[This Transcript is Unedited]
Hubert H. Humphrey Building
200 Independence Avenue
Washington, D.C.
DR. COHN: We are reconvening the second day of the meeting of the Standards and Security Subcommittee of the National Committee on Vital and Health Statistics, on the subject of PMRI Message Format Standards.
I would like to welcome everyone joining us on the internet. I want to remind everyone around the room to please speak clearly and into the microphone, so those on the internet can hear what is going on.
The focus of the hearings today is to talk about the status and implementation of HIPAA administrative simplification and prepare for the annual NCVHS report on this topic.
We are also going to start out this session by talking some about February hearings on coding issues, which Betsy Humphreys will be leading the discussion on, after we finish with the introductions.
Given that it appears highly likely that there will be a one-year delay of implementation for the administrative and financial final rules, as I am sure many of you are aware, bills were passed by both the House and the Senate in relation to this, and they are now just awaiting the signature of the President.
We will also discuss our role and what we can do to help assure successful implementation, given the revised time frame.
With that, let's have introductions around the room. For those on the national committee, I would ask if, as part of your introduction, if you would note if there are any issues coming before the subcommittee today for which you need to recuse yourselves.
With that, Jeff, would you like to start with the introductions?
MR. BLAIR: I am Jeff Blair, vice chair of the Subcommittee on Standards and Security. I am vice president of the Medical Records Institute.
I am a member of HL7, AMIA(?), HMSIS, ASTM, and there is nothing that I can think of that I need to recuse myself from.
DR. FITZMAURICE: I am Michael Fitzmaurice, senior science advisor for information technology at the Agency for Health Care Research and Quality.
I am one of two government liaisons to the national committee. I am staff to the Subcommittee on Standards and Security.
MS. HUMPHREYS: I am Betsy Humphreys from the National Library of Medicine, and I am also staff to the subcommittee.
DR. YASNOFF: Bill Yasnoff, associate director for science, Public Health Practice Program Office, Centers for Disease Control and Prevention, staff to the subcommittee.
MS. BURKE-BEBEE: I am Suzie Bebee and I am with the NCHS, CDC, and I am staff to the subcommittee.
DR. ZUBELDIA: Kepa Zubeldia, with Claredi, member of the subcommittee and committee, and also a member of WEDI and SNIP, EFECT(?), X12, NCPDP and ASTM.
MS. TRUDEL: Karen Trudel, Centers for Medicare and Medicaid Services, staff to the subcommittee.
DR. COHN: I need, despite the introduction, am Dr. Cohn. I need to indicate that, for the purposes of the procedure and coding discussions, that I am a member of the CPT editorial panel.
While I will participate in the discussion, I do need to recuse myself from any voting in relationship to procedure coding issues.
I am also a member of the ANSI health informatics standards board, and the National Uniform Claims Committee.
Now, for others around the room, for introductions?
MS. SQUIRE: I am Maryette Squire from NCHS.
MS. GUILFOY: Helene Guilfoy with Guilfoy Consulting.
MS. GILBERTSON: Ann Gilbertson with the National Council for Prescription Drug Programs.
MS. YEAGER: Maryann Yeager, WEDI/SNIP.
MR. SCHUPING: Jim Schuping, executive vice president of WEDI.
MR. WILLIAMS: Ernest Williams, vice president, industry affairs, for Pharmacy Service Providers.
MS. JENCKS: Debbie Jencks, National Center for Health Statistics, staff.
MS. WILLIAMS: Michelle Williams, CDC, NCHS.
DR. COHN: Thank you. Let me just review the agenda for half a second, just because there is a variety of issues that we all need to be aware of, that we will be talking about.
I need to inform those on the internet that we will be adjourned by 1:00 o'clock today, eastern time.
As I say, we will be starting out, for the first 25 minutes or so, talking about planning for the February 2002 coding set hearings.
I have asked Betsy Humphreys to lead that discussion. I want to thank you for preparing some background documentation for us to consider.
After that, we have invited Dr. John Loonsk from CDC to come and talk about CDC activities and some views on the framework that we developed yesterday for PMRI standards.
After a break, we have a panel talking about HIPAA readiness issues and observations. I think we will be obviously expanding that conversation, probably talking about the year's delay and how that all impacts things.
Then we will be sort of finishing up with a combined discussion about reflecting on what we need to do as a subcommittee, and for the national committee, in relationship to this year's delay, and what we need to be reflecting in the annual report to Congress on administrative simplification.
I guess, as I ask around this table, is there anything missing on this agenda? It is pretty full already.
With that, Betsy, do you want to lead off the discussion on the code set hearings?
MS. HUMPHREYS: Yes. I am speaking today in my capacity as one of three co-chairs of the Codes and Classifications Implementation Team for HIPAA.
My co-chairs are Donna Pickett of NCHS and Pat Brooks of CMS, and they have assisted me in putting this material together, as has my colleague at NLM, Vivian Alda, and also Karen Trudel.
We found, in preparing for this, that we were shocked to find out that we didn't have perfect memory of everything that was raised in the original publication of this rule.
What I have put together in the handout you have is sort of a one-page summary of what the issues are and were, and I am just going to review this very quickly.
At the time the final rule was published -- transactions rule, that is -- we all remember there was a lengthy preamble.
Much of this preamble dealt -- or a good chunk of it dealt -- with issues that had been raised related to code sets and classifications.
The main concerns that were raised at the time, other than the issues of the legality of delegating code sets with private copyright holders as standards, were the feasibility of using NDCs for other than retail pharmacy transactions, the feasibility of eliminating the use of local codes in conjunction with HCPCS.
People were concerned about what would be the process for replacing them, and would this be fast enough to deal with the industry's requirements.
Gaps in coverage of the standard code sets, and the need for additional code sets. The ones that specifically were raised at that time were areas related to home infusion, alternative therapies and mental health services and conditions.
The openness and fairness of the update processes that would be followed by the various code set producers that were going to be designated standards maintenance organizations under the rule, and there were special concerns raised there about HCPCS, CPT and the dental codes.
Then there were concerns about proposing immediate or future replacements for some of the code sets that were designated as standards.
In specific, there were concerns about whether we should be moving to UPNs, to ICD-10-CM, and to ICD-10-PCS.
So, in responding to these concerns in the preamble, HHS, in effect, did lay out somewhat of an agenda for the National Committee on Vital and Health Statistics to follow these issues.
It first indicated that CMS -- which, of course, has been HCFA -- was establishing a process that would address concerns about local codes.
We further went on to say in the preamble that all designated standards maintenance organizations would be required to have open update processes that ensured a hearing for all stakeholders and followed due process.
There was a comment that one of the strategies for addressing the gaps in coverage would be through updates to the code sets that were already designated as standards.
Then there was the statement that NCVHS would monitor the situation, to ensure that the processes were working to address the legitimate concerns of stakeholders.
In the case of the UPNs and ICD-10-CM and ICD-10-PCS, HHS indicated in the preamble that it was premature to adopt any of them as standards, given the requirement to select standards that already were in wide use in the community, and the need for more testing in the case of each of these.
Again, to remind us all, the rule itself, in the section on maintenance of standards and adoption of modifications and new standards, spells out that the Secretary will consider recommendations for modifications or new standards if these are:
One, developed through an open public process that allows for coordination with other designated standard maintenance organizations, which I will continue now to call by the dismal name, DSMOs, and an appeals process for the requester and the relevant DSMOs; expedited consideration of content needs identified within the industry; and the submission of the recommendation through the NCVHS.
Now, the NCVHS itself has, in the past, actually in a letter of 2000, specifically recommended changes to the process for updating HCPCS to the Secretary.
The NCVHS, last summer, also went on record as supporting the DSMO's position that interested requesters work with the maintainers of currently designated code sets to address gaps in coverage before new code sets are considered.
I think that is sort of a succinct review of why it is obviously incumbent upon the NCVHS to have hearings to find out what is going on with this.
Our proposed plan for discussion, obviously, today is that the Standards and Security Subcommittee will hold at least two sets of hearings in 2002 with dates actually set, I gather, for February 6 and 7, and that we would have another set of hearings possibly in May, to obtain information about --
DR. COHN: Betsy, it is actually April 9 and 10.
MS. HUMPHREYS: Oh, good. Is that the first set or the second set?
DR. COHN: Second set.
MS. HUMPHREYS: Okay, sorry about that.
DR. COHN: That is no problem. Then actually we have dates also held for the 29th and 30th of May.
MS. HUMPHREYS: I remembered that, but I forgot the other. Sorry. So, scheduled hearings in February and April, to obtain information about progress on eliminating local codes, and the extent to which the process being used addresses the concerns of stakeholders on that issue.
Also, to review the DSMO's current processes for handling requests for updates to code sets, and the extent to which these address stakeholders' concerns, are workable for both the requesters and the DSMOs themselves, and are addressing gaps in HIPAA code set coverage.
Then also, the desirability and feasibility of any modifications or additions to the actual list of HIPAA standard code sets and, if this is desirable and feasible, what is the appropriate timing for these changes.
So, further, the plan is to focus the February hearings on local codes and the DSMO update processes, and development of perceived needs for modification or additions to HIPAA code sets for procedures.
There are a number of issues related to procedures, as we will see, or as I have already seen, perhaps, and I think that it may not be possible to cover them all in two days.
The April hearings are definitely scheduled to address, or the thought is that they would certainly address disease and impairment code sets, but I am wondering if some of the procedure issues may not have to slop over into April as well. I am not sure.
So, after talking, as I say, to a variety of people, we were proposing that we should definitely have an update on the local codes process, the process for working on eliminating these which, as I understand it -- but I think Karen knows more about it than I do, or perhaps others in the room -- that CMS has been working pretty closely with a group of state agencies on dealing with state agencies' concerns, and trying to eliminate the local codes that the state agencies themselves have created for various reasons. Is that about right?
So, Karen suggested that Diane Davidson from the State of Kansas, who is somebody who has been working on this group, would be a good person to report on what is happening with the elimination of the local state codes.
I think that probably Kay Riley or somebody else from CMS should certainly, if not present, be on hand to respond to any questions or considerations that come up related to CMS' side of this activity.
Now, the idea that we had in mind was that we might have a status report on that. Then we might have another status report from WEDI/SNIP.
Again, Karen Trudel and Gladys Wheeler have given us the information that WEDI/SNIP is producing a report on the current DSMO update processes, or at least laying them out in a matrix about what the update processes are, and the time needed for updates to each code set.
We were thinking that having somebody just present that, summarize that information first, would sort of focus the conversation. I am obviously open to any suggestions about that.
Then the question about -- it is interesting. We may need to do a little bit more research here on the UPNs. That was a big issue in the comments.
At the time, I recalled that CMS was actually giving a waiver to California to experiment with the use of UPNs in the Medicare or Medicaid reporting.
So, I went back to find out, well, did this happen and could we have somebody report on the success or lack thereof, of that experiment.
I was informed that, in fact, California had decided not to do the experiment. This is what I was told by somebody at CMS.
I then thought, well, maybe getting a summary -- but I was unable to do it in time for this meeting -- of what was their rationale for deciding against it, that that might be informative.
So, after hearing all of this I thought, maybe we actually don't need a report on this but we can, in fact, ask the outside testifiers who are coming in, invite comments generally on whatever, and if they bring up UPNs again, then we will know what their current view of it is, but apparently, this experiment did not take place.
Those of you who suffered with us through the NDC code discussions -- and of course, we have already had those, which is why I have skipped right over that issue, although it was raised in the original thing -- may remember the fact that the NDC code identifies way down at the product level.
We were saying there is this interim level which is what the physician or other health care provider knows about the drug at the time that he orders it.
In a way, the UPN is the same issue. The UPN is very down at the individual product level. If I say that I need a tongue depressor, it could be filled by a thousand product codes, because presumably there are multiple manufacturers of those.
So, really, I can actually think about all the same issues that came up in terms of the problems associated with implementing NDC codes in other than the retail pharmacy thing, and say that some of these same issues might very well apply to product codes.
DR. COHN: Can I ask a question? I don't mean to interrupt your discussion, but one of the issues that we had had from previous hearings was medical device codes, which is sort of a kind of a product, but also is something that maybe is a little different. What are your thoughts on that?
MS. HUMPHREYS: The committee definitely needs to hear about the current status of medical device codes, and I probably should have put this on the list, although I don't know whether it would be possible to fit it into this hearing.
You do need to hear about this. The FDA has been quite busy in the international community, and coming out, I think, sort of in the first final version soon is something called the global medical device nomenclature system, which has been developed with a lot of input from the FDA and the European Union.
It borrows heavily from the ECRI universal medical device nomenclature system, although maybe not quite as heavily as everybody thought at the beginning of this process.
This, at least, sounds like really quite an excellent system with good definitions, as well as the nomenclature itself, and I think that the committee definitely needs to hear from the FDA about it.
DR. ZUBELDIA: Betsy, there is also an issue with vision codes.
MS. HUMPHREYS: Yes, I have that later on, Kepa, because it didn't come up originally. So, the issue is whether -- I think whoever is concerned about the vision codes definitely has to be invited to testify at this hearing.
So, whether UPNs need a status report or not, we need to find out, but obviously, if we are inviting general comments from people about what they see as gaps or additional things, it may come up again or not.
The other question is, obviously the committee needs to hear about ICD-10-PCS. The only reason for the question mark next to that one is for the February hearing, the timing issue or how many things can be covered.
I think there was, in May, a meeting where a number of stakeholders presented opinions about 10 PCS and whether there should be movement toward 10 PCS.
I think, of the groups that attended that meeting, which included members from the American Hospital Association and HEMA and other groups and the AMA, the AMA was opposed to moving to it. The rest were in favor of moving to it, although there were timing issues associated with it.
The industry, at least as represented at that set of hearings, which CMS had organized as part of the regular ICD update meetings and procedures, there is the issue of simultaneous -- the issue of simultaneously implementing it and ICD-10-CM, which came up in the comments that were received in those hearings.
I understand from Pat Brooks that the CMS continues to get considerable pressure from elements of the industry about moving ahead.
They are including various device manufacturers and so forth. Also, in some cases, I gather the device manufacturers have also issued queries to CMS through their congressmen about when we are moving to PCS.
I think it would be helpful to CMS for there to be some coverage of this in hearings and for there perhaps to be reinforcement for the position that CMS takes, which is that CMS is not in a position to unilaterally implement ICD-10-PCS, and I think people seem to forget that. I don't know if Karen has more comments you want to make about that issue.
I think obviously the real core of the hearings would be comments from stakeholders about local code elimination process, the DSMO's update processes, and the basic question of the need for modifications or additions to the list of HIPAA standard code sets.
DR. ZUBELDIA: Betsy, in this process, I would like to make sure that we get feedback from them on the maintenance of other code sets that are actually maintained by the DSMOs, such as claim status codes and some of the payment codes and so on.
MS. HUMPHREYS: That is a very good point. So, our notion is that basically we would come up with a range of -- obviously it would be a public announcement and we would be providing input from whoever wanted to provide it.
There would be a list of people that we would specifically go after and say you commented on these things in the past or are involved in this now. Would you please provide input to us on these areas.
Then presumably some group of these people would also be invited to actually testify, but I think that there are a large number of organizations that have a stake and an interest in these issues.
Probably there are more of them than can possibly actually give you oral testimony, although obviously inviting written input from a larger group is a way to help that.
MS. TRUDEL: Betsy, before you go on, I would just like to clarify that the DSMO organizations are actually the six groups that are specified by the Secretary in the notice that went with the final transaction rule.
That is the NUBC, the NUCC, the American Dental Association, NCPDP. So, they are actually code set maintenance organizations as opposed to DMOs.
MS. HUMPHREYS: That is right; I am sorry.
MS. TRUDEL: What Kepa's point is, I think, is that the DSMOs also maintain code sets. Is this the proper time to look at how that non-clinical code set maintenance process is going.
MS. HUMPHREYS: I apologize. I get confused about this. I should have said the designated code set maintenance people.
I would say that you definitely have to factor that into this. I agree with KEPA.
DR. ZUBELDIA: There is an issue with the DSMO codes, that some of them don't have a proper version control system, and they get updated whenever they get updated. They get published on a web site and that is it.
DR. COHN: Just to make sure I understand, you are really not talking about the DSMOs. You are talking about individual standards development organizations that have been accepted as HIPAA standards and their maintenance update activity.
DR. ZUBELDIA: That is correct.
DR. COHN: I was just trying to be nice to the actual DSMO organization, since we have hit them pretty hard in the last year.
DR. ZUBELDIA: It is external code sets that are part of the X12 NCPDP that are maintained by somebody.
DR. COHN: Okay, but that is another issue.
DR. ZUBELDIA: It could be a taxonomy code. It could be the claim status code. It could be the payment remarks code, something like that.
DR. COHN: We are actually talking about different things at once. So, I want to understand. There are code sets maintained by standards development organizations as part of their standards, and that is not an externally maintained code set.
Then there are externally maintained codes that are maintained by other organizations for the standard.
DR. ZUBELDIA: There is a third category, which is code sets maintained by the standard setting organizations that are not part of the standard.
MS. HUMPHREYS: Do we have to worry about those?
DR. ZUBELDIA: Those are the ones I am worrying about. There is not a standard defined version control program for those.
DR. COHN: If they are not part of the standard, what are --
MS. HUMPHREYS: Well, they are.
DR. ZUBELDIA: They are part of HIPAA but they are not part of X12, for instance. They are not X12 codes. They are external to X12, but they are still part of HIPAA, because they are named in the implementation laws.
DR. COHN: Who are they maintained by?
DR. ZUBELDIA: Associations maintain some of them, there are some ad hoc groups within X12 that maintain some of them.
