Top 10 Takeaways From the EClinicalWorks Settlement
By Colette Matzzie
1. The federal False Claims Act provides an effective way to hold EHR vendors accountable for failing to meet Meaningful Use standards.
Many customers had complained to EClinicalWorks about major problems with its software, but little changed. It took a knowledgeable healthcare IT implementation specialist and the might of the US government to get the software problems fixed. They used a powerful whistleblower law known as the False Claims Act, which encourages whistleblowers to fight fraud by filing “qui tam” lawsuits, to force ECW to take action. Anyone who “causes” false claims to be submitted to the government is liable under the False Claims Act. Customers of ECW relied on representations that ECW’s EHR technology was properly certified and therefore, unknowingly submitted tens of thousands of claims for government incentive payments that falsely attested MU requirements had been met.
2. The federal Anti-Kickback Statute forbids EHR vendors from paying or rewarding users to promote or refer others as customers.
Many healthcare providers, pharmaceutical companies, and medical device manufacturers have been penalized for violating the Anti-Kickback Statute, but the ECW case is the first time it has been applied in the EHR industry. The government cited payments totaling almost $300,000 through ECW’s “referral program,” “site visit program,” and “reference program,” in addition to unknown amounts for consulting and speaker fees paid to influential users, as evidence of alleged violations of the Anti-Kickback Statute. The law prohibits providing money, gifts, or other remuneration intended to get referrals for services or items paid for by federal healthcare dollars except under very limited circumstances.
3. The accuracy of representations made to certifying bodies will be a factor when the DoJ reviews the liability of an EHR vendor under the False Claims Act.
Certification by a government Authorized Testing and Certification Body has been a prerequisite to successful sales because buyers can obtain federal incentive payments only for certified EHR technology. The government cited EClinicalWork’s decision to modify its software to “hard code” the drug codes needed for testing without meeting the certification criteria as evidence that ECW had “falsely obtained” its certification. This gave rise to its liability under the False Claims Act. Accurate and truthful information will remain a requirement for certification, despite the debate over whether the certifications adequately ensure software reliability and patient safety.
4. The Office of Inspector General crafted an innovative Corporate Integrity Agreement requiring ECW to fix deficiencies, notify its customers, provide customers with free upgrades, and permit customers to transfer clinical data without penalty.
As part of the settlement, ECW signed an expansive, state-of-the-art Corporate Integrity Agreement that the OIG put together to ensure that providers and patients are protected going forward. ECW is required to take significant remedial steps, which included sending out a series of notifications and advisories to customers that advise them of patient safety risks with its software, giving customers an opportunity to obtain updated (and presumably remediated) software free of charge; and offering the opportunity to transfer clinical data to another vendor free of onerous penalties or other restrictions. Software vendors should consider the agreement a guide to understand the risks they will face if their software does not meet federal requirements or if other misconduct occurs.
5. The government deems data portability and audit log requirements to be essential to proper EHR functioning.
EHR systems are required by the government to be able to export clinical information on patients electronically, including by batch exports, and reliably and accurately record user actions in an audit log. In its complaint-in-intervention, the government faulted ECW for allegedly misrepresenting these capabilities, and made clear that these omissions from the software were not acceptable.
6. EHR vendors need to respond in a timely and effective manner to customer reports of software defects, usability problems, or other issues that may present a risk to patient safety or that may violate federal law.
The Corporate Integrity Agreement requires ECW to notify OIG of certain reportable events that involve patient safety, certification, or a matter that a reasonable person would consider to be a violation of law. The government wants all EHR vendors to report significant problems or violations of law, especially when patient health or safety may be at issue.
7. EHR vendors should have persons and procedures in place to ensure compliance with federal law, just as healthcare companies do.
ECW’s Corporate Integrity Agreement requires the company to establish a compliance program with a compliance officer and a written code of conduct, similar to what many healthcare companies have. That’s something all EHR vendors should consider doing, as it’s wise to offer employees clear avenues to report concerns internally. Most employees prefer to address concerns internally before blowing the whistle by filing a qui tam lawsuit – unless the company has shown it is not responsive to legitimate concerns or will retaliate against employees who speak up.
8. The government will hold managers personally responsible for activities of the EHR vendor company.
The ECW settlement holds both the company and its three founders (the CEO, CMO, and COO) liable for payment. The settlements reinforce the DoJ’s commitment to individual accountability for corporate decisions in a very tangible way.
9. EHR vendors must ensure that all contracts and agreements with its customers do not restrict disclosures of information about the performance of the software or reporting of patient safety concerns (the “anti-gag” rule).
ECW’s Corporate Integrity Agreement requires that contracts between the company and its customers do not restrict customers from disclosing concerns about the performance of its software. This includes concerns related to patient safety, public health, and product quality. Other vendors should consider adopting similar “anti-gag” practices.
10. Whistleblower rewards may be paid for information that leads to successful resolution of a federal qui tam action against an EHR vendor.
The ECW case shows the government welcomes whistleblowers who have information about significant problems with EHR software. Under the False Claims Act, the government will pay whistleblowers a reward of 15 to 25 percent of the proceeds recovered by the government as damages and civil penalties, if the government joins the “qui tam” case filed by the whistleblower. The government awarded the ECW whistleblower $30 million.
Colette Matzzie is a whistleblower attorney and partner at Phillips & Cohen LLP, which represented the whistleblower in the EClinicalWorks case.