[This Transcript is Unedited]
Hubert H. Humphrey Building
Room 505A
200 Independence Avenue, S.W.
Washington, D.C. 20001
DR. COHN: Good morning. I want to call this meeting to order. This is the first day of 2 days of meetings of the National Committee on Vital and Health Statistics. The National Committee is the Public Advisory Committee to the US Department of Health and Human Services on Health Information Policy.
I am Simon Cohn. I am Associate Executive Director for Health Information Policy for Kaiser Permanente and Chair of the Committee.
I want to welcome Committee members, staff and others here in person as well as those listening in the Internet and remind everyone to speak clearly and into the microphone.
Agenda Item: Welcome and Introductions
Let us now have introductions around the table and then around the room. As for those on the National Committee I would ask if during your introductions if you have any conflicts of interest related to any issues coming before us today would you so please publicly indicate during your introduction.
I want to begin by observing that I have no conflicts of interest.
Jim?
DR. SCANLON: Good morning. This is Jim Scanlon. I am the Executive Staff Director for the full Committee and I am with the Office of the Assistant Secretary for Planning and Evaluation at HHS.
MR. BLAIR: Jeff Blair, member of the Committee. I am Director of Health Informatics at Lovelace Clinic Foundation and I am not aware of any conflicts of interest.
DR. STEINDEL: Steve Steindel, Centers for Disease Control and Prevention liaison to the Committee.
DR. HUFF: Stan Huff with Intermountain Health Care and the University of Utah in Salt Lake City. I am a member of the Committee.
DR. CARR: Justine Carr, Beth Israel Deaconess Medical Center, Boston, member of the conflict, no conflicts.
MR. HUNGATE: Bob Hungate, Physician Patient Partnerships for Health, member of the Committee, no conflicts.
DR. SCANLON: Bill Scanlon, member of the Committee, Health Policy R&D, no conflicts.
DR. STEUERLE: Gene Steuerle, from the Urban Institute, member of the Committee, no conflicts that I know of.
MS. MC ANDREW: Sue McAndrew, Office for Civil Rights, privacy liaison to the Committee.
MS.TRUDEL: Karen Trudel, Centers for Medicare and Medicaid Services, liaison to the Committee.
DR. HOUSTON: John Houston, University of Pittsburgh Medical Center, member of the Committee.
MR. LOCALIO: Russell Localio, University of Pennsylvania School of Medicine, member of the Committee.
DR.VIGILANTE: Kevin Vigilante, Booz-Allen & Hamilton, no conflicts I am aware of. I am a member of the Committee.
DR. TANG: Paul Tang, Palo Alto Medical Foundation, member of the Committee, no conflicts.
MR. REYNOLDS: Harry Reynolds, Blue Cross Blue Shield, North Carolina, member of the Committee,no conflicts.
DR. WARREN: Judith Warren, University of Kansas, School of Nursing, member of the Committee, no conflicts.
DR.ROTHSTEIN: Mark Rothstein, University of Louisville, School of Medicine, member of the Committee, no conflicts.
DR. STEINWACHS: John Steinwachs, Johns Hopkins, member of the School of Public Health, member of the Committee, no conflicts.
MS. GREENBERG: Marjorie Greenberg, National Center for Health Statistics, CDC and Executive Secretary to the Committee.
MS. SIDNEY: Cynthia Sidney, staff to the Committee.
MR. OLFANO: Bill Olfano, Blue Cross Blue Shield Association.
MS. JONES: Catherine Jones, CDC, National Center for Health Statistics.
MS. CANAR: Susan Canar, writer for the Committee.
MS. GOVANTINECAS: Wanda Govantinecas, National Center for Health Statistics.
MS. JACKSON: Debbie Jackson, National Center for Health Statistics, CDC Committee staff.
MS. BEBEE: Suzie Bebee, Office of the Assistant Secretary for Planning and Evaluation, staff to the Subcommittee for Standards and Security.
MS. BEDFORD: Carol Bedford, American Nurses Association.
MS.FRIEDMAN: Gloria Friedman, CMS, lead staff to the Subcommittee on Standards and Security.
MS. JOHNSON: Maurie Johnson, AMA.
DR. COHN: I want to welcome everyone. I think I want to start out and have a couple of introductory remarks before we move into the agenda. I wanted to announce the meetings for the full Committee for 2007, and I was just checking to make sure everybody had been asked about their availability but for 2007, the meeting dates will be February 13 and 14, June 20 and 21. I am sorry, February 13 and 14, 2007, June 20 and 21, September 25 and 26, and then November 27 and 28, after Thanksgiving again. Those are all 2007 dates. We will make copies of this and distribute it around. As I said I was just checking and making sure that everybody had been asked and it seems like these dates generally seemed to work for everyone, at least at the time that you were polled.
Okay, now as we move into agenda review let me start by observing that this is going to be a very full Committee meeting and indeed this is as I have been looking at things a very busy time for the full Committee.
We have a total of five letters and reports coming before us today and for action at this meeting on a wide variety of issues.
I want to specifically compliment the Privacy Subcommittee as well as the Subcommittee on Standards and Security for what I think are some very good reports coming forward for discussion in the body of the meeting today.
Additionally we will follow this meeting with a strategic planning retreat for the full Committee to discuss priorities for the NCVHS over the next 12 to 18 months, on other words timing to include this coming federal fiscal year.
Unless anyone thinks that this is the end of work for the summer, next week will be the first nationwide health information network forum sponsored by the Office of the National Coordinator.
This forum is supported by a number of organizations and entities, actually including the NCVHS. The purpose of this forum is to identify and to catalog an initial list of functional requirements that will help frame the development of the National Health Information Network.
The NCVHS has been asked by ONC too assist in the process to synthesize and refine this initial set of requirements. To do this we have established an ad hoc group on the NHIN which I will chair. Jeff Blair and Harry Reynolds will be Vice Chairs and members will include John Paul Houston, Paul Tang, Kevin Vigilante, Judy Warren and Justine Carr. Mary Jo will be lead staff for this activity and other staff includes Steve Steindel and others will be I think facilitating that as additional staff support. I am looking for people around the table, Mike Fitzmaurice and as I said, and others. We are pleased to have Margaret Amdiochen as a consultant for this effort.
This ad hoc work group will hold hearings on the second day of this forum next week to take reports from the breakout sessions and also elicit public comments. This work will continue over the summer with hearings scheduled for July 26 and 27, and additional meetings and calls as necessary. The recommendations will be brought back to the full Committee at our September meeting for action at which point assuming that there is no further work on this issue we intend to design the work which is why we are describing it as an ad hoc work group.
In addition let me not forget to mention that standards and security will be holding hearings this summer. An executive subcommittee is going to be leading to talk about plans for the 2007 fiscal year. I, also, made a Subcommittee on Populations. We will hear reports from them and quality. Obviously tomorrow we will be talking about planning hearings for this fall and the quality work group of course has a very active agenda now that involves agency health care policy and research on a number of key issues.
If this sounds to you like we are accelerating activities and we are going to have a busy year, that is certainly my analysis of the situation. The pace of events relating to national health information policy has markedly accelerated. It is certainly an exciting, fast moving time and I will acknowledge all of you for your commitment and work to help move health care into the information age.
We have often seen this acceleration in HHS and in particular in the Office of the National Coordinator and of course there is AHEC and its breakthrough work groups and I want to thank and acknowledge both Mike Walstein and John Paul Houston for serving as liaisons and members of the work groups.
I do want to take a moment and acknowledge Dr. David Braylor who resigned recently from his position as National Coordinator. Obviously he has been instrumental in this HHS acceleration and literally took the vision we foresaw when we began to talk about the national health information infrastructure and has begun to make it a reality.
Of course, in all this Secretary Leavitt's leadership has also been phenomenal. I think we really have to acknowledge him for his leadership in terms of leading us all forward.
Congress is, also, considering how to move things forward and a number of HIT bills are under consideration which I know Jim Scanlon will be talking about later on.
In all of this I would note that NCVHS is being asked for its expert advice and guidance and I would refer you to Tab 8 which is my testimony before the House Ways and Means Health Subcommittee on issues relating to health information technology and moving things forward.
Of course, in the midst of all of this if an e- prescribing continues I know Karen Trudel will be talking about that a little later on and work continues in terms of enforcement of the privacy rule.
In sum much is happening and my introduction is probably tiring you all out even before we start the meeting, but as I looked at this one I sort of said, "Gee, a busy summer and a very busy remainder of the year for the Committee," and I want to thank you for your help and commitment and all of that.
Now, taking a breath, with that let us talk about the agenda today. Now, to get a little lighter, this morning we being with a department update. Jim Scanlon will be leading off followed by Karen Trudel and Sue McAndrew.
After the morning break we are pleased to have John Loonsk joining us for an update on many of the new ONC initiatives and contracts underway. This will be followed by a discussion relating to those coming forward from the Subcommittee on Standards and Security.
We will, of course, if any of them are ready for balloting, we will ballot them, if we think they are ready. Otherwise they will be referred back for further word smithing and work by the Subcommittee on Standards and Security.
After lunch we are pleased to have Mark Leavitt, Director of the Certifying Commission on Health Information Technology provide us with a briefing on the work underway with that Commission.
As you know that is one of the infrastructure contracts that has been awarded by ONC. Following that Mark Rothstein will be discussing the report coming forward from the Subcommittee on Privacy and Confidentiality related to privacy in the National Health Information Network.
I guess I would hope at this point that everyone has had a chance to review it. I would also ask if you have word smithing or other issues that you would like to see in the letter that you might talk to Mark before we start discussing it publicly just so that he can capture any additional changes as we begin to go through the document.
Certainly it is a 17-page document. I don't anticipate that Mark is going to be reading this paragraph by paragraph during our session but we will obviously talk about it section by section.So, if there are specific word smithing issues please get them to Mark in advance.
After adjournment of the Plenary Session we have breakouts for Populations and Standards and Security. I do want to remind everybody that tomorrow morning we actually start at eight-thirty and we will talk about that at the end of the session today.
Agenda Item: Update from the Department – James Scanlon, ASPE Data Council
With that let us begin our department update and, Jim, let me hand it off to you.
DR. SCANLON: Thank you, Simon, and good morning, everyone. I thought what I would do this morning, since we met in February a number of things have happened but I thought I would probably focus on some bigger picture developments including legislation, budget and some secretarial and departmental priorities kind of as a preface to our discussion as well.
First of all as Simon indicated there is a lot of interest in Congress on health IT, moving forward on health IT and really the two Houses are taking somewhat different approaches but there are several bills particularly in the House that would, in essence would amount to new versions of HIPAA transaction and code set standards and streamline the process of modifications to those standards and it would give the NCVHS a, I guess it is not exactly a new role but it is an additional; role in that process.
The main aim of those streamlining provisions seem to be to try to speed up the process from the point where the industry has agreed upon or is about to ballot some new standards to the point where it would be adopted and used to try to speed up that process. Normally that would require, as a regulatory change, would require proposed rules and so on and what the bills propose to do in a different manner, they propose to use the industry SDO public review process, the consensus process, the comment process and so on and sort of tie it into the department and the NCVHS.
The NCVHS would ultimately be having a hearing on those proposed standards that made it through that process and make recommendations to the Secretary. The Secretary would then have to react to those recommendations but there are all sorts of variations and permutations but basically for those provisions it is a streamlining of the process that is intended generally along those directions and the NCVHS would be asked to play the role of public participation, public protection as previously.
