Certain medical stories are irresistible to the popular press: ICD-10 external cause codes that are ridiculous (W61.43XD, pecked by a turkey, subsequent encounter) or medical practices using their electronic health records in a way that increases their revenue. A recent headline was eye-catching, as headlines are meant to be, “Report finds more flaws in digitizing patient files.” The New York Times reported on January 8, 2014 that the Office of Inspector General (OIG) found Medicare and its contractors weren’t doing enough to prevent fraud caused by using an electronic health record. It makes for good copy, doesn’t it? (OIE-01-11-00571, CMS and its Contractors have Adopted Few program Integrity Practices to Address Vulnerabilities in EHRs, January 2014). It followed a December report about safeguards in hospital EHRs. (OIE-01-11-00570, Not all Recommended Fraud Safeguards Have Been Implemented in Hospital EHR Technology). Taken together, physician practices and hospitals are given fair warning about government concerns.
The December report about safeguards is a report that IT staff, practice managers and medical directors should review. It relates to audit functions within the EHR (don’t go to sleep on me here.) It also had a bombshell about E/M services. The report found a lack of safeguards and issued recommendations about tracking alterations or changes to documentation. It recommended that EHRs track method of input, including copy/paste, direct entry, or import for any update. It states that EHR systems should have user authorization and access controls that positively identify by NPI the author of entries and restrict unauthorized access by user ID and passwords. There were other recommendations related to data transfer standards.
This same report recommended that EHR technology not prompt a user to add documentation for E/M coding, but be able to alert a user to “inconsistencies between documentation and coding.” There are two parts to this. First, the program shouldn’t prompt the user to encourage higher codes. “Just add family history, and the visit is a 99204.” The second suggests, however, that the program could warn a clinician who is coding a service at a higher level than documented.
The January report (CMS and its Contractors Have Adopted Few Program Integrity Practices to Address Vulnerabilities in EHRs) directly discusses using copy and paste and over-documentation. Quoting from the OIG report:
Copy-Pasting. Copy-pasting, also known as cloning, enables users to select information from one source and replicate it in another location. When doctors, nurses, or other clinicians copy-paste information but fail to update it or ensure accuracy, inaccurate information may enter the patient’s medical record and inappropriate charges may be billed to patients and third-party health care payers. Furthermore, inappropriate copy-pasting could facilitate attempts to inflate claims and duplicate or create fraudulent claims.
Over-documentation. Over-documentation is the practice of inserting false or irrelevant documentation to create the appearance of support for billing higher level services. Some EHR technologies auto-populate fields when using templates built into the system. Other systems generate extensive documentation on the basis of a single click of a checkbox, which if not appropriately edited by the provider may be inaccurate. Such features can produce information suggesting the practitioner performed more comprehensive services than were actually rendered.
The Documentation Guidelines that we use to audit E/M services were written in 1995 and 1997, long before most groups were using an electronic health record. But, they are still in place today and are the guidance that we have about what parts of a previous visit can be reviewed, updated and used in a current visit and count towards today’s documentation. Here is what they say,
A ROS and/or a PFSH obtained during an earlier encounter does not need to be re-recorded if there is evidence that the physician reviewed and updated the previous information. This may occur when a physician updates his or her own record or in an institutional setting or group practice where many physicians use a common record. The review and update may be documented by:
- describing any new ROS and/or PFSH information or noting there has been no change in the information; and
- noting the date and location of the earlier ROS and/or PFSH.
Auditors and payers will allow the ROS and past medical, family and social history from a previous visit to be included as part of the current visit as long as the physician notes any new changes or that there were no changes. It doesn’t say that the clinician doesn’t have to redo the work, only that the work doesn’t all have to be re-documented. In a handwritten or a dictated note, that was huge time saver. The HPI, exam, assessment and plan are not allowed to be copied, reviewed and a notation, “No changes required” made according to the Documentation Guidelines.
In a paper record, it makes perfect sense. But what about in an electronic world? Most programs allow a clinician to carry forward all or part of a note, and edit it. Most auditors don’t credit the HPI that is copied from a previous note, because according to the Documentation Guidelines, The HPI is a chronological description of the development of the patient’s present illness from the first sign and/or symptom or from the previous encounter to the present. It includes the following elements: • location, • quality, • severity, • duration, • timing, • context, • modifying factors, and • associated signs and symptoms. We interpret that to mean a description of the patient’s current symptoms, not past medical history. Since the Guidelines specifically state that the ROS and PFSH may be carried forward but not the HPI, auditors expect the HPI to change from visit to visit. And often, reading an HPI that was copied is confusing about the time frame and inaccurate.
But clinicians see things a little differently. The start of the history section is often a succinct summary of the patient’s condition, which is helpful to carry forward from visit to visit. “HPI: Pleasant 58-year-old with a past medical history of coronary artery disease, previous acute coronary syndrome. He had bypass surgery. His last cardiac catheterization was June 2011. At that time bypass grafts were patent. The third obtuse marginal demonstrated 80 percent stenosis in the proximal third. The RCA demonstrated 100 percent proximal stenosis. The mid RCA was supplied by collaterals. There was diffuse coronary disease. Ejection fraction was 55 percent. There was no intervention at that point in time. In November he developed recurrent chest pain. He ruled out for myocardial infarction and was discharged on metoprolol as well as imdur and he is no longer on Benicar.” The physician certainly doesn’t want to re-type that, and yet does want it at the start of the visit, as a reminder for future visits and for other care providers. This seems reasonable to me, but then the physician needs to add “Since last seen, he reports….” And describe the patient’s symptoms, if any, or the status of the patient’s condition since the last visit.
What about the exam and assessment and plan? The Guidelines don’t allow for copying those sections. Providers tell me that opening up the previous note and copying the exam into today’s visit reminds them of abnormal findings. The provider then edits the exam. Use extreme caution with this until we receive CMS guidance. It runs the risk of falling into the category of both cloning and over-documentation. I read too many notes in which I am surprised the level of exam that was documented for a follow up or minor problem. (A comprehensive, eight-organ system exam for a cast change on an 8 year old, for example.) As for the assessment and plan, if the physician is following the patient for the same problems, and addresses each of them at the visit, then the list won’t change. And it’s possible that the status of these won’t change or the treatment plan. The clinician needs to be sure to only include in the list those problems addressed that day and scrupulously update the status of them. Again, the Guidelines themselves written in a pre-EHR era do not allow for using and updating a previous assessment and plan.
When I meet with physicians, they often complain that they can’t trust the information in EHR notes from another provider. The first duty in documenting a service is to the integrity and accuracy of the medical record. But, keep in mind that the payer isn’t paying you twice for the same work. Some notes are copied wholesale from a previous visit with minimal changes. It makes it difficult to validate the medical necessity for the service and to know what happened at the subsequent visit.
There is more than a little irony in the situation. First, CMS all but insists that physicians use an EHR. But then CMS seems to say, “Don’t use this tool in a way that is too convenient or that saves you any time.” Until we receive CMS guidance, and working within the constraints of the EHR, document in a manner will help you and other clinicians to treat the patient.