrate their "meaningful use" of EHR technology. To receive incentive payments, providers must attest that they satisfy certain requirements, including measures for analyzing and addressing security risks to EHRs.
Coffey Health System, which operates a 25-bed critical access hospital, allegedly falsely attested that it conducted or reviewed security risk analyses (SRA's), as required by HHS, for the 2012 and 2013 reporting periods.
"Medicare and Medicaid beneficiaries expect that providers ensure the accuracy and security of their electronic health records," U.S. Attorney Stephen McAllister said in a press release. "This office remains committed to protecting the federal health programs and to hold accountable those whose conduct results in improper payments."
CMS MIPS is required of all providers in the Medicare/Medicaid system. Failure to attest/produce SRA and remediation documentation causes a reduction in patient reimbursement rates of up to 6%. At HIPAAcraticRx we produce an SRA report, and can mitigate directly or guide you and your IT company as needed. We maintain the schedule and repeat annually.