DR. COHN: So, these are external.
DR. ZUBELDIA: Externally maintained, but they are not a code set maintainer per se, as we know them, like the American Medical Association.
DR. COHN: I think in the world -- Betsy, help with this one -- we talk about code sets maintained by the standards organizations.
There is this issue that I think you are describing that we typically call externally maintained code sets, and then there are HIPAA designated medical code sets, which is I think what we are talking about.
MS. HUMPHREYS: I think I would simplify it a little bit more than that. I would say that there are the HIPAA code sets. There are the medical code sets designated in HIPAA.
Then, there are other non-medical code sets that are considered to be part of the standard. Then I guess my feeling is that, even if the -- now is it -- X12 is a DSMO; right?
DR. COHN: Yes.
MS. HUMPHREYS: So, even if the DSMO that is responsible for that standard doesn't produce those non-medical code sets, then I still feel that they need to be concerned about the quality of the code sets and the procedures.
So, I think they should be the ones talking about it. After all, they designated somebody else to be in charge of it.
DR. ZUBELDIA: It is very tricky. If you ask X12, they will say, they are not ours. They are external. They are named in the external implementation acts, but they are external.
The external is a committee that runs the day before X12 and they publish it on a web site, and that is it. So, it may get very tricky.
DR. COHN: Marjorie has a question.
MS. GREENBERG: It sounds like this is an issue that the committee needs to look into. I am wondering if it should be combined with the hearing on procedure or clinical code sets or whether, in fact -- what is this, currently, a one-and-a-half day meeting or a two-day meeting?
DR. COHN: No, this is a 12-day set of hearings right now. [Laughter.]
Seriously, I think what we are going to do is, we are going to make sure that we understand all the issues. Then we are going to sort of figure out what goes in February, what goes in April, what goes in May, what goes in October. I think this will be an ongoing set of discussions.
MS. HUMPHREYS: This is a very good point, though, Kepa. We were not focusing on these and you are quite right, they need --
DR. ZUBELDIA: They need to fit somewhere.
MS. HUMPHREYS: Yes, they definitely do.
DR. COHN: But I will comment that this is actually an issue that we identified and discussed in October of 2000. So, it is an issue of following that as opposed to following that.
MS. HUMPHREYS: I understood that he has been well aware of it all along and probably the rest of you, but we were not focusing on it when we were thinking about this meeting. So, thank you for bringing it up.
So, what we are talking about, and the way we might focus if we were going to try to say that this is an issue but it won't be focused on at this meeting, we would say, okay, we are interested in the current update processes of the medical code set maintainers, or the designated medical HIPAA code set maintainers, and focus this set on that thing.
Then, ask a separate question about this other thing, just so that people could get it straight, or even move it to a different meeting. Fine.
DR. COHN: Betsy, did you want to go through more of this?
MR. HUMPHREYS: We have a comment.
DR. COHN: Let Jeff comment and then Helene can comment.
MR. BLAIR: Betsy, could I have your thoughts about including on the agenda one or more representatives of different developers of alternative or complementary medicine codes?
MS. HUMPHREYS: Absolutely, that is coming, yes. I think we would have to do that. Where I was going in this process -- and I am glad that we have clarified that.
Obviously, if we are going to go out and ask people to comment on these processes, we have to call these groups by the right names and differentiate the different kinds of code sets. So, we are on that.
Then, I keep using, in this document -- but will edit it -- that it seems to me that, when we are talking about the current update processes for what is going on right now for the procedure code sets -- and I left ICD-9-CM out of this list on the top of page three of this document, and obviously it needs to be added -- that we would be specifically looking at, if we were focusing on the medical procedure code sets, we would be specifically looking at ICD-9-CM, HCPCS, CPT and the dental codes, because those are the designated ones under the current HIPAA rule.
I think we want to hear both from the code set maintainer organizations and from anyone else who has a comment on how the process is working.
DR. COHN: And you included HCPCS?
MS. HUMPHREYS: I think I said that. We would have CMS who would be reporting or responding in terms of ICD-9-CM procedures and HCPCS, and then we would have the AMA and then the ADA for dental codes.
Then, of course, as I say, we would be inviting comments on the elimination of local codes, the update processes currently used by the code set maintainers, the medical code set maintainers.
We may or may not, in the same thing, ask a separate question about the non-medical code sets related to the issues that Kepa was just bringing up.
We would certainly ask something about the desirability of modifications of additions to the list of HIPAA standard code sets itself, and the time table for any changes that people thought were necessary or desirable there.
It seems to me that the testifiers, or the people that we would elicit information from, would include the transaction DSMOs and the medical procedure code set maintainers.
Even if we weren't asking -- even if we weren't focusing this hearing on the non-medical code sets, I think we still want to invite comments from the DSMOs, because the DSMOs get in the act when someone comes to them and says, I want to register a new code set.
They then say, well, you should go talk to the AMA and see if they can incorporate your needs into their thing.
So, they presumably have input on who has approached them about additional code sets that ought to be allowable in this standard.
One of the things that you need to be thinking about as you listen to this testimony is whether we have somehow devised a catch-22 where people go one place and get told to go another place, and sort of end up with no place to go.
The groups -- what I did, or actually Donna Pickett did most of it -- we went back and we actually pulled out all our grids and lists and everything of everyone who provided comments on code set issues in response to the original NPRM.
As you can imagine, there were many people who were interested in this and many groups that were interested in this.
Thinking about the groups, we definitely have insurers, health plans, software developers. We have a HEMA representing people who are involved in assigning the codes. We have the American Hospital Association.
We have state Medicaid agencies. We have state health departments. We have HMOs. We have dental plans, Delta Dental in particular.
We have the home infusion EDI Coalition, Alternative Link, and other people interested in alternative therapies.
We have, not so visible in the original set of comments, but having come up since then, people who are interested in the coverage of vision procedures.
I haven't brought myself up to speed on that issue. Do we actually have a vision code set developer, too?
DR. ZUBELDIA: No, there are a number of proprietary code sets that are used for vision, for lenses, for treatment, for surface finishes and all kinds of things.
Each payer of vision has their own code sets. It is very fragmented. That doesn't mean they could not come and converge into one code set.
DR. COHN: Helene, did you want to comment?
MS. GUILFOY: Sure. When you are looking at timing issues, the issue that Kepa brought up of the non-medical code sets, I would ask you to put that on the agenda sooner rather than later.
That is a clear implementation issue for providers across the board, certainly for providers and plans, but also for clearinghouses, and how they accept and interpret information coming across from them.
The non-medical code sets, as I have looked into them more, and I know Kepa has looked into them, are subject to interpretation.
I heard extensively at a meeting on Wednesday the providers even have a term for it called payer variability, which is really kind of scary.
I think that they, in addition to being discussed, there is clearly some definition of use of how those code sets can be used within the standard transactions.
What I am asking you to do is include those non-medical code sets earlier rather than later, because they clearly need to be addressed for implementation, even if we have a year delay. Thank you.
DR. MC DONALD: A few questions and a comment. One comment is that, there is an activity, just nascent, with vision in LOINC, in terms of glasses and prescriptions and all that may coalesce.
A couple of questions. Can we get a hold of these standards prior to the hearing? We could be more informed of our questions, ICDM, PCS, ICD-10-CM, just to get a look at them?
We aren't going to read the whole darned thing, but we should be a little bit more familiar with it.
MS. HUMPHREYS: I think PCS is available through HCFA's web site. I don't know about the current draft of 10-CM.
DR. MC DONALD: If it is not available, then of course it makes it harder to talk about for everybody. At least I would like to ask if the committee members could get an e mail, at least, where to find these things and we could take a look at them.
The second, I came in a little late so I didn't hear, the pharmacy codes, will that be discussed, the clinical pharmacy specifically?
Although it is not an immediate issue, it is a big problem, not having that.
DR. COHN: You are not referring to the NDC codes, are you?
DR. MC DONALD: I am referring to something less granular.
MS. HUMPHREYS: The clinical drug thing, that is another issue where there is work going on there. That could be actually -- it is like the medical devices. There could be, certainly, testimony and presentation about what is going on with that.
DR. MC DONALD: Those things could influence a lot of thinking. They may solve problems instead of trying to jam solutions into other things that don't solve them.
The third thing is, regarding what I guess I would call billing codes, but ICD-10, PCS and CPD are of that kind, there is a very deep and subtle issue here, that this is also a way to distribute funds.
It is money, and when one puts in new code systems, everything is going to get redistributed. We are still living in a fixed sum game in Medicare. I think we should have some discussion about how we would make sense out of that.
The costs, they will always readjust because the internist should get so much and the general surgeons would get so much, and how would they really work through all that, and how do we keep this from becoming a big food fight.
DR. COHN: Just to make sure I understand, I think you are thinking that that is an issue we need to explore when we talk about updating, potentially, or moving from non-ICDS or something like that.
DR. MC DONALD: I think that those folks who figure Medicare budget based on these codes and the distribution of these codes and, like for example, adding some new kinds of codes that weren't there before is going to imply payment in many contexts, or it might imply payments.
That is why everybody is so darned interested in this. They want to get different billing levels for their particular thing.
DR. COHN: To make sure, so you are talking about, for any of these additions --
DR. MC DONALD: It is those codes, those specifically that are PCS and CPT, the ones that are billed.
DR. ZUBELDIA: Not just the PCS. On the CM, because they get groups with groupers and reimbursement.
DR. MC DONALD: Same thing.
DR. COHN: I am also wondering if something where we expand the way to code and bill for alternative codes, this also has implications, or vision codes or anything.
DR. MC DONALD: The intensity of the interest isn't just interest in vocabulary. It is interest in reimbursement patterns.
DR. COHN: So, maybe what we need is a briefing from CMS about the real world dollars, how it relates to code sets, and early rather than later.
DR. MC DONALD: Then the last thing is that of a lot of the discussion of the costs of one versus the other. I don't know if anything -- with CPT, people complain about this cost, that cost. I don't know what those costs -- could we find out what those costs really are and get them on the table?
DR. COHN: Okay, other comments? I am hearing a year's agenda so far. Jokingly. I think we just need to figure out where to start on this.
MS. GILBERTSON: Can I just ask, for one, if on the list of the DSMOs, we could also add NCPDP. There is discussion about UPC, HRI and NDCs in the current name standards, and how they are used for reporting.
The other was just to let the committee know, part of it is self preservation. In the DSMO, we are developing a procedural document that tries to help the public move forward with the change requests for code sets, of what procedures they should follow and where they should go for extra information. That may be also of interest, once that paper is finalized.
MS. HUMPHREYS: Do you have a time frame for that?
MS. GILBERTSON: How about if we say we have got at least a good draft ready for you for the February meeting.
MS. HUMPHREYS: That would be great.
DR. COHN: Are we missing anything? We have talked about this, and obviously we will be talking about ICD-10-CM some time this year, and hopefully that will be in April.
It seems to me that we have sort of set ourselves out a relatively expansive code set agenda for the year. I think the question is how we slot this in.
MS. HUMPHREYS: Just remember that, in sort of putting -- even though we obviously left numerous things out, even in terms of the procedures code sets -- there also was this concern about mental health status as well as conditions as well as services.
DR. COHN: Like the DSM?
MS. HUMPHREYS: Yes, I think so. I just didn't list those. Of course you have been dealing with the new international classification of functioning and so forth.
MR. BLAIR: Does that include code sets for disabilities? Is that separate?
MS. HUMPHREYS: That is the name of that. The name of that has changed; right?
DR. COHN: Yes, ICF.
MS. HUMPHREYS: The idea was that, at the same time that we were dealing with issues related to ICD-9 and 10-CM, that we would also assume that that would be on the agenda, and we would also need to see if we needed more discussion about DSM at the same time. Those are the principal disease condition --
MR. BLAIR: There was a separate code set for functional disabilities. Is that also included?
MS. HUMPHREYS: Yes.
MR. BLAIR: Okay.
MS. HUMPHREYS: Presumably, Marjorie can just recite the name of this thing right. I keep losing track as they change the name of it.
MS. GREENBERG: ICF.
MS. HUMPHREYS: ICF now, but it used to be ICIDH.
DR. YASNOFF: Two comments in response to your comment about the complexity of the area. One is that I think it would be wise for us not to set a time certain deadline for making a recommendation to the Secretary, until we understand the area and can project a time line better.
The second thing is, in the message format standards, we essentially have combined all our current recommendations into one letter.
In the code sets area, it may be prudent to prioritize and generate more than one letter to the Secretary, starting with the high priority items.
DR. COHN: Thank you for your wise comment. Kepa?
DR. ZUBELDIA: My comment on the prioritization of the work is that I would like to see some of the code sets in the transaction and code set rule addressed first.
In my reading of HR3323, there is no delay for the standards and the code sets. So, things like the local codes and so on, from my reading of this, don't get delayed. Only the transactions and the transaction formats get delayed.
If that is the case, we need to take a look at some of the codes before we look at others.
MS. HUMPHREYS: That is not how I interpret that.
DR. ZUBELDIA: I interpret that as it mentions only transactions.
MS. HUMPHREYS: I think, because the code sets don't have their own separate HIPAA rule, they are incorporated inside the transactions rule.
I think that, in deferring that rule, they are deferring it all.
DR. ZUBELDIA: I am not a lawyer, but I think it mentions specific paragraphs for the transactions by letter, and only those transaction standards get deferred.
MS. HUMPHREYS: You have been reading it more carefully than I have, Kepa.
DR. ZUBELDIA: Of the code sets.
DR. COHN: But the code sets are actually implemented in the transaction.
DR. ZUBELDIA: It is the same final rule, but this only delays certain parts of that final rule.
MS. HUMPHREYS: I think the thing is that, in fact, the code sets are designated to be used in the transactions. There is no requirement to use the code sets outside the transactions.
DR. ZUBELDIA: That could create a problem. Local codes have a life of their own on paper claims and on NSF, and if there is a set of local codes that is used on NSF and paper claims and it cannot be used in these other transactions, it just can complicate things.
DR. COHN: I think that we are seeing that there is a year's delay for the --
DR. ZUBELDIA: For the transaction formats.
DR. COHN: And for the information in the transaction formats.
MS. HUMPHREYS: Which includes the code sets.
DR. COHN: I think we are seeing -- we have more than 10 months to solve that problem.
MR. BLAIR: Simon, I think I agree with your statement and observation, but I think Kepa is trying to tell us something different.
It means that there is another year when things are a little bit in limbo, especially with respect to the transition for local codes. Is that what you are saying, Kepa?
DR. ZUBELDIA: Yes, even if there is a delay, the local codes do exist outside the transactions.
MR. BLAIR: So, that is a new problem that has been created here, which maybe we need to give some thought to.
DR. ZUBELDIA: It needs to be addressed, I think, with high priority.
MS. HUMPHREYS: It is interesting. I think I would agree that it would seem to me to be a high priority to deal with the local code issue at the next available hearing.
In listening to Kepa and the other comments here, and about the effect of the non-medical code sets on effective implementation of the standards, I am persuaded by the argument that that one needs to be looked at sooner rather than later.
I think a lot of people, maybe the implementers groups are focusing on this, but I think there are a lot of people who aren't.
If these things don't have very effective processes at the moment for getting them up to date, then it seems to me that we want to focus a little light on the situation sooner rather than later, now that we have at least an extra year to clean it up.
DR. COHN: I guess I would agree that that sounds like something we should move up on the priority. I guess from my view, as I was sort of thinking about this, realizing that there are a lot of areas that we can approach, really the question is which is first. I think that is probably an issue for the first set of hearings.
The other issue that we should use as a screen on this one has to do with usability of the standards, and are there any groups that are being disenfranchised because they used to be able to do electronic transactions and now they can't because you don't give them code sets that they can use.
I think that is another screen that we maybe ought to use for the first set of hearings. I just throw that out as something that sort of made sense, as I was thinking about it.
DR. ZUBELDIA: I would like to comment on that. When the standards were written, there was this implementation guide that was discussed.
If there is a mandated code set, people must use that code set. If there is no mandate, people are free to use whatever is necessary. There won't be a standard. If there is no standard, they can use other things.
In that light, things like the home infusion qualifier was put in the guides where, if there was no standard, the home infusion EDI coalition could still use their codes.
Thinking has changed. Now, if there is no standard, they can't use the codes. They have been disenfranchised and they feel pretty strongly about it.
Initially, they were going to be free to use nonstandard codes and now the only codes that can be used are standard codes.
MS. HUMPHREYS: So, you are saying that that is sort of underlying Simon's point, that that would be something that we need to get at sooner rather than later, too.
DR. ZUBELDIA: Yes.
DR. COHN: Other comments? We obviously need to go back and put all this together. Marjorie, you look worried. Do you want to make a comment?
MS. GREENBERG: I am not sure I followed what Kepa just said.
DR. COHN: Do you want to re-explain your comment?
DR. ZUBELDIA: The implementation guides were written with the thinking that people or entities that would not have their code set selected as a standard, they could continue using non-standard code sets as long as there was a qualifying implementation guide for that purpose.
Specifically, the Home Infusion EDI Coalition had their qualifier there with the hope that, even if the code set was not adopted by the Secretary as one of the standards, they could still continue using it.
The DSMOs have changed their position on that and taken the qualifier out. So, the Home Infusion EDI Coalition now cannot be using their code set unless they are selected as a standard.
DR. COHN: I think that is probably a reasonable approach that the department took.
MS. HUMPHREYS: I think the situation is that we probably really do need to hear from that group, and also from the AMA.
My understanding is that the home infusion people were talking to -- I think it was the NUBC, but it could be the NUCC because I lose track of these.
