OIG Issues EHR Fraud Survey

CEOs of at least ten hospitals received the survey last week, says McNutt, CIO at Methodist Health System in Dallas.

Among the other specific questions asked in the survey:

• How diagnoses and procedures are coded (manually, automatically with coding software, or other)
• Whether the hospital has plans to adopt computer-assisted coding
• User authorization methods (unique user ID, password, tokens, biometrics, public key)
• Access management (session time-out, minimum password configuration rules, regular changing of passwords, user agreements or contracts to prevent sharing of passwords, or other)
• Whether outside entities such as payers can access the EHR, and if so, how such access is tracked
• Barriers to allowing outside entities access (lack of software or hardware support, insufficient staffing, funding restrictions, performance concerns, privacy concerns, etc.)
• Numerous questions about audit log practices and availability
• How physician progress notes are entered into the EHR (free text, via structured templates)
• Whether narrative nursing notes are directly entered into the EHR or handwritten and scanned into the EHR, and if so, why
• Whether the Print-Screen function is disabled for the HER
• Whether patients have access to the EHR, and if so, how
• Procedures for identifying patients upon hospital check-in
• EHR copy and paste policies at the hospital