Lawsuit Against Epic Systems Dismissed as Other EHR Providers Face Legal Woes

The court ruled that the whistleblower’s complaint lacked credible allegations that any false claims were submitted to Medicare.

Last week, a federal Judge in the Middle District of Florida dismissed a lawsuit against electronic health record (EHR) giant Epic Systems. An EHR is a digital version, or database, of a patient’s paper charts. They allow for real-time sharing of patient-centered records – and, hopefully, better recordkeeping. While basic EHRs were only used at 9.4 percent of the nation’s hospitals in 2008, they were in almost 84 percent of hospitals in 2015.

The dismissal came with prejudice with respect to the whistleblower, effectively ending the matter, as the federal government had not intervened in the suit. The suit alleged that Epic Systems’ EHR caused hospitals to double-bill Medicare and Medicaid for anesthesia services. Epic Systems is the second-most popular EHR software on the market, behind only Cerner Corporation.

The whistleblower, Geraldine Petrowski, was a former compliance officer at a North Carolina hospital that used the software. She specifically alleged that Epic’s software was designed to double-bill as a result of a 2012 coding rule change with respect to anesthesiology services. On Jan. 1, 2012, the Centers for Medicare & Medicaid Services (CMS) changed its billing rules for anesthesiologists. Prior to 2012, anesthesiologist time was billed in 15-minute “base units.” Starting in 2012, CMS required that anesthesia services be billed for the actual time a physician spends on a procedure.

According to Petrowski, the Epic system billed for both actual time spent and equivalent base units, converting the base units into minutes and adding the two metrics together when generating a final bill. The complaint provided only one example of double-billing, at a hospital in Texas. In that case, a removal of a prostate was billed for 420 minutes, or seven hours, of anesthesiologist time. However, the anesthesia procedure summary noted that the whole surgery took less than five hours.

The Judge, James S. Moody Jr., ruled that the complaint did not “state with particularity the circumstance constituting the fraud” and lacked “some indicia of reliability.” Specifically, the ruling notes that Petrowski’s complaint lacked credible allegations that any false claims were submitted to Medicare, and it lacked any supporting details required (the “who, what, when, where”) to plead a violation of the False Claims Act. The court concluded that the complaint alleged that it was theoretically possible that Epic’s software could generate bills that resulted in double payment for anesthesia services, but that such fraud actually occurred was purely speculative.

The ruling comes at a time when several of Epic’s large competitors, eClinicalWorks and Allscripts, have their own legal woes. In May, eClinicalWorks (ECW) settled a False Claims Act case for $155 million. In that case, ECW allegedly misrepresented the capabilities of its software when the EHR was being tested for CMS certification. Healthcare providers that use CMS-certified EHR software qualify for incentive payments from CMS. Instead of developing software that met the relevant requirements, ECW allegedly designed software to pass the certification requirements without actually meeting the certification criteria. ECW also was accused of paying kickbacks to users in exchange for attestations by users that the software met the certifying criteria. The company is now facing a class-action lawsuit from its current and former customers over the same alleged inadequacies in their product.

Allscrips is also facing a class-action suit from its customers. A week after its software was the target of a massive cyberattack, its users are alleging that the strain of ransomware used, SamSam, has been a known threat since March 2016, and the company failed to adequately and reasonably guard against it.

While EHR programs are now a part of day-to-day life in the healthcare field, so is the potential for fraud and risk associated with the software. The vigilance of doctors, nurses, coders, and hospital employees will be essential in stemming the tide of risk and fraud in this area.