OIG Audit Finds that Majority of Part D Providers Surveyed used E1 Transactions for Potentially Inappropriate Purposes
Wednesday, March 4, 2020
filling out a healthcare form
Print Mail Download i

The Centers for Medicare and Medicaid Services (CMS) requested an audit by the Office of Inspector General of Medicare Part D eligibility transactions (E1) transactions. The OIG recently released its report of its findings and found that the majority of the providers evaluated used E1 transactions for some inappropriate purpose other than to bill for a prescription or to determine drug coverage billing order.

What are E1 transactions and why is this information disturbing?

According to the report, an E1 transaction is an electronic transaction consisting of both a request and a response. Here’s how it works according to the report: the provider submits an E1 request containing its provider identification number and basic patient demographic information. The transaction facilitator matches the data from the E1 request to CMS eligibility data and returns an E1 response to the pharmacy. The response contains a beneficiary’s coverage information, which allows the pharmacy to bill the beneficiary’s Part D plan after filling the prescription.

E1 transactions require protected health information (PHI) to determine the beneficiary’s eligibility. The OIG report found that 25 out of 30 providers they evaluated used E1 transactions for some other purpose other than to bill for a prescription or to determine drug coverage. Examples of the inappropriate uses included: to obtain coverage for beneficiaries without prescriptions, to evaluate marketing leads, to allow marketing companies to submit E1 transactions under the providers’ NPI for marketing purposes, to obtain information about private insurance coverage to bill for items not covered by Part D, and to allow non-pharmacy providers to submit E1 transactions.

The information found in the report is disturbing because it means that these providers obtained coverage information, including access to PHI, unnecessarily or used the E 1 transaction data for marketing purposes, both of which are potentially HIPAA violations.

The report states that CMS has undertaken corrective actions and has begun monitoring providers that submitted a high number of E1 transactions. The report also recommended that CMS continue to monitor E1 transactions, to issue guidance that E1 transactions should not be used for marketing purposes, and to take appropriate enforcement action when abuse is identified.

Copyright © 2024 Robinson & Cole LLP. All rights reserved.

Current Legal Analysis

More from Robinson & Cole LLP

Department of Justice Criminal Division Announces Voluntary Self-Disclosure Pilot Program for Culpable Individuals
by: David E. Carney , Danielle H. Tangorre
FTC Votes to Finalize Rule Banning Non-Compete Agreements Nationwide
by: Ian T. Clarke-Fisher , Trevor L. Bradley
Cisco Releases Updates to Vulnerabilities in Firewall Platforms
by: Linn F. Freedman
USPTO Issues Guidance on Use of AI Based Tools
by: Daniel J. Lass
California Trap & Trace Class Actions on the Rise in the Age of Website Trackers
by: Kathryn M. Rattigan
Aid Package Signed by President Biden Includes Divestiture of TikTok Requirement
by: Linn F. Freedman
Privacy Tip #395 – GM Faces Class Action for Collecting + Disclosing Drivers’ Data Without Consent
by: Linn F. Freedman
AI, Government Contractors, and Employment Discrimination
by: Data Privacy & Cybersecurity Robinson Cole
Chicago’s Application of Parking Regulations Violates RLUIPA
by: Eden (Hunter) Yerby
The Department of Education Releases Significant Revisions to Title IX Regulations
by: Kathleen E. Dion , Seth B. Orkand

Upcoming Legal Education Events

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins