The Perfect Storm


Practical E/M   •   Solutions for Quality Healthcare   •    Stephen R. Levinson, MD



Between the incentives and mandates for electronic health record systems are basic problems that must be fixed to achieve success


Stephen Levinson, MD, CHCA, CHAP;
Deborah Grider, CPC, CPC-H, CPC-P, CCS-P, CCP;
Robin Linker, CPC, CPC-H, CCS-P, MCS-P;
Susan Thurston, CPC, CPC-H, CMM, CCS-P, MCS-P


Today’s political and economic environment has focused a bright spotlight on healthcare reform and the promotion of health information technology (HIT) in particular. The Obama administration has promised to invest $10 billion per year over the next five years in HIT, including electronic health records (EHRs). Senator Max Baucus, chairman of the Senate Finance Committee, has stated that he considers HIT to represent “the beginning of healthcare reform and a key part of the economic recovery.”

The Centers for Medicare & Medicaid Services (CMS) is also exerting increasing economic pressure on physicians to purchase and use HIT: financial incentives for using electronic prescribing through 2013 and rising penalties to practices that fail to employ this technology starting in 2012. The administration’s stimulus package provides incentives for practices to implement and use a certified EHR system, while those practices that don’t adopt these systems by 2014 will receive reductions in reimbursement rates.

Health policy advocates justifiably point to a myriad of potential benefits that should derive from the widespread implementation of EHRs, from safe storage of health information to electronic sharing of clinical information. The knowledge shared through this access to patients’ medical data promises to improve patient safety and reduce costs associated with duplicate and/or unnecessary tests and treatments. The use of electronic prescribing further promises to reduce medication errors, ranging from drug interactions to misinterpreted handwriting.

Most physicians who introduce EHR systems into their practices seek promised advantages for enhancing quality care and patient safety through the systems’ touted data storage and retrieval characteristics. Electronic records bring physicians immediate access to their patient documents and data. They speed the flow of information within the medical office and save significant office staff time and cost in locating, pulling, and then refiling patient charts.

Likewise, most physicians include among their highest priorities the goal of compliant E/M coding. Physicians believe they have a right to expect that these sophisticated and costly systems will ensure that they achieve compliant documentation and coding, thereby “making any E/M problems go away.”

However, something has gone awry to create an environment that leaves well-intended physicians victimized when government audits reveal their software systems have allowed--even facilitated--submission of non-compliant and potentially fraudulent claims for E/M services. In the midst of increasing storm warnings of non-compliant designs, physicians are increasingly vulnerable to severe financial penalties.

This devastating storm has been developing for many years, often bolstered by an unintended lack of effective policies from several organizations that should have the best interests of physicians, patients, and the healthcare system at their core--organizations such as CMS, the Certification Commission for Healthcare Information Technology (CCHIT), and the U.S. Department of Health and Human Services (HHS), as well as EHR software vendors and physician training institutions (for more information, see sidebar A).


Gathering Storm Clouds

Analyses of problems with EHR systems by physicians and their practice managers consistently reveal that the overwhelming preponderance of their challenges relate to the rarely discussed data-entry characteristics of the electronic history and physical (H&P), not to the heralded data-storage and retrieval features of their systems. One physician personally reported that “the software forces me to enter clinical information in a preloaded format; when I see a patient three weeks later, I cannot find any individualized details of the previous visit or understand why I did what I did.”

In April 2008, a study published in the New England Journal of Medicine reported similar problems, pointing out that “Notes that are meant to be focused and selective have become voluminous and templated, distracting from the key cognitive work of providing care. Such charts may satisfy the demands of third-party payers, but they are the product of a word processor, not of physicians’ thoughtful review and analysis. They may be ‘efficient’ for the purpose of documentation but not for creative clinical thinking.”

The study also reported an example of the consequences of these problems: “A colleague at a major cancer center that recently switched to electronic medical records said that chart review during rounds has become nearly worthless. He bemoaned the vain search through meaningless repetition in multiple notes for the single line that represented a new development…Ironically, he has started to handwrite a list of new developments on index cards so that he can refer to them at the bedside.”

