Electronic Health Records Creating A ‘New Era’ Of Health Care Fraud

By Fred Schulte, Kaiser Health News and Erika Fry, Fortune. Cross-posted from Kaiser Health News.

Derek Lewis was working as an electronic health records specialist for the nation’s largest hospital chain when he heard about software defects that might even “kill a patient.”

The doctors at Midwest (City) Regional Medical Center in Oklahoma worried that the software failed to track some drug prescriptions or dosages properly, posing a “huge safety concern,” Lewis said. Lewis cited the alleged safety hazards in a whistleblower lawsuit that he and another former employee of Community Health Systems (CHS) filed against the Tennessee-based hospital chain in 2018.

The suit alleges that the company, which had $14 billion in annual revenue in 2018, obtained millions of dollars in federal subsidies fraudulently by covering up dangerous flaws in these systems at the Oklahoma hospital and more than 120 others it owned or operated at the time.

The whistleblowers also allege that Medhost, the Tennessee firm that developed the software, concealed defects during government-mandated reviews that were supposed to ensure safety.

Both CHS and Medhost have denied the allegations and moved to dismiss the suit. The motions are pending. Last month, Department of Justice lawyers wrote in court filings that they were still investigating the matter and had not yet decided whether to take over the case.

The lawsuit is one of dozens filed by whistleblowers, doctors and hospitals alleging that some electronic health records (EHR) software used in hospitals and medical offices has hidden flaws that may pose a danger to patients — and that a substantial chunk of the $38 billion in federal subsidies went to companies that deceived the government about the quality of their products, an ongoing Fortune-KHN investigation shows. The subsidies were designed to persuade hospitals and doctors’ offices to install software that would track the medical history of every patient and share the information seamlessly with other health care providers.

But the software makers allegedly gamed the system, repeatedly. Three major EHR vendors have made multimillion-dollar settlement deals — totaling $357 million — over Justice Department investigations which include allegations that they rigged or otherwise gamed the government’s certification test. At least two other companies are under investigation.

Beyond those cases, federal officials have paid hundreds of millions of dollars in subsidies to doctors and hospitals that could not show they were even qualified to receive them, according to federal officials. Nearly 28% of doctors and 5% of hospitals who attested to meeting government standards later failed audits. Federal officials told Fortune and KHN that they have clawed back $941 million in improper subsidies.

“We’re entering an entirely new area of health care fraud,” John O’Brien, senior counsel with the Department of Health and Human Services Office of Inspector General, said in a July 2017 video announcing a $155 million False Claims Act settlement with eClinicalWorks, one of the nation’s leading sellers of EHRs for physicians.

The concern is not just over wasteful spending of tax dollars. EHRs monitor the medicines people take and their vital signs, so software glitches that prevent doctors from accessing files quickly, that mix up patients or send vital test results to the wrong file can contribute to serious injuries, or even deaths.

In March, Fortune and KHN revealed that thousands of injuries, deaths or near misses tied to software defects, user errors and other problems have piled up in various government-sponsored and private repositories.

“Ultimately, it’s about patients getting the right care,” Andrew Vanlandingham, the HHS inspector general’s senior counselor for health information technology, said in an interview. He said that investigators are “gearing up” for more scrutiny of the important industry, including closer monitoring to make sure that records software is safe.

The Justice Department accused eClinicalWorks, an EHR company whose medical software is used by 130,000 providers, of rigging the government’s certification test, claims the company has denied. eCW settled the case for $155 million in 2017.

Leaping Into The Digital Era

In 2009, Congress committed billions of dollars in economic stimulus funds to bring the era of paper medical records to a close. Officials hoped to cut down on medical errors caused by illegible paper records and draw on the power of massive troves of medical data to drive down the cost of health care and help develop improved treatments for disease.

The hastily devised plan offered Medicare doctors and other medical professionals up to $44,000 and $64,000 in subsidies if they bought the software and accepted patients on Medicaid, the federal health care program for low-income people.