In fact, the home infusion people were referred to the AMA, to see if CPT could be expanded to meet their requirements.
Some interaction between the two actually took place. I do think we need to find out from both sides what happened, and try to figure out whether the end result solves the problem or does not.
DR. FITZMAURICE: I think about a year ago Congressman Stark asked CMS to approach AMA to find out information about revenues and costs of producing CPT.
I wonder if that information was sent back to Congressman Stark, and if it is publicly available. That might be some information that would be useful for the hearings.
DR. COHN: Obviously, we need to put this together and it is really not an open subcommittee meeting activity to assign the exact agenda or otherwise.
Are people generally comfortable with the direction of this hearing as well as the overall approach to codes this year, that we are taking so far?
I think what I am hearing is that we are starting on procedures probably in February. It is likely that we will have one day in February for that.
Probably in April we will take a day and talk about medical codes, diagnosis codes. Then we will probably continue on other issues related to both of them as we go on through the year.
MS. HUMPHREYS: I do sort of feel that I have been personally persuaded that we need to also, perhaps in February, get on this non-medical code sets. It sounds to me like that also has some immediate issues.
DR. COHN: Yes, I apologize. I think that is a very good point.
MR. BLAIR: I am going to back off here, because the rest of the subcommittee may start to throw stones at me when I make my comment here. So, I will protect myself.
It really sounds like, from what Betsy has told us, that there are a lot of important issues. It sounds as if, in terms of Kepa's comments as well, that even though we get some benefits with a one-year delay for the compliance of the financial administrative transactions, there are also going to be unintended consequences that may need to be dealt with quickly.
My comment -- and I am ducking -- is that maybe we need to consider the addition of an additional day in February to have time to address these things.
DR. COHN: You are right; I think you need to duck. I think maybe by the end of the day we will have a better idea about that one.
I am not convinced at this point, based on what I am hearing so far, that there are significant amounts of unintended consequences related to a year's delay.
They appear to be relatively intended consequences. So, I think I need to be persuaded that there are dire issues that the subcommittee would need to consider in February to extend it.
I mean, I am open to that, but I don't think I have heard that, but I think I could be persuaded by the end of the day.
Other thoughts on that one? I think we should probably try to wrap up this particular conversation.
I do want to announce, obviously, that Kepa will be chairing the session in February. He has indicated previously that he is still okay with that. Hopefully, after this conversation, he remains okay with that.
Betsy, I want to thank you for your help on this one, and obviously Donna Pickett and Pat Brooks, in terms of helping us put this together.
I think we are moving in the right direction on this one. I think you made a comment to me that we don't want to spend more than two sessions this year on code sets.
Yet, I think I am reflecting that we all know that this is a big area, and it is likely that it is going to take more than two hearings.
MS. HUMPHREYS: Yes, but I will stand by my statement that we don't want to spend more than two hearings, whether we need to or not.
DR. ZUBELDIA: I just looked up the rule, and it does cover code sets. Code sets is Section J and the extension is from I to R. So, code sets are extended.
DR. COHN: So, we are okay. Thank you for the clarification on that. With that, Betsy, thank you so much.
Our next topic here is a presentation by John Loonsk, I think reflecting somewhat on the PMRI framework and other public health issues related to our work. Thank you very much for coming.
DR. LOONSK: Thank you for inviting us. We are very enthusiastic about the work of the committee and of the subcommittee, and appreciate the opportunity to come and to talk.
What I would like to talk about today are three general areas. I will make reference to ongoing CDC and public health activities that are relevant to the committee's work.
I would like to make mention of the National Electronic Disease Surveillance System initiative, and its use of standards, and how that relates to the work of the committee.
Then I would like to perhaps put a little bit of emphasis on some of these issues, by relating them directly to the activities of October 4 and subsequent bioterrorism attacks, and the very pressing needs of public health that relate to these activities as well.
Public health certainly needs timely access to well-structured data, and from the clinical care environment.
We view the PMRI standards as a substantial movement in that direction. The National Center for Health Statistics and other CDC centers, institutes and offices, make tremendous use of these data when they are available.
Our mission to protect the public in the area of infectious diseases, chronic diseases, injuries, et cetera, will benefit tremendously from the use of interoperable systems, both clinical and public health, and the use of more comparable data.
We have been using clinical data for public health purposes for several specific purposes to good result, particularly in the disease surveillance area, through electronic laboratory reporting using HL7-2.3 public health message and, where possible, with LOINC and SNOMED vocabularies to express content.
There is also work for surveillance activities using HMO data extractions and some specific examples of public health data exchange with hospitals, where there is public health benefit from the direct accumulation, or the accumulation of data from the clinical setting.
The possibilities to offer substantially less provider burden on the input of information or the delivery of information to public health, the broader coverage of reportable cases, more data available about these cases, and the more timely delivery of these data are all very attractive and have been substantiated in work that has been done.
However, there are still many ongoing issues with vocabulary. Many of the specific implementations that I refer to are not broadly applicable.
They are specific to the environment for which they were developed, and there is an ongoing need for meta data to allow for more specific presentation of data and retrieval and analysis.
Having accumulated these data, being able to present them and have them readily available for different analytic purposes would be greatly facilitated in that way.
Also, prior to October 4, the date of the first anthrax attack, we were in the process of redeveloping the national surveillance infrastructure through an initiative called the National Electronic Disease Surveillance System.
NEDSS is not a software program. It is a vision and a process to try to integrate what have been very stove piped surveillance systems in public health, to improve the way that these surveillance systems interact with clinical information systems, to take advantage of the benefits that I have just referred to, relative to improved disease surveillance in that setting, and to use and promote national standards for data and systems.
NEDSS does not present its own standards. It, like PMRI, identifies standards that are specific to the need and, at times, works internal to those standards to develop specific implementations appropriate to public health.
NEDSS is manifest through a systems architecture which describes a way that public health information systems, particularly surveillance systems, can be developed to make them more interoperable, to take advantage of commercial off-the-shelf software, and to allow for better linking of these data and, as I said, through the use of national data standards.
NEDSS has funded all 50 states, six cities, one territory, and is also funding the participation of our partner public health organizations in the standards development process.
So, part of what we view as our responsibility in this regard is to bring public health participants to the table to be expressing public health needs.
We work with HL7 extensively, and have actually influenced some of the work in the reference information model to better represent population information as are the needs of public health.
NEDSS use of existing data standards include, as I mentioned before, a 2.3 public health lab message, which is used for electronic laboratory reporting, but also has pointed to the use of the HL7 reference information model through the public health conceptual data models supplement, to identify coordinated ways of doing both data storage and messaging of content.
The one tangible product of these activities is a logical data model for integrated surveillance systems. Those are systems that are person based instead of disease based, that is compatible with the HL7 reference information model, as well as a series of forthcoming implementation guides for version 3 compatible public health notification messages.
We intend to use these initially internal to public health, but then also hope to promulgate into clinical systems, or to allow for public health receipt of data coming from clinical systems.
There are, as I mentioned before, important needs relative to vocabularies and code sets, as you all know, that are broad in terms of the importance of the different types of data that public health needs to do the surveillance mission, and the importance of getting very specific data to achieve public health goals.
Some of these vocabularies that we have used and are promulgating for use in the NEDSS architecture include LOINC and Snomed, ICD as well as some other less seemingly clinically-related standards for occupation codes and such, that are also used by others in the CDC.
This is a schematic of the NEDSS systems architecture. I put it here because, when I start to talk about some of the practical issues that have been presented by the recent anthrax attacks, I will try to drive home the point that the standards that we need do cross from the data to security for encryption and transport into, in fact, data storage in public health systems.
The NEDSS system architecture is very much focused on interoperability between clinical systems. It is also designed to take advantage of existing message interchange technologies, both clinically oriented interface engine technology as well as focusing on the business-to-business area and the burgeoning XML technologies in that regard.
Both of these technologies offer things for this purpose and neither is perfectly oriented to the needs for integration in public health settings.
Another major component of the architecture, aside from message exchange, is advocating web-based systems for where manual data entry is appropriate, appropriate security methodologies, and also using and being able to share directory information about the participants in public health.
Increasingly, it is the information about clinical providers in the context of both communicating to them in emerging situations, i.e., alerting and communication of clinically relevant information about possible bioterrorism and other public health events, as well as using that for authentication and authorization into the existing systems, to access information securely.
Well, the picture, prior to October 4, also included some activities in the investigation of bioterrorism detection and surveillance.
Bioterrorism detection is still an investigational activity. The areas that have been emphasized include heightened surveillance for possible bioterrorism events, which very much relate to currently manual entry of data in clinical settings which, as I think the committee understands, can be implemented for limited periods of time with limited compliance.
This has been somewhat effective in the context of major political events, some sporting events, opportunities or, in fact, around terrorist attacks, opportunities where the clinical infrastructure can be energized to do a manual activity for some period of time.
Because of the time limits needs of bioterrorism surveillance, we are really looking at -- and have been looking at -- the use of syndromic data, data that is available in some form as early as possible in the encounter, so that the public health actions in follow up to that identified event can be pursued.
The context for syndromic data is really in comparison with background data levels, and then with public health follow up on suspect cases.
This is not an established methodology for doing bioterrorism detection with such reliability that it can be a completely automated process. It needs public health follow up.
That public health follow up very much needs to have a linkage between the data from the clinical environment and what is available to public health, so that public health workers can proceed with that follow up.
The other type of surveillance that has been investigated is so-called multi-data source surveillance, which can include several different types of clinical data.
Again, where this is done, it has been very specific to that particular clinical information system's infrastructure, but also involves, at times, over-the-counter drug information, absenteeism, 911 calls, and other non-clinical -- not classically clinical -- data sources. Again, this is trying to be sensitive to a possible event, and then moving toward follow up.
For some time, we have also been advocating that the bioterrorism infrastructure should not be separate from the non-bioterrorism surveillance infrastructure for several reasons, including the fact that having a relatively unused infrastructure and just deploying it at the time of a bioterrorism event is not a terrifically tenable pursuit, as well as the fact that much of what needs to be implemented in this regard is very person oriented, in networks of people that relate to these systems.
On October 4, certainly, there became a very heightened emphasis on these activities, and there was a lot of discussion and a lot of activity in this regard.
Interestingly, the particular attacks were not executed as many had expected. People were really anticipating a disseminated distribution of a pathogen in some public setting, and were not looking at really a focal distribution, and not looking at a distribution vector of the U.S. mail.
The way that this was detected was not through syndromic surveillance. It was not really through any kind of an electronic system.
I think one could ask whether any of the existing approaches to bioterrorism detection would have caught this kind of attack.
It was really a physician, an astute physician and not an acute physician, who could not rule out anthrax on a graham stain, that did the identification.
What it led to was a major CDC response, and a major response by other public health partners. What that has emphasized, in a large way, are these intermediate data needs between detection and response.
The huge area of data needs around case management, potential case management, lab result and contact information that needs to be managed and interchanged between a diverse group of organizations in response to such an attack.
These data needs were huge in comparison to some of the other needs that I have been alluding to. There were also other needs to track, for example, adverse events from prophylaxis and different new interesting areas like developing mail handling protocols and other mail handling activities that had not been previously anticipated.
After the 4th, bioterrorism detection is still investigational, but this need for the management of case data and the communication of these case data is certainly not.
There is an increased priority and certainly opportunity to get clinical data to use for bioterrorism detection and bioterrorism attack management, subsequent to these attacks.
Certainly, the clinical community and clinical information systems vendors are expressing interest in helping, and are looking at ways that they can participate in this complex endeavor.
The kinds of data that are of interest for bioterrorism detection from the clinical community pretty much span the broad spectrum of data available in the clinical setting.
Certainly, some of the data are demographic in a classic epidemiological sense. Demographic data are critical, linking back to a case, at least as important in terms of public health follow up.
Some of the data needs are, as I indicated earlier, difficult to conceive of as being coded in the near term. They are syndromically related. They relate to presenting complaint.
Most usually, those are the types of data that will present in electronic form earliest in an encounter, whether it be presenting a complaint in an emergency department or some other type of encounter.
Obviously, lab results are an important data source, but also laboratory orders are being looked at, and other orders are being looked at as an early indication of a possible attack.
Admission and discharge data have value but are later in the encounter and, hence, not as valuable from a timeliness sense.
Utilization data is of importance in terms of trying to do aggregate data analysis of the possibilities of such a disseminated attack, and how it might manifest itself in the clinical infrastructure, and generally, other types of data that are supportive of these areas.
We, through the NEDSS initiative, are in need to move forward with the accumulation and interchange of these data.
What I have put on the screen here are our efforts to work toward a substantive implementation of a standards based data interchange network, that can move data between clinical providers, public health departments at various levels, federal agencies, and the participating labs.
We will, from a practical sense, need to emphasize HL7-2.X, messages and looking at them where we can. I mentioned the version 3 messages that we are in the process of developing relative to public health notification messages, and recognizing that their use in clinical settings will be a long time coming, although a very desired goal.
We are looking at needs that traverse from data standards through transport and security to accomplish this. So, we are looking at an ebSML wrapper for these messages, offering that across SOAP, web services, and providing that infrastructure, so that these partners can exchange data more readily, using PKI-based encryption and transport, using the internet as a transport mechanism.
In some ways, on the leading edge of implementation needs, in terms of security implementation, for example, and how these technologies can be applied, there are certainly secure ways of doing this right now, but the standards for these implementations, that can be advocated in such a way that true interoperability can be achieved, are still developing.
We finally have needs in the area of, as I referenced before, of not just patient information, but provider information to be used and exchanged between public health agencies for communication and security purposes.
We are targeting public health directories manifest through the lightweight directory access protocol and the exchange of directory information that is inclusive enough to include communication parameters necessary for providing information to clinical partners through the lightweight directory access protocol data exchange format standards.
So, we appreciate very much the opportunity to talk about some of these very topical issues. We hope that you find them relevant to your work, and we very much look forward to working with you in the future, to try to achieve these goals.
DR. COHN: John, thank you very much for a very useful presentation. I know we have a number of questions. Mike, and then Jeff? I have a question or two after they are done.
DR. FITZMAURICE: John, thank you for an outstanding presentation. It shows the relationship between the informatics that exist and the needs the CDC has for these informatics.
You have heard this morning about the different code sets and the discussions that we have about the maintenance.
There are particular issues in code sets that, if a certain code set existed that does not now exist, or if a certain code set was expanded, that it would greatly help CDC's ability to monitor and respond to some of these threats?
DR. LOONSK: First, what I would like to emphasize is the fact that public health is a complex network of agencies.
CDC certainly has interest in that regard. What I have been trying to articulate is the fact that much of the complexity of this comes from the need to exchange data between the various public health agencies.
In that regard, certainly the more specifically we can identify the data, the better. I tried to reference, in my presentation, some of the code sets that we find important, and some which extend beyond traditionally-considered clinical code sets.
For example, occupation was not one we would have necessarily anticipated, but is clearly something that would be useful.
My broad sense, relative to the capabilities that we now have for practical outcomes would be that it is not a lack of code sets, but a lack of compliance and a lack of standardization in their use that is the principal obstacle.
MR. BLAIR: John, you referenced the activity that we have with respect to selecting specific PMRI standards. Have you had a chance to take a glance at our draft letters? Is Bill kind of working with you on that?
DR. LOONSK: I have, of late, been rather involved in other activities. I had a chance to look at the recent draft letter, and was certainly very supportive of these activities in general.
Emphasis on vocabularies and codes is clearly one that the CDC is very interested in. We understand that that is coming, and certainly that is an activity that came. I couldn't speak more intelligently about the process than that.
DR. COHN: John, I actually was going to thank you because you actually have some prepared testimony that I think will be helpful to us in reviewing this in context of the letter.
I would defer to Mike and Jeff as they look through this. There may be some pieces that cause some sudden expansions to the letter itself.
MR. BLAIR: One piece that I would like to sort of add to that, it sounds as if what you are doing is very much in parallel, and we are kind of -- I think we have very consistent direction.
The one piece that, if you have the opportunity and maybe review this with Bill, because he has given us excellent assistance in this, there is one piece that I would like you to give a little bit of attention to.
It is the area of emerging HL7 standards. You mentioned the REM and version three, and we have in there things that are to encourage acceleration of the development of those emerging standards and early adoption of those standards.
If NEDSS has a role to play in that, then maybe there is some complement here where our recommendations can support that.
The other piece is with respect -- I think you mentioned in your testimony that you would be looking, as a vehicle to accelerate things, the support for publication of implementation guides, maybe even conformance tests.
Those are the types of things where, if you could take a look at those, then maybe we could strengthen our recommendations.
DR. LOONSK: I would be happy to look at them, and I may not have been effective about expression of interest in version three.
We are very much targeting version three messages and implementation guides as a tangible outcome of our immediate activities.
We view that most readily as an issue that we can use internal to public health. We appreciate the specificity we can achieve, the vocabulary conformance we can achieve in version three messages.
So, we are very enthusiastic about advancing those and I think are very much in sync with the committee's work in this regard, in terms of trying to promote those activities, and actually to the point of promulgating those standards relative to public health notification messages.
What I was trying to make reference to, we are trying to be realistic about when we can expect those coming from the clinical care setting.
We can't expect them if we don't put them out there and start to advocate for them, but we are going to have to have some flexibility in terms of what data we do accept and how we accept it.
DR. COHN: I have a question and I know Marjorie does also. First of all, John, thank you for your wonderful testimony.
I was actually reflecting as you were talking, many years ago when I did my master's in public health, I think I sort of responded to your comments about the difficulty of bioterrorism detection using these systems, and the amount of background noise.