Too often, these problems have proven insurmountable. At the Second HIT Summit in 2005, Mark McClellan, MD (then the administrator of CMS), reported “40 percent of attempted implementations fail.” According to the April 1, 2006, issue of CIO Magazine, “The [Health and Human Services] department itself has acknowledged that the failure rate for EHR system implementation is 30 percent to 50 percent. Some healthcare network providers claim it is as high as 70 percent,” according to the article.

These electronic H&P challenges can manifest in one or more of four interrelated areas:

1) Integrity of the clinical information recorded
2) Usability, quality of the clinical care and workflow guided by the record
3) Malpractice protection
4) Evaluation and management (E/M) compliance

When audits reveal lack of compliant documentation generated by physicians using an electronic H&P, the findings can be viewed as the “canary in the coal mine” to warn of additional impending dangers related to data integrity, quality of care, and malpractice protection.

During the last several years, a significant number of articles have pointed out compliance problems intrinsic to the majority of current EHR systems. Chief among these relate to coding engines that fail to consider medical necessity, which CMS describes as “the overarching criterion for payment,” and certain types of data-entry functionality, specified below, that result in “cloned documentation,” in which the records of every visit read almost word-for-word the same except for minor variations confined almost exclusively to the chief complaint. 

Physicians have long been counseled that a well-documented medical record provides the best defense in the event of a claim of medical liability. The June 2008 issue of the Journal of AHIMA quoted EHR legal expert Patricia Trites on the potential danger of electronic systems that permit copying of near-identical documentation into large numbers of patient records: “‘From a medical-legal standpoint, what would [lawyers] do when they [see] this chart?’ she asks. ‘They are going to rip it apart.’”

In 2007, HHS and the Office of the National Coordinator for Health Information Technology (ONCHIT) published an extensive report on “Recommended requirements for enhancing data quality in electronic health record systems.” The section that reviews E/M documentation features (and analyzes current certification criteria for these EHR features) advises that “EHRs provide a variety of tools that enable a provider to be more efficient when documenting an encounter….These tools include the use of defaults, templates, copying, and others. The report then continues with the warning, “[These tools] can be extremely helpful if used correctly [italics added for emphasis]; however, the tools can also open the EHR-S up to fraud or abuse.”  


  • The problem that physicians face is that most current EHR system designs have failed to incorporate protections to ensure the correct use of these shortcut tools. Without such “error proofing,” it is not feasible for physicians, while concentrating on patient care, to differentiate the settings in which these various tools can be used compliantly from those circumstances in which their use could lead to non-compliant or even fraudulent documentation.

The Perfect Storm Converges

Let’s summarize.  Where are the storm fronts forming this perfect storm coming from?  An EHR system “weather map” reveals the following:

  • Physicians whose conventional medical education lacked training in the relationship of compliance to quality care and also failed to provide medical record tools that promote compliant (and efficient) documentation and coding
  • Time constraints imposed by significantly constricted reimbursement environment
  • Powerful incentives for purchase and implementation of EHR systems
  • Software systems that a) may have coding engines that fail to account for medical necessity; b) may have designs that automatically guide physicians to create records with high levels of documented care for every visit; c) may have shortcut documentation tools that create “automated” documents, identified by HHS as “having the potential for fraud and abuse”; and d) therefore consistently derive and recommend submission of high-level E/M codes for almost every patient encounter
  • Accurate Medicare or Office of the Inspector General (OIG) auditors reviewing medical records of the practices whose recently implemented medical records have drawn their attention by consistently submitting claims for high levels of E/M care.

Ms. Gryder, Ms. Linker, and Ms. Thurston are three compliance experts who were called in to assist different physician groups during federal and state audits of those groups’ electronic H&P records, conducted either by individual Medicare Carriers, Recovery Audit Contractors (RACs), or the Office of the Inspector General (OIG) of the HHS. In each of the four cases, the audits revealed non-compliant E/M claims that were submitted as a consequence of physicians using their EHRs in accord with their particular designs for E/M documentation and coding.