The money was intended to help them pay vendors to install EHRs in their offices. Hospitals, which required more sophisticated and costlier software, could receive millions in subsidies, based on the number of inpatients treated. To give them a nudge, officials warned doctors and hospitals that failure to wire up would trigger gradual cuts in their Medicare payments. EHR vendors had to meet certification standards set by the HHS Office of the National Coordinator for Health Information Technology, or ONC.

Providers had to attest that their EHR software could perform a variety of functions, which the government described as making “meaningful use” of the technology.

Certification was essentially an open-book test in which the government gave vendors the questions in advance — for instance, the names of 16 or so drugs the system would have to prescribe electronically to pass. The Justice Department has alleged that some vendors simply doctored their software to pass the test — for example, programming the required codes for just the specified 16 drugs they would be tested on, rather than all medicines — as officials had expected.

Frank Poggio who recently retired from a 45-year career in health technology, saw the cases of fraud coming, he said, because the tests “were superficial, and if you wanted to game it, you could game it.”

Poggio said there were many weaknesses in the system that allowed a vendor to show a “prototype” as opposed to live software.

Dr. Scott Monteith, a Michigan psychiatrist who served as an early certification juror, said he saw some limitations firsthand. He said one vendor took 30 minutes to produce a list of patients who had diabetes and also smoked, data he figured any computer program should be able to spit out in seconds. The vendor passed.

“That’s an example of how poorly thought-out the whole thing was,” said Monteith, who noted he was then, and still is, a big booster of EHRs.

Jeffery Daigrepont, a senior vice president at Coker Group, a firm that advises health providers on business decisions, said the government erred by handing out too much money in the early stages of the program, when many doctors and hospitals had not yet done much more than agree to participate.

“It was an upside-down pyramid,” he said. “You got the bulk of the money for doing the least amount of effort.”

Dr. John Halamka, a physician and Harvard Medical School professor who chaired the ONC standards committee, which wrote the certification rules, defended the process.

“The only problem [with certification] is that it presupposed that the product the vendor certified would be the same product they sold,” Halamka said. “It presupposes that people will go into the certification process and participate in good faith.”

That did not always happen in the rush to snatch up subsidy dollars, according to the whistleblowers’ suits. The Justice Department case against eClinicalWorks, which has 130,000 providers, accused the company of rigging tests to win certification, claims the company has denied. The company did not respond to numerous requests for comment.

The government accused Greenway Health, a Florida-based EHR developer with 75,000 providers, of doing the same thing. The DOJ’s complaint included a number of instant-message exchanges between Greenway employees in which they allegedly discuss their plan for gaming the certification process by “shortcutting some functionality” of the software. In February, Greenway Health settled with the government for just over $57 million without admitting wrongdoing.

The whistleblower case filed by Lewis and former co-worker Joey Neiman accuses the CHS hospital chain of submitting more than $385 million in false claims for EHR stimulus payments between 2012 and 2014.

The government accused Greenway Health, a Florida-based electronic health records company, of gaming the government’s certification process. In 2019, the company settled those allegations for $57.25 million without admitting wrongdoing.

Visiting the Oklahoma hospital as part of a troubleshooting team in June 2015, Lewis heard that physicians worried flaws in the system could result in patients being sent home “with the wrong drugs, doses or instructions,” according to the suit.

Things got so bad that local doctors were threatening to admit patients elsewhere unless the hospital fixed the software problems, according to the suit.

In a statement, CHS said it had “complete confidence” in its records systems. “The allegations made in the lawsuit against our hospitals are completely without merit,” the company said. Medhost denied its software has flaws, noting in its statement: “Hundreds of facilities have successfully used our software over the years and continue to do so today.”

Few in the industry seemed surprised by such allegations. When news of the eClinicalWorks case broke, Farzad Mostashari, who led the ONC from 2011 to 2013, tweeted: “Let me be plain-spoken. eClinicalWorks is not the only EHR vendor who ‘flouted certification/misled’ customers. Other vendors better clean up.”

The Electronic Health Record Association, a trade group that represents more than 30 vendors, did not respond to a request for comment. However, vendors have argued that they faced a tangle of regulations that required them to meet constantly shifting standards that government officials often could not explain.

