A health records software company will have to pay $155m to the US government to settle accusations it was lying about the data protection its products offered.
The Department of Justice said that eClinicalWorks (eCW), a Massachusetts-based software company specializing in electronic health records (EHR) management, lied to government regulators when applying to be certified for use by the US Department of Health and Human Services (HHS).
According to the DoJ, eCW and its executives lied to the HHS about the data protections its products use. At one point, it is alleged that the company configured the software specially to beat testing tools and trick the HHS into believing the products were far more robust and secure than they actually were.
One cheatware trick involved hard-coding the software to produce drug codes from memory (rather than query a database and return the result), to create the illusion that the software was able to access large databases.
In other cases, eCW was found to be lying about the software's ability to transfer records between doctors and audit transfers. As a result, the DoJ says eCW's software had been filing false claims with the federal government.
Additionally, the DoJ charged that eCW staff had been giving kickback payments to customers who helped to promote the software.
"Electronic health records have the potential to improve the care provided to Medicare and Medicaid beneficiaries, but only if the information is accurate and accessible," said Phillip Coyne, special agent in charge, Office of Inspector General.
"Those who engage in fraud that undermines the goals of EHR or puts patients at risk can expect a thorough investigation and strong remedial measures, such as those in the novel and innovative Corporate Integrity Agreement in this case."
Under the terms of the settlement, eCW as a company and three executives (its CEO, COO and chief medical officer) will have to pay the $155m, while one of the company's developers will have pay $50,000 and two product managers will be required to cough up $15,000 each.
In addition to the $155m fine, eCW will agree to the corporate integrity agreement [PDF], which calls on the company to hire a compliance officer charged with keeping the company certified and compliant with government data protection requirements for EHR software. ®