The four practices employed between 1 and 10 physicians. The government audit evaluated between 20 and 100 charts per physician, and the percentage of charts failing audit for each physician ranged from 20 to 95 percent.

As a result of these findings, each practice was assessed a significant penalty for non-compliant documentation and coding. For the practice with the lowest percentage of failed audits, the final determination required repayment to Medicare of approximately $50,000 per physician. For the other three practices, the repayments ranged from  $150,000 to $175,000 per physician. For at least one of the practices, the audit also imposed an administrative requirement of prepayment review for 100 percent of all future Medicare claims.

Even though each practice was using a different EHR, there was a remarkable similarity in the design and functionality limitations identified as the causes of their compliance problems:

  • All of the systems had designs that failed to meet all of CPT’s and Documentation Guidelines’ published requirements for compliant documentation of medical history, physical examination, medical decision making, and nature of the presenting problem(s) (which is the E/M system’s measure of medical necessity)
  • Each of the systems included three or more types of data-entry functionality that has been consistently identified as having the potential to promote noncompliant or even fraudulent documentation
  • The E/M coding engines of all four systems failed to consider the three levels of risk in decision making, failed to consider medical necessity in determining appropriate code levels, and failed to recognize the critical role of medical necessity in guiding medically indicated levels of care, documentation, and coding

The authors who reviewed the records and audits for these practices observed that while many EHRs present physicians with one or more mechanisms to automate documentation of required history and examination elements, from both the compliance and the data integrity perspective, “automation is not documentation.”

The added danger is that such automated documentation can also distort physicians’ optimal care and workflow, and destroy data integrity. For example, in one of the reviewed practices, use of the EHR’s pre-loaded macros for the physical examination actually created automatic documentation indicating females had received “prostate exams” and males had “negative pap smears.”

The outcomes of these federal audits have been devastating, emotionally as well as financially, for the physicians and staffs of the practices involved. The failure of the EHR systems to provide for compliant E/M documentation and coding and protections against overcoding and undercoding led to statistically remarkable increases in the percentage of claims submitted with level 4 and level 5 codes. This increase drew the attention of government auditors, and the medical records created using these systems most often could neither support the levels of care submitted (primarily due to documentation shortcuts creating “cloned” records) nor the medical necessity for providing such high levels of care (due to failure to consider the nature of the presenting problem).

The overall conclusion derived from these reviews is that electronic record systems should provide sophisticated designs and functionality based on physicians’ optimal patient-care workflow. They should be required not only to guide physicians in providing high-quality care and creating compliant documentation, but to protect against designs that have the potential to disrupt optimal care and/or generate non-individualized and non-compliant medical documents.

Strategies for Avoiding the Perfect Storm


The causes of this perfect storm must be identified, spotlighted, and eliminated. In response to these imminent dangers, practices that are currently using EHRs should obtain assistance from E/M compliance experts. They should insist that their vendors eliminate all non-compliant documentation and coding functionality related to their systems’ electronic H&P, replacing such features with effective documentation tools that are usable, efficient, and compliant.

Similarly, when practices investigate the possibility of purchasing an EHR system, they should include experts in compliance and quality documentation on their evaluation team. As a condition for purchase, they should also require that these systems must be usable for their physicians, efficient, contain only compliant documentation and coding tools, provide only for recording of individualized, meaningful, and reliable clinical information, and promote the quality-care process.

Figure 1 illustrates a sample blueprint for certifying that electronic H&P designs are “operable as well as interoperable.” It presents standards that meet physicians’ common criteria for effective medical records; these standards advocate for creative designs that not only promote quality care and meaningful documentation, but that also protect against non-compliant documentation and distorted care. Physicians and practice managers would do well to require that EHR systems meet such criteria before purchase or implementation.