ONC officials declined to answer written questions. But in a statement, ONC said it takes steps to ensure that products “are safe for patients and usable by providers.”

System Glitches And Accusations Of ‘Gaming’ The System

While the ONC sets the standards, the federal Centers for Medicare & Medicaid Services (CMS) had the job of paying doctors and hospitals that attested to meeting the “meaningful use” criteria. As of September 2018, CMS had paid out $38.4 billion in these funds.

In 2012, CMS hired accounting firm Figliozzi and Co. of Garden City, N.Y., which audited almost 50,000 medical professionals. Nearly 28% failed, despite the fact that they had previously attested to meeting the standards. Hospitals did better, posting a 5% failure rate. CMS officials said they have recovered some $941 million in these improper payments. The losses to the Treasury are likely far higher because only 14% of the medical professionals and 40% of the hospitals receiving payments were audited.

(Lydia Zuraw/KHN)

Michael Arrigo, who has served as an expert witness in health IT-related fraud and medical malpractice cases, said that in some cases EHR vendors misled hospitals about the challenges of replacing paper records with computers.

Others rolled the dice, apparently hoping the program was so large and complicated that they were unlikely to be targeted for audit. “Sometimes [providers] got away with it until a whistleblower found out,” Arrigo said.

Reviewing state and federal court filings, Fortune and KHN found more than two dozen cases, many filed by hospitals against vendors, which depict chaotic EHR installations and safety concerns as they pursued meaningful-use dollars.

Parrish Medical Center, a 210-bed public hospital on Florida’s Space Coast, is one. In December 2010, the Titusville hospital contracted with McKesson’s Enterprise Information Solutions. One of America’s largest companies, McKesson said its product would be easy for doctors and nurses to learn and help them “deliver high-quality, safe patient care.”

But the deal collapsed, prompting a bitter court battle in which the hospital repeatedly assailed McKesson’s competence. For instance, the hospital alleged that bugs in the software caused it to create more than one record for the same patient, a flaw dubbed a “major safety issue.”

An expert hired by Parrish said he contacted eight other hospitals, including three in Florida, which had dumped McKesson due to what he called “poor or unsatisfactory customer service.”

The medical staff at one of those hospitals was “up in arms” because it took 63 mouse clicks to look up a patient’s lab results, according to the expert’s report.

Parrish later signed on with another EHR vendor and the suit has since been settled. Both Parrish and McKesson declined to comment for this story. McKesson sold its health IT business to Allscripts in October 2017. Earlier this year, Allscripts reported to the Securities and Exchange Commission that government attorneys have requested documents from the company as part of an investigation into McKesson’s certification.

In another lawsuit, Weirton Medical Center, a hospital in West Virginia, stated in a court filing that it submitted “inaccurate” meaningful-use data to the government ― though it blamed the vendor. The hospital alleged the system failed to identify a patient who was critically ill and in the hospital. The hospital declined to comment to KHN and Fortune about the case, which has been settled.

Hamstrung By Technology?

ONC officials said they keep no log of complaints they receive.

A study published in JAMA this month found that 40% of the software that ONC singled out for post-marketing review had flaws that could lead to patient harm, including inaccurate drug codes, information displaying incorrectly and decimal points gone missing.

That’s “a concerning number, and we have to do something to address that,” said researcher Raj Ratwani, the director of the MedStar Health National Center for Human Factors in Healthcare and a co-author of the study. These systems were used in 786 hospitals and by 37,365 provider organizations, according to Ratwani, who said there’s no way to know how many defects have been fixed.

ONC has “decertified” about 100 pieces of once-approved software products. But most were tiny market players that had few or no users and went out of business. PlatinumMD, which had just 48 “meaningful” users, is an example. In a 2014 whistleblower lawsuit, San Diego urologist Dr. Scott Brown alleged that PlatinumMD filed for $18,000 in subsidies on his behalf even though it had not yet fully installed his EHR. In February 2016, the defunct company’s owners settled the case without admitting liability by paying the government $180,000.

Another 132 government-certified products have been flagged for corrective action due to “non-conformities.” As for the technology that the government alleges was fraudulently certified, it’s still used in health care settings across the country.

