Blog

EHR Documentation Integrity Risks:  Ten Ways to Stay Compliant

EHR Documentation Integrity Risks: Ten Ways to Stay Compliant

  • June 19, 2019

EHR Documentation Integrity refers to the accuracy of the complete medical record and ensures the three Rs: the right information and the right time for the right patient1. An accurate record contributes to quality, patient safety, and compliance. EHR’s often have the capability and tools to promote quick and efficient documentation, saving providers time on administrative tasks so they can spend more time providing patient care. However, certain of these EHR time-saving features can result in documentation integrity issues, including the following:

  • Cloning
  • Copy and paste
  • Carry or pull forward entries
  • Auto-fill
  • Auto-prompts
  • Default suggestions during data entry
  • Templates designed to meet particular reimbursement levels

Payers, including the governmental payers (Medicare, Medicaid, etc.), have been clear on their view of these integrity issues. Following are examples from CGS2:

The word cloning refers to documentation that is worded exactly like previous entries. This may also be referred to as cut and paste, copy and paste, or carried forward. Cloned documentation may be handwritten but generally occurs when using a preprinted template.

Documentation is considered cloned when each entry in the medical record for a beneficiary is worded exactly like or similar to the previous entries.

Cloning occurs when the medical documentation is exactly the same for beneficiary to beneficiary. It would not be expected that every patient had the exact same problem, symptoms, and required the exact same treatment. This cloned documentation does not meet medical necessity requirements for coverage of services rendered due to the lack of specific, individual information.

Cloned documentation does not meet medical necessity requirements for coverage of services. Identification of this type of documentation will lead to denial of services for lack of medical necessity and recoupment of all overpayments made [emphasis added].

All documentation in the medical record must be specific to the patient and her/his situation at the time of the encounter. Cloning of documentation is considered a misrepresentation of the medical necessity requirement for coverage of services. Identification of this type of documentation will lead to denial of services for lack of medical necessity and recoupment of all overpayments made [emphasis added].

Templates can be of great value to providers and enhance compliance and patient safety if they incorporate care guidelines, integrate mnemonics to help deliver evidence-based care, automate reminders and investigations, recommend appropriate tests and flag inappropriate ones, and enhance compliance with standards, policies, and procedures. However, developed inappropriately, templates can result in over-documentation in the record.

The Centers for Medicare and Medicaid Services (CMS) believes that templates and other auto-fill features create a risk of over-documentation. “Over-documentation is the practice of inserting false or irrelevant documentation to create the appearance of support for billing higher level services. Some [EHRs] auto-populate fields when using templates built into the system. Other systems generate extensive documentation on the basis of a single click of a checkbox, which if not appropriately edited by the provider may be inaccurate. Such features produce information suggesting the practitioner performed more comprehensive services than were actually rendered” [emphasis added].

Providers have received post-payment audit letters on these types of documentation integrity issues, and there have been Department of Justice settlements involving documentation integrity issues. In 2016, for example, a regional home-care provider admitted to a host of allegations, including the following over-documentation concern, resulting in a $3.3 Million payment and paying a percentage of its net income over five years.

[The provider] also utilized an electronic medical records (EMR) system that permitted the NPPs to easily electronically cut, copy, and paste medical notes from prior visits. The ability to migrate notes from visits that occurred weeks, months, or even years prior to the current patient encounter created the illusion that [the providers] NPPs were performing a significant amount of work during their patient encounters when, in fact, they were not.3

Here are ten ways to avoid such risks and stay compliant:

  1. Perform EHR Data Audits. Review provider templates, provide meaningful suggestions to improve templates to reduce risk, and collect examples of problematic documentation.
  2. Establish an EHR Integrity Program. Identify physician champions, and obtain provider input.
  3. Develop an EHR Integrity Policy and Procedure.
  4. Utilize EHR built-in safeguards.
  5. Identify safeguard gaps, and work with EHR vendor to address these gaps.
  6. Establish a process for logging and auditing EHR activity.
  7. Train EHR Users on the EHR Integrity Program Policies and Procedures to include EHR security requirements, EHR documentation requirements, and personal responsibility for security and integrity.
  8. Enforce disciplinary policies for violations.
  9. Review and keep abreast of publications on EHR integrity: Government (CMS, OIG, NIST); Industry (AHIMA, AMA); Patient Safety Focused (TJC, ECRI).
  10. Utilize an independent auditing firm to perform documentation and coding audits, including assistance in identifying documentation integrity concerns so they can be addressed.

Contact Coker Group today to see how we can assist your organization with maintaining EHR documentation integrity.


  1. P. Vimalachandran, H. Wang, Y. Zhang, B. Heyward, F. Whittaker. 2018. “Ensuring Data Integrity in Electronic Health Records: A Quality Health Care Implication.” Cornell University Library, February 2.
  2. 2012. Electronic Medical Record Record Tips: When Using Electronic Medical Records. September 6. Accessed May 23, 2019. https://cgsmedicare.com/partb/pubs/news/2012/0812/cope19795.html .
  3. Justice, Department of. 2016. Louisville Based MD2U, a Regional Provider of Home-Based Care, and Its Principal Owners Admit to Violating the Federal False Claims Act and Being Liable for Millions. July 7. Accessed May 23, 2019. https://www.justice.gov/opa/pr/louisville-based-md2u-regional-provider-home-based-care-and-its-principal-owners-admit .

 

 

  • ROSALIND CORDINI, JD, MSN

    ROSALIND CORDINI, JD, MSN

    Senior Vice President/Director of Coding & Compliance Services

    Contact

Join our email list!

Please subscribe for new updates

Contact us today for more information about our healthcare consulting services and learn how we can help your organization.

Contact Us