Figure 1: Sample Blueprint for Certifying Effective Electronic H&P Designs

  • Certification for “Optimal H&P Design
    • Provision for ability to document all E/M components and sub-components required to ensure compliant E/M documentation and coding
    • Appropriate application of graphic and narrative interface designs in each section of the electronic H&P
    • Incorporation of a compliant coding engine capable of: 1) reliably considering all E/M components including nature of the presenting problem (which represents medical necessity), 2) providing all three individual code calculations (i.e., code based on key components, medical necessity, and time for counseling visits), and 3) guiding appropriate levels of care and documentation based on physician’s determination of medical necessity for each encounter
  • Certification for “Optimal Functionality
    • Provides effective data entry tools in all three formats – writing, dictation, and entry by keyboard and mouse
    • Meets acceptable benchmarks for the following critical factors: compliance, usability, efficiency, data integrity, and promotion of quality care
  • Certification for being “Audit Protected
    • Guides physician documentation of all E/M components and subcomponents, with particular attention to the role of medical necessity
    • Ensures protection against overcoding on the basis of documentation (i.e., code selected must not exceed level of care documented)
    • Ensures protection against overcoding on basis of medical necessity (ie, code selected must not exceed level of care warranted by nature of the presenting problem)
    • Prohibits designs and functionality that create automated documents (identified by HHS and Office of the National Coordinator for Health Information Technology (ONCHIT) as “tools [that] can also open the EHRs up to fraud or abuse”) 
    • Requires entry of patient-specific and encounter-specific documentation for every visit
  • Certification for being “Compliance Enhanced
    • Guides assessment of nature of the presenting problem(s) at appropriate stages of each encounter (i.e., after the medical history, after performing the physical examination, and a final confirmation upon completion of medical decision making)
    • Provides medical necessity-based guidance, during each encounter, of medically indicated levels of care and corresponding documentation
    • Ensures protection against undercoding on basis of documentation (i.e., code selected should not be lower than level of care documented)
    • Ensures protection against undercoding on basis of medical necessity (i.e., code selected should not be lower than level of care warranted by nature of the presenting problem)


Source: (Levinson, S, Practical EHR: Electronic Record Solutions for Compliance and Quality Care, American Medical Association, Chicago: 2008, pages 399-400).

Role of physicians’ societies and stakeholders

Finally, it is incumbent upon physicians’ professional societies to seek the assistance of compliance experts and initiate policies that require corrective action for the underlying causes of these currently identified EHR system problems. This effort can include the following initiatives:

  • Physician training institutions (medical schools and residency programs) should reinforce their current training for a comprehensive medical evaluation with training in E/M compliance and with provision of efficient documentation tools that physicians can use to provide these comprehensive levels of care within the time constraints of residency and medical practice
  • EHR software vendors must provide systems whose design and functionality have the capability to guide physicians to effective care and compliant documentation, including elimination of all potentially non-compliant functionality. This calls for vendors to implement the same levels of investment and creative effort into their systems’ data entry capabilities and the design features of the electronic H&P that they have already made for data-storage and retrieval capabilities. Further, if CCHIT does not incorporate criteria to certify these requirements, the medical societies themselves may need to establish them and provide substantive review of this aspect of electronic records
  • CMS must meet its own standards for compliance by requiring its fiscal intermediaries (i.e., carriers) to employ only auditing and coding tools that are compliant with the established standards in CPT and the Documentation Guidelines. It must also institute a policy requiring designs to be compliant and audit protected as a condition for EHR systems to be eligible for CMS’ payment incentive programs
  • CCHIT has a responsibility that certification should provide meaningful protection to physicians (for systems that ensure compliance) and patients (for systems that guide and promote an optimal care process). It should therefore incorporate high-quality criteria for functionality and compliance of the electronic H&P. These and all other criteria should be reviewed and authenticated by a consortium of medical societies and coding compliance societies
  • HHS and the ONCHIT should modify their focus, supplementing concerns for potential fraud and abuse with an even greater focus on standards that protect physicians from non-compliant software designs and from educational approaches that impair their abilities to practice the optimal care process that is the core of their training and their ethic.

A Clarion Call
As the Obama administration provides incentives for the much needed adoption of electronic health records, it must provide protections that guarantee not only the sharing of information, but also that the process of gathering this information and the quality of the information recorded are optimized. Recent compliance audits by federal agencies confirm the warnings about E/M compliance dangers accompanying documentation shortcuts introduced by many current EHR software designs. These audits are a clarion call for stakeholders to eliminate the problems they have created, however unintended. Stakeholders must structure an environment where physicians receive appropriate training with effective and compliant documentation tools, where software systems provide only compliant designs and protect against improper documentation, and where governmental agencies eliminate non-compliant practices in their own organizations and mandate compliant designs in the software systems they are advocating and promoting.


