Presentation is loading. Please wait.

Presentation is loading. Please wait.

1. o Health Information Technology Management o For being Medicaid-funded health care professionals o For working on program integrity 2.

Similar presentations

Presentation on theme: "1. o Health Information Technology Management o For being Medicaid-funded health care professionals o For working on program integrity 2."— Presentation transcript:

1 1

2 o Health Information Technology Management o For being Medicaid-funded health care professionals o For working on program integrity 2

3 Medicaid Inspector General: James C. Cox Former Regional Inspector General for the HHS Office of the Inspector General Two decades of Medicaid auditing experience Auditor by trade 3

4 o Introduction to OMIG o The Big Question o Wrap Up 4

5 5

6 o Established in 2006 as an independent program integrity entity within the Department of Health (DOH). o Our mission: To enhance the integrity of the New York State Medicaid program by preventing and detecting fraudulent, abusive and wasteful practices in the Medicaid program and recovering improperly expended Medicaid funds while promoting high-quality patient care. 6

7 OMIG consists of seven core components: o Division of Medicaid Audit o Division of Medicaid Investigations o Division of Technology and Business Automation o Division of Administration o Office of Counsel o Bureau of Compliance o Office of Agency Coordination and Communications 7

8 OMIG is organized into Business Line Teams (BLTs): o Managed Care o Medical Services in an Educational Setting o Home and Community Care Services o Hospital and Outpatient Clinic Services o Mental Health, Chemical Dependence, and Developmental Disabilities Services o Pharmacy and Durable Medical Equipment o Physicians, Dentists, and Laboratories o Residential Health Care Facilities o Transportation 8

9 Great leadership: Governor Andrew M. Cuomo Medicaid Inspector General Jim C. Cox Advanced Tools: Cutting-edge data analysis and visualization tools Industry leading practices: Transparency Compliance Data mining Investigations Audits Cost-saving activities Terrific staff Partnerships with the program integrity community in New York and beyond That includes you! Governor Cuomo 9

10 10

11 I am sure you all know what HIT is – information technology that is health-related. It can be a great timesaver – if implemented correctly. 11

12 o Webster’s II New College Dictionary defines integrity as: o Firm adherence to a code or standard of values: probity o The state of being unimpaired: soundness o The quality or condition of being undivided: completeness 12

13 To answer the question – let’s look at one of the classics of information technology and learn a little from it… 13

14 14

15 o You know the story – o Two kids walking through the forest o Want to make sure they do not get lost 15

16 o They leave a trail of breadcrumbs. o That’s supposed to help them find their way home. o Pretty simple. 16

17 o A bird comes along and eats the breadcrumbs. o Hansel and Gretel have a pretty traumatic experience. o In the end, they barely escape back to their family. 17

18 o The story you just heard is the second and third act of the Hansel and Gretel story. o Most folks don’t know about act one. o Act one paints a picture of a different Hansel. 18

19 o In act one – Hansel goes into the forest and lays down a trail of white stones that he collected before the trip. o Guess what: o The bird doesn’t eat the stones. o Hansel gets back home without a problem! 19

20 o When he goes into the forest in act two he lays down a trail of breadcrumbs. Why? o He was prevented from gathering the stones like the first time. o He was unprepared. o He was in a rush. o He was confronted with adversity. 20

21 o Unprepared. Rushed. Done under adverse conditions. o For folks who have had trouble with HIT implementations – does any of this sound familiar? 21

22 o Let me tell you another story – this one’s from real life. o This one involves three transportation companies. 22

23 o Three different transportation companies were audited and the records from the three companies looked identical. o Turned out they all used the same vendor for their electronic recordkeeping system 23

24 o Upon auditing them, we realized they had no paper records – just records in an archaic database. o Reason: They hired Ellen* as an employee who built a custom database. o They disposed of all paper records after the information was entered. *- more on Ellen in a minute. 24

25 o Heard about Ellen’s system from company #1. They hired Ellen as a consultant to install the system for them as well. o They destroyed their records as well. 25

26 o Heard about how much success companies #1 and #2 were having and decided to adopt the Ellen database. o They hired Ellen as a consultant – and then destroyed their records. 26

27 o Ellen, it turns out, was not an IT professional. She operated out of company #1’s dispatch area. o She did the best she could, but she built the system with no controls. Records could be altered at any time – for any reason. o Only she knew how it operated. Only she knew how to fix it. 27

28 o All three companies made a series of bad choices. But as things broke down there was a cascading effect. o Worst of all, all backup documentation was destroyed, which, to an auditor’s eye, means services cannot be verified. o This opens up an organization to a lot of potential adverse consequences. 28

29 o How to prevent an Ellen event: o Keep complete medical records o Signatures (physical or electronic) o Excluded providers o Medical necessity o “Cloned” notes o Computer security o Defense mechanisms o HIPAA and other privacy concerns o Other agencies involved in program integrity 29

