DOJ hits eClinicalWorks hard with $155 million settlement

Last week, eClinicalWork, a prominet ambulatory EHR vendor (who also just released their inpatient product), will pay $155 million as a result of a lawsuit settlement with the Department of Justice. The allegations include false representation of the product’s capabilities during ONC testing, as well as paying customers to use the software – violations of both the False Claim Act and the Anti-Kickback Statute.

“In order to score certification, EHR software must be able to pull any drug code from a database of standardized drug codes. To get around that, eClinicalWorks hard-coded into its software with only the 16 drug codes that were needed to pass the certification test. The company also failed to properly record user actions in a log, among other problems, according to the U.S. Department of Justice. 

The meaningful use program also imposes certain data-portability requirements on vendors to ensure interoperability between EHR platforms. However, eClinicalWorks’ software did not meet that criteria.” (Modern Healthcare (…))

The ONC established the ONC Health IT Certification Program: Enhanced Oversight and Accountability Final Rule which expands the federal oversight of health IT, including EHRs. Under the rule, the ONC can directly review certified health IT to make sure it’s meeting certification requirements when the office thinks the technology endangers public health or safety. Certainly, this is a step in the right directly to help insure this type of oversight by the certifying bodies will not happen again….but is it enough?

If there has ever been a time to press your EHR vendor on its capabilities and ​how​ functionalities work, including concerns about workflow affecting patient safety, its NOW. Users can often spot problems with systems as they train on them and use them daily, and usability and design issues now may carry even more weight with vendors to listen to user concerns.

So what does this mean for eClinicalWorks users who have attested to the EHR Incentive Program and received incentive funds? Probably nothing as the DOJ and CIA have clearly found the vendor at fault. However, MU attestation audits can occur up to 7 years following the attestation year and eClincalWorks users may need to plan for responses to those requests in light of the settlement and software’s deficiencies.

In addition, we strongly recommend taking the following actions:

  • Conduct a risk assessment as to whether this will affect Medicare/Medicaid attestations (prior or current) and MIPS attestation. To do so, we suggest having eCW provide a letter or email that states the version a customer is on is not subject to the certification issues
  • Then determine what if any upgrades are needed
  • Lastly, determine if this event will possibly lead to replace the system and take up the DOJ offer that they must pay for data transfer.

Our PrivaPlan Associates continue to work with our clients at the front lines of the EHR Incentive Program, as well as MIPS/APMs. If you’re audited, and don’t know how to respond, we’re here and always happy to help.

Related Posts

Access PrivaPlan Toolkit

Access CMA-PrivaPlan Toolkit

Sign up for updates

Sign up. Learn about Compliance

Subscribe now for up-to-date information about privacy & security compliance! You’ll receive emails regarding news about compliance & alerts for new blog posts.