Authors

  1. Hess, Cathy Thomas BSN, RN, CWOCN

Article Content

The window to gain Meaningful Use incentives, by adopting, implementing, upgrading, or demonstrating meaningful use of certified electronic health record (EHR) technology, is narrowing. Providers who receive an EHR incentive payment may be subject to an audit. Documentation to support attestation data for meaningful use objectives and clinical quality measures should be retained for 6 years after attestation according to the Centers for Medicare & Medicaid Services (CMS). This Meaningful Use Audit Checklist outlines the minimum supporting documentation that CMS feels the providers should maintain. The information shared in this column is excerpted from the CMS "EHR Incentive Programs Supporting Documentation for Audits."1

 

The primary documentation that will be requested in all reviews is the source document(s) that the provider used when completing the attestation. This document, ideally a report from the certified EHR, should provide a summary of the data that support the information entered during attestation. This primary document will be the starting point of most reviews and should include, at minimum

 

[square root] the numerators and denominators for the measures,

 

[square root] the time period the report covers, and

 

[square root] evidence to support that it was generated for that eligible professional, eligible hospital, or critical access hospital.

 

 

The attestation process includes reporting for non-percentage-based meaningful use objectives. This includes the measure you answered "yes" to during the attestation process. The CMS states that they may request additional supporting documentation to validate these objectives, and it has provided a target list of objectives to consider as part of your checklist:

 

[square root] Drug-Drug/Drug-Allergy Interaction Checks and Clinical Decision Support. The audit validation should support that functionality is available, enabled, and active in the system for the duration of the EHR reporting period. Your supporting documentation should include 1 or more screenshots from the certified EHR system that are dated during the EHR reporting period selected for attestation.

 

[square root] Report Ambulatory or Hospital Clinical Quality Measures. The audit validation should support that clinical quality measure data are reported directly from certified EHR systems. Your supporting documentation should include a report from the certified EHR system to validate all clinical quality measure data entered during attestation.

 

[square root] Electronic Exchange of Clinical Information. The audit validation should support that 1 test of certified EHR technology's capacity to electronically exchange key clinical information to another provider of care with a distinct certified EHR or other system capable of receiving the information was performed during the EHR reporting period. Your supporting documentation should include dated screenshots from the EHR system that document a test exchange of key clinical information (successful or unsuccessful) with another provider of care during the reporting period; a dated record of successful or unsuccessful electronic transmission; and a letter or e-mail from the receiving provider confirming a successful exchange, including specific information such as the date of the exchange, name of providers, and whether the test was successful.

 

[square root] Protect Electronic Health Information. The audit validation should support that a security risk analysis of the certified EHR technology was performed prior to the end of the reporting period. Your supporting documentation should include a report that documents the procedures performed during the analysis and the results. Report should be dated prior to the end of the reporting period and should include evidence to support that it was generated for that provider's system.

 

[square root] Drug Formulary Checks. The audit validation should support that functionality is available, enabled, and active in the system for the duration of the EHR reporting period. Your supporting documentation should include 1 or more screenshots from the certified EHR system that are dated during the EHR reporting period selected for attestation.

 

[square root] Generate Lists of Patients by Specific Conditions. The audit validation should support 1 report listing patients of the provider with a specific condition. Your supporting documentation should include a report from the certified EHR system that is dated during the EHR reporting period selected for attestation. Patient-identifiable information may be masked/blurred before submission.

 

[square root] Immunization Registries Data Submission, Reportable Lab Results to Public Health Agencies, and Syndromic Surveillance Data Submission. The audit validation should support 1 test of certified EHR technology's capacity to submit electronic data and follow-up submission if the test is successful. Your supporting documentation should include dated screenshots from the EHR system that document a test submission to the registry or public health agency (successful or unsuccessful); a dated record of successful or unsuccessful electronic transmission; and letter or e-mail from registry or public health agency confirming the receipt (or failure of receipt) of the submitted data, including the date of the submission, name of parties involved, and whether the test was successful.

 

[square root] Exclusions. The audit validation should support documentation to support each exclusion to a measure claimed by the provider. Your supporting documentation should include a report from the certified EHR system that shows a zero denominator for the measure or otherwise documents that the provider qualifies for the exclusion.

 

 

Reference

 

1. EHR Incentive Programs Supporting Documentation for Audits. February 2013. http://www.cms.gov/Regulations-and-Guidance/Legislation/EHRIncentivePrograms/Dow. Last accessed July 24, 2014. [Context Link]