We were trying to detect an agent that causes diarrhea in the community, with the amount of diarrhea that already exists, it might require quite an exposure and drive us all sort of nuts trying to capture that, even given the most sensitive coding system or telecommunications capabilities.
Having said that, I was impressed with your comments about the need for case data management and exchange and getting the information out.
I think we saw that with anthrax, where everybody was concerned. People were not quite sure exactly how to treat it, how to identify the syndrome, all these other things that I require, I think, a lot of work by CDC to get that information out.
You were referencing the need for various files. It would have been nice in retrospect if you had had prompt access to all the providers in the country, to send them out on alerts by e mail or otherwise.
Now, as I say this, I am reflecting also on the national provider ID, and knowing that that is some time coming down the road here.
I was just wondering, is there a connection there? Is that going to be something that will help you leverage or maintain a national file? Are you looking at that as a combination?
DR. LOONSK: We certainly think that will be assistive. What I was trying to reference is that some of the data needs in terms of provider identification are related to a broad spectrum of data about those providers, how to reach them by fax, by pager, e mail address, and the ability to readily interchange those data with the appropriate public health agencies, so local public health departments, state public health departments and, at times, the CDC.
So, we are very supportive of that endeavor. We think it will be assistive in moving in this direction. We are trying to pursue the concepts of public health interchange of this provider information very much in parallel with that.
There are some existing activities related to getting information out. We have the health alert network. We have the FEX system, which are assistive, as well as funding systems at state and local health departments which are assistive in communicating important information to public health providers as well as clinical providers in these circumstances.
There is more work to be done there, but some of those activities are ongoing.
The major -- this huge data need that I was trying to reference, I would put between detection and the communication of response.
This huge data need was made very apparent in the anthrax activities related to case management, linking of lab results, and potential cases, surveilling for possible additional cases, and accumulating all sorts of descriptive information about facilities and about, at times, syndromic and other data, and accumulating and managing those data and exchanging them between appropriate agencies.
That intermediate data area was one that was very impressive during the recent attacks.
DR. COHN: Thank you. Marjorie?
MS. GREENBERG: Thanks, John, for your excellent presentation. This subcommittee, as you know -- you were here earlier, so you know -- deals with the HIPAA standards and the PMRI standards as well.
I wondered whether, in looking at particularly the most recent response to potential bioterrorism, et cetera, you have been looking at any potential of gathering information from the administrative and financial data streams, and the issues that are resident there with the fact that we are using two different message standards, the X12 message standards for the administrative and financial and looking toward the HL7 for the clinical, and what your thoughts are on that.
DR. LOONSK: That is an excellent question and it is an ongoing issue relative to taking advantage of, for example, electronic lab reporting, where the lab result may come from one provider and the important demographic information about that patient may be resident in a different system or a different transaction.
This is a big issue. We are very desirous of having greater compatibility, conformance between these transactions because the need spans them both.
There are issues with the -- the issues with this were very much accentuated in the recent activities.
We have been working at the ANSI level and at other levels to try to encourage the reconciliation of these approaches, and we would be very enthusiastic about support for those activities and moving that reconciliation further along.
DR. COHN: Any final questions?
DR. FITZMAURICE: More a compliment than a question. It has become clear that CDC has been a national leader in the use of national standards for getting a lot of its work done.
That goes back most recently with not only the public comments of Claire Broome, but also the hard work of Susan Abernathy and, I am sure, 10 to 20 people around them.
I just want to give you much praise for making use of all the resources that are available to get your job done efficiently.
DR. LOONSK: Thank you.
DR. COHN: John, thank you very much, and I think we are going to take a well-deserved break for 15 minutes. We will be back at quarter of 11:00. Thank you very much.
[Brief recess.]
DR. COHN: We are going to lead this off with a panel discussion related to HIPAA readiness, industry surveys and observations.
Obviously, the world has changed a little bit since we invited you all to come, only in the sense that there is a little additional time now for everyone apparently to come into compliance, given that the Senate and the House have passed a one-year delay.
That really doesn't change the basic issue, which is how in the heck we are going to get into compliance and issues that you are identifying.
Certainly, for the national committee, and the issue for us becomes now, what actions need to be taken to help ensure a successful implementation by October of 2003. We obviously look forward to your testimony.
Also, if you have any comments you want to make about actions over the next period of time that would help ensure successful implementation, we obviously would take that into consideration also.
I also want to thank you all for coming. I guess our first testifier is Dr. Scott Trapp from the American Dental Association.
DR. TRAPP: Thank you. My name is Dr. Scott Trapp. I am a general dentist from Omaha, Nebraska. I also chair the ADA standards committee on dental informatics, subcommittee on dental office systems, and serve on the board of the National Dental EDI Council. In addition, I am a beta assistant for our practice management software system.
These various roles give me the perspective to assess how the typical dentist, with the dental practice management vendors, and the American Dental Association are prepared for the Health Insurance Portability and Accountability Act of 1996.
I would like to thank you for the opportunity to describe dentistry's readiness for HIPAA implementation.
The profession of dentistry is a long-standing member of the health care community, and the American Dental Association continually strives to provide members like me with the tools and information that I need to further the delivery of effective and appropriate dental care.
An indirect, though significant, influence on the delivery of patient care in the country today is administrative costs.
In my practice, 80 percent of my patients are covered by insurance. Moving from a paper based insurance processing system to a completely electronic solution will result in a savings to my practice of $387 per week, or over $20,000 annually.
In Omaha, that is almost one person who could be providing patient care, instead of calling 800 numbers and waiting on hold.
I projected that the typical dentist could save $200 per week using standard electronic transactions. That is $10,000 per year per dentist or approximately $2 billion per year for all dentists in this country.
If other health care providers realize similar administrative cost savings -- and WEDI/SNIP studies indicate they would -- we are talking $30 billion in savings each year for practitioners alone.
The 1993 WEDI report projected that payers and large institutional providers would save even more.
The dental profession's move toward universal use of electronic transactions has been slower than for our hospital and physician colleagues, due in no part to environmental differences.
Dentistry has not been swept up in health care's move toward standard transactions because there has not been one major nationwide payer, such as Medicare, exerting its influence, as it has on physician and hospital claim transactions.
While the ADA dental claim form is recognized as a standard within dentistry, there has been no equivalent electronic transaction standard as exist for hospitals and physicians and their X12 analogs.
Currently, only 25 percent of dental claims are submitted electronic media. These transactions are in various formats and include print images.
The only consistency is the widespread use of the code on dental procedures and nomenclature, both in electronic and paper claim submissions.
The code was selected as the national standard code set, with publication of the final rule for transactions and code sets on August 17, 2000.
The current fragmented environment is not where the typical dentist wants to be. The typical dentist wants to minimize the disparity in forms and administrative processes, reduce the time his staff spends on these processes and, thereby, reduce the cost of providing dental care.
HIPAA's final rule on transactions and code sets moves us forward on the path of administrative simplification.
There are four reasons why I hold this view. Number one, implementation of transaction and code standards by October 16, 2002 sets a clear target for common, standard dental electronic claims transactions format that can be an inducement for dentistry's migration to electronic versus paper claim submission.
Number two, this date does not present a burden on dentists who elect to continue us to use paper claims, as provider migration to electronic claims is not mandatory by that date.
Number three, an extension of the implementation period beyond October 16, 2002 would have a negative influence on dentistry, because there is no single standard, and the attendant burden on different administrative practices adds to overhead costs within a dentist's office.
Number four, the code on dental procedures and nomenclature, published as CDT-3, version 2000, has already been widely adopted within the third party payer community, and is in use by a major portion of the high profile commercial payers in the Blue Cross Blue Shield plan.
I believe that a corollary benefit arises from adoption of the transaction standards within the time period established by the final rule on transactions and code sets.
There would be a convergence of paper and electronic transaction data content, a simplification whose benefit would accrue both to the creators and to the recipients of the claims transaction.
Other final and proposed HIPAA regulations are seen as facilitators of more consistent health care administrative practices and protection of patient rights.
The final rule on privacy is, in many ways, consistent with the ADA's guiding principles on privacy and confidentiality of patient information that will be implemented in my office and most of my colleagues' well between April 2003.
The ADA does have concerns with the regulation's privacy rules requirements concerning oral communications, written consent for routine disclosures, and the existing civil and criminal penalties. The association has made these concerns known to the Secretary and HHS staff.
As for the proposed rule on security, I am concerned that the proposed regulation details an extensive list of security requirements that will simply overwhelm most dental offices.
Most dental offices have single, stand alone computers to which only a few staff have access. I believe that the concept of scalability, as was addressed in the proposed rule, would enable the timely identification and adoption of appropriate actions to implement the security regulation in a dental office.
Adoption of the concept of a single, neutral national identifier for dentists and other providers has merit, especially in contrast to the inappropriate use of other existing numerators, such as provider's DEA number.
Likewise, the eventual adoption of identifiers for health plans and payers will deliver the administrative simplicity anticipated by the underlying legislation and simplify the normal course of business within a dental office.
Are dental offices ready for HIPAA? Probably not. Is HHS ready to tell me what actions I must take to be in compliance with privacy and security provisions of HIPAA? Definitely not.
However, dentists have kept abreast on the status of HIPAA rule making through articles in ADA News, ADA.org, the ADA's web site.
I also know that the ADA will begin offering seminars to state dental associations starting next summer, and will make available privacy checklists and kits to assist dental offices in complying with the privacy rule.
I am confident that, given sufficient lead time to implement final regulations, that dentists will be ready to comply with HIPAA requirements.
I appreciate the opportunity to present my views on the implementation of HIPAA administrative simplification standards in dentistry, and am prepared to address any questions the subcommittee may have.
DR. COHN: Thank you very much. We will take questions at the end and have discussion after everyone has had the chance to testify. Thank you very much for your testimony. James Klein from the Gartner Group?
MR. KLEIN: Good morning. Thank you for the opportunity to participate in your process. My name is Jim Klein. I am vice president and research director of the Gartner Group's information technology health care research advisory service.
Our group has been conducting an ongoing survey of HIPAA compliance. What I wanted to talk to you about today was simply to summarize the results of the fourth iteration of our permanent HIPAA panel survey, which was completed in November of 2001, and what you have in front of you is a research note that I am to highlight, that we published in our subscription research client document throughout the industry, relative to all the HIPAA regulations, but focusing on the transaction and code sets.
This survey seeks to understand how health care organizations are responding to the challenge of HIPAA compliance over time, by studying a representative sample of randomly selected providers and payers.
There are more than 190 participants in this survey. We started out with over 250, but it is rather an onerous survey and people have been dropping out.
Each selected -- we have replaced the ones who dropped out with similar institutions.
There are 190 participants in this iteration that we selected using a stratified sample of 102 providers comprising 24 integrated delivery organizations, 44 stand alone hospitals with at least 250 beds, and 34 physician groups of at least 30 physicians and 88 payers comprising health maintenance organizations with more than 10,000 members, large national provider organizations and private health insurers. We believe this study is statistically significant, plus or minus 10 percent.
This study is based on the progress of these participants as measured against a model that we put together called the Gartner HIPAA compare scale. We adopted this from a compare scale that we initially developed several years ago for monitoring the worldwide progress on Y2K compliance.
There are five steps. Number one is education and awareness. Two is risk assessment and gap analysis. Three is cost benefit analysis, strategy completion and tool selection. Four is policies and procedures completion and tools are all installed. Step five involves testing, auditing of completion and optional third party compliance verification.
The first level drill down of this scale is shown in some of the figures that I will highlight here.
Despite some statistically significant progress, since the last survey iteration in July of 2001, overall, payers have completed an average of 57 percent of level one milestones, and providers have completed about 50 percent.
The good news is that 90 percent of payers and 82 percent of providers have finally appointed their HIPAA officer.
The bad news, 25 to 30 percent of respondents still have not finished putting together their compliance committee.
Greater than 40 percent of panelists have not finished delivering preliminary education on HIPAA's impact to their senior executives.
We think this is the singlemost important reason why compliance has lagged, that senior level executives have simply not had the proper awareness of the importance and the impeding deadlines.
Some of the drill down research here has indicated that one of the primary reasons is that there has been an inordinate amount of media coverage about the possibilities of delay and the debates on delay.
There are many, many other pressing issues before health care executives, not the least of which is the Institute of Medicine study increasing pressure on their bottom line.
They have chosen, in large part, to believe that delays will happen. So, they haven't focused their organizational attention on this.
To jump a little ahead to the summary, it has been obvious to us for at least six months, if not 12 months, that compliance with transactions and code sets simply isn't going to happen and wasn't going to happen, based on the progress that the industry was making, and the very small number of organizations that were even close to beginning a testing phase.
The more progressive of the health care organizations in our panel, and our own HIPAA best practices group, which is completely distinct from the panel -- it does not participate in the panel -- most of these two groups that are in the latter stages of implementation, in level three of our compare scale, tell Gartner that these level one tasks take approximately three to four months to complete, once the right personnel have been assembled and mobilized.
As with the level one reporting, it is useful to look at the progress from two angles. One is those that have started the milestones and those that have completed the milestones.
In the case of these assessment milestones -- these are the level two, which is where the primary assessment goes on -- the differences are much more dramatic than level one.
For example, payers have, on the average, at least started the assessment tasks, 78 percent of them have, and providers have started at the level of 68 percent.
However, payers have only completed 42 percent of these tasks, and providers only 21 percent of these milestones, on average.
It is also worth noting that our survey does not include individual physicians, small group practices, or hospitals with fewer than 250 beds.
If it did, our anecdotal and informal research indicates that progress of these providers would be even lower.
The most startling of these results is that only 26 percent of providers have completed a gap analysis or risk assessment on the transaction and code set regulation.
I repeat, only 26 percent of providers have completed a gap analysis or risk assessment on the transaction and code set regulation as of -- most of these people completed this survey in October of this year.
Perhaps these organizations were banking on a deadline extension, but nothing had been announced while this survey was underway.
Although payers almost certainly carried the greatest workload burden with these mandates -- meaning the transactions and code sets -- greater than one third of the payer respondents had yet to complete an assessment.
Those payers that had completed this milestone, especially the larger ones with many provider networks, report that they expect their implementation and testing work plans to average 12 to 18 months.
This evidence suggests that many providers continue to naively anticipate that their software vendors will delivery compliance for them via upgrade patches, and are not even aggressively managing those vendors to commit to delivery dates.
Those providers must begin to understand and plan for the significant amount of work that will still remain, even if their vendors successfully deliver on both internal integration and testing, and certification of their business partners.
We have published significant additional research on the ripple effect involved for these providers.
A final level of concern is that 89 percent of providers, who carry a relatively larger burden than payers in compliance with privacy regulation, have yet to complete a privacy risk assessment, and we are only about 15 months away, or 16 months away from the mandatory compliance.
Perhaps the most disappointing finding of the survey is that zero provider panelists have completed a HIPAA cost benefit analysis, although 18 percent reported that they have started such.
The message that HIPAA's administrative simplification can result in a tremendous cost savings is not getting out, or it is largely being ignored.
The prevalent opinion seems to remain that HIPAA is similar to the Y2K prices, another conformance nuisance, and avoidance of damages should be the primary objective.
We have certainly struggled long and hard with our clients to disabuse them of this notion, and to communicate to them the enormous benefits from taking compliance with HIPAA in a broader perspective of business process reengineering.
Virtually no health care organization in Gartner's HIPAA panel survey has completed the implementation and testing milestones of level four and five.
Again, we are going to withhold reporting these milestones until there is more significant industry progress.
The bottom line is that, you know, a one-year extension is simply a recognition of reality relative to the transaction and code sets.
The more disturbing message is that, unless these provider organizations generally, who are stuck in level one and level two tasks, unless they dedicate a tremendous internal energy and resources to a compliance program, or immediately seek third party assistance, they may not be able to make October 2003.
We believe that the provisions in the recently passed legislation making the filing of reporting mandatory, that we think that this will help galvanize the senior executives, because they will have to sign something that is a compliance-oriented document, and it will involve their lawyer becoming involved, and it will be sort of a two by four up the side of the head, that this is for real.
DR. COHN: Thank you very much. Joyce Sensmeier?
MS. SENSMEIER: The Health Care Information and Management Systems Society would like to thank the National Committee on Vital and Health Statistics, for offering us this opportunity to survey health care information technology vendors regarding the state of compatibility of their software products with mandates for the transactions and code sets rule.
My name is Joyce Sensmeier and I am the director of professional services at HIMSS. I am also a registered nurse, board certified in nursing informatics.
HIMSS was pleased to act as the neutral third party data collector for these results. The participation of HIMSS in this project was solely for the purpose of facilitating data collection and analysis.
Based in Chicago with an office in Ann Arbor, HIMSS has 37 chapters and more than 12,000 individual members, health care professionals ranging from senior staff to chief information officers, chief executive officers, working in health care organizations throughout the world.
HIMSS also serves corporate members, which include suppliers and consultants in the health information and management systems industry, and this was accomplished by our reunification with the CHIM organization.
Regarding the survey, 28 of the leading software companies in the industry were invited to provide us with the data regarding the status of compatibility of their products with regard to implementation of the HIPAA transaction and code sets rule.
Survey data were collected for a one-week period from December 3 through 10 of this year. The anonymity of respondents was maintained.
Each company was asked to complete the survey for each of their products that would be affected by this regulation. Therefore, it was possible for a company to submit the survey more than once.
Responses were received for 25 products that represent almost 4,700 installations in the health care IT marketplace.
The products represented by the respondents have a wide range of installation, from six to over 1,500, and the industry segments represented by the respondents included the ambulatory care, hospital, professional practice, payer and sub-acute care markets.
Vendors were asked which of the nine electronic transactions identified in the HIPAA transaction and code sets rule would be supported by their products in the X12 format, 4010 version.
