How Copy-and-Paste Makes EMR & EHR Fraud Easy

Healthcare Data Privacy

Federal officials say the copy-and-paste features common to computers which are used to enter Electronic Medical Records (EMR) and Electronic Health Records (EHR) invite fraud.  Merely copying and pasting another patient’s clinical notes can be considered fraud. The Federal Government believes there is a need to reduce the healthcare provider’s ability to duplicate notes.

In a report dated December 2013, the Office of Inspector General (OIG) of the Department of Health and Human Services (HHS) says: “Not All Recommended Safeguards Have Been Implemented in Hospital EHR Technology.”  The study was done by the OIG who sent out a questionnaire to 864 hospitals that received Medicare payments as of March 2012. The OIG also visited eight hospitals to see how the EHR & EMR systems were being used.  In addition to obtaining information from health care providers, the OIG surveyed four EHR vendors about the implementation of fraud safe guards in their software products.

According to the report: “Copy-pasting, also known as cloning, allows users to select information from one source and replicate it in another location. When doctors, nurses, or other clinicians copy-paste information but fail to update it or ensure accuracy, inaccurate information may enter the patient’s medical record and inappropriate charges may be billed to partients [sic] and third-party health care payers. Furthermore, inappropriate copy-pasting could facilitate attempts to inflate claims and duplicate or create fraudulent claims.”

When the experts at Evidence Solutions, Inc. examine Electronic Medical Records, they may look for evidence of note cloning. The process is made difficult, however, by the fact that they rarely see more than one patient’s records.

HHS agencies have confirmed they are developing comprehensive rules and regulations to deter fraud and abuse involving EMRs / EHRs, including guidelines for cut-and-paste features. According to the OIG report, “Certain EHR documentation features, if poorly designed or used inappropriately, can result in poor data quality or fraud.”

“When a healthcare provider inappropriately clones sections of a medical record, he or she may be entering the crosshairs of CMS (Centers for Medicare and Medicaid Services),” so says Dr. Burton Bentley II*, an emergency physician with 21 years of clinical practice.  “When an EHR does not accurately reflect the clinical encounter, then the clinician’s documentation may be subject to federal scrutiny.”

While it may seem that copying and pasting information from similar patient records is benign, failure on the part of providers to review what has been copied can lead to significant discrepancies between what really was collected from the patient encounter and the notes recorded in the record.

A missed edit from “positive result” to “negative result” can have devastating effects on not only the patient’s record but on their treatment.

Regarding fraudulent claims, it is easy to understand how copy-and-paste make it too easy to bill for work which wasn’t actually performed. Especially when the copied text comes from a different patient’s record with a couple of keystrokes.

The study found that only about one quarter of the hospitals surveyed had policies in place that governed the use of Copy and Paste in EHR and EMR systems.

* Dr. Bentley is a practicing Emergency Medicine physician and Fellow of the American Academy of Emergency Medicine (EM).  He frequently consults nationally on medicolegal issues while enjoying a busy EM practice in southern Arizona.


About the Author:

For 30 years, Scott Greene has been helping owners, CEO’s, managers and IT departments understand data. Scott Collects, Analyzes and Explains Complex Electronic Evidence in Plain English.

In 2008 he created Evidence Solutions, Inc., a full service Computer, Technology & Digital Forensics firm, from the Technology Forensics department of Great Scott Enterprises.

Scott’s extensive knowledge draws clients to him from all over the United States as well as Internationally for consulting and expert witness services in the field of Computer, Technology & Digital Forensics. His extensive and diverse experience allows him to be an expert in many facets of computer & digital technology. He is a sought after speaker and educator and travels throughout the country presenting to local, regional, national and International organizations.