While those vendors faced multimillion-dollar settlements and now must operate under the oversight of a government monitor, their technology was not taken off the market. Nor were they dumped by many customers who, for the most part, however dissatisfied, were stuck with it.

ONC seemed to acknowledge that decertifying a large vendor would cause a major disruption, noting in an October 2016 regulation: “Our first and foremost desire would be to work with developers to address any problems.”

In the regulations, ONC cited the costs medical providers would face should their EHR vendor shut down as ranging from $33,000 to as much as $650 million.

“It is very difficult to switch product,” said Steve Waldren, chief medical informatics officer for the American Academy of Family Physicians. “You couldn’t just go down the street and pick up another EHR, put it in and move your data over.”

He noted that beyond the considerable cost of the technology, providers would have to take time to learn a new system.

“ONC does seem to have a stance that removing some of these players from the market would be very disruptive,” said Brad Ulrich, a Tennessee health IT expert. “They are almost too big to fail.”

Print Friendly, PDF & Email
This entry was posted in Health care, Ridiculously obvious scams, Technology and innovation on by .

About Lambert Strether

Readers, I have had a correspondent characterize my views as realistic cynical. Let me briefly explain them. I believe in universal programs that provide concrete material benefits, especially to the working class. Medicare for All is the prime example, but tuition-free college and a Post Office Bank also fall under this heading. So do a Jobs Guarantee and a Debt Jubilee. Clearly, neither liberal Democrats nor conservative Republicans can deliver on such programs, because the two are different flavors of neoliberalism (“Because markets”). I don’t much care about the “ism” that delivers the benefits, although whichever one does have to put common humanity first, as opposed to markets. Could be a second FDR saving capitalism, democratic socialism leashing and collaring it, or communism razing it. I don’t much care, as long as the benefits are delivered. To me, the key issue — and this is why Medicare for All is always first with me — is the tens of thousands of excess “deaths from despair,” as described by the Case-Deaton study, and other recent studies. That enormous body count makes Medicare for All, at the very least, a moral and strategic imperative. And that level of suffering and organic damage makes the concerns of identity politics — even the worthy fight to help the refugees Bush, Obama, and Clinton’s wars created — bright shiny objects by comparison. Hence my frustration with the news flow — currently in my view the swirling intersection of two, separate Shock Doctrine campaigns, one by the Administration, and the other by out-of-power liberals and their allies in the State and in the press — a news flow that constantly forces me to focus on matters that I regard as of secondary importance to the excess deaths. What kind of political economy is it that halts or even reverses the increases in life expectancy that civilized societies have achieved? I am also very hopeful that the continuing destruction of both party establishments will open the space for voices supporting programs similar to those I have listed; let’s call such voices “the left.” Volatility creates opportunity, especially if the Democrat establishment, which puts markets first and opposes all such programs, isn’t allowed to get back into the saddle. Eyes on the prize! I love the tactical level, and secretly love even the horse race, since I’ve been blogging about it daily for fourteen years, but everything I write has this perspective at the back of it.


  1. Ignacio

    Isn’t it the case that US hospitals have to follow ISO 9001 standards? I think these help to re-focus on patients.

  2. Otis B Driftwood

    The Electronic Health Record Association, a trade group that represents more than 30 vendors, did not respond to a request for comment. However, vendors have argued that they faced a tangle of regulations that required them to meet constantly shifting standards that government officials often could not explain.

    I call B.S. on this. EHR’s have well-established standards, primarily defined by an internationally standards body known as Health Level 7 (HL7). The earliest versions of these standards (dating back to the 1980s) are still implemented in countless systems throughout the world.

    The meaningful use requirements for certification were not difficult for any competent organization to implement and test honestly (I worked on such a product). But of course, as the article rightfully notes, certification did not protect sufficiently against bad actors rushing products to market in order to grab a share of the MU $$.

    A good example is what happened at McKesson – they had two EHR products, Paragon and Horizon. I don’t know which one was used in the Florida hospitals (my guess would be it was Paragon), but all of their customers have since been replaced by other vendors. What happened with McKesson during its disastrous attempts to retool their EHR products is a topic in and of itself. A case study in failed corporate management and wasteful software development processes.