The most widely supported transactions are X12 837-P, health care claims professional, X12 270-271, eligibility benefit inquiry and response, and X12 835 payment and remittance advice.
Each of these transactions will be supported by 24 of the 25 products represented by our survey. Additionally, 92 percent of the products in this study will support X12 837-I, health care claims, institutional transactions.
The least supported transaction will be X12 837-D, health care claims, dental, which will be supported by only four of the products for which the data were made available.
This may be due to the possibility that these products simply do not require this component.
Three of these four products are found in payer organizations and have between 60 and 150 installations. The remaining product in this category is the hospital-based product.
Additionally, two of the products are reported to support all nine of the electronic transactions in the X12 format.
Both of these products reported that payer organizations are their market segments, and they have a total of 150 installations.
Table A at the end of this document details specific information regarding which electronic transactions will be supported in the X12 format.
Table B details which products will support each electronic transaction by industry type and number of installations.
The transaction that will most widely support HIPAA data content is eligibility benefit, inquiry and response, which will be fully supported by 22 of the 25 reporting product.
Payment and remittance advice and health care claims, professional, will each be supported by 20 of the 25 reporting products.
The least supported electronic transaction is, again, health care claims, dental.
Only one product which serves the hospital marketplace will support HIPAA data content for this type of electronic transaction.
Table A again includes a detailed listing of each electronic transaction and identifies how many products are required to fully support the HIPAA data content.
Table C details which products will support HIPAA data content by industry type and number of installations.
All of the electronic transactions for which vendors reported that products would have full support for HIPAA data content were all reported to fully support the X12 format.
However, the reverse is not always true. There are transactions that will support the X12 format that will not fully support HIPAA data content.
On average, only 85 percent of the electronic transactions that support the X12 format are also scheduled to support HIPAA data content.
This statement excludes, again, health care claims dental, which is not a component of all the products in the study.
All of the instances in which the X12 format is supported, and HIPAA data will not be supported, were reported by four products. These products serve either the ambulatory or payer organizations markets.
Seventeen of the products are reported to have to third party certifier for testing the compatibility of their electronic transfers with the new HIPAA mandates.
As far as third party certification, all the products identified Claredi as the third party certifier in use.
On average, each of the nine electronic transfers was tested for compliance by a third party certifier, for 68 percent of the products for which the data were provided.
The only electronic transfer that does not fall into this category is, again, health care claims dental.
With one exception in the ambulatory market, the products reporting third party certification testing for a transaction also reported that it would support both the X12 format and HIPAA data content.
Table A details specific information on third party certification by electronic transaction.
The majority of the respondents identified that a software upgrade is needed in order to be compatible with the new transaction and code sets rule.
Only two products were identified in which product upgrade is not needed in order to be HIPAA compliant.
Both of these products are in the hospital marketplace. Of the 23 products identified requiring an upgrade for compatibility, 83 percent would be made available to users at no cost.
A fee is required for the purchase of upgrades for the remaining 17 percent of products. These products represent three different marketplaces, payer, hospital and professional practice.
These products also have a varied number of installations, from six to 105.
Vendors anticipate that users requiring a product update to be in compliance with the new mandate will need implementation assistance.
The vendors for all 25 products reported that this assistance will be provided to their clients.
Products that require upgrades will be available to users in advance of the October 2002 deadline for compatibility.
Six of the products that will require an upgrade have that upgrade currently available, or scheduled to become available in the next month.
The remaining product upgrades are reported to be available to users within the next three to six months. It would appear that this time line would appear a reasonable schedule for testing with their clients.
In summary, the vendor companies reported in this study appear to have made significant strides toward meeting the compliance deadlines of the HIPAA transactions code sets rule.
A majority of the products on which data was available will support electronic transactions in the X12 format, 4010 version. A lesser number of these products will support HIPAA data content.
Additionally, about two thirds of the electronic transfers that will be supported have been tested by a third party certifier.
In this context, vendors are moving forward and all the products are reported to be available as HIPAA compliant by October 2002.
The majority of the vendors are conscious of the cost to their users, and are providing the upgrades to them at no charge.
They are also aware of the implementation needs of their users, and are prepared to provide them, with the assistance needed to install the modified software.
Thank you, again, for the opportunity to present these findings. HIMSS, as a member of the Coalition of the Health Information Policy, which is CHIP, is gratified to see these results, as we have expressed our opposition to legislative proposals that would delay the October 2002 compliance deadline.
CHIP represents a broad array of professionals and organizations including AHEMA and AMIA, involved in the development, use, management and security of health information systems across all sectors of the health care industry.
We have met with staff and House leaders on health policy issues, to review the significant financial and staff commitments made by many covered entities, and their resulting steady progress toward the compliance with HIPAA's regulations.
In addition, we have provided information to the Department of Health and Human Services and the Congressional Budget Office regarding compliance issues, including the very limited impact on, and cost to, small providers coming into compliance with the transaction standards rule.
We welcome any opportunities to be of assistance in this regard in the future.
DR. COHN: Joyce, thank you very much. Maryann Yeager?
MS. YEAGER: I am Maryann Yeager. I am a WEDI/SNIPS steering committee member, and I also co-chair the education work group.
WEDI/SNIP would like to thank the subcommittee for giving us the opportunity to testify before you today, and also to submit our written comments.
We appreciate your interest in our study, and our plan today is to highlight key findings and recommendations from our work.
As a matter of introduction in 2000, the work group for electronic data interchange spun off the HIPAA implementation task group called the Strategic National Implementation Project, or SNIP.
WEDI/SNIP was established to address two immediate needs: one, to identify barriers, inconsistencies and ambiguities in the regulations, with the intent to clarify or identify best practices that could then be applied to resolve those issues; and to bring about the national coordination necessary for successful compliance.
In support of this, WEDI/SNIP adopted an outreach process to current industry initiatives, so that we could perform an information gap analysis.
This analysis involved identifying and understanding the impact of certain issues and barriers to implementation and, to facilitate that process, we created three work groups -- implementation and awareness, security and privacy, and transactions and code sets.
After the work groups identified initial issues, they created a series of white papers that further clarified and defined best practices and recommendations for implementation.
We have supplied a list of those white papers at the back of this testimony for your reference.
In addition to having work group driven efforts, WEDI/SNIP also takes measures to identify overall challenges and successes related to an industry-wide implementation.
Since our inception in 2000, WEDI/SNIP has grown considerably, with more than 3,000 participants monitoring our work and our list serves, and we continue to realize significant growth.
Our membership includes providers, hospitals, clearinghouses, as well as vendors, attorneys and consulting companies.
We are also continuing to pursue outreach to employer groups as well as a broader base of constituents, the regional SNIP affiliates, which are actually regional HIPAA implementation organizations.
So, why did WEDI/SNIP perform a survey? Basically, we recognized the importance of viewing the issues surrounding HIPAA implementation objectively, and it was in this spirit that we pursued a survey.
The purpose of the survey was really focused on identifying key issues and challenges related to HIPAA implementation of transactions code sets and privacy. Of course, our comments today are limited only to transactions and code sets.
Our goal was really to validate the work that we had done to date, to identify the need for new work products, and also raise important questions, identify key factors that are coming up in the implementation products and, in fact, to recognize that many of the issues that did, in fact, come out of the survey are actually addressed in our white papers.
The methodology that we use, we want to emphasize that this survey is not based upon scientific market research methodology.
As a result, we recognize that the findings will not statistically represent the industry's progress as a whole.
However, the findings do raise important questions and they do provide indicators to larger issues for organizations that are engaged in HIPAA implementation.
I wanted to briefly describe the process that we use. We had a group of volunteers basically from the steering committee draft the survey. We went through a review process.
We had the survey hosted via the web, and distributed links to the survey through our WEDI and WEDI/SNIP e mail list serves.
Because we distributed the surveys to a limited audience, we recommended the results be interpreted within that context.
We assumed that the survey respondents were knowledgeable of WEDI/SNIP and were interested in HIPAA. We also assumed that the respondent organizations are either actively working on a HIPAA effort, or at least interested in doing something.
We recognize that we did not reach all types of entities in our industry, or that are impacted by HIPAA, such as group practices, specialist long-term care, employers, just to name a few.
We intend, and we recommend that the subcommittee use these results for informational purposes in relation to the successes and challenges that these organizations faced in implementing HIPAA, and we intend to continue to use this information to further our initiatives, and also to use it as a basis for educational programs and work products.
In terms of the respondents, we received responses from 214 individuals, with significant response from covered entities.
We wanted to focus our comments today really on health plans and hospitals. We have provided a table here that sort of outlines the number of responses that we received and the size and type of organization.
We evaluated the size of a health plan based on annual revenue and the hospital size based on the number of beds.
It is important to note that the percentages that are referenced in this table represent a portion of the total 214 respondents.
You will notice that we did not incorporate feedback from other entities into this report for a number of reasons, which we will outline in our assumptions.
In terms of assumptions, because, again, the respondents were knowledgeable of WEDI and WEDI/SNIP, we interpret the results within the context of organizations that are actively engaged in HIPAA or are contemplating activity.
We believe that the findings for hospitals and health plans are significant. As a result, that is why we are concentrating our comments in those two areas.
We did receive a moderate response from other types of entities, but we do not believe that the responses were significantly representative of those groups to really get a clear picture of the issues.
As a result, we received a very small response from other providers, which would include dentist group practices, long term care, et cetera, as well as responses from two clearinghouses. Because of the limited response, we did not include their findings in this report.
We did receive a number of responses from business associates. However, because the survey questions were really not designed with them in mind, we really found that the respondents left a number of the questions unanswered. As a result, we are not including their results in this.
We wanted to emphasize that we do have a vendor education sub-work group that is developing a vendor survey that is really tailored to the needs of a vendor's implementation, and we also have a number of other subgroups that are developing other surveys, informational surveys and outreach programs, as a follow on to this effort.
In terms of the findings, we wanted to highlight really three areas: The successes encountered in the implementation process, challenges that are encountered in the implementation process, and needs that we identified from the survey.
The successes we really want to share are the aggregate results for health plans and hospitals that responded. We will try to highlight the differences between the two where applicable.
Basically, we collected the results and ranked the criteria based on the total number of responses received from hospitals and plans. We did not ask the respondents to rank these criteria in terms of importance.
When we asked, what has been your greatest success in implementing HIPAA transactions and code sets, the number one response from 41 percent of the respondents was gaining executive buy in, followed by getting started -- 35 percent touted that as their major success -- followed by obtaining internal resources and finding credible sources of information.
Now, of course, these are all listed in descending order. We also found 18 percent of the respondents found success in interpreting the regulations.
There were apparently other criteria that we did not accommodate in our study. Seventeen percent found success with other areas, followed by technical issues, finding cost effective ways to do the gap analysis, with 15 percent finding success in those areas.
Coordinating with trading partners in testing had much lower success with nine percent and five percent, respectively.
Interestingly, the hospitals and health plans that participated in this survey attributed their greatest successes to the activities involved with kicking off the HIPAA effort or starting their HIPAA effort.
We included executive buy in, getting started, obtaining internal resources and finding credible sources of information.
We recognize that there are successes that may actually evolve as organizations progress through the implementation process.
We also believe that the WEDI/SNIP process contributed to a number of these successes, and that the resources and work products that we provide actually help lower the barriers to implementation.
As an example, we provide credible sources of information through list serves, which papers, which include best practices and recommendations as well as conferences.
We wanted to note that a significant number of hospital and health plan respondents did identify other areas of success.
We recognize that there are, practically, additional factors that our survey didn't consider. Again, that is an activity for us to follow up on.
While hospitals and plans rated the implementation successes fairly consistently, there were a couple of areas where they differed.
We found that a larger number and percentage of the hospitals experience or considered executive buy in as a success compared to their health plan respondents.
In addition, we found that a larger number and percentage of health plan respondents considered interpreting the regulations a success compared to hospital respondents.
We don't really have enough information to interpret the reasons behind that. However, it does raise important questions.
We do believe that the results reinforce the types of issues that our work products and some forms address, and we have supplied some examples through conferences and, again, best practices.
In reference to the challenges, when asked about the areas where they experienced the most difficulty, hospitals and health plans responded as follows -- and again, we have listed these in decreasing order with the highest number of responses followed by the lower.
There was a tie for the number one difficulty. According to our survey respondents, they were related to technical issues and interpreting the regulations. There were 30 percent of respondents who indicated those areas as difficulties.
This was followed by obtaining internal resources, difficulty finding credible sources of information and coordinating with trading partners.
We also found about 19 percent who had difficulty finding cost effective ways to do the gap analysis and getting started.
Sixteen percent had difficulty gaining buy in. A smaller percentage, 13 percent, had difficulty in testing, and another five percent with none of the above.
Now, hospital and health plan respondents did encounter difficulty, obviously, with a number of areas. Interestingly, a significant number attribute their greatest success to possibly overcoming their greatest difficulty.
Those areas would include obtaining internal resources, finding credible sources of information and interpreting the regs.
The WEDI/SNIP process is really designed to identify and address barriers to implementation like those identified in a survey.
Again, our products address critical implementation issues such as testing and coordinating with trading partners.
Now, while hospitals and plans, again, rated the implementation challenges fairly consistently, there were a couple of differences. We would like to highlight two.
One, a higher percentage of health plan respondents experienced difficulty gaining executive buy in compared to hospital respondents.
In addition, a higher percentage of hospital respondents experienced difficulty finding credible sources of information and coordinating with trading partners, compared to health plans.
Again, we don't have enough information to interpret the reasons behind those, but we do think that our forums, obviously recognizing that as an issue, do address those challenges.
In terms of recommendations, WEDI/SNIP will continue to evaluate the HIPAA implementation survey results, so that we can identify other important questions and important issues.
We believe that the findings validate our existing work and also uncover several important needs. In response to these, we would like to impart three recommendations to NCVHS and the subcommittee, in reference to resources, support and guidance.
In terms of resources, we recognize there is a significant need for more, meaning broader and continued outreach and education.
We ask the department for additional resources to help disseminate work products to a broader audience. While we have more than 3,000 people engaged, we need a much broader reach.
We feel the department plays a critical role in helping WEDI/SNIP support this mission.
Two, in terms of support, we believe the survey validates many of the activities and work products that we offer today.
We ask the department for their continued support of WEDI/SNIP and the role that we play in the industry. We believe that, with the department's ongoing support, we will be able to extend the reach of our programs throughout the industry.
Three, in terms of guidance, we believe this survey confirms a strong need for additional clarification and guidance in interpreting the regulations.
As a simple example, we ask the department to create a defined process for handling questions, and that because the industry is focused independent on the frequently asked questions information that is posted on the HHS administrative simplification web site, we find difficulty.
We have no way of knowing what questions are actually in the queue to be answered, or when the questions will be answered.
We ask if the HHS can streamline this process and leverage out communication channels to distribute the information.
WEDI/SNIP believes the survey identifies important indicators regarding key issues that impact the implementation process.
We believe that these very simple recommendations address common challenges faced by the industry and, by responding to the recommendations, believe that the department, working in collaboration with WEDI/SNIP, would bring significant value to the HIPAA implementation process.
With that, thank you for giving WEDI/SNIP the opportunity to share its findings. Thank you.
DR. COHN: Maryann, thank you very much. Our last testifier is Jeff Fusile.
MR. FUSILE: Thank you for having me here to speak. My name is Jeff Fusile. I am a partner with Price Waterhouse Coopers in our Atlanta Office, and serve as the national partner in charge of our HIPAA consulting practice.
Let me first just start by saying that I think this administrative simplification process is a phenomenal opportunity for the industry, and one that people are starting to take hold of and really understand.
My discussion today will be centered around a document that you have in front of you. It is entitled, HIPAA Myths, Practical Realities and Opportunities: The Work Providers Need to Perform for Standard Transactions and Code Sets.
It was written for the provider community, and predominantly for our clients, to help them understand and to dispel some of the myths that existed out there, and part of the reasons why we see, from our survey, that inactivity occurs and things are slow to get moving.
We hope that this will help contribute to that in some form of an outreach, and appreciate the opportunity to be here to go through it.
I will not read the report to you. I will summarize key concepts of the myths and turn it over to questions as quickly as possible.
You can follow through, for those who have it. Pages two through six of this report is an executive summary, and then the remainder is a more detailed version of the same basic myths.
The first myth we wanted to address was the common discussion that we have with many clients, that my clearinghouse is going to do all of this for me. I really don't have to participate in this process too tremendously.
This causes us some significant concerns. Clearinghouses will have a big part in this process. They are not a panacea; they are not a silver bullet.
There is lots of work the provider community needs to do, and they really need to be more educated on what that work is. There has been difficulty in getting some of that communication to them.
The operational changes necessary to identify, collect and populate the required data elements to provide to the clearinghouse, so that they can do their reorganizing and reformatting of the data, to take it from a non-standard to a standard is considerable.
Few providers really understand all the different situational elements that are required, and what situations they are required in, if you have that detailed understanding.
The other thing that we find in the provider community and relying on the clearinghouse, they haven't understood some of the incremental data that used to be transacted along with a claim or along with an eligibility, that was unique to a specific situation, that allowed one transaction to effectively accomplish more than one goal.
Now, with standardization, either both parties will need to agree on whether that data that was necessary exists within the current transaction, or whether there will need to be another mechanism by which to communicate that data. We talked earlier about that DSM-4 codes, for example, might be an area.
Then, looking at the potential for using the claims attachment transaction to actually envelope and bring some of that functionality in, as opposed to creating now two separate channels and work arounds, in kind of a knee jerk reaction to accomplishing the original goal.
To give you some idea of the numbers -- and you may know some of this, hopefully it is helpful -- there are over 900 possible fields in an 837-I transaction, which is the hospital claim, more or less the institutional claim.
There are only 126 fields that, regardless of situation, are always required. Very few people understand that range of volume transaction.
The 126 fields, alone, is never enough to get a claim paid. You will probably never have to submit the 910 or whatever the exact number is, to get a claim paid.
Varying on the situation and the conditions of that claim, the number could be anywhere in between, and very few of our clients, very few of the provider community, really understand those situational aspects of the claims transaction.
To give you an example, when we were talking about code sets today, just to pull one out, there is a significant number of non-medical code sets that were talked about today.
To provide an example, because I think it helps operationalize what the providers need to do, one of them is the individual relationship code, when someone presents in a facility.
Are they the covered individual under the plan? Are they the spouse, a child? Are they a grandfather or grandparent?
There are a series of codes that articulate that. There are about 24 of them. Some of these codes include, are they a significant other. Are they a life partner.
What processes need to be put in place at the point of entry to ferret out which of those is actually appropriate, and which risks exists for a provider if they submit the wrong code and that code was paid, whereas the appropriate code wouldn't have been paid. Are they subjecting themselves to a false claim?
Should they rely on the payer, who might also have this information in their eligibility file, to correct it? Can they rely on the payer?
Those types of things that really need to be understood better, that is one code out of more than 200 codes that need to be looked at and built into the operational process, just the questions you get asked when you present to a facility.
The second method -- I will move quickly -- vendors can deliver HIPAA compliance to providers via software.
We have heard that for a long time now. We have heard a lot of vendors -- and there are a lot of great vendors out there; this is not vendor bashing, a lot of consultants as well -- we can make you HIPAA compliant. Our software is HIPAA compliant.
What does that really mean? It is confusing the provider marketplace and other marketplaces as to I am going to buy something that is going to make me compliant as opposed to, I own compliance, and this is one of the tools that is going to help with certain pieces of it.
Again, we talked about collecting and submitting more and different data. Most of the organizations that we heard from the survey, they are going to be ready to submit an 837.
What hasn't happened yet is, here is what the provider is going to need to get incrementally to what they were getting under the old version, and here are the places in their operations they might get it -- upon admission, upon discharge, on transfer, whatever the case may be.
There is very little communication as to what is actually going to be required from the provider.
We are fortunate, I believe, in that we have a reprieve on time now. We can now build some of that in. Some vendors were claiming to come out with their upgrades second quarter of next year, which gave us three months to build all these operational processes in place, test all this transactional capability, and have things up and running by October.
I have said this to many people, and some people agree and disagree. I really believe that there was a train wreck coming that a lot of people didn't understand.
A lot of providers were going to be ready, and I think they really believed that. I don't think they saw the train wreck.
My goal with this paper now, and going forward, is to make sure that we simply don't delay that train wreck, that we really heighten the awareness to people and what the opportunities are.
Moving on, myth number three, many providers are already HIPAA compliant. Many people believe they are already doing this. They don't understand the differences between the X12 environment, the 3051 version, the 4010 version.
They don't understand the nuances and the significant differences that exist to move from one of those formats to the other.
They don't understand the fact that, while they are using a 3051 transaction today, they are all using different ones, depending on the carrier or the intermediary they go through.
They really haven't been educated yet as to what their educational impacts would need to be, to facilitate the 4010 transactions going forward.
The other thing that they often tend to overlook, because providers tend to focus on the claim, and rightfully so, and hopefully the remit, is the other transactions which today don't occur in Medicare, claim status and things of that nature, the attachment transaction that will be coming, and all the other transactions that are involved in this process, and really add a lot of the administrative simplification.
If you think about it, when WEDI started this process back in 1991, there was a relatively small number of electronic transactions.
For a provider now who has already 80 percent electronic enrollment or electronic claims transactions, they are shifting systems.
They are gaining the benefits of all these different systems, now talking the same language, but they need to understand, hopefully, that they can build one operational process to accumulate all the data, and now speak with everybody in the process.
The other issue that occurs is that they generally don't understand the coding issues, the clinical code sets, and the fact that they today use a variety of local codes, whether it be in Medicaid or other areas, and that they are not HIPAA compliant for that simple reason as well.
They haven't necessarily understood the impacts of unwinding these codes and, as was discussed this morning, the impact on reimbursement.
I am very surprised at a lot of provider situations when they haven't really focused on what is this going to mean for reimbursement.
Will Medicaid remain budget neutral? Probably, because they will look at it in the aggregate. I will use an example. I think California Medicaid put out an example in a report they did a while back, that listed -- there is a series of 20 codes that exist today in California Medicaid, that all map to one standard code.
The payment ranges from somewhere around $4.00 to $74.00. So, you would expect that the blended rate would probably come out to be something in the $35, $36 range, which is fine if you had an equal distribution of all those activities.
If you are a provider who only used and only rightfully submitted the code that reimbursed at $74, you are now down to $36, and what is the value of that.
Now, if you are a provider who only used the code that submitted for $4, what is the impact of that. You are going to have some of that level settings, and the providers really need to understand where they ferret out in that process.
Myth number four, this one is a little bit different. Oftentimes we hear, in the community, gee, we have had 10 years to get this done. We heard that earlier.
There are a lot of priorities in health care, a lot of things going on, a lot of budgetary pressures, a lot of allocation pressures, and a lot of discussion around change.
A lot of that has contributed to the delay of activity. We are hoping that this now clearly will be a line drawn in the sand with some specificity to it, where people will really take action and implement the things they need to do.
Some of the things that change, that have caused people to say to us, see, we were smart in waiting -- things like moving from the NDC codes to the J codes, or at least the proposed move to those codes -- many providers said that would have been a wholesale and pretty significant change to their systems, and they throw it back to us to say, see, we were smart. We waited.
We are trying to balance that with all the opportunities that exist that make it less smart to wait. I think now we have, hopefully, a line drawn in the sand and some clarity around what we will do going forward.
Myth number five, Medicare already does it. Therefore, it should be pretty easy to do for everybody else.
Just to make it clear to our providers, we use the institutional side, the Medicare Part A side, as an example. There are only two Medicare Part A adjudication systems in the country, the APAS system in Arkansas and the FIS system down in Florida. Those are the only two. That is a matter of remediating two systems.
There are payer systems out there that have 10, alone, to remediate, who don't have standard code sets, who don't have standardization across the board.
The translation of the impact to Medicare, while it will be significant, to even the impact of a small provider and payer relationship may not be one that you can say, if it was easy here, it will be easy there.
There will be a lot more of unique unwinding in each unique relationship. Typically, the provider to Medicare relationship has been a pretty standard one across the board, wherever you go.
Myth number six, HIPAA compliance will be much simpler for small providers. We hear that all the time. As you might guess, our market is not focused and centered around the small provider.
The information they give to us is that this will be pretty simple. We will buy a package. We will do this, we will do that, we will put a lock on the door, whatever the case may be.
In fact, what we think is that, when we wrote this paper with the looming deadline and the lack of vendors ready to really support this market, that they were going to have some significant challenges.
What they were going to do is, CMS had actually offered to put out a software package that you could key into and submit your claim electronically, which is a great solution to get a claim submitted.
If you are a physician or a small practice, really trying to integrate this stuff to make yourselves more efficient, what that process would require is you entering into this and then entering it into your practice management system.
The duplication of that effort and the inconsistencies in that effort, while you are getting compliant, you actually might become less efficient in the entire process, which seems to be the exact opposite of the goal.
Number seven, state governments only need to worry about Medicaid and their state employee group health plan.
State governments are much further up the curve today than they were six months ago when we were dealing with this issue.
Medicaid is going to have significant impact. The employer group health plan, for the various states, is going to be significantly impacted, but so are a lot of other organizations within the state who rely on this data, who obtain it from the provider, who have all these different mechanisms and communication systems in place today that are now going to change.
Our biggest concern with this, from the provider's perspective is that, in addition to all the things that they are going to need to do to get themselves compliant, they are going to be barraged with a lot of requests from the state to set up other mechanisms to continue these processes.
EPST reporting in Medicaid, for example, that data is looked at longitudinally over time. At some point we are going to have these codes and these codes. What is the process going to be to map and translate that.
While it is going to be important from a policy and a public health perspective, it is going to be an incremental time to becoming HIPAA compliant, if you will, in the provider community.
Number eight, which is the one that we really wanted to drive home to most of our clients was, HIPAA compliance equals administrative simplification.
It is not true. You can, in fact, become HIPAA compliant and become more complex, less simple, and less efficient along the way, if you took the approach that, we are going to do whatever we can do to achieve compliance with the least amount of cost in the process.
We encourage everybody to look at the value of what they are spending versus what they are getting. When your vendor says, we will be ready to submit an 837 claim, ask the question, will you also be ready for us to check status of that claim on line.
Will you also be able to allow us to push the button in your system and check eligibility for the individuals who are scheduled to appear tomorrow in our facility.
Will it pre-populate that eligibility information into our claims so that we can avoid keying areas.
It is one thing to be compliant with the communications. It is another thing to integrate and really build efficiencies into the opportunity.
With that, I will stop and turn it over to questions. Thank you very much for your time.
DR. COHN: Thank you. I think I want to lead off by thanking all of you, I think, for what has been some really wonderful testimony.
I don't know that I have a question, more of a comment. Actually, as I listened to all of you, I found tremendous similarities in all of your comments.
What I am sort of hearing almost uniformly is that we really are in an early stage of implementation. I heard that from Jim, your views, from Gartner, Joyce, I listened to your comments about vendors. You kept using the future tense for readiness for implementation as well as the conditional sometimes. So, I think that sort of goes along with that.
Maryann, when you were commenting about the challenges and successes, they were actually early issues that Jim brought up in his level one and level two implementation.
I didn't hear anybody describe their greatest success as fully testing and implementation of the standards. It is, once again, those earlier issues. Jeff, I think you sort of put it together.
Well, I guess I am sort of thankful about the wisdom of Congress in terms of giving us a little more time to get people up and running.
That is not really a question, but just thank you for providing me, I think, a global view of all of this.
Now, do any of you have any questions or comments? Kepa, would you like to start?
DR. ZUBELDIA: Sure. I have a question for the entire panel. Now that we have an imminent delay, just waiting to be signed by the President, what are the chances of this train wreck, that Jeff is talking about, happening 12 months later?
Is the effort going to slow down and say, okay, we get some extra time, let's go celebrate Christmas, or are the efforts going to continue to try to do this on time?
MR. KLEIN: In our survey, one of the surveys that we did, we asked people about the effect of a one-year delay and a two-year delay would have on them.
On the side of the payers, what they said was that they would -- primarily they would use the delay to take a more strategic approach to compliance, to gain more of the benefit -- economic benefit -- in business process reengineering.
They have a different perspective than the providers. The providers can do less, they can deal with the ripple effect and, to some extent, get some automatic benefit, because they go from having to support a wide variety of formats to supporting one format. That is kind of a straightforward benefit for them.
The providers, though, are really in a situation of having, to some extent, the Federal Government come in and sort of tell them, at least, how they are going to do a major portion of their business.
They have been doing it very differently for a long time and they have been doing it from a position of economic power for a long time. They have been telling the providers how to jump and how high to jump and how many times to jump.
Now, if they want to get the benefit from this -- and remember, the time between when this initiative got started and when it actually got started and made a regulation, the amount of claims volume increased dramatically.
They are getting a lot of the benefit from electronic claims, a lot more than they got, than what they were getting in 1992.
For them, they have to do a lot more. It is more complex for them. So, they are looking at the delay, and I think if you remember the debates that were going on, they were the ones who were arguing forcefully for a longer delay. They say they are going to use it strategically, and my personal opinion is that they will.
On the provider side, though, I think it is more that there is a danger that this will cause people to go, whew, and take a break.
That is why, as I said in my remarks, I think including in the delay a requirement that they file reasons why they couldn't be compliant, and at least a high level plan for what they are going to do, and that that be a document that is signed by an officer of the company, I think that would be something that would tend to prevent it.
I think there is still a significant chance that, particularly on the provider side, they will relax and that we may still be facing a problem, you know, a year down the road.
MS. SENSMEIER: I would say that, in my opinion, the delay issue at least is now resolved. There was so much hemming and hawing, is it going to be delayed, is it not going to be delayed, what is the requirement.
People had sort of one foot forward and -- you know, one step forward and one step back, in a spin, so to speak, wondering what actually would happen. Now that is answered.
I think the other positive is that we have a bill that is moving forward that has requirements to it, specific conditions to it, I should say, so that it is not just an open-ended delay. So, that will answer folks' question with regard to that.
As far as the vendors are concerned, I think they realize that they have to be ready first. Their progress needs to be continuing.
They have made significant progress. Obviously, they have more to do. I think this will encourage them to continue to move forward as they have been.
MS. YEAGER: I would like to comment in reference to what WEDI/SNIP will do, given the changes. We will be reworking some of our white papers to basically evaluate the impact of the timing.
One in particular, we actually had a conference call to discuss the impact in the transaction sequencing white paper.
We really view the impact, in terms of our activities, in terms that they will intensify, and that we see the need to leverage this as an opportunity to broaden and deepen the education even more, to ensure that the challenges that the industry will encounter will actually have best practices and resources to guide them through the process. That is where we see our role in the future.
MR. FUSILE: I will add to that, not to kid ourselves, there is the potential that people put this on the back burner. We are seeing people already say, whew, thank goodness.
Hopefully, that is just for the holidays and they come back from the holidays ready to roll.
Some things will help support that. One of the biggest contingencies that everybody I was dealing with said was, well, when worst comes to worst, we print paper and send it.
The legislation now has some issues to address that. It takes that contingency away, that kind of reprieve to say, well, if everything else fails, we will do that. So, I think there is a bit of a stick there.
I think the testing requirements to start external testing in April of 2003 effectively reduces this extension to six months, because you need to be ready to test then.
Prior to then, everyone was planning on testing in October of 2002 and hoping it worked. Now it is April. So, you have really only gotten six months.
A lot of people were sitting on the fence in November and December to see how this was all going to shake out.
So, you lost six months of the one year there. You lost two months in your delay until now. You have effectively got four extra months, and can you really afford to sit on your hands, because in four months you will be where you were when you asked for a one-year extension.
So, we are going to be pushing that and we hope that a lot of others will help us push that forward, because it is really important.
DR. COHN: Scott, did you have a comment?
DR. TRAPP: As a provider, I find delay completely unacceptable. We are ready to go. You put a delay in again and that just opens the door.
You told them, well, we delayed it once, we will delay it again. The question was, what are the chances of, if we implement a delay, will there be another one. It is 100 percent.
They will be at the door again, asking for yet another delay a year from now.
Time has shown this. We have known about HIPAA, although the standards were not released, since 1996.
What I do and how I look at this and why I am very adamant about this is, I have been trained over the years to provide care to my patients.
Put yourself in that chair. What would be in the best interest of you. The same sense applies here.
What is in the best interest of all these patients across our country? Right now, every patient in this country spends $1,000 a year to hand a piece of paper to the insurance companies, and have the payment back.
Administrative costs are costing us 25 percent of the total health care dollar. Unacceptable, completely unacceptable.
When we are looking at this, we have got to look at it from the patient perspective. They are our customers. They are the ones who drive the whole system.
When we look at this, should we draw a line in the sand and say, 2002 is the deadline. Maybe we can have a little bit of latitude about enforcement. Give us another year for enforcement, but don't delay. They will just be at the door asking for another one a year from now.
MR. KLEIN: I think that is a really cogent statement about why we are doing this and why we did it, but I don't agree. I think that there are a lot of just realities of the situation.
I do agree that there will be a tendency to relax. I think there is a public relations aspect of this that the government has to follow through on now, with the passage of this bill.
The best possible aspect of it, in my fantasy of it, would be for the President and Secretary Thompson and a couple of key senators and a couple of key members of the House of Representatives to hold a press conference or whatever, to remind people that this was pushed through with unanimous consent and whatever, and to warn them that, you know, this is it. This is not going to happen again. Don't show up at our door. I will veto it, I will block it, I will not endorse it. It is not going to happen. I think that would go a long way.
We saw over and over again, in surveying this process, that people just put whatever spin they wanted on, you know, whatever news was out there, and that there was uncertainty.
The process of deciding about a delay exacerbated the situation and slowed people down. I think Gartner's position would simply be that it is just a reality. It is just a recognition of what the situation is. It is not so much policy.
Some active things need to be done to make the executive and the legislative branch's position absolutely clear on this, to reinforce, you know, by appropriate formal statements, that the administration and the Congress remain committed to the goals, and that they will use all means in their power to prevent the improper interpretation of their action and to encourage any further foot dragging.
MS. BURKE-BEBEE: I have a question for Maryann. WEDI has offered us three recommendations, and one is the continued support for WEDI, also to streamline the process of our FAQs, and thirdly, which is the one that I am going to ask you about is the resources. You are asking for additional resources to help disseminate your work products. How would that happen?
MS. YEAGER: We really see that the resources could come in terms of funding or people resources to assist and participate in our work to help disseminate the work products, and to continue just to share information, whether it is through list serves or web casts or participating in conferences.
I think it could come through any number of means. We didn't really have a definitive response in terms of specifically what we needed in terms of resources. We just wanted to open a dialogue and see what kind of resources we could add to the process.
MR. SCANLON: I have a question about sort of the very best practices end of the spectrum. My question is, in your experience with your own clients and the folks you interact with, are there any entities that actually will have, or will already be in compliance early, because they were doing other systems work, because they planned well. They would have met the October 12 deadline or they would have even been there earlier.
Is this such a one of a kind situation that only the unusual entities could have accomplished it? Are there entities that others can learn from in this regard?
Is really no one at the point where they can say that they would have been honestly in compliance on October 12?
MR. KLEIN: I think there are a number of significant players that could go forward with this. A lot of it, though, assumes -- you have to have enough other partners to do significant testing with it.
It is not just a question of your own internal readiness, but you have to have a significant number of people that you are going to do business with, you do trading partner testing.
There are some state Medicaid agencies that are ready to go, but most are not.
MR. FUSILE: I would agree with that. What I would say is that the folks that were furthest along were going to be seriously able to test, able to send and receive transactions but not necessarily brought in all the unique permutations of data that come, and see how they actually operate within what they have remediated their systems to or replaced.
If you look in the back of this paper at the appendix, there is an appendix 2. It describes, as best we could describe it in layman's terms, the testing levels, just to understand what the levels are.
Many of the people we have seen in our practice, that say we are now ready to go, fail level one, much less level two through whatever you want to go up to.
There are people who are significantly far down this path. Until you get all that kind of different permutation going, it is hard to say.
DR. TRAPP: I will give a small shot at this. I don't know if it is really what you are asking, but we just went through an experience.
I happen to have a practice management system that has been gobbling up all kinds of other practice management systems, all these mergers taking place in the marketplace.
One of the things that came out of that is that they needed to change their electronic claim format to become HIPAA compliant.
As a beta tester, we had to go through that process. Two weeks, that is what it took, two weeks to convert it, pull the data, run it.
MR. BLAIR: By the way, let me echo Simon's comment about how helpful the testimony is. The question that I have is, the extra time could be a benefit and WEDI/SNIP provides guidance in terms of how a rational test plan could be set forth.
The piece that is of concern to me -- and I guess I would like your thoughts on this -- is that even if almost everyone wound up looking at the HIPAA SNIP guidance, and even if they worked with Gartner and Coopers and all, do we still need national coordination of some kind for the testing?
I am a little concerned that there might be a certain degree of chaos in various ways without some type of national coordination for testing between providers, payers, clearinghouses. May I have some thoughts on this?
MS. YEAGER: I think I can start there. Absolutely, from a WEDI/SNIP perspective, we strongly encourage and support a national coordination through and across the implementation process.
In addition, we recognize the importance and the growing reliance on regional efforts in helping facilitate this process.
Because health care is a cottage industry, very locally and regionally based, we believe that both a national coordination looking at the global or broad issues across our industry and then drilling down into very specific -- for example, identifying state Medicaid local issues, and helping identify and develop educational strategies to help providers through that process are going to be extremely important as well.
MR. BLAIR: Do you need help from HHS for that coordination or do you feel that WEDI/SNIP and the regional efforts are sufficient?
MS. YEAGER: We absolutely need help in terms of resources, guidance and support, and to really fuel that effort on a broader scale and a deeper scale both nationally and regionally, absolutely.
MR. BLAIR: You said in terms of resources and guidance, but is it possible -- I guess I am looking for something a little more specific.
Is this something which needs to be turned into the form of a specific recommendation in terms of what is needed from HHS to provide coordination and enable success?
MS. YEAGER: I would say -- and this still may be too broad -- collaboration and communication with sharing CMS' efforts in addition to tying that into what our efforts are. Jim, do you want to add to that?
MR. SCHUPING: Sure. It is a little bit of a difficult question to get a handle on, Jeff. What we are thinking in terms of is, as we move further down the road toward implementation, we would need support, funding, et cetera, to conduct case studies.
Someone referred before, is there something successful going on out there that we can take and document and hand over as a how to.
These are the things that we are looking for right now as we go through the WEDI/SNIP process at the local levels.
Where we find successful case histories, where we find successful relationships between the trading partners, we would like to be able to document that, put it into some other kind of a prototype that others could then use. That would be one example of what we would be trying to do with that. Is that helpful?
MR. BLAIR: I think that I understand that. That is sort of like -- at least my understanding is that WEDI/SNIP is basically winding up saying that, if you wind up following the WEDI/SNIP road map, that that time frame as an institution or as a region, that you will be able to be in compliance by such and such a date.
That is extremely important and extremely helpful. My concern is that, as we get to those last few months, are there going to be certain payers that are simply going to be overwhelmed trying to coordinate the tests with providers, because it hasn't been laid out in an orderly manner on an overall national basis to be able to say, we are going to handle these particular regions of the country this month, the next month we are going to handle these, and the next month we are going to handle these.
Am I not understanding the depth and breadth of coordination?
MR. SCHUPING: No, in fact, we have had some brief discussions along that same line, Jeff, trying to come together, bringing the key stakeholders together to kind of outline a national full implementation plan, a blueprint, if you would.
It would be kind of A through Z, the things that we need to do as an industry to hit the target, without any guarantees, but it is a plan to go forward.
That is kind of what we are struggling with right now. What does that look like? How do we pull that together? Who are the key players and what kind of resources is it going to take, both personnel wise and dollar wise to get that job done.
I think that is probably very much a priority for all of us right now, is to move in that direction as quickly as we possibly can.
MR. BLAIR: Thank you. Any other folks have any thoughts on this topic?
MR. FUSILE: I will take one stab at it. I think creating the details of how you would go about testing would be challenging, because it would be so different for so many different participants.
Some of the things that can be done to tie some things together is the format of the plan that people will submit for their extension, when they might start their internal testing and when they might start their external testing, which I think is in the rule as April.
Some putting forth of an enforcement document which also talks to this issue, and that if I were in charge of enforcing, one of the things that I would look at is a level of due diligence, as when did you begin your process. When were you beginning to internally test, when were you beginning to externally test, to kind of force some understanding that there is going to be accountability in that process.
The specifics of how you would go about it are awfully challenging and that I would defer to our friends at WEDI/SNIP.
DR. COHN: Other comments? We need to wrap up. I think there are two more comments, Kepa and then Mike, and then we will finish the panel.
DR. ZUBELDIA: My question centers on the WEDI/SNIP recommendations for deployment. There is a deployment schedule and, in the white paper, there are two different deployment schedules, one with a compliance date of October 16, 2002, and another one with a compliance date of October 16, 2003.
There are several steps in the deployment by transactions groups and also by how much is done by certain dates.
There is something called beta testing and then systems readiness and then full implementation.
The beta testing says that it is a date that they will begin pilot testing with their trading partners. Systems readiness is when you are actually taking transactions into production. Then, full implementation is when you have completed the conversion.
The white paper that shows the schedule with the October 16, 2003 shows a beta testing with your trading partners for the 837 and 835, which are the primary transactions, of October 1, 2001.
Systems readiness, to take them into production, of February 1, 2002, keep in mind that this is the schedule with compliance in October 16, 2003, which is the extended schedule.
So, systems readiness of February 2, 2002 for the claims, eligibility will start the beta in February of 2002, with readiness in May of 2002. How are we doing? I still see that train wreck coming.
DR. COHN: I think we already heard how we are doing.
DR. ZUBELDIA: Concerning these two dates, is this schedule that WEDI had revised with a 2003 completion date, is it going to have to be revised again? I mean, I am still scared.
MS. YEAGER: I think just in reference in the context of that particular paper, that that paper in particular is being revisited to assess not just the impact of the new time frame, but to really peel back the layers and look at those time frames more closely, just as a context.
DR. COHN: Mike, would you like to have the last question?
DR. FITZMAURICE: My pleasure, Simon. I think it is probably worthwhile noting the resources that HHS has put out there so that others can take advantage of them, as well as the people around the table.
HHS is engaged in quite a bit of outreach. This has been presentations by department representatives, availability to answer questions, having an outstanding web site where you can look at questions and answers, electronic copies of notices of proposed rule making and final rules, even a schedule for when we hope they will be coming out, meeting announcements, NCVHS reports, and letters to the Secretary.
It has been noted that Jim Klein said that one of the biggest problems was getting executive buy ins. Maryann Yeager said, that has been one of our biggest successes. Forty-one percent of the respondents said, that is our biggest success.
I grant you, 59 percent didn't say that, but the question would be, what increases this awareness. What gets budget allocated to this. What gets implementation teams set up within an organization and what can HHS do to foster that.
MS. YEAGER: I would say that I firmly believe -- and this is my predisposition to education -- that it starts with, is driven by, and ends with education and awareness.
One of the biggest factors that we found was educating the executives regarding not only what HIPAA was, but the impact to their organizations and their obligations to comply.
Also, I think taking the mystery out of what it actually takes to address HIPAA. I think initially there was so much misinformation or confusion around what this really meant that, until the executives could get their hand or their arms around what the issues really were, and specifically what they needed to do, that they were cautious about jumping in and just throwing resources at something.
I think they want to just take a strategic perspective. That is their role with their organization.
MS. SENSMEIER: Just to add onto that, I agree. I think education is a big issue. Part of the problem is that the executive level is very far from the transaction, the detail of this.
This is in the weeds and they are up here, and they didn't have the people in place to help them understand what this meant.
Part of this process has been getting the privacy officers or the whole HIPAA team in place to move forward, as well as to breaking it into its logical components to see who had to meet which part -- what had to be in place for each part of the rule in order to even go forward.
I think it was taking the elephant, getting the people to understand it, and then breaking it down. That took so much time and energy, and at the level that it needed to be addressed, that was a very big challenge.
DR. TRAPP: One way to get an executive -- and you are going to think, what does a dentist know about executive decisions. I am just completing an MBA. So, we understand some of these levels of thinking.
Other than somebody had suggested before the two-by-four approach, there is another way of doing it. You need to show common sense of case studies. It was suggested earlier that we have got to show that, and we need to show that in great financial detail.
All this is, the transactions, the whole HIPAA, is project management. We need to go through, do some case studies, and do a complete retrospective review of the successes, and show the dollar cost savings by implementing these projects.
These executives, when they see another company saving millions of dollars by going to electronic transactions, they ain't going to just let that person go by the wayside. They are competition.
We have got to implement. We have go to compete with those folks. That will get their attention and it will get it quick.
MR. KLEIN: I definitely agree with that. I think that what we have probably done less well is to target the executives with the education.
I would look at the work that WEDI/SNIP has done and I am very appreciative of it. I think it has done industry an enormous service.
Anyone who can contribute to it by releasing people from their organizations to participate in that effort, anything the government can do to assist that effort would be enormously helpful.
They have acted as a tremendous multiplier in the industry, and my compliments to everybody who has participated in that.
What I think we have missed the boat on, because there hasn't been a spokesman for it sort of societally, is to keep reminding people why we are going down this path, to keep reminding people what the pay off is for society.
It is huge, and it is enormous and it is real and it is there. That pay off has a component inside individual organizations.
I don't think we have energized the executives in health care to appreciate and then communicate this message to their organizations.
I think case studies would go a long way to show a community hospital, to ask them to sort of go into the back room and find the long-term career people in their finance department who do nothing, day in and day out, but deal with the fact that they are submitting 20, 30 and more different formats, and that they have all this specialized knowledge about what the requirements for each thing are, and how to get around them and how to play all the various games.
Contrast that with the world in which there is a much higher rate of auto-adjudication and the claims will come back easier, and there is only one format that your information system, as a provider, puts out.
I am not naive enough to think that this is a perfect standard and it is going to eliminate all problems. It is not.
It is going to dramatically cut back the amount of individual manual information that both providers and payers need to get that done. That is where the 25 percent is.
I sat in on a meeting several months ago that was an AFFEC meeting, and it was a public meeting, so a lot of people came who hadn't been participating in the process.
I guess I was in my ivory tower. I was just amazed at how much primary education had to go on, how much questioning there was as to why are we doing this.
So, we have lost our sort of societal memory about why we were so enthusiastic about pursuing this. I don't know who is the right spokesman to jump up and do this.
We need some visionaries and leaders to step forward, grab the microphone, and rally everybody about why this makes such incredible sense.
MS. YEAGER: As a follow on to that, to both Scott's and Jim's comments, when questioned, what sorts of resources would WEDI/SNIP find of value, we have contemplated for a while actually publishing a new study regarding the cost savings and benefits, basically the business case for EDI.
Basically, that would be of phenomenal value to the industry, and that is a wonderful example of how the resources could be used to further the HIPAA business case.
I think that is a big driver for executives. I talk to hospital CIOs all the time, and they challenge. They really want to see the numbers, and we need a strong business case.
MR. FUSILE: I would agree with that. Just real quickly, two quick thoughts. One is that everyone continues to look at HIPAA as its ultimate goal and not that it is probably the first step in a longer-term process which really facilitates the quality of care.
When you make that connection with an executive, you start to get buy in. At the end of the day, you are going to compete on your quality of care, and this is the first step to that.
The attachment starts to link us to it. The medical record will really start to make it expansive, and evidence based medicine and things like that will follow what you set in place today.
Now, the practical side of the executive is, what the executive is hearing from his team is, we are fine. We are going to these meetings. Gee, we have committee meetings every week. We have been talking about this. We are going everywhere. Things are fine. So, when you go talk to him he says, things are in good shape.
So, something to bench mark against, to say, fine, have we done this. We were supposed to have done this by February. Have we done it? Well, not yet. What do you mean, not yet? I thought we were fine.
Giving them some milestones, or something, like have we done this like we were supposed to, yes or no, and making that a little more real, I think, would help us go a long way for the most senior executives.
DR. COHN: We need to wrap up this part of the panel. I do want to thank you. This is obviously not going to be the last time we talk about this. We are just beginning to enter into the discussion.
I am sure we will have a whole day in February where we will get a little more concrete about the things we can do to help ensure successful implementation.
I do just want to take a minute. It was brought to my attention that there was no discussion of pharmacy readiness in this session. I know Lynn would like probably to add a couple of comments, if you would be willing to, knowing that you will have more than enough time to in future sessions.
MS. GILBERTSON: This is spur of the moment. Yes, I just wanted to make reference to the fact that the presenters were all discussing studies on the X12 transactions, and there was the other side of the industry.
This is not the forum, at this point, to go into the details, but I think the pharmacy industry, to my knowledge, was ready to proceed along the 10-16 2002 date.
There was not, that I am aware of, any effort to ask for delays, that they were ready to go.
What the industry is facing at this point is change of current business practices of significant impact on billing of supplies, professional services, and the code sets for those.
The other side of the impact to the pharmacy industry is a couple of statements in the privacy regulations that affect our named transactions.
Instead of the industry spending a lot of effort on plans and moving forward, even though individual businesses are doing that, as an organization, the NCPDP membership is spending all of its time discussing supplies, professional services and the privacy regulation's impact to our specifications, which is probably not the best use of our time.
At some point, those factors are impacting our implementation schedules and our efforts, and at some point the committee may be interested in hearing more about that.
DR. COHN: Thank you. We will be hopeful that the Federal Government will actually -- I know in the law there is money to provide better outreach and hopefully answers to questions from HHS.
On the other hand, there is a difference between this bill and the actual appropriation of the funds. I guess there is the authorization and then the actual appropriation, from what I understand from people who are more familiar with how this all works.
I want to thank you. What we are going to do for the next probably half an hour is talk a little bit about the house rule 3323, impact on us, and sort of next steps.
Hopefully we will spend a couple of minutes on the annual report, which I think we are beginning to see what it is beginning to look like at this point.
Karen, do you want to lead off this discussion? Then we will spend just a minute or two talking about the second day of our next meeting in February.
MS. TRUDEL: The HR 3323 does include a specific role for the committee in the review of model compliance forms.
It requires that the Secretary shall promulgate a model compliance form that people can use in drafting a plan.
It talks about what would be in such a plan, which includes an analysis of why the person thinks they are not going to be compliant, budget schedule, work plan, implementation strategy, whether the person plans to use, or might use, a contractor or another vendor, and a time frame for testing. That begins no later than April 16, 2003. It also says that the plans may be submitted electronically.
The committee's role, obviously, is in its advisory capacity to help us figure out what needs to be in the model plan.
On top of that, there is a specific role in terms of analysis. The Secretary is to furnish the committee with a sample of plans that are submitted, redacted to remove any trade secret type information.
It says that the committee shall regularly publish and disseminate to the public reports containing effective solutions to compliance problems identified in the plans, and that the report should not relate specifically to any one person's compliance plan, but needs to be written for the purpose of assisting the maximum number of people to come into compliance by addressing common and challenging problems.
The big question obviously is, how are we going to do that. One of the concerns that the department staff had is that if it is read very strictly, it seems to have a completely different role envisioned than what the committee normally does.
We think, however, that what the intent of Congress was, was to use the plans to point toward significant issues, not necessarily to find the solution to those significant issues in the plans, but to use the plans just to trigger what the questions might be.
The committee has, and always has had, the ability to do hearings, to consult with people, to take written and oral testimony, to make recommendations to the Secretary.
We think that this process is probably not that much different from what the committee normally does.
There is also the requirement that the committee consult with the four organizations that are specified in the Social Security Act as advisors to the Secretary, and also the DSMO organizations that are specified in the final rule.
With that in mind, I guess we want to talk about probably how the subcommittee wants to work with the process of developing the plan in the first place, and then what we need to do to start the discussion of how this entire process would work.
DR. COHN: I guess just recognizing -- I tend to put one foot in front of the other when dealing with one of these.
It seems like the very first step has to do with development of the form, and the questions that are being asked of industry and all of this.
I know that you are obviously in the process of discussing with internal lawyers about what exactly process that would take.
I would imagine that, assuming that the time lines are compatible with our meeting dates, we may want to take testimony and get input on exactly what sort of information would be most useful, and provide some input into that form design.
I think that is probably issue number one. Obviously you are speaking of much larger issues of how, as a country, we really move forward, identify issues, come up with solutions.
We have heard some suggestions from the group today and we probably need to get wider views from all the DSMOs, the consulting organizations and also the industry about how, as we move forward with this, we can do things that are of maximal benefit.
I am not sure in my own mind that it is necessarily the role of the subcommittee itself to write white papers on all sorts of solutions.
On the other hand, there may be ways to authorize the development of suitable white papers that might be of benefit to the industry, or recommend to HHS that, with limited funding, such things occur, assuming that there was actually money appropriated for outreach and assistance with implementation. That is just one thought. Marjorie?
MS. GREENBERG: A few things. I think from what we heard from this panel, and the anxiety that was expressed to my left here from Kepa was that, if people don't have really very specific milestones and marching orders, et cetera, the deadline of 2003, October 2003, could come around a lot more quickly than right now people who are sighing relief realize.
I think that makes it important that the model plans or whatever ask for some very -- get some commitments.
Also, our dental colleague made a good point -- maybe it was he or I don't remember who it was -- that they are going to have to sign off on these plans at the highest level of the organizations. So, this may be a bit of wake up call or also a commitment that they will feel they need to keep.
I think it is really important to identify the most critical information to get people to kind of commit to, into their milestones, as opposed to the myriad of milestones that I am sure are necessary to actually make this happen.
I think it is important to put that in the context of the language the Senate used -- and I have a few copies of this here -- when they passed the bill.
There was a great deal of concern expressed by my home state Senator, Dorgan, as well as several others, that as it is put here, these compliance plans called for the House bill not be unduly burdensome.
There is about a half page of discussion here expressing that concern, that this not become -- that by releasing people from the 2002 date, we not straddle them with an overly burdensome requirement here on plans.
It seems like the most critical thing would be to identify the most important milestones or commitments that are necessary, and include those in the plan, and not make the plans have everything in them but the kitchen sink.
I just share that. The other thing I wanted to mention was that, although I am all for creative interpretation, it does say here, on page four, that the National Committee on Vital and Health Statistics, shall regularly publish and widely disseminate to the public reports containing effective solutions to compliance problems identified in the plans analyzed under subparagraph A.
I agree with Dr. Cohn that there are some creative ways we can do this. I do think that, given the propensity toward delay and pointing the finger, et cetera, as the executive secretary, I have to express some concern that, if we don't want it said at the end of the day, that people were not able to comply because the national committee did not do what they were told to do, which was to regularly publish and widely disseminate these reports.
I do not think personally that it is the role of the committee itself to come up with effective solutions to these compliance problems. It is not something that really the committee is equipped to do or really the role of an advisory committee.
I think the committee does need to take this seriously since it is the language in the law -- and I welcome the opinion of my esteemed colleague, Mr. Scanlon -- and come up with some very specific ways that they are going to be responsive to this so that, at the end of the day, people do not say that they could not comply because the national committee did not provide this information.
DR. COHN: We will let Karen go first.
MS. TRUDEL: I agree with you, Marjorie, but my reading of this doesn't require that the committee develop solutions. It simply requires that they publish them.
We have heard through the WEDI/SNIP discussions, and there are any number of other groups out there, that are looking at these issues.
I think one of the roles that the committee could take on was to do exactly what Maryann was suggesting. Wherever the committee finds a solution to a significant problem, no matter who has developed it, the committee can then take on its role of disseminating that information more widely so that more people can see it.
MS. GREENBERG: I basically agree.
MR. SCANLON: Two things. The plan itself, the model compliance acceptance plan, first of all, the statute gives some guidance, minimum guidance, as to what is to be included.
I think, again, the lawyers will decide what exactly the scope or the framework or the boundaries of such a thing is.
Generally, one is advised to follow what is included in the statute and not a whole lot more. Again, the issue of facilitating compliance rather than a burden and diverting attention from compliance is a careful balance that I think everyone will have to do.
There is not a lot of time. Besides, it is a model anyway. So, I think one has to be very careful not to get wonkish about what the details of a compliance plan should be.
Then you get into problems of just simply diverting attention from the real effort of moving forward on this, and there is a tendency toward wonkishness in Washington.
Second, we have to be very careful in terms of the committee's role. The committee is not in a regulatory capacity and we cannot give the committee an operational governmental function.
I think what is envisioned here is that the committee play to its strength, which is to look at sort of a summarization of the plans, what are people indicating is their real, either explicitly or indirectly, the real problems and obstacles in compliance, and focus on guidance and advice, not try to give specific solutions to compliance.
I am not sure they would have any legal status anyway, outside the regulatory framework. At any rate, the committee can always do what it does very well, which is identify the issues, shine a light on what some of these possibilities may be, not suggest that a specific solution is a compliant solution, necessarily.
DR. FITZMAURICE: I am not going to say too much more than these people, lest I be accused of being more wonkish than I am.
I would suggest that we have been told to talk to the bit four and the DSMOs, which there is a lot of overlap there.
I wouldn't be surprised but what they could give us assistance with the plan development and how to analyze it.
That is a countable number of letters coming in, for example. As we make known the need for case studies as these issues come up during the course of the year, I will be scenarios will be coming up.
What we can do for publishing, is publish them on the web. It can be the result of having a hearing. It may be the result of staying in tune, and looking to see what the issues are in the plans that come in, sample the plans that come in, and what the scenarios are that match those issues, and being the coordinator of this.
It may not take an awful lot of resources, but certainly some resources, but it means applying our judgement as to what are the important issues and reporting back to the public.
MS. BURKE-BEBEE: After hearing Jim talk about the model, and it sounded like a more general approach, it made me wonder if there could be missed communication, where we are looking to them and they are looking to us for the same thing, and it slows down the process.
In other words, if the industry is looking to us for a solution, the compliance solution, and we are looking to them for the compliance solutions -- and I am talking about details -- is there going to be a missed communication and will it be slowing down a process. That is very key here, to timing.
MR. SCANLON: There are two issues, Suzie. The model itself, I am sort of separating the model for the compliance acceptance plan, which needs to be filed at HHS, prior to that October date, versus the analysis of those plans and the identification of directions for compliance later.
I think we almost have to think in two terms. So, ultimately they will come together.
We don't know necessarily -- we have general structure for what that compliance exception plan should be, what it should address.
I don't think it is necessarily at a level of detail where specific solutions would be. In fact, I doubt that a company would provide a lot of detail of a confidential and trade secret nature at any rate, in something that is likely to be FOY-able later.
I think the specific compliance solutions would probably have to come later, after hearings and after analysis.
DR. COHN: Kepa, Marjorie, and we need to sort of finish up here.
DR. ZUBELDIA: Jim, I am a little confused, because you keep referring to a plan. From what I read, it has to be just a form. The plan is filed by the covered entity.
The committee would have to develop, or the HHS would have to develop a form in which the plans would be reported.
MR. SCANLON: Exactly.
DR. ZUBELDIA: That could be much simpler than developing a plan. Then, I agree with Mike that -- there are two different things. One is develop a plan for compliance. The covered entities have to do that. HHS has to develop a form in which they will report that plan.
The form could have open spaces that say, describe here your plan or attach a document with your plan. Isn't that what we have to do?
MR. SCANLON: Yes, but that is referred to as a compliance --
MS. GREENBERG: The plan is submitted on this model form.
DR. ZUBELDIA: But it is their plan.
MR. SCANLON: It is their plan, absolutely.
MS. GREENBERG: There is an extensive plan backing that up probably, but that isn't submitted.
MR. SCANLON: They don't have to submit that to us. These forms are referred to as a compliance exception plan, apparently.
You could have more details back at the ranch, but this form would outline what questions you need to address, to basically be accepted.
DR. ZUBELDIA: The IRS gives me a form and I file a tax return. It is the same story.
MR. SCANLON: It is questions, exactly. You fill in your own.
DR. ZUBELDIA: In the form, I think there are some fields that we should have published on the web, like Mike is saying, things that are going to be important for the entire industry to know who has filed a plan, and what are their compliance dates.
Otherwise, trading partners that are compliant will not be able to comply because maybe the largest payer in the state is not compliant. They need to know what are the compliance dates for that payer.
Some of this needs to be publicly accessible to everybody, to know which ones of my trading partners has filed a plan, what are the expectations of compliance of that trading partner. Otherwise, I can't comply either. So, I think that becomes very important.
I think that we are going to see a lot of plans filed by people who would otherwise be compliant. They need to file, one, because their trading partners are not compliant.
I think it would be a waste of time and resources to sample those. It may be a good idea to put some indication that says, my plan is unique. I have unique reasons for not being compliant. Please include me in the plans to sample. There would be a lot of other ones that they are just filing it because they need to file it, not because they are not compliant.
DR. COHN: I am going to try to put this conversation together as well as end this particular conversation on this one right now. I think we are beginning to throw up forms and plans and everybody is getting confused.
As I understood it, we needed to provide input into HHS to help them develop a form, and industry needs to come back with responses to that form, and a compliance plan.
We, ourselves, need to develop a plan to meet the requirements of this new law, as soon as it is signed by President Bush. That is sort of what we need to do.
MS. GREENBERG: Could I just say what I was going to say?
DR. COHN: Please. What were you going to say?
MS. GREENBERG: What I was going to say is, I know Jim said, well, this is a model. In the interest of standardization, I would say the more this form, whatever, the easier it is to fill out and the more standardized it is, will not only reduce the burden on those who have to submit it, but it will also greatly reduce the burden on analyzing it.
I think people would appreciate not being given too much free rein. If they want to staple to it supporting documents, that is their business, I guess.
The basic plan, model, form, whatever, I think the direction should be that it should be quite electronic, easy to complete, relatively easy to complete, maybe not so easy to comply with, and relatively easy to analyze.
There are going to be hundreds of thousands of these, I think we have agreed. I have heard a million said.
DR. ZUBELDIA: The Gartner Group estimates like 1.2 million of these forms will be filed.
MS. GREENBERG: It is not going to be feasible to read them.
MR. SCANLON: Government agencies do this all the time. You basically say, if you want to apply for this particular benefit or get an exception or whatever, this is the outline of what you have to provide. The applicant provides the information.
It is standardized at least in terms of the structure and the questions, and hopefully it is simple. Then, it is responsive enough to --
PARTICIPANT: There is an exception for PRA; right?
MR. SCANLON: Well, we seem to have an exemption from PRA.
DR. COHN: I think that is being queried at this point. Once we know what that is, we will have to look at a time line. Mike, do you have anything pertinent on this issue?
DR. FITZMAURICE: Trepidation. Two suggestions. One is that we might have CMS report on their model work at the February hearings. Give them a slot, and that makes it public.
Then secondly, we could consider having people file on the web. That way it is electronic, it is readable and, if it is structure as Marjorie has said, that will make it easy to triage and even conduct a sample.
MR. SCANLON: There will be confidential and trade secret and proprietary information in those plans, possibly.
DR. COHN: We have one question for maybe a 30-second comment.
MR. TENNANT: Ron Tennant, a co-chair of WEDI/SNIP. A couple of quick things. The WEDI board approved yesterday a plan for us to move ahead with issuing recommendations on this model, or the template.
I think we have got to keep in mind two other things. In the legislation itself, it says that HHS is to develop a template, not that everybody has to use that template.
The critical thing for us is not just what the model form looks like, but disseminating that out to the industry and offering it in various different media.
Obviously, not everybody has access to the web. So, one of our goals at WEDI is to issue recommendations on all of those avenues, what the form should look like, how to get the form out to folks, and what media we should use to get that out.
DR. COHN: I am trying to sort of put this together, only because I think my hope is that we will be able to get some industry input, hopefully see concepts and model forms and all this in February when we get together.
So, rather than trying to solve the problem right now, I am just sort of identifying that this is an issue that I think we need some industry input and probably beyond just WEDI.
I know that there are a number of industry segments that want to have some input into what all of this looks like or at least provide the good ideas.
Hopefully by February, assuming this doesn't have to go through an NPRM process and, if it does, that will drastically change the time line, we will have to figure out something else at that point.
The intent would be to spend a little time on that in February, as well as potentially begin the conversation. While we began the conversation already, continue the conversation about how we take this opportunity.
I think there has really been an opportunity made available to all of us, which is to take an extra year or two to get it right, and let's sort of make sure that we get everybody's best ideas.
We have already heard some today. Let's make sure that we get everybody's best ideas, now that we have been given a year, about how we should all be proceeding forward, and what HHS can do, what the NCVHS can do, what the private sector can do, to make it be as successful as possible, and with the idea that conversation is already beginning, but I think we will hopefully have a full day to really delve into this in February.
It occurs to me also that one of the things that I was sort of hearing -- maybe it is between the lines -- is that one of the things that would really enliven these dates has to do with the enforcement and compliance final rule.
Indeed, the enforcement and compliance final rule has to take into account the testing issue of April. So, it may be appropriate sooner rather than later for us at least to talk and think about the enforcement and compliance rule.
It isn't just full implementation. It is also compliance with the testing deadline. I think I heard from a number of people the view that there needed to be sort of statements from HHS and others so that there is some seriousness about these dates, lest we be in the same situation a year from now.
As I said, I am not solving any problems, but I am just trying to --
MR. SCANLON: The process of the time line.
DR. COHN: -- point the direction. Is this making sense?
MS. GREENBERG: Are you planning two full days, then, in February?
DR. COHN: We already have two full days. We have one day on code sets and the second day would be on these issues. Hopefully we will have Betsy, Karen and others to identify the issues that we need to discuss and the people there.
Hopefully, we will at least be able to talk about the model forms, the model and model forms. We will try to avoid being wonkish. Being from California, I am not even sure that I know what that is.
I also agree with Marjorie that we need this simple and, above all, it needs to be helpful to the industry and helpful to the patient.
I think that really is the fundamental issue, that whatever we are asking, we need to be able to see how it will assist everyone in moving forward. Now, are there other issues and questions? I think we are about at the end of our time here.
MS. GREENBERG: The HIPAA report.
DR. COHN: Why don't we spend five minutes on the annual report.
MR. SCANLON: The HIPAA annual report to Congress. Everyone remembers we are required to send a report to Congress on the implementation of HIPAA.
Our last report was for the calendar year 2001, and we sent the report in, I think, March of last year. Obviously, there is a lot going on now.
A lot has changed, and yet not a lot has changed in terms of the report. I think in terms of process, we will turn the report around, Simon, to all the members of the committee and ask for ideas.
We will update it factually in terms of what has happened in terms of implementation, and presumably the delay effort.
In past years, the committee -- you will see in the executive summary of last year's report -- there were a number of issues about the industry response and the status of implementation and some major barriers to implementation that the committee identified.
If the committee members will sort of look that over from last year, I think that -- again, this may be more of a transition year -- just as a structure to start.
DR. COHN: Let me ask the members of the subcommittee, do you want to look at the current report or do you want us to do some work drafting out what the next report should look like and then begin commenting on that?
From my view, from the comments, I sort of see two major themes in this year's report. One is sort of the story of moving toward implementation, the letters that we wrote in June, the recognition that the industry really does require a delay, a comment potentially to Congress on the fact that they did pass the law, and the fact that we were going to do X,Y and Z, and how we are going to move forward in terms of making sure that all of that would come in.
That is one piece. Then there is another piece called privacy moving forward, which really is a piece that needs to be put together by the subcommittee on privacy and confidentiality.
I think it references the hearings, the recommendations, the letters, as well as further thoughts about how to ensure successful implementation there, and the recommendation that we are in an early phase of that.
Other thoughts on this one? It is sort of the broad themes, I guess, that I am seeing. Certainly, we have a lot of information on the status of implementation at this point, based on some excellent testimony today.
DR. ZUBELDIA: I think we can probably just take last year's report and start modifying that, as a starting point.
MR. SCANLON: That is what I was thinking. You raise a good issue, Simon. It really is almost a full committee -- it is as much a privacy subcommittee concern, and even a population subcommittee concern, I think, we are getting into as it is this subcommittee.
Should we start it off with this subcommittee sort of reviewing the last year's report, have the privacy committee do the same, or maybe just send it to the full committee?
You are right. It is getting to the point now where it is more of an integrated suite of issues.
DR. COHN: I guess the question I would ask, does the population subcommittee, in your view, have pertinence to an annual report on administrative simplification? I am just sort of looking at it.
MS. GREENBERG: They usually have some small section in there about the population.
MR. SCANLON: It is more for perspective, I think.
MS. GREENBERG: It is primarily the two subcommittees.
MR. SCANLON: They don't have to wait until after it is done to have a chance. I am wondering if we shouldn't almost send it to the full committee and ask -- well, we can decide that later.
MS. GREENBERG: Is the goal to have a draft report for the subcommittee February meeting and a final report for the full committee in February?
MR. SCANLON: I think so.
MS. GREENBERG: In that sense, it might not be a bad idea to send something out to the entire committee, telling them about this time frame, pointing them to the 2000 HIPAA report, which is on the web, and asking them to send any comments or suggestions as to any additional areas that should be included, and what have you.
That way you have given them all a heads up. This subcommittee is meeting in February. I don't know that any of the others at least will address this.
Then they will have to approve it at the February full committee meeting.
MR. SCANLON: Subject to changes.
DR. COHN: I guess it is also a subject for the executive subcommittee conference call next week.
MS. GREENBERG: Which is next Tuesday.
MR. SCANLON: We will start out with this, with the updates of sort of the factual situation, the letters, any proposed rules or final rules that have moved along since the last stage, the delay itself, anything that sort of changes the factual situation. The interpretive situation is a little different.
DR. COHN: Okay, other comments? I want to thank you all for a very productive meeting and have a good holiday. The meeting is adjourned.
[Whereupon, at 1:07 p.m., the meeting was adjourned.]