Numerous organizations have played a role in the brewing EHR system storm that has imperiled the medical landscape. Among them:

  • Physician training institutions (medical schools and residency programs)
  •  Although medical schools still introduce medical students to the practice of clinical medicine by emphasizing the importance of performing and documenting a comprehensive, patient-specific history and physical (H&P), they fail to train student physicians about E/M compliance and its relationship to optimal diagnostic care. In addition, they continue to provide student physicians with only outdated, inadequate, and time-consuming documentation tools (usually nothing more than a blank sheet of paper and a pen) for recording the H&P.

2)  EHR system software vendors

  • Current software systems emphasize features for data storage and retrieval, but they commonly fail to meet physicians’ needs for the critical electronic H&P component to be usable, efficient, and E/M compliant, and provide individualized, patient-specific and visit-specific documentation for every encounter. Non-compliant H&P designs and functionality frequently replace authentic documentation with automated data-entry features. An additional negative consequence of this approach is that it can disrupt and distort the diagnostic processes that promote optimal patient care.
  • Most current systems provide medical practices with contracts that disavow any responsibility for documentation and coding compliance. Therefore, despite the fact that these systems, when used as intended, can allow or even lead clinicians to create intrinsically non-compliant documents, the software companies’ contracts relieve them of legal responsibility to the physicians for the consequences of these designs.
  • The Centers for Medicare & Medicaid Services (CMS)
  • CMS has been a strong advocate for physicians adhering to E/M compliance, including co-authoring the 1995 and 1997 versions of the Documentation Guidelines for Evaluation and Management Services. Paradoxically, however, CMS has also permitted its individual carriers to employ a number of non-compliant E/M coding and auditing practices that provide improper review of medical records and can guide physicians to inaccurate coding and failure to address medical necessity.
  • CMS is also actively involved in promoting physician adoption of EHR systems. However, initiatives by CMS have failed to require that the EHR systems approved for these programs provide designs and coding functionality that promote and ensure E/M compliance. It is internally contradictory and diabolical for CMS to promote the use of EHRs that can lead to financially punitive audits by Medicare carriers or the OIG.
  • The Certification Commission for Health Information Technology (CCHIT)
  • This private organization promotes itself as providing standards for the EHR industry. CCHIT claims that when it comes time to take a closer look at select products, physicians won’t have to test the basics because that’s covered under the certification process. However, for physicians, the “basics” start with a functional and compliant electronic H&P. Yet CCHIT provides only 6 criteria (out of more than 330) that concern themselves with the electronic H&P, data-entry features, and E/M compliance (all the others relate primarily to interoperability and/or security).
  • Further, these few H&P criteria include approval of the documentation tools that HHS has identified as having the potential to promote fraudulent documentation. In addition, while they do include a written requirement for systems to select an “appropriate CPT E/M code, CCHIT has clearly failed to enforce this standard since nearly all currently approved systems fail to consider medical necessity, which CMS describes as the “overarching criterion for payment.”
  • The Department of Health and Human Services (HHS) and the Office of the National Coordinator for Health Information Technology (ONCHIT)
  • When its 2007 publication on Enhancing Data Quality in EHRs identified the capability for current software design features to facilitate fraudulent documentation, HHS and ONCHIT should have mandated that vendor designs and CCHIT criteria must ensure error-proofing against such improper inclusion of these design features in the electronic H&P. Instead, this report called for “having an audit version of the EHR that shows the tools used and the individuals who used them [to] enable retroactive detection of patterns of abuse or fraud.” This approach moves physicians and medical practices directly into the crosshairs of this perfect storm, by calling for punitive investigation of those who are victimized by non-compliant software designs to inadvertently perform non-compliant documentation and coding, instead of (appropriately) mandating elimination of non-compliant EHR designs and functionality.