    The EHR market has consolidated among two market leaders – Cerner and Epic. Epic, for example, runs the huge Kaiser Permanente health system in the west. It is noteworthy that both of these companies are geographically centralized (Kansas City for Cerner, and Verona WI for Epic) and they both have a well-deserved reputation for quality. There are other good vendors, too, but you can contrast them with those who failed via a strategy of acquisition, outsourcing and de-centralized software development (like McKesson).

    And as others may gave noted, the McKesson drug distribution organization was also featured in the opioid crisis. Perhaps not coincidentally, the former CEO of McKesson, John Hammergren, was the highest paid CEO in the world during the mid-teens. He is now retired and has not borne any consequence for his actions during those years.

    1. Yves Smith

      This is not bullshit. Your fond beliefs about IT are in serious disconnect with reality. The fundamental defect is at the specification level. EHRs are about billing, not about patient care.

      We have posted regularly, for years, from Health Care Renewal, by a professor who teaches medical IT, on the train wreck of medical records.

      Consolidation among companies does not lead to integration of systems. Talk to anyone in banking.

      For instance, ECRI has listed medical records as top risk to patients in large medical systems (as in hospital systems).

      Here are a few of many posts:

      Electronic Health Records: Death By A Thousand Clicks

      How Electronic Health Records Degrade Care and Endanger Patients

      Highly Experienced Physicians Leaving Medicine Due to Electronic Medical Records

      Criminal Matter for the Attorney General of NY? NYC’s $764M Medical Records System Will Lead to ‘Patient Death’: Insiders

      Electronic Health Record Vendors Use Gag Clauses to Hide Lethal Bugs in the IT Systems They Sell

      “The Tragedy of Electronic Medical Records”

      1. Otis B Driftwood

        Yves, you jumped to conclusions without reading my comment carefully. I specifically pointed out that it isn’t the regulations and standards so much as the haste with which they are implemented by IT vendors out for a fast buck.

        Thank you for posting those links. I have read most of them when originally published and commented several times. I have NEVER defended IT technology as the be-all, end-all.

        Healthcare IT in the US is in bad shape. A combination of bad software, poor regulatory oversight, business greed and terrible process.

        Consolidation does not equal integration. I only pointed out the fact that Cerner and Epic are the dominant EHR vendors. Is that a good thing? Yes, if they replaced a bad product like eCW with Cerner. No, if the replaced software was among the best – Cerner at the VA, Epic at Mayo, are two prime examples of this.

        I am not of the belief that technology can solve all of our problems, but I am at least willing to accept that it can help when it is fit for purpose. Specifically, enabling comprehensive access to clinical data for patients during transitions of care. If that constitutes “fondness”, then so be it.

    1. Synoia

      I believe Kaiser’s CTO was removed for cause when Kaiser selected EPIC.

      To err is human
      It take a computer to really foul thins up.


      Computers repeat human mistakes, endlessly.

      1. m

        Think that is true about Kaiser, problems with roll out and a kickback? EPIC and Cerner also donated to dems during Obamacare roll out and they were also part of that working group that decides requirements for EHRs. If these are the two stand outs I hope someone comes along and cuts the fat and creates something efficient. These programs feel like being in a hoarders house.

  3. JTMcPhee

    As to Community Health Services, anyone remember now-Senator Sick Rott (er, Rick Scott) using Columbia/HCA, as CEO, to pull off another looting of the Commons, as in Medicare/Medicaid fraud in the billions of dollars. Even PolitiFact acknowledged he got away with it, https://www.politifact.com/florida/statements/2014/mar/03/florida-democratic-party/rick-scott-rick-scott-oversaw-largest-medicare-fra/ CHS follows the Columbia/CHA business model pretty closely.