30 o Records must reflect care plan o Records must match coding and submitted billing o Records must be contemporaneous, up-to-date, and not recreated in any form o Records must be signed (more on that later) and dated after each section is completed 30

31 o Be Prepared: o Recordset locks o Strong controls o Access restricted on a need-to-know basis o Backup, backup, backup o Base it on standards. Not Ellen. 31

32 o Get it right. Don’t rush: o Plan, plan, and plan again o Manage your implementation o Strong IT project management is a best practice o Design for success and stick to your guns 32

33 o Buy-in from management o Standards-based systems o Make sure information is transferrable from one platform to another. o Be realistic about conditions, not idealistic. 33

34 o Signatures may be handwritten or electronic. o If electronic, must be password-protected o Electronic signature does not consist of just a typed- in name o Electronic signature must “freeze” that section of record – no changes are allowed unless a separate addendum is completed o Each signature must also include a date 34

35 o Not acceptable: signature stamps, “dictated but not read,” unsigned records o Unsigned orders not recognized o No provider may sign for another provider o Records must be signed as soon as possible 35

36 o Providers who have been excluded from Medicaid or Medicare may not bill, order, or prescribe for patients covered by Medicaid or Medicare. o If excluded providers perform services for Medicaid or Medicare recipients, they will not be paid. o All potential employees must be checked against state and federal lists for exclusions. 36

37 o Medical necessity requires the judgment of skilled medical professionals. o A physician’s assessment and determination may not be challenged if the judgment is clearly documented in the medical record (see stones #1, 2, and 3). o CMS indicates that medical documentation must “contain sufficient, accurate information” to support the diagnoses and justify treatment and procedures, among other criteria. 37

38 o Caution: The movement toward electronic health records (EHRs) has led to a new problem: copied and templated documentation, referred to as “cloned” notes. o These notes lose their uniqueness when so much of the information appears to be the same from patient to patient. o Government and commercial payers are looking at this issue and, in some instances, refusing to pay for services when it appears that documentation is the same for every note for the same patient. 38

39 o Information Week reported on May 23, 2012 that two state Medicaid agencies experienced major data breaches in less than a month. o The weak link: employees. o South Carolina: 228,435 Medicaid beneficiaries compromised. o Utah: 780,000 Medicaid records stolen; approximately 280,000 of those had their Social Security numbers compromised. o Massachusetts Hospital Association paid $750,000 settlement for 2010 data breach of information for 800,000 individuals (, May 30, 2012) 39

40 o Health care organizations moving toward the use of cloud-based applications accessed over the Internet: o Recent Harris interactive survey revealed that almost 60 percent of CIOs in health care systems with EHRs and health information exchange said they planned to invest in cloud-based open systems.” o Cloud-based systems can be valuable—as long as security is in place. 40

41 o Standard Web browsers contain security gaps o Keep anti-virus protection up-to-date o Install all security patches o Back up materials o Limit the aggregation of data—strike an appropriate balance between employees’ need to use data and a security policy o Marketers are spying on Internet users, especially social media sites (e.g., Facebook, Twitter, YouTube) 41

42 o What are your policies and procedures? o What is your compliance program as it relates to health information technology? o Who is your compliance officer? o What would you do in the event of a breach at your facility or organization? o Who’s chipping away at your stones? 42

43 o Health Insurance Portability and Accountability Act: Is this just a phrase that you take for granted? o Focus on: o Individual control o Transparency o Respect for context o Security o Access and accuracy o Focused collection o Accountability 43

44 o Yes, there is integrity in Health IT, but only if you are prepared, working within a plan and in control. o After more than 20 years of auditing health organizations I can tell you these rules apply both inside and outside of Health IT. 44

45 45

46 o You are on the frontlines of an amazing transformation. o You are building a new world. o You are creating new systems never before seen. 46

47 o You are professionals with important choices. o Integrity will only be built-in if you build it. o Management and maintenance will only happen if you are a part of it. o We don’t want breadcrumbs, after all. We want a path we can trust. We all want solid records. 47

48 o Join our listserv; receive information about upcoming events (sign-up information on OMIG home page) o Follow us on Twitter: NYSOMIG o Linked In o Dedicated e-mail address: o Audit reports, positive reports and protocols o Excluded provider list o And much more on o Talk to us…we want to hear what you have to say. 48

49 o Thanks for taking program integrity seriously. o Thanks for listening. o Thanks for participating in Medicaid. o Thanks for working with us to improve program integrity. 49

50 James C. Cox Medicaid Inspector General New York State Office of the Medicaid Inspector General 800 North Pearl Street Albany, NY 12204 518-473-3782 50

Download ppt "1. o Health Information Technology Management o For being Medicaid-funded health care professionals o For working on program integrity 2."

Similar presentations

Ads by Google