First CMS Audits of Meaningful EHR Users – Meaningful Use Monday

In response to the topic I covered in my post on gaming the EHR incentive money, I got the following message:

Although I suppose this is within the letter of the law, it seems like a highly suspect practice, especially when CMS has said on conference calls that people who take the first check and subsequently drop out will be the first in line for audits.

I found this reply quite interesting. I’d never heard CMS say on a conference call that the first meaningful use audits would be those who got the first EHR incentive check and then chose to stop with meaningful use. Are there other readers that have heard this as well or that have heard or read similar things?

I’m a little torn on the idea of meaningful use audits. I’m certain that CMS will be doing meaningful use audits. It’s just a matter of time and how they’ll complete the audits of meaningful use. However, I don’t think they’re tremendously motivated to really clamp down on auditing those that adopt EHR software. I don’t think they want the bad PR of practices that have adopted EHR software getting audited and losing their EHR incentive money. They want doctors to adopt EHR and they want to pay them the EHR incentive money.

I guess the one exception to the above comment is those that really aren’t adopting EHR software and instead are just trying to game the system. CMS will likely be happy to make an example out of those doctors. Add in that Medicaid is done by the states and doesn’t require meaningful use and I’ll be interested to see how many doctors get the first Medicaid EHR incentive check and bypass the rest of the checks. I think there’s a lot of funny business that’s going to happen with the Medicaid EHR incentive money.

What else have you heard about EHR Incentive money audits and Meaningful Use Audits? I’m going to try and get some people familiar with other healthcare audits to share some thoughts on how to prepare to deal with the future meaningful use audits.

About the author

John Lynn

John Lynn

John Lynn is the Founder of the, a network of leading Healthcare IT resources. The flagship blog, Healthcare IT Today, contains over 13,000 articles with over half of the articles written by John. These EMR and Healthcare IT related articles have been viewed over 20 million times.

John manages Healthcare IT Central, the leading career Health IT job board. He also organizes the first of its kind conference and community focused on healthcare marketing, Healthcare and IT Marketing Conference, and a healthcare IT conference,, focused on practical healthcare IT innovation. John is an advisor to multiple healthcare IT companies. John is highly involved in social media, and in addition to his blogs can be found on Twitter: @techguy.


  • OMG now comes CMS to do their job. This is very interesting to know because I frankly suspect those who providers who want to get the first round of funds for themselves, and quit. The second rounds are for the patients they represent and by not completing the process they show that they are only interested in themselves not efficiency, improving patients safety or medical outcomes. I agree it surely looks suspect.

  • We’ve been trying to tell people this since we heard it on a CMS call we were on In March, if memory serves. We have seen consulting companies at trade shows selling the first year payment (for a mere 25% commission), and blatantly telling providers that they don’t need to implement anything.

    It also shouldn’t be forgotten that the companies contracted to do the audits have a financial incentive to find the providers in violation, as they get a percentage of any money that is returned to CMS.

  • We’ve been combatting the rumor that Stage 1 MU payouts will be recouped with interest and penalty if providers skip Stages 2 & 3! I have a group of docs who are meeting stage 1 requirements but don’t plan to attest as they are scared off by patient portal requirements in proposed Stage 2 rules. They’ve been told if they collect Stage 1 payout, then opt out of subsequent stages, that their payout will be recouped with interest and penalty.

    HITECH answers was kind enough to provide the following clarification:

    This is a voluntary program. Some or all of it can be met and with success receive incentive payments. The only PENALTIES mandated by the HITECH Act (LAW) are at the end of the program. Eligible entities that are not using certified technology in a “meaningful” manner will see reductions in their MEDICARE reimbursements.

    Recouping of any incentive money could be seen when AUDITS begin and FRAUD is determined. Let’s say your provider checked yes to doing and reviewing a Risk Analysis for their practice. During an audit the provider could not produce this DOCUMENT. This would be fraud. Let’s say your provider attested to all the MU objectives and during an audit they found the practice was not using a “certified” EHR. This would be fraud. Let’s say your provider checked yes to maintaining a medication and allergy list but during audits there was no access to the EHR in any patient treatment rooms. This would be fraud.

    Skipping future stages is fine but they will be in quite the situation when everyone else is on information exchanges and they are not. That is what they should be concerned about. This will especially be for specialist as the primary care doctors will only be referring to those that “exchange”.

  • “Let’s say your provider checked yes to doing and reviewing a Risk Analysis for their practice. During an audit the provider could not produce this DOCUMENT. This would be fraud. “

    John, this is exactly what you and I were talking about in our email conversation, and based on what we’ve seen, a lot of people are checking the box, with little knowledge of what it requires.

  • Matt,
    That’s exactly right. Although, readers of this site should have no excuse. We’ve posted and mentioned it quite a few times!

  • I just left the employ of a Regional Extension Center due to the number of providers that the REC chose to help attest that they knew had not completed the requirements of core 15. And the REC claimed Milestone 3 knowing that these providers had not met MU. Looks like the fraud runs rampant on both sides of that fence. Where is the oversight for this program?

  • Marvin,
    I would say thanks for the additional commentary, but it kind of makes me sad to think about it. I think that could come back to really bite the REC. Although, considering their funding is of such a limited time frame, it probably won’t matter for them.

  • Marvin,

    This is exactly what we’ve seen with our local REC. We’ve been to several of their presentations, and been a little disconcerted with what they’re telling providers, as in, never even mentioning core 15.

  • Always confirm what was done especially if you use an outside consultant. When I worked at the REC we got screen shots of certain measures to keep for later in case an audit came up and for the ease of mind. All I can say is keep up with your records, and make sure you get answers to the questions because consultants can get those answers and the REC mostly have direct access to CMS for answers. Core 15 is one of the most missed measures but providers, hospitals and consultants should all make sure this is not a missed item.

Click here to post a comment