    And now Scott is running trump’s effort to “remodel” those two programs, https://nymag.com/intelligencer/2019/04/rick-scott-is-an-odd-choice-to-lead-gops-health-care-reform.html

    On the many ways that EMRs and billing can go bad, here’s a choice case. Our local Level 2 trauma center hospital is one of the ones that got bought in the conglomeration that is Community Health Services. I hear the corporate types in the the central office decide to do some MBA efficiency increase by contracting for a one-size-fits-all EMR/billing/hospital administration platform, to replace all the many different systems in use the several hundred facilities they “owned.” The local hospital has been bought and sold numerous times over the last few years, and the existing systems had, thanks to a lot of effort by staff and caregivers, become fairly useable if kludgy. But CMS decided to roll out the efficient new system with no beta testing or apparently even telling the staff that it was scheduled. So at midnight on Friday night, the switch was made, and the staff coming on duty discovered that nothing worked — no access to charts, medication orders, medical histories, imaging results, billing, everything, just gone. Because no one in the central office had tried to see if all the data structures or whatever (I’m no IT person, at all) were compatible and would link to the new metric-driven system.

    One can only imagine the horror… Took months to unsnarl. Not hardly reported at all that I can find. I only know about it from working for one of the senior staff, who just let an inkling of what was going on into the office gossip machinery.

    It’s not like there were ever any such problems with CHS an agent before, oh no — just Community Health System data breach hits millions, possibly including Bayfront clinic patients, https://www.tampabay.com/news/health/community-health-system-data-breach-hits-millions-including-bayfront/2193500/

    And of course CHS employees cannot escape impossible student loan debts via bankruptcy, but playing with the lives of patients at hundreds of hospitals, clinics and doctors offices under the CHS boot is financially consequence-free, https://www.axios.com/the-collapse-of-community-health-systems-1513304786-f5a411e6-e0dd-401b-af65-9dc81be4be80.html

    Because “in the end, there can be only one:” https://www.cerner.com/solutions/health-systems. a wholly owned subsidiary of The Soylent Corporation ZLC (zero liability corporation)…

  4. kiers

    Do people realize that this new age of “big data” is really another form of RENTIER capitalism? It’s like banks create money out of thin air; likewise the graduates of _____ tech (fill in the blank: MIT, Cal Tech, Georgia Tech etc etc) create money out of data intermediation. You process data from there, sell it back to the sheep, and in the process take still more data. Repeat.

    And THIS(!) is supposed to make our lives better? As if, everyone was born needing a regression analysis to make our way in life? Just another avatar of RENTIER capital.

    Also, most shocking case study: there are new “big data” firms posing as “clinical labs”. They take hospital records from tens of thousands of sheep; run a regression, determine a mean and std deviation; then SELL that back to patients in the form of a “LAB TEST” for $900+ per test. FDA approved. In fact, in the future, data will be hoarded by the elite, whereas previously the results of regression were shared with the doctors and broader academic community, now they are to be hoarded and the “insights” sold !

    1. Carey

      Thanks for this comment. Can one be forgiven for at least temporarily wishing to see
      the whole sick corporatist hulk come crashing effing down? It benefits only a tiny, *tiny*
      fraction of the citizenry- by design- and immiserates the rest of us; again, by design.


      1. kiers

        thanks and cheers. Remember that old joke: “If civilization were built out of software, the first woodpecker to come round would have rendered the apocalypse”! (Boeing now (perhaps) knows the tradeoff between s/w and physics, for example!) But oh the gas and hubris to come out of the technocratic rentiers is only paralleled by bankers: “Doing God’s work”, and “American Psycho”, “Bonfire of the Vanities”.

  5. Speck

    I get so annoyed with things like this when I think of what would have happened if the government had set up funding for an open source contest for this software and just paid all these vendors to support and contribute to a code base.

    Instead we can’t do anything under neoliberalism without corporate welfare being at the center of it. I’m speaking as someone who taught for healthcare reform only to see it become this corporate giveaway.

  6. m

    A hundred clicks to get information or chart is no joke.
    Hospitals scan in records from MD offices, outside hospitals and some even internal records, so RNs should be able to go back to paper charting having daily flowsheets scanned in. EHRs are only good for medication, health history, doctors orders, test results, etc…
    It is more time efficient to check a box on a paper form than in one of these EHRs. We waste more time on these than on people.

Comments are closed.