So, it is a nice recognition of the credibility an the process that NCVHS operates.
Other parts of the bills, there are various other parts. Some of them would add new programs. The House doesn't seem to be all that much interested but there are various other processes. They would also codify the Office of the National Coordinator in statute and create a number of other provisions which we can make available to you but it looks like the two House versions still need to be reconciled within the House itself.
Let me turn to budget for a minute. The congressional deliberation is underway on the 2007 budget and you will recall that the budget included about 179 million, and I think I am fading out again.
DR. COHN: Jim, do you want to use my microphone?
DR. SCANLON: Is that better? The President's Fiscal Year 2007 budget which will begin next October is now under discussion within the Congress and remember that that budget included the President's budget requesting almost 170 million for health IT. It was an increase of about 58 million over the previous hear. You remember that ONC would get about 160 million. AHRQ was continuing its $50 million program in health activities to support patient safety and quality and my own office, ASPE was included in the President's budget for about 4 million which is basically evaluation and policy research and economic analysis. So, again we don't know how this will actually come out in 2007. It is obviously a very tight budget year for non-defense domestic spending. It is really a very tight budget along with overall budget policy. So, we will see how it comes out but it does reflect there is clearly an interest in priority and moving along these areas.
In terms of population health in the 2007 budget most of the major HHS statistical systems are being funded at straight line levels which was actually a good accomplishment. We are beginning work in all of the other agencies on the 2008 budget. That would be the budget year beginning next October, not 2006 but 2007. So, it is really not that far away. I think similarly that the budget policy will be not much growth in non-defense domestic discretionary spending except possibly for the preparedness area and bioterrorism area.
The Data Council has again been asked to look over in connection with the 2008 budget to take a cross-cutting look at the data collection statistical investments that are being proposed by various agencies and to be sure that we are operating as efficiently as we can and that we are addressing priority policy and data needs.
It is unlikely that there would be any large new initiatives in the data collection area that would come up in that process.
Let me mention one other project the Data Council is undertaking and then I want to turn attention to the, I believe you have the handout on nine health policy priority areas and I want to take a couple of minutes to go over that.
The Data Council is initiating a project on secondary uses of electronic health record data largely for survey for statistical purposes. So, again, we are looking at this. This will be a joint project with our various agencies in HHS including AHRQ and NCHS and here it will probably involve a workshop where the Committee would be involved, but this would be to look at the potential of electronic health records and other technology to be able to serve as a resource for some of our provider-based surveys.
We have a family of health care surveys and HHS as you know this would be looking forward to see what potential when electronic health records are largely available, standardized high-quality electronic health record data, what sort of a role and what sort of a resource could that be for our surveys and statistical activities. So, we will be starting that. We are just about to start that now in partnership with AHRQ and with NCHS.
So, let me turn now to this list of HHS health policy priorities that you have before you. The Secretary you will recall had the Department develop a 500-day plan and the plan focused on priority areas that the Secretary thought he would be willing and HHS leadership would be willing to spend a fair amount of time on.
He made it clear that all of the other things that HHS does are important but he was willing to have the leadership deal with those.
His personal time he was willing to put in on some of these items. In the 500-day plan he wanted to see some progress there. He views these as the big picture efforts that would actually by focusing at the larger level force a lot of other things to work. I think he uses the analogy of the clock and the many gears and if you could get that big gear to work, it sort of moves all the other gears.
So, he views these as change, possibilities for change in moving a lot of other smaller change and most recently he updated those priorities with the nine priorities that you have before you and I think we certainly on the Data Council are trying to see to what extent our data systems and our plans support some of these priorities and provide some background information and let me just really go through these briefly because I think they particularly in terms of where the Committee might want to look ahead and certainly for the discussion on our retreat these at least form a backdrop.
These are not the only things going on in the health policy world as you know but these are some of the areas that HHS has formally indicated are priorities. The first one and I will try to deal with these fairly quickly really concerns the idea of can the health industry be more transparent and clear about cost and quality information so that those who pay for care and those who treat care and consumers and employers and so on will have a better way of looking at what the costs are and what the quality of the care delivery is and I think these priorities are stated here in kind of the future, a world in which these things are occurring. So, it sort of states the ideal case.
Secondly, no surprise is health information technology and this would be the point where interoperable standardized health information technology is supporting health care. It is supporting consumers. It is supporting public health and you will see how it is phrased there.
Obviously Medicare prescription drug program, there was a great deal of effort expended since it was enacted to get this working and efforts will continue along those lines. Included would be a focus on pay for performance to increase health care quality, a modernization of Medicaid. There is a lot of work underway on this area working with the states.
Secondly, not Medicaid but a more focused kind of priority deals with the aftermath of Hurricane Katrina. Basically the hurricane and the flooding removed most of the infrastructure health care infrastructure in New Orleans; in the city itself there are still two hospitals I think that have not come back but there is now an interest in rebuilding the health care infrastructure in New Orleans as well as the area broadly, but it would focus on a more, is it an opportunity I guess is the question for a more primary care oriented approach to the health care system in a metropolitan area so that there is a fair amount of work going on there.
Another priority is a theme that deals with bringing to medicine and treatment and prevention and drugs bringing the fruits of technology and the fruits of research that foresees an area where prevention is emphasized and where health care can be personalized. It can be preempted in the sense that it is preventive and it is basically using smart medicine and other technologies to bring these to bear in everyday health care and prevention.
Prevention has always been a focus of HHS, public health efforts and particularly there will be some efforts on obesity prevention and the Department has already had a couple of public town halls and summits on this as well.
Two other areas, pandemic preparedness, HHS was asked to play an even more pronounced role in pandemic preparedness.
I think though there is an administration-wide effort to have strategies and plans in place for the federal role, HHS has a particularly central role in all of that. The Secretary has actually been spending a fair amount of time visiting any state that was interested in having pandemic planning summits in the state, so, a fair amount of time should the worst occur there.
Finally, no surprise as a result of Katrina and related efforts and sort of looks at what did we learn from all of this and how could we do emergency preparedness and response better there is a whole transformational effort underway in HHS that would try to improve the way we prepare for and respond to the aftermath and the recovery of emergency response capabilities.
Along with that is a renewal and a transformation of the Public Health Service Commission Corps which would include some focus on a mobile deployment force in the event that this was needed for future response efforts.
So, let me stop there and see if there are any questions.
DR. HOUSTON: Is this a priority order? I mean is this listed in priority or is this --
DR. SCANLON: No, I think they are more or less equal.
DR. FITZMAURICE: With regard to the House IT bills it seems the CPO yesterday released studies showing that it costs more than people believed, that some of the things in terms of allowing charitable deductions for gifts of computers to physicians by hospitals and other things increased the cost beyond what Congress thought it was.
Do you think that makes it dead on arrival or that there can be some working around it either to increase the budget deficit or to find some offsetting gains that it still is live?
DR. SCANLON: No one will make a living predicting what Congress will do. I don't know, but I think you are right, Mike. These refer to the Starke, somewhat loosening of the Starke and the anti-kickback referral provisions that are current law so that it would make it possible for hospitals and other health care entities to provide some health information technology to others and I think as the discussion went along when the economists and actuaries began looking at this it looked like it could depending on how it was crafted and how wide open it was it could really increase costs. So, I think that will have to be factored into discussions but I don't think any of us know how that will come out.
I think the focus on the standards though in those health IT bills remains, ICD, ICD-10, the new versions of the X12 standards and NCPDP standards.
MR. REYNOLDS: Jim, I didn't see e-prescribing actually spelled out in any of these. Is it hidden in there somewhere?
DR. SCANLON: I think it is part of the Medicare. It is part of health. It is part of several, the health IT as well as the Medicare prescription drug program.
So, it is in several of them and ultimately it will affect Medicaid as well and actually there are several others as you could imagine and the discussion on the New Orleans health system by the way is not limited to just health care, primary care and how you construct the system but it includes the potential of health information technology. How would you actually build that as part of the plan?
DR. COHN: Thank you very much. We will have additional conversations about these priorities over the next several meetings.
MS. TRUDEL: Thank you. I have a number of things to report as well and I will start with e-prescribing. You may remember that in the final e-prescribing rule really included a provision that would permit voluntary adoption of later versions of the prescription standard after a fairly nimble process of discussion as long as the standard turned out to be backwards compatible.
There were some discussions before this Committee I believe last winter about script standard version 8.1 and there was a description about whether it was backwards compatible. The Committee recommended to the Secretary that we move forward with the process of providing for voluntary adoption and in fact an interim final rule that would do just that will be published this Friday.
So, we will permit the voluntary use of script standard version 8.1 which incidentally includes the medication history. So, we are basically giving people the ability to begin to voluntarily use this additional functionality in addition to the new script.
As far as the e-prescribing pilots that were provided for under MMA we have got two quarters under our belts for the five pilots. They have been spending most of their time doing physician recruitment, finalizing their baseline criteria, doing programming activities such as getting their network together, finding technology partners, etc.
We are anticipating that data will begin to flow in very shortly and there should be a fairly significant uptake in the e-prescribing activities and the data collection will occur in the third and fourth quarters of this year.
AHRQ is in the process of awarding the evaluation contract and again because of the tight time frames we have to be finished by the end of this calendar year and have a report to Congress by next April.
The evaluation will run concurrently with the pilot and it is going to be kind of a three-legged race at the finish, but that is the plan and my staff will be doing a site visit later this summer.
Let me move on to HIPAA. I won't go through a lot of statistics with respect to enforcement. Suffice it to say there haven't been any significant uptakes in the number of complaints we have been receiving for transactions and code sets or security. We are still getting a lot of transactions and code set complaints having to do with training partner status and continuing to handle complaints as they come in.
With respect to the national provider identifier our latest statistic showed that we have enumerated almost 700,000 health care providers. We are moving along very nicely. We did have a push on in May that was sort of a "Get your MPI month" and actually in the last 2 months we have enumerated about 200,000 providers.
So, I think we are seeing something of a speed up there and that is probably also in part due to the fact that the Medicare provider enrollment application for new providers now requires you to have an MPI when you come to enroll in the Medicare program.
The electronic file interchange or what we were calling bulk enumeration option went operational on May 1. Organizations can submit files to enumerate groups of providers and at this point we have used that process to enumerate about 7000 providers.
In terms of Medicare implementation of HIPAA the compliance rate at this point for the 835 remittance advice transaction is at 99 percent and while I don't have a specific announcement, I would say that there will be an announcement coming out very shortly about how we plan to end the contingency plan for the remittance advice since the provider compliance rate is so high.
Let me talk for a moment about personal health records. CMS has been working for probably the last year to get industry input on what our role should be in PHRs and we have developed an action plan and the first step of that plan is that we will be awarding probably within the next few weeks one, possibly more contracts to evaluate the use of Medicare claims data for populating an existing PHR for Medicare beneficiaries and that is really a proof of concept. It is not even a real pilot in that we are just doing a feasibility test to find out whether the data can be moved, how to move it, what pieces of the PHR our data would fit into, you know, how we link into the pieces of the jigsaw puzzle and so we won't actually be going live in providing PHRs to beneficiaries. I want to stress that but this feasibility test really is the first step to evaluate some of the issues that have to do with data exchanges between our systems and PHR tools and to see how the data that we can bring to the table fits in with generally accepted PHR functionality of the data content and we will be looking at privacy and security and usability as well and when we have the results for this back we will then be moving into additional phases of pilots and implementations definitely in collaboration with the AHEC recommendations and work groups. So, we are very excited about taking that first very concrete step down the road.
I think that is all I have to report. I would be glad to take questions.
DR. COHN: I want to congratulate you. Your MPI work is a great idea.
Paul and then Harry.
DR. TANG: Thanks, Karen. One quick question and then I have another question. On the MPI you said that 700,00 providers already, out of a denominator of about how many? I know that probably includes more than --
MS. TRUDEL: It is hard to know the denominator. That is a really good question because we are talking about not just individual providers but it is hard to know for instance with institutional providers how many subparts they are going to want to enumerate.
So, I would guess we are maybe one-half of the way there.
DR.TANG: And the other question is the recent question about HIPAA privacy compliance and the lack of prosecution that is occurring in the media and I wonder if you want to render a response?
(Laughter.)
MS. TRUDEL: I believe I will under these circumstances defer to my esteemed colleague.
DR. TANG; She just got a phone call.
(Laughter.)
MR. REYNOLDS: Thanks, Karen. You guys are working on exciting things. Weedy and others have voiced some concerns on the speed of the MPI adoption. How do you see that process playing out as far as dealing with these? I know they have asked to possibly submit that letter through our Standards and Security Committee but how do you see this playing out as far as where it is?
MS. TRUDEL: That is a little bit difficult for me to answer. It would always be nice to have made more progress by now than we have in terms of the number of providers that are enumerated. We are doing as much outreach as we can manage.
MR. REYNOLDS; So is everyone.
MS. TRUDEL; Yes, we are working with Weedy and we are happy to partner with anybody who has ways to get to providers. What we found in the original HIPAA implementation was that there is no really good reliable way to get to solo practitioners, that that is rather difficult and so, I guess all I can say is to ask for anyone with an opportunity to collaborate with us on outreach to reach out and do that because we are happy to do that.
DR. STEINWACHS: On the PHR feasibility is that going to include medical Part D data? I understand there are restrictions about how to use that data. I was wondering is that part of the feasibility in trying to populate a PHR?
MS. TRUDEL; Not in this round, no. We are still in the process of doing the collection of the Part D data. That part has only just begun. So, we don't really even have a lot of the Part D data right now. So, we are looking at traditional Medicare fee for service, A, B, D, but it is very clear from the AHEC recommendations and from what we have seen in these nine priorities that medication history is absolutely key. We know that that has to be done and it is clearly something that is critical.
DR. FITZMAURICE: Very shortly down the road a new technology is going to be upon us and I wondered if CMS is looking at this, contemplating any pilots on the use of the Internet, the use of XMO tech variables, how that would be coded perhaps in SNOMED reference terminology, standardizing the names for medical variables of things that haven't been done yet in the country but yet as insurance companies are moving toward the use of the Internet these become very important, being the dominant layer in the insurance game. I was just wondering if CMS is also looking into this.
MS. TRUDEL: I am not so sure about the XML and the use of SNOMED, etc. We are doing some internal work right now on expanding our presence on the Internet and that is something that is of considerable interest right now.
DR. FITZMAURICE: I would note that FDA is using an HL7 standard to move its structure product labeling information. They have tagged XML variables and they are included in the SNOMED reference terminology. There is still much more work to be done but it is a start.
MS. TRUDEL: Thank you.
DR. SCANLON: This is a follow on about the institutions being able to designate subcomponents. Is there going to be an ability to bring them together so that you know what a total institution is doing in terms of linking the independent IDs that they have for their components?
MS. TRUDEL: I don't know. I can't answer that question. I am sorry.
DR. TANG: This is a follow-up to Don's question on the Part D information on medications which is a very important part of the PHR. Someone mentioned this week that CMS actually doesn't own the data and as a consequence wouldn't be able to share that. Am I interpreting this incorrectly?
MS. TRUDEL: I will try to stay at the 40,000 foot view of this issue because it gets very complex but my limited understanding of it is that there are some constraints inherent in one particular provision of the statute in terms of what we can and cannot do with Part D data.
There are other provisions in the statute that essentially permit us to do what we need to do to manage our programs and we are in the process of trying to figure out what we have to do to bring those two conflicting views together
DR. COHN: Jeff, I will give you the last question on this one and then we will move on to Sue.
MR. BLAIR: Thanks. The question I have is about standards harmonization and I noticed on the agenda we did have someone scheduled from ONC to speak next. Is that correct?
DR. COHN: Yes, we will have that.
MR. BLAIR: Then I will save this.
DR. COHN: Okay, why don't we move on. Karen, thank you very much.
MS. MC ANDREW: Good morning. Just briefly on compliance statistics we have as of the end of May received over 20,000 complaints, exactly 20,124 and we continue to be keeping up with the closure rate so that we seem to be steadily having an open caseload of about 5000 open complaints in any given month.
Unlike Karen's report we are noticing a continued uptake in the number of complaints in the first two quarters of this year. The complaints received in those quarters were the highest that we have experienced since the program began in April 2003.
We remain hopeful that at some point our complaint caseload will begin to at least level off but unfortunately I would expect that events that have made the headlines in recent weeks are not likely to result in any decrease in the number of complaints. I think in fact we are expecting that as more and more of these large computer system breaches become known through press reports as well as the notification requirements that entities are sending out in some cases to millions and millions of people unfortunately adversely affected or potentially adversely affected by these computer breaches that it can only mean more complaints are likely to come in from the public with respect to these incidents.
I would note that because these are computer breaches many of these cases will be handled jointly with my esteemed colleague.
(Laughter.)
MS. MC ANDREW: So, watch for that as well as Paul's question of the CMP authority is on both the security breaches as well as the privacy rule violations and so, the spotlight is likely to be on both sides of the house before long into where are those bans in the CMPs. We have not to date imposed any CMPs. We did the press report that Paul referred to. We did work with that reporter and Winston Wilkinson was interviewed as part of that press report and the best I can say is that reporters don't write the headlines and while we did gulp a bit to see it there above the fold on the front page actually when you got into the article it was fairly balanced I thought and reflected what we had communicated to the reporter with respect to the activities that OCR had been engaged in in terms of working with --
MR. BLAIR; Could you be more specific? What article was this?
MS. MC ANDREW: Okay.
MR. BLAIR: What publication are you referring to?
MS. MC ANDREW: It was a Washington Post article by Rob Fein about 2 weeks ago now and I can't remember the exact headline but it was something like thousands of complaints net no fines and then something about lax enforcement critics allege. I don't know, Paul, are you pulling it up? But it was a report that reported on an interview he had done with Winston, the Director of OCR about OCR's enforcement activities. There were also reports or comments from various advocacy groups and other interest groups saying that they are very concerned about the absence of fines 3 years down the road and that they felt that this again reflected on whether or not OCR was serious about enforcement.
There were also various supportive comments from both the provider and the health plan communities in terms of that they felt that OCR's enforcement tactics and techniques were very appropriate and had resulted in a lot of helpful technical assistance and improved their ability to provide.
OCR did try to stress in our conversations in this report with this reporter that we really don't see the imposition of fines as being any kind of measure of the effectiveness of our enforcement capacity and in fact we would actually see it as a positive sign that we are able to achieve corrective action without having to resort to the fiscal whip to get people to understand what their responsibilities are under the program and to correct any mistakes for policies and to come into voluntary compliance.
So, we close at least 1000 cases a year based on corrective action that has been taken by entities to improve their performance. Often in these cases we are able to get remedies for individuals in terms of indicating their rights to either get access to their records or to get their notice or to get their records amended, whatever it is that they have been denied by the covered entity.
And we feel that voluntary compliance at least to date is working and that is not to say that down the road if we are unable to obtain necessary corrective action from an entity that we will not impose fines. The fines are there and we are prepared to use them.
The enforcement rule which governs how we will go about proceeding in a CMP action was issued final in March of this year and those are joint regulations that affect both us and CMS. So, we are prepared and feel that no CMP is good news both for us, the covered entities and individual consumers.
With that said, I would just note a few other areas in which we have been active in OCR in terms of the HIPAA privacy rule. Clearly from the Secretary's list of priorities we have been very active with the AHIC and the various work groups in terms of ensuring the consideration of the HIPAA privacy rule in the design and architecture of these breakout activities and we are expecting to play a role as this new subgroup comes online that will specifically focus on the privacy and security issues that are crosscutting from the four breakout groups and they are working mostly with OMC to help form that route and make sure that these issues, that this group gets up and the issues get addressed as promptly as possible.
The other area that we have been quite active in in the past couple of months is with the emergency preparedness. Again we participated in a work group that the Secretary's transformation action team, the preparedness, again, one of the work groups involved in data management systems and their accessibility and there were privacy implications with regard to that. We have also been working with the Office on Disability on an emergency preparedness and HIPAA tool to help planners understand what information may be available to them for emergency preparedness planning purposes and how they can comply with HIPAA if they need to obtain that information from a covered entity.
So, we are hoping to have that tool ready for a conference that is being held next week with emergency preparedness planners from across the country..
DR. COHN: Thank you.
Jeff?
MR. BLAIR: Hi, Susan. Sorry about those headlines.
MS. MC ANDREW: As they say no news is bad news.
MR. BLAIR: Two questions. What has OCR done to educate the public on how HIPAA privacy rule protects their health care information and the second question which is related to that is that if you have been doing some public education what have you been doing to track with surveys or other techniques the degree to which the public feels that their health care information is protected to see if we are making progress?
MS. MC ANDREW: Last year we developed a number of fact sheets or brochures if you would that were consumer oriented to try to boil down the HIPAA rights and what the HIPAA protections are for consumers and we have been distributing those fact sheets, those brochures at a number of events. We also have them translated in to a variety of languages and in particular we are distributing them in a number of Spanish-speaking forums that I can't remember who exactly the sponsor was but it was in coordination with the civil rights side of OCR.
MR. BLAIR: Could copies be sent to those of us on NCVHS? I would love to see it.
MS. MC ANDREW: Certainly and we also this year did another consumer-oriented flyer which addresses both sides of OCR's responsibilities. It combines HIPAA with the civil rights protections that the office affords and so we have a joint civil rights and HIPAA brochure for consumers and all of those are up on our web but we, also, take every opportunity when we are out speaking or when our regional folks are out speaking to make sure that they take these and pass them out if the audience is a public one.
MR. BLAIR: And the second part of my question?
MS. MC ANDREW: In terms of tracking we don't really have the capacity to do surveys. We do pay attention to the surveys that are done fairly frequently by others including the California Health Care Foundation.
HIMA(?) does some surveying although it is not at the consumer level but there are a number of commercial surveys and we can always talk to ASPE about more public surveys but it is not something that OCR in fact does.
DR. COHN: I just wanted to break in for a second just to talk about how we are changing a little bit. Obviously it is important that this conversation go on. We will continue with that and break after his presentation just to update everyone.
Jim?
DR. SCANLON: Just to elaborate we actually discussed in ASPE, my office is planning and evaluation and we actually were in the process of thinking about a project to actually work with Sue's office and others to look at the metrics. How would you even measure and you would use all sorts of data not just surveys but I think first is how would you measure this. Then you look at what the tools are. So, I just was not able to get funding this year but I think towards the end of this fiscal year we will be working with Sue's office to see if we can move things along there.
DR. COHN: Okay, Mark? We will do our best to accommodate everybody.
DR. ROTHSTEIN: Very briefly I would like to put on the table another possible type of maybe smaller study that could be done and that is to do a study of the complainants who have filed complaints alleging that there were violations of one sort or another, chopping out that there is no jurisdiction; there is no, it is not covered by the privacy rule, etc., a subset of people who have filed complaints that are within the jurisdiction of OCR that are non-frivolous. I would be curious to know whether these individuals thought that the ultimate relief that was obtained by OCR was valuable to them. I mean were they satisfied with the process? Did they think there were ways in which the process could be improved? So, it would have a sort of procedural component as well as a substantive component and I think that would be very important information to learn as we go forward.
I mean has the system that you administer, the conciliation model satisfied the complainants?
MS. MC ANDREW: That is a possibility. I will say that I mean in many cases as you know I mean there is no private right of action. There is no monetary remedy that we can provide to the individual and to the extent, I think we do know that many of them are seeking a much more personalized remedy that we cannot offer. It is certainly in terms of their satisfaction with the way the office handled their complaints, we can certainly look into that.
DR. COHN: Gene?
DR. STEUERLE: It is just a comment to Jim. When you go to the metrics I really hope and I have said this before that you have some way of actually addressing costs and not just benefits, you know what is the cost of these various privacy or HIPAA provisions and not just some of these more narrow questions about what is working. You don't really need to respond.
DR. SCANLON: Forcing people to look at how would you measure excess is probably the first step before we start collecting data and the surveys, believe me I am big fan of surveys but they don't always shed any insight. They are often, you have to do them very carefully and you have to know what you want to measure to begin with.
We, also, have the capability to do focus groups. They have to be done carefully. That is qualitative information not quantitative but that could be another way of refining the measures.
DR. COHN: Russ?
MR. LOCALIO; Actually my question has to do with the converse of what Mark asked. Do you have any information on the number of complaints that you receive that are against non-covered entities that you cannot handle? In other words, what is the level of perceived complaining do you see in the public because of breaches of patient privacy that you have no authority to entertain the complaint? Is it never, sometimes, all the time, thousands, hundreds?
MS. MC ANDREW: It is a little hard to say but I would say it would clearly be in the thousands.
MR. LOCALIO; Thank you.
MS. MC ANDREW: I would also say it is probably for a variety of reasons. I think there are a number of complaints against providers who are in fact not covered by the rule because they don't do the transactions. There are also a lot of employment place concerns which do not derive from the employer's health plan scenario but just involve workers and just an uncovered employers who are concerned about gossiping about their health information.
DR. TANG: We talked a little bit about educating the public and I think your main folks in the trenches are really the providers who end up gathering a lot of data and clearly we talked about what is it that we do to protect information and I found it always useful to talk about well, if they are not happy then there is backup and the original interpretation was that there was individual accountability with the DOJ kinds of ruling about no individual accountability. I think that diffuses some of that that I thought was an important part of the argument in terms of protecting the confidentiality of individual information.
Do you see that as a weak thing in the procedural protection referring to individuals and I am not talking about private right of actions just the ability of government to be able to hold individuals accountable?
MS. MC ANDREW: I don't know. I mean it seems to me that in the same way I guess that we would look at the business associate although even a little stronger is that we would look to the entity through its own processes and sanctions to be the one that holds the individual workers accountable for keeping private and confidential the information and the rule does require that all covered entities have a sanctioned policy and it is one thing that we would look at when we go in with a complaint as to whether or not in the appropriate case that that sanction policy is in place and wasn't applied. So, it is not that the rule does not have that kind of individual accountability. It is just not a direct governmental, we don't hold them accountable but we expect the covered entity to hold them accountable and can hold the covered entity accountable for that.
DR. COHN: John Paul, I will let you ask the last question and then we will move on to John Loonsk.
DR. HOUSTON: I have a comment and a question. The first comment is that having gone through numerous OCR complaints as part of a very large entity I think that the process that is in place actually I think is very good. It is an extremely complex rule. It is difficult even for the best intentioned organizations and individuals to try to understand it and then to try to communicate it to the work force, the work force tries to implement it and to take it seriously but still there is just a lot of opportunities where no matter how hard you try you get it wrong or there is lapse and so I think the whole process is very informative and very good and I think I know our organization really tries to learn each time something comes to our attention and a lot of times there is no breach but still nonetheless I think the process, I think it works based upon the fact that it is an extremely complex rule.
My question comes to the fact of has OCR looked at how to address some of the issues related to the state privacy laws that seem to be being passed in large numbers? I know Pennsylvania now has a new privacy law, a notification law related to is somebody's credit information has been breached and I think the reason why I asked that question is it is becoming more and more complex for covered entities to comply with the myriad of laws that they have to comply with.
In our case we have a law that is somewhat conflicting upon what HIPAA or it aligns with what HIPAA requires us to do and there has been a number of legal opinions that I have read where it is at variance with what we are supposed to do. So, I am just wondering whether OCR has been active in trying to address on some uniform basis some of these different laws that the states seem to be passing.
MS. MC ANDREW: We are taking a close look at what is going on in the states in terms of these notification laws. We have just completed a survey of those state laws to compile and make sure we understand who has them and what they require and how they may impact a covered entity that may have one of these computer breaches and so we are looking to see where there may be intersections with HIPAA requirements and also we are expecting and have seen in some legislation attempts to bring that notification requirement into the health bill or the computer systems and you know there definitely are pros and cons and I think there is some, certainly there is a cost factor as well as an information factor.
DR. HOUSTON: Let me give you one example how the Pennsylvania law in particular is really causing problems. I have read three separate legal opinions where they said that because HIPAA has an accounting for disclosures requirement and the Pennsylvania law defers to federal law where there is some other type of reporting requirement they interpreted the HIPAA accounting of disclosures requirement to actually fulfill the requirement for reporting under the Pennsylvania state law and when I read the rule, frankly I don't necessarily see that but yet I continue to see that position raised in a variety of legal opinions from law firms and I really think for me and I think for other people who are involved in privacy it leaves me somewhat questioning okay, what is the proper position to take and again, if I am a small company reading these types of things I am going to take it just through, these firms' opinions as fact.
MS. MC ANDREW: We have seen that in a couple of laws and are also scratching our heads. Again, good news, bad news in that but we are looking at that and we may, you know if you want to send me some information I can think about whether we need a frequently asked question in that area.
DR. HOUSTON; I will send you something.
DR. COHN: Okay, we are going to wrap up this part. I have actually been trying to constrain this first section to just 45 minutes, and it is impossible and we just need to make sure in future meetings that we give ourselves the time we need for these conversations because I think they are valuable and hopefully give some information to the Privacy Subcommittee and others for work that yet needs to be done or focused on.
So, we thank you, John Paul and Sue. Thank you.
With that we will turn to our next sort of update and we are pleased to have John Loonsk who is now one of the permanent directors of the Office of the National Coordinator and we are pleased that you could find time in a busy schedule and we know your office is a little understaffed at this point.
So, thank you for joining us.
DR. LOONSK: There are some key positions that aren't completely full. Thank you for the opportunity to come and talk to the Committee.
I have been asked to give a brief update on some of the activities of the Office of the National Coordinator and I have a small presentation that is being handed out.
The first series of activities I wanted to update you on relate to the recent presentation of recommendations to the American Health Information Community around the working groups that that Committee has had working on very specific areas of activity that I think you are aware of.
The recommendations were brought to not the last but the previous meeting of the community and they fell into several broad areas. The first is there was a heavy reliance on an identification of the importance of the health information technology standards panel product which is due as a deliverable in September.
This is implementation level guidance to work on the standards identified to help implement the so-called "breakthrough activities" and the use cases that support them.
A number of the recommendations pointed to the importance of these standards in moving forward in these areas and some of the follow-on activities I will mention are geared to having those standards, that level of implementation guidance available for those activities to proceed.
A second set of issues related to next steps around regulatory issues particularly some of the issues emanating from the breakthroughs around lab result reporting and how that relates to CLIA, some of the issues around the provision of care electronically, remote provision of care electronically and how that may impact licensure issues and there were suggestions as to follow-up steps that needed to be pursued in the context of health and human services pursuing resolution of some of the issues in regard to these issues.
The next series of recommendations involved suggestions for actions that the Federal Government take to begin to implement itself the work that is being done around these breakthroughs and a lot of that focus was on Federal Government systems and federal health contracts beginning to pay attention to the health information technology standards panel products in the context of their activities, the systems implementing them, the contracts identifying them in the context of helping to support those activities and carry out the activities of the Federal Government and as it relates to the private sector in the use of those standards.
A number of next steps were identified from the standpoint of this representing, these recommendations representing a certain period in time. Thereafter the focus of the working groups of the community is broadening and moving on to next step activities. These recommendations represented a series of work done on the immediate breakthrough activities and the working groups are now beginning to focus on the broader breakthrough activities.
So, by example one of the working groups is on electronic health records. The broad activity is electronic health records. The specific activity was lab results reporting and how that could be advanced. These recommendations focused on the specific activity lab result reporting in the context of that breakthrough. The working group is now being asked to look at the broader activities of the electronic health record and among other things to develop a road map for their attention in the context of that activity and what activities they will be pursuing and prioritizing in terms of next steps.
We view those activities as relating to the next steps in identifying subsequent use cases that would be pushed through the overall process leading to standardization through the health information technology standards panel, consideration by next steps of the nationwide health information network process, consideration by the Certification Commission, etc.
So, the working groups have come to a pivot point. They have delivered recommendations related to their specific charges and now they are being asked to move on to their next charges.
There was also the identification of a new working group that needed to be pursued around data specifically for biosurveillance. There was in the working group a lot of discussion about what are the appropriate data for clinical care to provide to public health entities in the context of pursuing the biosurveillance mission and there was a recognized need to have an ongoing group look at those data, be representative of the various participants in public health as well as clinical care, have consumer interests represented in the context of what the minimal set of data is that needs to serve those functions but also to move to make sure that evaluation and appropriate evaluation of those data is done over time to see that they are the right set and they are advanced in that context.
There was also a recommendation to move forward with a working group on crosscutting breakthrough really confidentiality and security issues and the context for this is for this working group to focus on some of the very specific things that need to be done in the context of implementing a breakthrough in the context of identifying what subsequent needs may be for standardization in those contexts, etc., really focused concretely on producing recommendations in that area that would focus on breakthrough implementation.
The next slide talks about some other AHIC activities that have been in process as well. The Certification Commission on Health Information Technology advanced the initial set of ambulatory care electronic health record criteria to the AHIC and to the Secretary. The Certification Commission has also received its first applicants for certification process. It is in the process of providing the, actually doing certification on this first group of ambulatory care EHRs with the plan of having notice in July of those ambulatory EHRs in this initial set that are certified. That represents very significant progress.
There is also in the context of the community presentation on clinical decision support a road map moving forward. This was a joint project sponsored by the Office of National Coordinator and the American Medical Informatics Association.
It inspired significant discussion at the community around the complexities and around I think desires to put that in the right context relative to other activities and trying to prioritize their current state of clinical decision support and what next step activities should be.
Finally in the AHIC column there was the presentation of a document which has been developed by the Office of the National Coordinator as a furtherance of the strategic framework that was previously developed and this document has some suggested objectives and strategies that lay out against the goals of that strategic framework. This was put on the agenda of the community as an initial presentation and discussion is to follow. The concept here is to try to drill down into greater specificity for actions that need to be taken in accordance with moving forward with the national health IT agenda and to have the community and other groups have input into what those objectives and strategies are.
The final item that I would like to update you on I think you have had a little bit of presentation on before and I would be happy to answer questions on it. I wanted to thank NCVHS and Simon in particular for this new engagement where we are going to be working together around functional requirements in the upcoming NHIN forum.
It is a significant challenge ahead of us that we face in terms of moving forward with this. Functional requirements are a tool. They are a tool that we look forward to helping develop greater specificity as we progress down the road of the nationwide health information network.
We view the forum as an opportunity for public discussion, for input from a variety of sources into those requirements and then I think as you know a special working group of NCVHS is going to further process and refine those requirements moving toward a deliverable this fall that will be helpful to us in a variety of different ways. We view it as a necessary and important step in moving into the second step of the nationwide health information network activities starting to develop clarity on what are common requirements, what are the architectural differences that are being discussed in this context as well as feeding other processes like the health information technology standards panel which is seeking context for the specific standards work that they are doing, drilling down further into the harmonization of standards as applied to very specific activities and understanding the NHIN context for that. Also, we view these functional requirements as very informative for the certification commission in the context of both its consideration of networking certification criteria in its third year and in its consideration of updates to the ambulatory EHR criteria this year and the development of inpatient criteria this year. So, it is going to impact a variety of different activities. There are clear needs just to coordinate these as we move forward and try to make sure that we are showing value across a variety of different activities as well as moving forward with some of the standardization that needs to occur to make that value present and we think this is an important step and are pleased with the partnership of the office and NCVHS in moving forward.
So, those are the broad items I wanted to put in front of you and I would be happy to answer questions.
DR. COHN: And, John speaking for NCVHS we are obviously very pleased to have the partnership working together on these functional requirements issues, and obviously we will be looking forward to ongoing conversations as we progress on that topic.
Now, Jeff, I know you had asked a question earlier. Did you want to be the first up for questions?
MR.BLAIR: Thank you, John. There is a lot on all of our plates, isn't there? Things are moving really quickly and I am sort of asking for clarification mainly because frankly I haven't been able to keep up with all the activities and so each one of them every time I look at them appears to be a good idea and good initiatives.
So, my question gets at how some of them are being coordinated or interfaced and I think you recall the consolidated health informatics initiative which I thought was really doing a lot of outstanding work in trying to pull together especially the terminologies, clinically specific terminologies as much as possible to sort of lay the foundation for moving forward and one of the major efforts in that in terms of harmonization was work done by the National Library of Medicine with unified medical language systems and the mappings between the terminologies and so I was sort of focused on that piece. So, then the breakthrough areas identified by AHIC also seemed to be very constructive and then there was the standards harmonization RFP with that work, and since I haven't been able to follow each of those as closely as I once was able to follow the CHI pieces sometimes I wonder; sometimes I worry is that foundation that was built by the consolidated health informatics initiative especially with the NLM and the unified medical language system and the mappings between the terminologies, is the standards harmonization work and the breakthrough work building on that foundation and extending it in breakthrough areas or are there some disconnects and if there are disconnects you know is that something else that needs to be addressed?
DR. LOONSK: Thanks, Jeff. We have I think made a special effort to try to see that what we think is very high quality work of the consolidated health informatics effort is integrated into the work of the health information technology standards panel. We have orchestrated the delivery of those materials to HITSP. We in the writing of the contract have described the importance of that work in the context of HITSP taking advantage of it and prioritizing its consideration.
It is important to recognize that HITSP is a public-private process and that the, while CHI was focused on the consideration of standards for federal systems by federal people and organizations that the buy in of the private sector into moving forward is an important next step and does that mean that at times there may be some standards that are different in the context of their consideration? I think that that is a distinct possibility. We have been looking to try to make sure that HITSP considers the CHI standards and the work that was done. I think the overwhelming response by those participating in HITSP has been that they have been very impressed by the work that has been done by the thoughtfulness of it and by it applicability.
In the context of the work around terminology mappings and such one of the activities that we are actively pursuing is to try to make sure in conjunction with the National Institute of Standards and Technologies that an appropriate infrastructure is available to actually test against those standards and this can be a very complicated activity. It is one that can involve a multitude of permutations of a message for example where you have an incredible complexity of possible terms that are used in different combinations that may break an implementation guidance.
So, it is non-trivial but it is critical that if we are as we move towards truly incorporating standards into a variety of different activities both federal and private the ability to educate people to what those specific terminologies are, to be able to allow them to self-test their messages, their queries, their system interfaces against them and then to actually have third party testing of them so that they can be certified as complying with those standards is a huge effort.
It is a critically important effort. We have been working on this as I indicated with NIST. We have also engaged the National Library of Medicine in this activity and the intent is as we move forward and Betsy Humphries has been supportive of the concept of the thesaurus and the vocabulary work of the NLM as playing a critical role in reporting the data sets that are used in these implementation guides and in the standards selection. So, it is a multi-body activity here. It really is going to involve certification, HITSP, NIST, the NLM and others no doubt to try to get to the point where there is a broad capability for testing and the kind of supportive infrastructure necessary to manage the vocabularies and terminologies in that regard but I have been very pleased by the response that NLM and others have had in moving forward with that.
DR. COHN: Thank you.
Mark, you are up next.
DR. ROTHSTEIN: Yes, I just had a question. Would you review the process and timetable for the four architecture consortia projects?
DR. LOONSK: Sure. This year is a prototyping year for the NHIN consortia. We have really two processes going on in parallel and it is important to distinguish them.
One process is working on architecture. The other process is working on the prototype, the actual software prototypes that are intended to validate those architectures. We have initiated both those processes. They both are responding to the use cases that were put forward that relate to the breakthroughs but then they have had to take parallel courses important to represent the fact that the prototypes that are going to be available and demonstrated in what looks like a December-January time frame will not necessarily implement all of the common architectural work and all of the harmonized standards from the health information technology standards panel and all of the other work that is done in the architecture track. Those prototypes will not implement those necessarily this year but the intent is to continue to integrate these two in subsequent rounds of this activity.
So, simply stated this year is around working on architecture. We think these public fora are important in the context of having public input into those architecture discussions. The role of NCVHS will be very helpful in that regard as well. We anticipate coming out of this year not with one architecture but with at least an architecture with variations, and there are major considerations that as an example some markets, some areas, some regions that have regional repositories, some that don't. We would have to say right now that both are viable options. Both need to be considered in an architectural construct at least from the standpoint of where the country now stands in that regard.
Moving forward with the discussion, having tangible products that represent the prototypes, using live data in the December to January time frame can help advance the discussion and then in the next year's activities moving further down the line of incorporating the common requirements coming to incorporate the standards that have been identified for the implementation and to drive closer to implementation level systems in the next year.
MR. HUNGATE: A question from an individual and consumer viewpoint, I have been a great supporter of decision support tools as helping to get me a better care system in the future. As I look at the entities that are listed in the functional requirement pattern I don't see an entity for clinical decision support development.
Yet it seems to me that one of the limitations of these systems has been they have been very expensive. The return on investment in clinical decision support has not proven as individual things to be very high. So, I would think there might be an opportunity here to highlight that pattern and maybe it is someplace else and I just don't see it.
DR. LOONSK: We recognize very much that the requirements that are now on the table are not complete. We are saying that wherever we can. We recognize the fact that there is tremendous value for example in coming forward with use cases that have specificity, focusing a number of these different initiatives on the same target so that they can support each other in moving forward but on the other hand it is not across the waterfront. We don't have that specificity in many places and I think it is important to recognize that.
At the end of this year, at the end of the NCVHS activities we will not have complete requirements for the nationwide health information network activity. These are initial requirements. These are initial efforts.
Some of the activities you are talking about obviously are complex in the context of value. To whom is the value shown? How do you bring along the private sector in terms of implementing capabilities and their products? I think many of us see the value in some of these at a high level, at an abstract level to society and to the consumer. We anticipate that a lot of the next steps for example from the consumer empowerment working group will be to identify some of these things that will then get into the next round of prioritization.
So, we are trying to have the AHIC and its work groups guide the prioritization of next step activities and we think that we can get some of these things on the agenda through that process.
MR. HUNGATE: That is very helpful. Thank you very much and I applaud the effort on functional requirements.
DR. COHN: Okay, Mike, you have the last question and then we will wrap up and give everybody a well-deserved break.
DR. FITZMAURICE: I must applaud the ONC for its ability to respond to all the policy questions that come through it with pretty good answers.
I have two questions. One of them is when we talk about certification, the word out on the street,people who have talked to me at conferences say that the cost is pretty high It is $25,000, $28,000 to get certified to send an application in for certification to CCHIT.
Is the cost of this out of HHS' control? It may be because we want this activity to be self-sustaining and if that is what it takes, that may be what it takes, and the second question I hear is will anybody be certified soon. They are concerned about somebody getting certified and then being the market leader and this will squeeze out all of the small VHR vendors. I am sure you are aware of this. This is not anything new.
DR. LOONSK: Yes, those issues have been presented in many different settings. I think there are flip sides t each of those issues that are also relevant and if we have hundreds of VHR vendors that have products that are widely divergent, clearly we are not in a place where we can make the fraud agenda move forward.
Relative to the cost issue I think the certification commission has done excellent work in trying to identify their costs for carrying out that process. This is an initial pass.
If you look at the potential revenues in this area they are significant for EHR vendors. That is perhaps comforting in the context of those costs and the value of the certification seal if you will I think could easily be described as carrying more value than those costs represent.
It is a complex issue. The certification process is still to some extent in its infancy and hopefully can refine the formula but I don't think that there is a lot of fat in that cost. I think these are real costs that they face in moving this forward and as you well know we are under the tasking to really try to make each of these processes become so supporting in the context of carrying out their missions.
DR. FITZMAURICE: Secondly and lastly, this whole process that is going on is identifying sets of HIT functions, HIT standards and HIT elements. These are being identified and my question is who will certify or adopt these standards as suitable for use in federal health systems? Is that going to be the Secretary of HHS, maybe in conjunction with the Secretary of the VA and the Secretary of DOD? Is this certification by the Secretary necessary if they are to be tied in or become part of the baseline of the federal health architecture? I know OMB is looking at this. They use it to evaluate agency plans. They use the CHI standards for this and now since we are moving to a new process they are going to want to tie into something and the agency will want to know if we invest in it, it is going to have everybody's approval, and aa I think you know there has been, we reoriented the federal health architecture efforts and the CHI efforts to fit into this overall process. I agree with you very much that the federal agencies are eager to look at what the target is for them. The two targets that are most prominent for their consideration are clearly certification criteria as they apply to their particular activities and also the HITSP standards as they are being advanced at this implementation guidance level and there is a lot of discussion going on now as to how that gets mapped out against federal priorities in moving forward in coming months and years. It is a very active area of discussion. I think that those are the two key points. I think the other one to throw on the table for which there has been some discussion and a lot of interest is how do the federal agencies coordinate with the NHIN architecture as it moves forward to make sure that federal systems can be supportive of that and the VA, the DOD in particular have expressed great interest in moving forward in that direction and I think we hope that in the next round of the NHIN activities we can express some clearer paths for how those things can support each other.
DR. COHN: Okay, well, John, i really want to thank you. I would actually pick a couple of things from the session. One is I think this fall either September or November we will have to have a conversation with HITSP. It sounds like they are ready to sort of come forward to talk a little more at this point.
I think the other piece is the clinical decision support which is probably a bookmark for the ad hoc work group recognizing that we are also looking at gaps and other things.
So, John, I want to thank you. Obviously we look forward to working with you this summer. Results from that ad hoc work group activity will be coming back in September to this group for discussion and hopefully final approval and again we will just keep the conversation going.
I want to thank everybody. We are obviously running a little late and what we will do is give everybody a 15-minute break and come back at eleven-ten.
(Brief recess.)
DR. COHN: Okay, this is our second morning session. Would everyone please be seated. Now, in this session we begin to move into letters and review of letters.
Now, I think some of them are, I mean we will obviously see letter by letter which ones need further work, which ones need overnight thought, which ones potentially are ready for action at this point, and I think it probably will vary by the letter.
I am going to hand things over to Harry Reynolds who I think will lead us through the letters and then as I said, we can make determinations of whether they are action for tomorrow, action for today or back to the subcommittee.
So, Harry?
MR. REYNOLDS: Just so there is no misconception we do realize that the number of letters does not relate to how well we are doing as a Committee.
These are three issues we had to bring forward to you. I would like to do the letters in the order of first if you would turn to Tab 5 which is the CHI letter.
I would like to go through it first. John just mentioned the CHI in his discussion. As all of you are aware it is a series of standards that have been brought forth for use by the Federal Government and this is just one more addition to that.
So, I will read this entire letter and then ask if there are any changes or questions on this particular one. We won't stop partway through.
So, "Dear Secretary Leavitt:
"The National Committee on Vital and Health Statistics appreciates your continued support for the Consolidated Health Informatics Initiative, (CHI) as evidenced by the inclusion of standards recommended by CHI in many Federal solicitations. This letter continues the role that NCVHS has played in the CHI standards acceptance process. In this role, NCVHS provides an open forum for review of the CHI standards recommendations and provides an independent assessment of these recommendations.
"The NCVHS has the following comment on the attached CHI domain area recommendations
"The NCVHS concurs with the CHI recommendations for the Multimedia domain. When NCVHS originally reviewed the CHI report recommending Multimedia standards on December 9, 2003, several questions arose. These questions have been adequately addressed in this report. The NCVHS recommends approval of this CHI Standard by the Secretary and formal government adoption.
" Modification of Prior CHI Reports
"We note that CHI documents are meant for daily use and time may change some of the administration conditions, so these types of changes need to be reflected in minor version updates of the documents to remain current. NCVHS was asked by CHI to provide our input on the modified versions of the past reports that acknowledge the contributions of the Agency for Healthcare Research and Quality (AHRQ) toward the enhancement of many CHI Standards, and the role played by the Food and Drug Administration and the National; Cancer Institute (NCI) and FDA's role in the Medical Device Domain. NCVHS is pleased to recognize the important contributions of these agencies and supports these modifications. NCVHS feels that public input on minor version updates is not necessary; therefore we recommend that CHI simply keep us informed of these updates as they occur.
"The review process that has been established by CHI and NCVHS has worked very well to further the adoption and use of health care information standards within the federal government. We are pleased to continue our role in this valuable process."
I would like to also acknowledge Steve Steindel as our resident expert who helped us prepare this letter and Maria for her continuing positive staff work on that. So, with that I will open it for any comments or questions that the full Committee may have.
John?
DR. HOUSTON: I have no disagreement with the recommendations. I just was stylistically since there is only one recommendation and a bullet I don't know why you have that bullet there and just simply you don't go directly into the --
MR. REYNOLDS: Steve has an answer for that.
DR. STEINDEL: As the topic expert on this actually this was a style we developed with previous letters and we used the style even when there was one bullet.
DR. COHN: Without trying to prevent this thing from being passed probably a colon at the end of recommendations and then it probably would be a reasonable way to describe it. We don't want to be word smithing at this level today, but go forward.
MR. HOUSTON: Then I just think that there is one topic which is modification of prior CHI reports. It is just when I look at those two together in such a short letter I just think if it was cleaned up a little bit I think it would read a little bit better.
MR. REYNOLDS: We will take that into consideration.
DR. CARR: Just stylistically the NCVHS feels, maybe NCVHS believes. I don't know what the NCVHS convention is on feeling but the last sentence in the second to last paragraph.
DR. COHN: Okay, my question on this one is do people, I mean we can certainly take it back to the subcommittee for minor word smithing. Do people want to see this letter again or do people agree with the spirit of it and want to act on it at this point?
MR. HUNGATE: The latter, I think.
DR. COHN: The latter, okay, is there a motion then?
DR. STEINWACHS: So moved.
MR. HUNGATE: Second.
DR. COHN: Any discussion?
All in favor?
(There was a chorus of ayes.)
DR. COHN: Opposed?
(No opposed.)
DR. COHN: The letter is passed and we will let the subcommittee word smith it a little further but I think we are okay on that.
MR. REYNOLDS: We may just slip it in with the privacy letter.
(Laughter.)
MR. REYNOLDS: Okay, let us move on to Tab 4 or Tab 3, excuse me, yes, Tab 3. We are going to do the HIPAA recommendations and in reading this one I am just going to go straight to the, I am going to read each observation and recommendation and then open the floor for discussion. For time we won't go through the first two paragraphs but we will take comments on those as we open it.
DR. COHN: Do you want to get closer to the microphone?
MR. REYNOLDS: Okay, observation one, and let me give you a quick background. This is HIPAA lessons learned as we have had numerous hearings on you know what has occurred on the HIPAA transactions and code sets and other things up until now. We held some hearings to understand what are the lessons learned that we can forward to HHS through the Secretary to make sure that they are considered as we do other things like this and continue to build off of it. So, that is the purpose of this.
Okay, observation one, implementations. HIPAA implementation has taken longer than expected. The causes for this are numerous and include the fact that actual publication of the rules has taken much longer than anticipated as well as the fact that while payers were required to implement all standards adoption by providers was not required.
The original view was that because standardized EDI implementation would save providers time and money providers would gravitate to their use to reap the benefits of the administrative simplification.
There have, however, been unanticipated impediments. These include the reluctance by vendors to build a range of necessary software for the non-revenue related HIPAA transactions such as the eligibility transactions 270-271 and the claims notification 276-277.
Additionally there has been reluctance by some payers to robustly implement the HIPAA non-revenue transactions. For example, payers in many cases included only minimum information in the eligibility transactions which resulted in providers not being able to gain full benefit.
In addition there are still health care organizations that are not yet compliant with HIPAA standards and many of these organizations continue to use contingency plans which further delays the transition to HIPAA standards.
Recommendation 1.1. HHS should undertake a comprehensive evaluation of HIPAA implementation in order to identify areas through timely, efficient and effective implementation as well as area for future improvements.
NCVHS stands ready to advise HHS in the design and conduct of such an assessment. Once these impediments and areas of improvement are identified NCVHS pledges too work closely with the Department and the industry to identify ways to best address them.
Such findings would be useful for other HIPAA implementations in the future.
Questions or comments?
DR. COHN: Harry, I actually would only add one maybe minor word smithing. I think this last sentence that just says that findings will be used for other HIPAA implementations, i think maybe also and federal standards initiatives in the future and that would be the only, and that is I think just subtle word smithing.
Other comments?
DR. CARR: I know I participated in this but as I read it again now it would help me reading this for a more concise description of what was expected from HIPAA, what is the actual and then what are the contributions to the gap between the actual and the expected.
I will leave it at that.
MR. REYNOLDS: Help me one more time on that.
DR. CARR: Where did we expect to be today? You begin with HIPAA implementation has taken longer than expected and we have two contributors. One is the delay in the publication of the rules and the other is that the payers were required to adopt all standards but providers were not required.
Where did we expect to be today? This is saying where we are, but was there a clear statement of what was expected to be and what we are trying to say is there is a gap between where we thought we would be and where we are. So, I am just trying to get a little more clarity on what was the information that said where we would be today.
MR. REYNOLDS: I think what we could add was that obviously the rule was effective as of a specific time and the original intent was that everyone would meet at that endpoint.
DR. CARR: Right. I think that would be helpful to know that.
MR. REYNOLDS: Okay.
DR. COHN: I am struggling with this one and I guess I am trying to give even how to frame it. Obviously this may be our defect by not reading the first two paragraphs. You do realize that HIPAA was passed in 1996, and I think the original intent of the legislation was that everything would be implemented at least by legislative language by 2000. So, that is by legislative language. Now, are we going to reference legislative language or certainly we can't implement things where rules are not developed. So, you know, if you are referencing rules, rules have only just recently actually been finalized.
DR. CARR: I think that is helpful in understanding what is going on, that when it was passed and you say legislatively this would have been implemented by 2000. Rules were not available until whenever and then this is where we are today, and this is the gap of where we might be and where we ought to be.
DR. FITZMAURICE: I think even beyond that there were contingency plans that were developed because the industry wasn't able to adopt it as quickly as we anticipated and so for a lot of things the taking longer than expected, there were a lot of factors in there. To list those factors is going to take another page or so.
DR. CARR: Okay, I guess I am just looking for a bench mark so that we are saying we are off but we are off compared to what is the question that I have.
DR. COHN: Marjorie and Karen?
MS. GREENBERG: I think what Justine is saying is that this assumes a lot of knowledge that may be around the table and of course people really working on HIPAA in the industry know what the issues or what the problems are, what the expectations were to a greater or lesser extent but if this is kind of going to stand on its own maybe it would benefit from just a little more background information.
DR. COHN: Is that your sense?
DR. CARR: Yes.
DR. COHN: Karen?
MS. TRUDEL: Yes, I think there is a huge list of contributing factors if you go all the way back to the legislation. I think what the hearings were attempting to uncover though was once you hit the point at which the implementation clock began to tick what went wrong then that caused our expectations to be different. So, I would suggest perhaps removing the part about the rules taking longer than anticipated and focusing on the point in time where we thought implementation was going to occur and why it didn't and where we are now and how did the gaps contribute and if that is agreeable to people I can work with Maria on coming up with that language.
MR. REYNOLDS: I am not comfortable removing that.
DR. COHN: Steve and then Jeff?
DR. STEINDEL: Actually I have no problem with the way it is worded here. I mean we might want to add just one proviso. HIPAA implementation has taken longer than expected. Actually HIPAA implementation was very clearly defined in the law and that is what we are referring to and that is our bench mark and the next sentence says that the causes for this are numerous and included the fact, blah, blah, blah.
Well, I don't think we need to expand beyond that. If we want to, we may want to reference our annual reports to Congress which enumerate through the years the reasons why things have been delayed and that would be the only changes that I suggest and I don't believe those changes are even needed.
DR. COHN: Jeff?
MR. BLAIR: I didn't realize Steve would be saying what he said but it was right on the mark as far as I was concerned because this is one of those letters where sometimes we intentionally don't say certain things. We made it very simple. We said that it was delayed and it was delayed for a lot of reasons and I don't think it is possible to start going into the reasons without spending a lot of time recanting history that went over years where a lot of different entities for a lot of different reasons contributed in one way or another to the delay and I don't think we want to put that in a letter. So, the reason that it was as simple as it is is because we are avoiding saying those things.
The other piece is that we felt it was essential to wind up saying that it was longer than expected because that is the whole reason we are asking for the changes is to begin to address the problem without recanting how complex it was.
DR. CARR: I find Steve's suggestion helpful.
DR. STEINDEL: Which is?
DR. CARR: The language that he just recommended not to you know add a lot but to just have compared to what.
DR. STEINDEL: To paraphrase because we would have to work this out in the language my two suggestions were in the first sentence just add "As expected by the HIPAA legislation," and in the second sentence just instead of enumerating just reference by footnote our annual reports to Congress.
DR. COHN: Justine, are you okay with that?
DR. CARR; Yes, that is great.
MR. REYNOLDS: Observation two, the process for changing versions or updating versions of HIPAA standards is slow and cumbersome. While the HIPAA final rule does not permit voluntary adoption of new versions in contrast this is permitted under the electronic prescribing final rule.
In addition the administrative requirements under the Administrative Procedures Act, APA necessitate notice and comment rule making. The rule-making process takes several years from issuance of the notice of proposed rule making, NPRM, to implementation.
This severely hampers the ability of the public and private sectors to keep pace with emerging needs, especially in the rapid acceleration toward the adoption of electronic health record EHR systems. In addition, the HIPAA process requires that changes to standards be vetted through various standard-setting organizations. The STO processes include an extensive comment period in which all parties can participate. However, the fact that the standards are on different approval cycles makes it problematic to synchronize changes or updates.
These differences in schedules plus the unpredictability of the time it takes to complete all the steps in the federal rule-making process create an uncertain environment in which it is difficult for providers, payers and vendors to influence or anticipate upcoming changes and develop business products and processes to accommodate them.
Backward compatibility where feasible and voluntary adoption of backward compatible standards with the named HIPAA standard could provide flexibility in version updating.
Recommendation 2.1. The Department should immediately explore ways to facilitate quicker updates and implementations of HIPAA transaction standards in a manner that can reduce or eliminate areas of redundancy in the process including the possibility of not requiring HHS notice and comment rule making for a version update of already existing HIPAA transaction standards.
This recommendation does not apply to HIPAA privacy and security regulations. The exploration should include an in-depth review of the statutory and regulatory requirements such as those under APA, the comprehensive explanation of permissible options and a determination as to whether legislative changes should be initiated, consideration of regulatory changes to permit the voluntary adoption of backward compatible updates to named HIPAA standards. Three, consideration of how to include public comment on business process issues as well as functional and technical standards issues in the review process.
Recommendation 2.2. The Department should expedite issuance of the NPRM on current HIPAA modifications. This regulation includes many needed changes identified since the original HIPAA regulations were issued in 2000 including a timely modifications process.
Recommendation 2.3. The Department should determine what would be necessary to facilitate synchronization of the timing of implementation of changes to HIPAA code sets including medical and non-medical data code sets. To minimize the scope and quantity of changes experienced by the providers, payers, clearinghouses and vendors, alignment of changes and updates to the code sets would allow the industry to coordinate, test and implement on a more orderly schedule and reduce rejected claims.
One quick sidelight is if you remember Karen's update talked about backward compatibility. So, a lot of what we are putting in this letter and have had in our open forums is already moving forward and then there was another discussion by I think it was Jim earlier talking about some of the things that are coming through Congress, talking about speeding up the process which is exactly related to these things that we have been talking about in the hearings and some of that has actually come out from people that have been in the hearings.
DR. COHN: John Paul?
DR. HOUSTON: In the first paragraph, observation two, third line you discussed voluntary adoption of new versions. It says that the HIPAA final rule does not permit voluntary adoption of new versions. What do you mean by that? The reason why I ask is I thought what HIPAA says is you weren't allowed to vary the transaction standards and is there another part of the HIPAA rule related to the voluntary adoption of new versions?
MS. TRUDEL; I think what that was referring to is the fact that even if a standards developing organization balloted and approved a new version a covered entity is not permitted to implement it under any circumstances without regulations.
DR. HOUSTON: Because of the fact that HIPAA says that you must adhere to --
MS. TRUDEL: Yes.
DR. HOUSTON: Okay, I think you might want to, I thought that was the case. You might want to clarify this a little bit to state that what the HIPAA rule says is that you are not allowed to vary the standard and what that then does is that precludes then the voluntary adoption of new versions that have been otherwise approved by standards organizations, if that is what you were trying to say, I don't know.
MS. TRUDEL: That really speaks to separate issues. There is a requirement that you cannot alter the standard that is adopted which is for instance 4010.
The second part of that is that you cannot adopt any other standard for instance 5010. So, there are two aspects of the same concept.
DR. HOUSTON: I don't think it is really clear that HIPAA says that you aren't allowed to -- it is not a matter of voluntarily adopting. It says that you can't vary the standard and as a result you can voluntarily adopt their version I guess was my point.
MR. REYNOLDS: We will take that this afternoon and come back with it.
DR. STEINDEL: Just as a quick comment I think Karen has noted some of the complexities and actually you have noted in putting that recommendation into play which is one reason part of this recommendation is to take a look at the legislation because if that does prove to be a big barrier we may --
DR. HOUSTON: I just wanted to make sure we were factually accurate with what we said in the letter and I thought there were some variances. Again, it is just a comment.
DR. COHN: I guess I actually had trouble figuring out where you were referencing. Harry as long as you know what they are referencing and can make the changes --
MR. REYNOLDS: John, why don't you point to the line and that will make sure that --
DR. HOUSTON: I am looking at the version in the book. It is on observation 2, the very beginning of the third line of the observation, voluntary. It is that sentence I guess while the HIPAA final rule does not permit voluntary adoption of new versions. I was keyed on those words, voluntary adoption of new versions. That is where I was at.
DR. COHN: Okay, so what you want is basically to say that in addition to permit voluntary adoption of new versions or changes to currently implemented versions.
DR.HOUSTON: No,my point is that under the rule my understanding is that you are not allowed to, you must implement the standards as --
DR. COHN: The standard and the version.
DR. HOUSTON: Right, within the rule. So, it is not a matter of not being able to voluntarily -- it says, "HIPAA does not permit the voluntary adoption of new versions." No, that is not what HIPAA says. HIPAA says that you are required to adopt the versions and stay with those versions.
What that does is it prevents them from voluntarily adopting new versions. I just want to make sure we are factually correct.
DR. COHN: Okay, so, this is something that can be put in between two commas basically.
Karen, are you okay? Okay, I just want to make sure we are sort of capturing things as we go along.
Bill?
DR. SCANLON: This is a comment not knowing all the details that the Subcommittee obviously knows but it relates to the statement that the rule-making process takes several years from issuance of a notice of proposed rule making to implementation and having seen rule makings take incredibly variable amounts of time, sort of from almost overnight, an exaggeration, to perhaps more than a decade there is a full range and so there is a question now about how much is really sort of a necessary sort of condition in terms of real rule making.
What comes away from that when you come away from that sentence is a very negative sense of rule making and so when you are looking for how do we make this better we are looking for a substitute as opposed to improving sort of the rule-making process in these particular applications and I am kind of concerned that we want them to think about both. We want them to think about what has been wrong with rule making that has been delayed. Does it need a different mechanism or does it need a will to make things more quicker because in many cases it is not process. It is will that is the key in terms of how we get the things done.
MR. REYNOLDS: If you look at the second and third, well, actually the three bullets under Recommendation 2.1 it is where we felt first that there needs to be a discussion because with e-prescribing it is different than what it was. Second, voluntary adoption which Karen referenced earlier in the e-prescribing which we were able to use, they were able to use there for NCPDP 8.1 and then one thing we feel still needs to be considered is this whole idea of public comment or business process issues as well as the other things that need to remain in it because sometimes as we heard discussion trying to speed this up could cut out the public, could cut out private enterprise from discussing it and so on.
So, we tried to put a framework without being prescriptive on exactly how it should change and I don't know if that answers your question.
DR. SCANLON: I think it partly addresses it. I think though in the observation what also might address it would be to take the sentence that the rule-making process takes several years which seems like it is an absolute to has taken several years. It is a problem which we have identified and it doesn't necessarily have to take several years. That is something that could be modified in thinking about it.
DR. COHN: So, you want to ease up on the observation and so rather than taking or basically has taken several years.
DR. SCANLON: I am thinking that you are setting up a problem to deal with in that sentence.
MR. STEINDEL: Bill, actually this is factual statement. The rule-making process takes several years from the issuance of a notification of proposed implementation, rule making to implementation, actually HIPAA requires a 2-year process after the rule goes into effect until it is really implemented. So, there is sort of something in the law itself that requires years.
DR. COHN: Karen has a comment on that.
MS. TRUDEL: That was correct for the initial standards but it is not correct for subsequent standards. the Secretary can adopt any implementation period that he wants for subsequent standards.
DR. SCANLON: Thank you, Karen.
MS. TRUDEL: And not to be less than 180 days, I believe.
MR. STEINDEL: I am factually corrected. Then we do need to deal with Bill's point.
DR. SCANLON: I think Bill's point was that the rule-making process in general doesn't have to take, that we have done some of these that don't take long at all. So, maybe we need to say either it can take several years or that for the HIPAA rule-making process it has taken --
DR. COHN: I just want to make sure we understand what we are doing. So, we are saying that the HIPAA rule-making process has taken several --
DR. SCANLON: I think they should discuss it.
DR. COHN: Okay. Other comments on this one?
MR. REYNOLDS: Okay, observation three, return on investment. The testifiers who were using only the HIPAA health claims transactions indicated that they were not yet able to show a positive ROI. It is important that we improve the ROI for HIPAA transactions and code sets so that they will serve as a driver for further adoption of health information technology and standards in the health care field. The following actions could significantly increase the return on investment from the use of HIPAA transactions and codes. Recommendation 3.1. HHS should take immediate steps to increase the adoption and use by providers and payers of all those HIPAA transaction standards beyond the health claims transactions such as eligibility, 270-271, claims status, 276-277 payment and remittance, 835 and referrals 278.
These transactions when incorporated into daily processes can reduce staff, parenthesis, FTEs and increase efficiency. While we commend the ongoing work in this area by the Centers for Medicare and Medicaid Services, CMS, we believe these activities should be accelerated.
Recommendation 3.2, HHS should actively work with payers to facilitate the inclusion of enough information in their responses, eligibility standards 271 and claims standard 277 to allow providers to use the information to actually improve their processes.
Continuing participation by CMS is needed in the work by the Council on Affordable Quality Health, CAQH, a voluntary group representing payers, providers and associations on standardization of the data in an eligibility transaction.
This is an excellent example of voluntary cooperation to improve the HIPAA process.
Recommendation 3.3. HHS should actively work with vendors to encourage their inclusion of the aforementioned non-claim transactions in practice management software used in provider offices.
Vendors are key to the success of pilots on these topics and more importantly for the success of final implementation by the industry. As a result their inclusion from the planning to the execution of such studies will yield more informed and usable results.
Recommendation 3.4. HHS must continue to support ongoing work by the industry and SDOs to reduce unnecessary variability of business rules as currently documented in companion guides.
