Brents IT Blog

Random thoughts by an IT GOAT

NAVIGATION - SEARCH

Eclinicalworks(ECW) gets fined 151 million for Meaningful Use issues...

Many years ago i posted an entry on this blog talking about data integrity inside ECW's database. Many of those issues continue today even under MSSQL, but added to those data integrity issues, it has been my experience over the years that there are substantial security concerns with the default setup put in place at practices when a deployment occurs.  Nessus and other monitoring tools show these issues.  They leave it up to the organization to decide if security should be applied and may also, in the same breath, say they cannot support it.  Without going into details given the nature of this information, it applies to data in motion and data at rest.  

While those have been my concerns, after the announcement this week, i should have guessed that they would have also side stepped the certification tests.  Data integrity is core to data driven applications, rigging your software for certification is childs play.  

With everything said, being able to access data in the platform, freely, just like freedoms we have as people, comes with risk.  The more freedom, the more risk.  It was probably relatively easy to trace the point in which they hard coded this being the system is so open.  What i wonder about is the rumors i hear about other EHR vendors who may have also fudged their tests.  Many systems (without mentioning names) are locked down through proprietary software/databases, but if they had fudged their systems as well, it would be crucial for the testing/certification body to nail all of them to the wall.  To that end, both parties are really liable for this fraud.  

The next portion of this is money paid to providers for meaningful use attestation.  Is ECW going to be liable for returning money?  Are orgs who got paid liable even though they should be held innocent in this?  What happens if multiple EHRs are found to have fudged their certifications?  I dont think this spells the end for EHRs, but this could slow the adoption rate for the remaining providers out there.  My hope is that this forces EHR vendors to refocus on user complaints about usability.

Links to those who dont know:
https://www.justice.gov/usao-vt/pr/electronic-health-records-vendor-pay-largest-settlement-district-vermont 

https://www.justice.gov/opa/press-release/file/970346/download


Letter from ECW regarding the actions above:

Yesterday we announced a settlement with the government. As part of the settlement, eClinicalWorks paid $155 million and agreed to bolster its compliance program. The inquiry leading to the settlement primarily centered on technical aspects of the Meaningful Use program and allegations that eClinicalWorks software had technical non-conformities related to some of the criteria, all of which have since been addressed.
eClinicalWorks cooperated fully with the government. We have not admitted any fault or wrongdoing, and our goal as a company is to always make sure we are doing the right thing. We have decided to put this matter behind us and concentrate all of our efforts on our customers and continued innovations to enhance patient care delivery. Importantly, our software remains fully certified under the Meaningful Use program.
One of the technical non-conformities alleged by the government involved the use of RxNorm codes in electronic prescriptions. From 2014 to August 2016, electronic prescriptions sent by eClinicalWorks users included NDC codes rather than RxNorm codes. During this time period, more than 500 million prescriptions were successfully transmitted and filled, and most major pharmacies did not support RxNorm codes. The failure to include RxNorm codes in electronic prescriptions was completely inadvertent on the part of eClinicalWorks, as our software used RxNorm codes in other parts of the system, such as in C-CDAs. We gained nothing by not including the codes, which are available for free from the National Library of Medicine. We resolved this issue as soon as we learned of it.
Another technical non-conformity identified by the government involved data portability. The 2014 Edition certification criteria require EHR software to "batch export" patient records. There was confusion about the meaning of this requirement, however, prompting ONC in 2015 to issue a clarifying FAQ. When eClinicalWorks was tested for certification in 2013, its authorized certification body (ACB) at the time, CCHIT, determined that our software satisfied this requirement. In 2015, our new ACB, Drummond Group, disagreed and identified this as a non-conformity. eClinicalWorks resolved the non-conformity in 2015, and our software meets all MU Stage 2 data portability requirements.
Historically, technical non-conformities with the MU Program were addressed through an administrative rather than a legal process (visit the ONC's Certified Health IT Product List (CHPL) website for a list of EHR vendors with non-conformities: https://chpl.healthit.gov/#/search). eClinicalWorks chose to settle this matter to avoid the uncertainty of a prolonged legal dispute which could have been disruptive to our customers, our employees and our company.

The government also alleged that eClinicalWorks' customer referral program violated the federal Anti-Kickback statute. Under this program, called “Refer a Friend”, eClinicalWorks granted a credit, typically in the amount of $500, against existing users’ support and maintenance fees. Between 2011 and 2016, eClinicalWorks paid $392,000 to users under this and related programs. While referral programs like this are common in the industry, and while HHS-OIG has provided no guidance regarding them, the government took the position that the payments were improper. We disagreed but have nevertheless discontinued the program.
There is a silver lining to this settlement. Today, eClinicalWorks has a more robust compliance program, and we continue to invest our resources and energy into making sure the products and services we deliver serve our customers well in the long run. We paid the settlement amount using cash on hand and have the resources to continue to grow and innovate.

It is our privilege to serve you. I am committed to enhancing our products and services. We will be releasing V11 later this year as planned and are seeking certification for Meaningful Use Stage 3.
We founded this company 17 years ago with the mission of improving healthcare together. The settlement does not change that.



Add comment