Legal and Regulatory Implications of Attaining Meaningful Use

Twitter icon
Facebook icon
LinkedIn icon
e-mail icon
Google icon

Paul PittsThe federal meaningful-use program has, at last estimate, garnered the participation of 4,500 radiology professionals, and incentive payments of nearly $1.5 billion are still on the table for eligible diagnostic-imaging professionals. Groups that begin the attestation process by October 3, 2013, of this year can receive up to $39,000 per eligible provider, and as adoption grows among their referring-physician bases, more and more radiology practices are expected to participate as well.

Attainment of meaningful use by radiology practices is not without regulatory hurdles and legal considerations, however. Paul Pitts, JD, partner with Reed Smith LLP, highlights the growing problem of participant audits conducted by CMS. “If you attest for meaningful use and receive the incentive payment, but don’t qualify, that is very possibly a false claim,” he notes.

CMS Audits

In a recent telephone update, Robert Anthony, CMS deputy director for the Health IT Initiatives Group, indicated that the agency intends to audit 5% of the meaningful-use program’s participants, split evenly between prepayment and postpayment audits. CMS has contracted the audits out to a third-party group, Figliozzi & Company, and though on-site audits are possible, the majority will be remote (desk) audits. “The auditors ask selected physicians who received meaningful use incentive payments to show them how they met the meaningful-use requirements,” Pitts explains.

For the time being, then, practices can expect the audits to be relatively superficial, Pitts says; the best way to prepare is to maintain proactively all documentation related to the attestation process. “For most of the core components, you’re just printing from a screen to show you’ve done it,” he says.

Pitts adds, however, that the audits are likely to become a growing issue for practices participating in the program. “Although 5% of participants sounds like a low number, we’re talking about a lot of people and, potentially, a lot of money,” he says. “CMS obviously sees this as a potential area of abuse, which means these audits can be expected to continue—and possibly expand.” A more in-depth approach could cause headaches for unprepared practices: “Like all other types of audits, this could cause a lot of difficulty and costs even for providers who accurately qualified for the program. There also is, however, the potential for bad actors who aren’t really qualified to take these measures in order to be paid, and that’s what CMS is looking for,” he says.

In addition, Pitts notes, general HIPAA noncompliance could also trigger a negative finding from an audit. In fact, during the update call, Anthony reported that the number-one problem identified so far, in CMS audits, has been failure to conduct a HIPAA-mandated data-security assessment.

“What happens after attestation is equally as important as (if not more important than) what happens before it,” Pitts concludes. “Radiology practices need to maintain full compliance. Remember that CMS always retains the right to look more deeply into how federal dollars are being spent: You want to make sure you have records of compliance, so you don’t find yourself in an overpayment situation down the line.”

Electronic Health Record Interfaces

The related issue of transmitting data and images from a radiology practice to a referring physician’s office also puts the radiology practice at risk of running afoul of anti-kickback statutes (if the practice has provided an inappropriate level of financial aid to the referrer). “Referring physicians may be asking radiology practices to provide the necessary interfaces, and there could be some risk to the practices, under the anti-kickback statute, if the radiologists are taking on the full cost of that,” he says. “Often, it becomes a question of whether the referring physician will be able to access images and reports on the radiology practice’s RIS/PACS, and that is a potential anti-kickback concern.”

An advisory opinion¹ issued by the OIG gave a limited indication of the government’s stance on whether providing outside access to information systems constitutes a kickback. In that case, a rural hospital provided a free software interface allowing access to laboratory (and other diagnostic) ordering and results to its referring physicians; the OIG concluded that the arrangement was not prohibited under the anti-kickback statute because the free software interface had no independent value to