Avoiding fraud risks associated with EHRs.

Fraud associated with electronic health records (EHRs) generally falls into two categories: inappropriate billing by healthcare providers and inappropriate access by a system's users. A provider's EHR system requires controls to be of any significant help in detecting such fraudulent activity, or in gathering transactional evidence should such activity be identified. To protect against potential EHR-related healthcare fraud, providers should follow the recommendations established in 2007 by RTI International for the Office of the National Coordinator for Health Information Technology of the U.S. Department of Health and Human Services.