eCW (eClinicalWorks) Settles Whistleblower Lawsuit for $155 Million

In many of my press panels and other discussions at the Healthcare IT Marketing and PR Conference, I’ve argued that there’s very little “Breaking News” when it comes to healthcare IT. Today is an example where this is not true. The news just broke that EHR vendor, eCW (eClinicalWorks), has settled a whistleblower lawsuit against them for $155 million.

The suit was filed by Brendan Delaney, a software technician formerly employed by the New York City Division of Health Care Access and Improvement, by his law firm Phillips & Cohen LLP against eClinicalWorks. eClinicalWworks and three of its founders (Chief Executive Officer Girish Navani, Chief Medical Officer Rajesh Dharampuriya, M.D., and Chief Operating Officer Mahesh Navani) are jointly liable for the payment of $154.92 million. Separately, Developer Jagan Vaithilingam will pay $50,000, and Project Managers Bryan Sequeira, and Robert Lynes will each pay $15,000. As a whistleblower, Delaney stands to receive $30 million of the settlement.

Here’s the summary of the complaints against eCW from the Justice Department’s press release about the settlement:

In its complaint-in-intervention, the government contends that ECW falsely obtained that certification for its EHR software when it concealed from its certifying entity that its software did not comply with the requirements for certification. For example, in order to pass certification testing without meeting the certification criteria for standardized drug codes, the company modified its software by “hardcoding” only the drug codes required for testing. In other words, rather than programming the capability to retrieve any drug code from a complete database, ECW simply typed the 16 codes necessary for certification testing directly into its software. ECW’s software also did not accurately record user actions in an audit log and in certain situations did not reliably record diagnostic imaging orders or perform drug interaction checks. In addition, ECW’s software failed to satisfy data portability requirements intended to permit healthcare providers to transfer patient data from ECW’s software to the software of other vendors. As a result of these and other deficiencies in its software, ECW caused the submission of false claims for federal incentive payments based on the use of ECW’s software.

Most people are writing about how eCW didn’t fully integrate the RxNorm codes, but instead hard coded the 16 codes that the certification process used. That’s embarrassing so it’s not a surprise that so many people are sharing that part of the story. However, I think the bigger part of the violation is probably around the data portability requirements. I bet a lot of EHR vendors are sweating right now as they look at the way they implemented those requirements. Not to mention the EHR audit logs which are poor in many EHR. Plus, the scariest claim is eClinicalWork’s inability to reliably record diagnostic imagine orders or perform drug interaction checks. Those are patient safety issues and exist in many EHR software.

If you want to dig into the weeds like I did, then you can see the government complaint against eClinicalWorks that was filed May 12, 2017 and the final settlement agreement with eClinicalWorks. Even more insightful was looking at the original complaint from Delaney against eClinicalWorks. Comparing the original whistleblower complaint to the government complaint against eClinicalWorks is very interesting. You’ll see that the government didn’t grab on to everything that was originally filed by Delaney. I imagine that’s a standard legal practice to file as many areas as possible and see what the government decides to use. It seems like Phillips & Cohen have represented a number of whistleblowers so I’m sure they were expert at this.

Girish Navani, CEO and Co-Founder or eClinicalWorks, offered this statement about the settlement:

“Today’s settlement recognizes that we have addressed the issues raised, and have taken significant measures to promote compliance and transparency. We are pleased to put this matter behind us and concentrate all of our efforts on our customers and continued innovations to enhance patient care delivery.”

Looking at the bigger picture, I’m certain that every EHR vendor is going through their EHR certification process and looking at all the statements they’ve made to make sure they’re not going to be in a similar situation. Not to mention the anti-kick back laws that were mentioned in the settlement. I’m sure there are other EHR vendors that are in violation of both of these items just as much as eCW.

Former ONC National Coordinator, Farrzad Mostashari seems to agree with me. Farzad tweeted, “Wow!! I hope this changes the attitude of the EHR vendor space more broadly.” Then, he later tweeted, “Let me be plain-spoken. eClinicalWorks is not the only EHR vendor who flouted certification /misled customers
Other vendors better clean up.”

Farzad then nailed it when he tweeted “There are a LOT of doctor’s office staff looking at their EHR today and wondering if there’s $30M worth of false promises hidden there”

I do wonder if Farzad Mostashari feels a little guilty of the role he played in this process since he oversaw such a porous EHR certification process. I’ve been against EHR certification for a long time because I thought it provided so little value to providers. The fact that it can be gamed by 16 codes being hard coded is a perfect example of why EHR Certification is a waste. Although, one could argue that without EHR certification, this suit would have never happened and maybe eClinicalWorks could still be selling the same product today.

I do find this quote from the US Attorney’s Office for the District of Vermont press release a little over the top (which I think is common on these things):

“Electronic health records have the potential to improve the care provided to Medicare and Medicaid beneficiaries, but only if the information is accurate and accessible,” said Special Agent in Charge Phillip Coyne of HHS-OIG. “Those who engage in fraud that undermines the goals of EHR or puts patients at risk can expect a thorough investigation and strong remedial measures such as those in the novel and innovative Corporate Integrity Agreement in this case.”

Another topic I haven’t seen anyone else cover is the impact that this settlement will have on eCW’s customers that used eCW to attest to meaningful use. Technically it shows that eCW wasn’t appropriately certified, so that means that they weren’t using a certified EHR and therefore shouldn’t have been eligible for meaningful use incentives. I asked one friend about this and he suggested that CMS had previously said that it would not hold eligible providers and eligible hospitals responsible for EHRs that calculated the meaningful use measures the wrong way. So, we’ll probably see this same approach with eCW users that got EHR incentive money on what we now know was not appropriately certified.

I was also intrigued by the Corporate Integrity Agreement (CIA) that eClinicalWorks entered into with HHS-OIG. There are a lot of details and oversight that eCW will get from OIG, but it also required eClinicalWorks to “allow customers to obtain updated versions of their software free of charge and to give customers the option to have ECW transfer their data to another EHR software provider without penalties or service charges. [emphasis added]”

Free updates is pretty clear and ironic since not wanting to update all their clients is one possible hypothesis for why they didn’t really push the proper upgrades. Hopefully all eCW users will do it now or they might be facing their own violations for using outdated software that has known clinical issues. However, the kicker in the CIA detail above is that eClinicalWorks has to give customers the option to have eClinicalWorks transfer their data to another EHR without penalty or service charges. I wonder how many will take them up on this requirement and what the details will be. I still wish this was required of all EHR vendors, but that’s a story for another day.

How many EHR vendor marketing groups are putting together their eClinicalWorks Rescue Plan to take in the downtrodden eCW users? I’m not sure these will be as successful as other EHR switching marketing efforts like those we see when an EHR is being shut down.

I’m sorry to say that I think this is likely only the beginning of such lawsuits. In fact, it’s probably already woken up a lot of potential whistle blowers. Hopefully it’s woken up a lot of EHR vendors as well.

About the author

John Lynn

John Lynn

John Lynn is the Founder of, a network of leading Healthcare IT resources. The flagship blog, Healthcare IT Today, contains over 13,000 articles with over half of the articles written by John. These EMR and Healthcare IT related articles have been viewed over 20 million times.

John manages Healthcare IT Central, the leading career Health IT job board. He also organizes the first of its kind conference and community focused on healthcare marketing, Healthcare and IT Marketing Conference, and a healthcare IT conference,, focused on practical healthcare IT innovation. John is an advisor to multiple healthcare IT companies. John is highly involved in social media, and in addition to his blogs can be found on Twitter: @techguy.


  • Get ready for some sleepless nights Cerner, Epic, etc. We have all used this “built to the test” cert EHR software. Get ready for some big time fines and bad press. And EHR, HIT etc really does NOT need more bad press. Talk about safety, eCW decides to do just 16 drug drug interactions? Can we be ANY clearer from a front line perspective that EHRs have NOT improved safety, security (hello breaches), usability, efficiency, outcomes, burden, and on and on. We need a BIG change.
    Not sure why we cannot seem to grasp, that when Wash DC gets involved, everything goes to crap. EHR cert should have NEVER happened and yes Farzad was an architect and he HEARD from many real MDs, that this nanny state action was only going to lead to EHR vendors working to fulfill requirements (half baked or worse) and ignore real needs of MDs and front line staff. Farzad to this DAY still defends EHR cert, maybe its time to reflect on the damage he did to his colleagues and HIT.
    We have set our progress in HIT at least a decade and we cannot seem to let go of this notion that we need someone to hold our hand and certify our EHRs. One could argue that eCW would have done this without cert, but why? No reason to fake it. They would be paying attention to their actual users and their needs, instead of meeting silly cert requirements and selling it off as certified. Certification is a big part of the problem here. If we had nimble, innovative EHR companies, working to improve all the above, the market would fix itself. Now we have a certification/gov incentive market, which is an artificial market and those ALWAYS fail.

  • And so it begins. What I fail to understand is how come no one ever objected to the use of MU compatible yet meaningless solutions which doctors are so pained to use. Now what about the many thousands of practices which did’nt benefit from the use of this software but benefitted from the MU payouts. Should they not be asked to return the benefits? Do they not have an obligation to have verified that the system they were purchasing to benefit from a payout is actually meeting norms?

  • Nrip,
    There were too many people that got distracted by the government money. It was and still is shocking to me how many rationale people running great businesses would throw that all out the window as they chased the government money. It was so irrational and still doesn’t make sense to me.

  • Yet another argument in favor of Open Source healthcare software. Kind of hard to cheat when your source code is public.

    There are striking similarities here with the accusations of cheating at Volkswagen. As it turns out, most of the other automakers where gaming the system too.

  • medbot,
    I’ve heard a number of comparisons between this and Volkswagen. I don’t know the details of Volkswagen so I can’t say, but I’ve heard it enough times that it must be similar.

  • Developing innovative tools that help physicians care for patients should be the primary focus for EHR vendors. Instead, they are held hostage to government-run EHR certification processes, including criteria that rapidly change and are sometimes ambiguous. While I certainly don’t condone the apparent behavior of eClinicalWorks, I am much more concerned about how the government EHR certification processes impede innovation and contribute to situations like this

  • @medbot Most open source EMRs do not do any better. Solving the much varied, ever changing needs of healthcare facilities, which include 4 or more different types of serious users which all have no time for complicated rubbish is a different animal than building software. does not matter if the solutions are open source or not….the same way it does not matter if the EMR software ticks off a checklist…Listen carefully to the high level conversations on EMR over the years…. the pain is always the same, but some new hack , be it MU, or Interoperability, or Dictation, or Device Integrations, or Cloud, is supposed to be either the game changer and the problem solver… no wonder some companies game the market …and guess what… most of us call them smart when the game changer is the hot new thing…. No different for Open Source…

  • Dr. Murray,
    I agree that certification was a problem. However, I don’t agree with your article that says that CCHIT was better than what we have today. In fact, today’s EHR certification was mostly a dumbed down version of CCHIT. Maybe for the specific pediatric component you worked on it was better, but overall it was just as bad or even worse.

    Of course, that history doesn’t really matter. What matters is that EHR Certification is not providing value and is hindering innovation.

Click here to post a comment