In my previous blog, I talked about physician resistance to building anti-fraud measures into electronic health record systems (EHRs). To be clear, I do not know any physicians who commit fraud nor condone it and based on the information available to our expert panels on healthcare fraud, only a very small percentage of physicians engage in fraudulent activity. Building fraud management into EHRs is aimed not solely at physicians who commit fraud, but others, including organized crime that will use legitimate EHR records to perpetrate fraudulent claims.

The recommendations made by our panel to DHHS for anti-fraud measures in EHRs involved the requirement to produce automatically to a secure and immutable file certain audit information during the production of encounter notes by physicians using an EHR. Such “metadata” is easy and of low cost to produce in a computer system whereas it would be near impossible to collect in the current paper system. It would include improved documentation of the identity of the author, time and location of entry, method of entry, and certain other aspects of the process of entry that when made available to computerized pattern detection software, would enable the flagging of suspicious transactions. Requiring such audit trails now for certification of EHRs would be much easier than attempting to retrofit such software at a future time after EHRs become widely adopted.

The concern of physicians is that such increased ability of surveillance by law enforcement and insurers would increase the likelihood of false accusations of fraud. I believe that the result will be just the opposite. The problem physicians have now is the difficulty of defending themselves against such accusations. The same “metadata” that can be used to detect fraudulent patterns is the best protection that physicians will have to demonstrate the legitimacy of their entrees into the record and their subsequent claims. Without such audit documentation, which is the rule rather than the exception in EHRs today, there is inadequate documentation and serious concern about the admissibility of their current electronic records as evidence in a court procedure.

What is needed for the physicians is to insure that the process of surveillance and the process of determining the threshold for investigation are done in a manner that minimizes the chance of false positives. The first step is to have a dialogue with the physician organizations on how best to achieve these needed protections. There are some gray areas where one person’s coding problem is another person’s fraud. But there is so much deliberate, organized and blatant fraud that surely we can set the threshold of suspicion to avoid a serious problem with false accusations.

A Gartner report has stated that any investment in anti-fraud software will bring a 5/1 return on investment. This is clearly the easiest and most immediate manner in which the Obama administration can begin to make good on its promise of saving $2500/family in healthcare costs. We need to make this investment before we succeed in achieving widespread adoption of EHRs. Without it, costs will go up, not down, with such adoption.

Donald W. Simborg, MD