Several actions are necessary. The first is to support processes to identify common business practices that are included in the different payers' companion guides. Second, harmonization of the business practices that are not common must be promoted to the extent possible.
In addition some independent initiatives are underway to further evaluate those differences in business rules. Continued support of these efforts by HHS would advance the original intent of standardization.
Recommendation 3.5. HHS must facilitate and encourage the adoption of one of the currently non-mandated acknowledgement transactions, e.g., 997 or 999 to standardize the acknowledgement process between providers, payers, clearinghouses and vendors. This will achieve standardized process flows among the parties involved thus reducing the effort necessary to achieve expected results.
Recommendation 3.6. HHS should continue the use of pilot testing in HIPAA transactions, new HIPAA standards such as a pilot conducted with a proposed claims attachment standard to obtain a real look at the actual benefits, issues, business impact on system changes surrounding the proposed standard.
Even small-scale pilots can yield valuable information that can help speed the implementation. We look forward to advising the Department on issues related to HIPAA transactions and code sets and health information technology in 2006.
DR. COHN: Comments?
Justine?
DR. CARR; Question, the shoulds and the musts, some are things that HHS should do and some are that they must do and is that intentional?
MR. REYNOLDS: It was intentional when we wrote the letter. We need to look at it again to see if it remains intentional.
I am not trying to be funny. These particular ones have taken a lot of work.
DR. COHN: Actually I think I see two musts and --
DR. CARR: Yes, 3.4 and 3.5.
DR. COHN: I think that probably should is a friendly thing. I am not seeing any other musts. Justine, do you see any?
DR. CARR: No.
DR. COHN: Harry, what do you think?
MR. REYNOLDS: Should is fine. We feel that our recommendations, whether it is should or must go forward and hopefully will make a difference. Thank you for your continued input.
DR. COHN: Let me ask, I think what I am seeing is a couple of things. I am seeing a word smithing change in observation 1, referencing the HIPAA implementation and footnoting that the causes are numerous with a footnote related to the previous annual reports.
I am seeing a change in observation 2 which says basically rather than the observation that the rule-making process takes, rather it has taken several years which I think is the wording and we are saying actually the HIPAA rule making process.
I am seeing changes from should to must, I am sorry, must to should. I guess I am also going to suggest that where we have reduced staff FTEs we probably don't need to put parentheses around FTEs because it is actually really staff full-time equivalents and my question is is there anything else or is that really the changes that we are recommending making and if those are the cases should we do it now or should we make those changes and bring them back to you for final review tomorrow?
Mike?
DR. FITZMAURICE: On recommendation 3.2 I am wondering it says that HHS should actively work with payers to facilitate inclusion of enough information on their responses, eligibility standards and claims standards to allow providers to use the information to actually improve their processes. I am not sure what the context of work with there but I assume that it is jargon. Does it make sense to add to that and also show this by example in the Medicare program? I am not sure if that makes sense for eligibility because eligibility is determined by other things than just have you paid your premium and so I may defer to Karen on whether that would be a helpful addition or not. It would actively work with payers to facilitate inclusion of enough information and look we do this in the Medicare program. That would even be stronger I think.
DR. COHN: Karen, I am sorry but Mike is looking at you on this one.
DR. FITZMAURICE: I don't want to put CMS under the gun on this, maybe on other things, but not so much on this but I want to, you know, and we do it by example. We expect other payers to do the same thing to help other providers.
MR. REYNOLDS: Mike, if you look at this sentence that starts with continuing participation by CMS, we are asking CMS to continue their work with the industry on this on a particular initiative.
DR. FITZMAURICE: Yes, but I am saying do they do it themselves and are we willing to say that we are doing it ourselves and we call upon you to do what we are already doing?
MS. TRUDEL; Yes, that is correct.
MR. REYNOLDS: And, Simon one thing for the record I guess as I said I had no conflicts which I still don't think I do but I should make it clear that I am the Chair of the CAQH initiative to do this.
DR. COHN: I guess you should have referenced that at the beginning this morning.
MR. REYNOLDS: I actually forgot it was in the letter.
DR. STEUERLE: I did have one additional comment that maybe could be easily accommodated but the only place you mention the possibility of legislative change seems to be in the first bullet, recommendation 2.1 and this is not an area in which I am an expert but I have been involved in a number of legislative efforts and I know the way legislation is often drafted. It is basically something that Jim Brady whom you may remember who was President Reagan's first Press Secretary called bog set method. That is a bunch of guys sitting around a table which means that legislation is not always finely crafted and the result of a rule-making process to implement legislation is sometimes hindered by the fact that the legislation itself is inadequately worded. I was just wondering if that type of sentence on legislative considerations also doesn't carry forward into this third area where you are saying that people are not finding an adequate return on investment and I don't know that the only solutions are only things like for instance new HIPAA standards. I mean maybe there are some old ones that should be abandoned.
I am just wondering if the consideration of legislative changes ought to be carried forward a little bit further beyond just recommendation 2.1.
Again, this is not my field but is this a matter that we believe the legislation is the best thing since sliced bread and it is just a matter of we don't know how to implement it or some of these problems of implementation and are 10 years to get rules implemented sometimes because there have been inevitable dilemmas posed by the way that the law is drafted that are not going to be resolved and the regulatory process is becoming quite expensive ?
DR. COHN: I see Karen raising her hand and I will reference that one also, but, Karen?
MS. TRUDEL: I would say in a lot of the studies that I have read when the standards are implemented for instance these eligibility and claimed status standards are implemented robustly and on a consistent basis and I, again, also, think that what the CAQH is doing is very valuable in that respect, that people do derive a return on investment. So, I am not sure it is so much that the standards are broken and legislation may be needed as much as the doing of it needs to be fine tuned and where people have to do it. I mean a lot of people aren't finding a return on investment because they are not bothering to implement the standards. Since providers don't have to do it they tend to for instance stick with phone communication.
DR. COHN: I am not sure I can go much further than what Karen was saying. I think we have obviously been following this for the last 10 years and I think that the view at least of the subcommittee is that there is value to be derived from the implementation and I don't think any of us were intending to open this up to a total review of whether or not the whole effort ought to be abandoned which is I think sort of where I was hearing you going that this should be abandoned at this point.
DR. STEUERLE: You do say legislative changes and as I say in recommendation 2.1 it doesn't carry through the rest of the document. Maybe that is deliberate.
DR. COHN: Yes, I guess that nobody thought of these other areas. Karen may have some view about that. I didn't think that there was need for additional legislation in these other areas that were regulatory or people working together.
Karen?
MS. TRUDEL: Yes, the remaining recommendations are ones that we are pretty sure we can carry out under our existing authority and our ability to partner with industry whereas there are some perceived procedural barriers to the modification and update process that may actually need legislation to address.
DR. SCANLON: I share Gene's lack of in-depth expertise in this area. The reference to the statutory change there actually makes reference to the APA as opposed to changing HIPAA which in some respects is even more sweeping to think about changing the Administrative Procedures Act than it would be to change HIPAA.
DR. COHN: I guess I am not sure. Help me with this one. You are looking at recommendation 2.1 under the HIPAA. I am not sure that I, actually the APA. I am not sure that I saw this as a suggestion to change the APA but more changes that may be specific to I mean I may be a little out of my league on this one but I thought this was changes to the process relating to these particular transactions as opposed to an attempt to overhaul APA and if you are interpreting it as an overhaul of APA I worry that we have misdrafted this particular sentence.
DR. SCANLON: This is then a cold reader comment. I mean we have got here an in-depth review of statutory and regulatory requirements such as those under the APA and you conclude in a determination as to whether legislative changes should be initiated. Somebody coming in without a lot of knowledge is --
DR. COHN: Should we say, "HIPAA legislative changes should be initiated?" Would that help?
DR. SCANLON: But the point Gene is making is this is the only place where we are talking about legislative changes and did you mean only HIPAA or did you mean APA or should you be making sort of reference elsewhere to the HIPAA legislative changes?
DR. COHN: What do people think? I am actually thinking that we really mean, I mean it sounds like we have to take this back and word smith it some more but I am thinking we really did not intend to open up the entire realm of APA. I think we are looking really at HIPAA legislative changes.
Okay, I think I am becoming convinced by all these questions that we will bring back up a marked-up version tracking changes on it so people can see the changes and so we can look specifically at those changes in the morning for action. Is that acceptable to everyone?
Are there other issues?
Bob?
MR. HUNGATE; Miine was a question more of process. The letter I commend in its content. As a long-time advocate of getting these things moving I think the observations are great.
The thing I am wondering about is that you know it took several months to get the letter together once all the data was taken in and so we are talking about a jawboning process where we are recommending HHS to do certain things, some of which is basically maybe taking this letter and making it available to all the vendors and providers.
PARTICIPANT: It was posted on the web site.
MR. HUNGATE: There is a difference between posting and encouraging viewing I guess and what I am wondering is what is the process of taking the content? Do we just turn it over to HHS or do we encourage other action along with that? In other words we are saying that the providers and vendors are the sticking point.
MR. REYNOLDS: No, I think we are saying that everybody is in in one way or another. Could I make a comment, Simon?
DR. COHN: Yes.
MR. REYNOLDS: Throughout these hearings that we have had and as you said we saw 17 hearings and 200 testifiers; so, we have been going at this a while, plus I think if we had read this letter to you before Karen spoke, before John Loonsk spoke and you had really understood that some of these things are getting picked up already, plus you have got all the SDOs that are picking it up; so some of these things that may be if you took the eligibility transaction where it listed the minimum standard making sure that that is maybe a little higher so that it is a useful amount of data rather than just minimum standard we which is the Work Group on Electronic Data Interchange which is pretty much the whole industry; it is a little bit like the NCPDP focus of e-prescribing; so, everybody that is working on this is aware of these issues. Everybody that is working on this is already working on them.
The benefit of this letter to the actual industry is probably already on the street being worked would be my feeling. Now, as far as the legislative process and actually making it happen and there are some bills in Congress right now and there are some other things going on and that is a separate thing but those are also being at least attacked. So, I am not sure there is any brand new stuff in here and I am not sure that this letter on the street to vendors and others changes it.
I think it does help the Secretary in looking at how we move forward. That is a personal input.
Simon, you are nodding, but I am not sure if you agreeing with me.
DR. COHN: I think we are an advisory committee. We are not a public relations activity or a private advocacy group. So, obviously our recommendations are really meant for the Secretary and the Department.
I think that the letters that we have traditionally written are very helpful to the Secretary and the Department by providing focus and prioritization as well as suggesting actionable steps that HHS can do to sort of help reach worthy goals and so I think rather than you know what I mean, yes, it is read by others but I think that the strength that it has is its focus and its actionable recommendations and the recommendations generally which we hope make sense and people can nod their heads.
So, I guess I would say that yes, this is put on the web site. Yes, it is sent to the Secretary. There obviously may be occasions for us to speak about it to the industry, some of which is obviously in the room and will be here tomorrow and that I think begins to move the process forward as well as help sharpen the focus.
MR.HUNGATE: I am fully comfortable with that and I just suspect that the hearings process itself was a lot of that communication and so that is helpful to me in understanding that in a good way and I am proud of our participation in getting that done.
DR. COHN: Okay. Now, I, personally, think this is an important letter as well as time sensitive. So, I think the subcommittee needs to make changes to it and we need to take a hard look at it tomorrow morning, redlined and hopefully