Ben Sardinas HCAG HeadshotIn April 2012, The Centers for Medicare and Medicaid Services (CMS) awarded Figliozzi and Co., a CPA firm from Garden City, NY, the contract to audit compliance for Meaningful Use for those facilities that received payments from CMS.  Under this program, CMS can recoup incentive payments made under the program, and even refer providers for civil and criminal penalties if there is evidence of fraud. Figiozzi, describes itself as ”an experienced group of accounting and auditing healthcare professionals.  We specialize in the audits of healthcare facilities to determine compliance with Medicare and Medicaid regulations.”  They will also make sure that these facilities are eligible Medicare providers.

Meaningful Use Defined

Meaningful Use is a government program that encourages medical providers to adopt and use an EHR to improve quality of care by providing up to $39,000 per eligible Medicare provider ($63,750 for eligible Medicaid professionals).  Incentive funds are designed to help doctors make the transition to electronic records and can be used at the individual physician’s discretion.  To receive payments, eligible providers need to demonstrate a set of Meaningful Use criteria that serve as a roadmap for effective EHR adoption. Providers can then attest to CMS after a reporting period to earn their incentive.

CMS Targets a Five Percent Audit Rate

As reported by Kyle Murphy of EHR Intelligence in November, 2012, the Health and Human Services (HHS) Inspector General criticized the EHR incentive program for not conducting pre-payment audits.  This prompted CMS to begin auditing past and future recipients of incentive payments.

In a conference call earlier this year, Robert Anthony, Deputy Director of the HIT Initiatives Group, Office of E-Health Standards and Services at CMS, announced that five percent of Meaningful Use hopefuls can expect a pre-payment or post-payment audit.  As reported by Joseph Conn of Modern Healthcare, Anthony said “It’s only recently that some of the adverse-finding letters have gone out.”   So far, there have not been many, “although some of that may be timing,” since it’s still early in both programs. A few providers with adverse audit determinations are just beginning the appeal process, he said. Several providers have been referred for possible fraud enforcement investigation and action.

Current and Future Recipients May Be Audited

Jennifer Bresnick of EHR Intelligence points out that providers that attested in the past might “find themselves under the microscope as CMS tries to ensure that Meaningful Use payments are going to the right people for the right reasons. “  Bresnick goes on to quote Elizabeth Holland, Director of the HIT Initiatives Group at HHS during the HIMSS13 conference, “We have a fiduciary responsibility to make sure that we are paying appropriately.”

Things to Consider (from Modern Healthcare)

“We’re certainly seeing some instances where people haven’t done them or people just aren’t sure what they’re supposed to be doing,” Anthony said. “There are not additional requirements here beyond HIPAA.” But, he said, “They need to have something in their risk analysis that is specific to their EHR. It doesn’t have to be all about the EHR. It needs to be stated and indicated that it’s about your practice.”

Another common problem area in the audits thus far has been a lack of adequate documentation for responses to some of the “yes or no” Meaningful Use criteria, such as, whether the system has been tested for the exchange of clinical information, or the electronic submission of data to a public health agency. Documentation must be available whether or not those actual transmissions were successful.

“There are some EHR systems that have an audit log that can show that for an entire reporting period,” Anthony said, but other systems cannot, so if not, other arrangements—such as capturing a computer screen shot or receiving a letter from a public health agency—must be made to document the required test or transfer was accomplished.

These records need to be retained for six years, according to a two-page guidance (PDF) about the audit program and a six-page audit fact sheet about needed supporting documentation posted on the CMS web site (PDF).


Physicians and facility owners that have applied for or received payments for Meaningful Use should make sure that they are prepared to show the documentation supporting their attestation.  Should you receive an audit notice, take it seriously and respond in a timely manner.   It would also be prudent for providers undergoing an audit to consult the firm that assisted them with their implementation and attestation to ensure that their response to CMS is sufficient and complete.

EHR Intelligence has a basic guide to help providers through the audit process.


Ben Sardinas is Managing Director of HealthcareMA, a mergers and acquisitions advisory firm based in Coral Gables, Florida.  He has over 25 years of healthcare and consulting experience.