[This Transcript is Unedited]
Hubert H. Humphrey Building
200 Independence Ave., SW
Washington, D.C. 20201
DR. GREEN: Well Good morning. Welcome to the next meeting on the National Committee on Vital and Health Statistics. It is a lovely day in Washington, weather wise. It is a very special day for the committee. Since I have been associated with the committee, I believe that is a seminal moment when we have a full membership of the committee, which is a celebratory event, as far as I am concerned.
I wanted to ask our new members who are here, we will do introductions here in a moment, I invite you to take a little longer than other folks might take in introducing themselves, to just say a few words about yourself, and if you are inclined, tell us why you accepted the nomination and why you went through all of the work you have to do to complete the nomination. That would be nice to hear from you.
Why don't we do as a custom, run the table, and then run the room, and also go to people on the telephone. Marjorie, let us start with you.
MS. GREENBRG: Good morning and especially welcome to all of the new members. I am Marjorie Greenberg from the National Center for Health Statistics, CDC, and I am the Executive Secretary to the Committee.
And Walter Suarez, had a 9:00 a.m. teleconference but he is here and he has no conflicts.
MR. SOONTHORNSIMA: Good morning. Ob Soonthornsima with Blue Cross and Blue shield of Louisiana, co-chair of the Standard Committee, and member of the Full Committee, no conflicts.
DR. SCANLON: Bill Scanlon, National Health Policy Forum, member of the Committee, no conflicts.
DR. CARR: I am Justine Carr, chair of the Work Group on Data Access and Use, Steward Health Care and no conflicts.
DR. CORNELIUS: Good morning. I am Llewellyn Cornelius from the University of Maryland School of Social Work. I have no conflicts.
DR. STEAD: I am Bill Stead from Vanderbilt University. I am the Chief Strategy Officer of the Medical Center. My clinical background is in nephrology. I am a longstanding Biomedical Informatician. I still am not sure which conflicts I apply directly at this, despite the –
MS. GREENBERG: You don't have any that you have to report.
DR. STEAD: I don't? Okay. Since she knows all the details you can make it simple. Thank you.
MS. MURPHY: Hi, I am July Murphy, Deputy National Coordinator for Programs and Policy at the Office of the National Coordinator, part of the Department of Health and Human Services. I am liaison to the committee from ONC.
MR. BURKE: Hi, I am Jack Burke, Complaints Officer at Harvard Pilgrim Health Care in Boston. Member of the Full Commmittee, member of the Population and Privacy and Security and Confidentiality committees, no conflicts.
DR. MAYS: Vicki Mays, University of California, Los Angeles. I don't have any conflicts. I am on the Populations Subcommittee and Privacy and Confidentiality and Security Subcommittee.
DR. CHANDERRAJ: Raj Chanderraj, practicing physician from Las Vegas. Member of the Committee, no conflicts.
DR. FITZMAURICE: Michael Fitzmaurice, Agency for Health Care Research and Quality, liaison to the Full Committee and staff to Subcommittee on Quality and Subcommittee on Standards.
MS. GOSS: Good morning, I am Alex Goss. I am a Pennsylvania State Health Information Technology Coordinator and a Program Director for our statewide initiative for Health Information Exchange.
I am very proud to be sitting on NCVHS. It is sort of interesting for me because I am sitting on the other side of the table now. My prior roles as chair of the Insurance Subcommittee of X12, also a member of a variety of standards communities. I sat on the other side of the table and testified on everything from quality to regulatory reform to standards adoption and how people can play nicely together in the, same sand box.
I bring a background of business focus, with payer experience mostly, with my foundation in Medicare, also in the private sector doing consulting work, and the standards development. So I am very happy to be here. Thank you. I have no conflicts.
DR. COHEN: Good morning, I am Bruce Cohen from the Massachusetts Department of Public Health. I am on the Full Committee and co-chair of the Population Subcommittee. No conflicts.
MS. KLOSS: I am Linda Kloss, Health Information Management Consultant. I am on the Full Committee, co-chair of the Privacy Subcommittee and a member of the Standards Subcommittee. No conflicts.
DR. FRANCIS: I am Leslie Francis, I am lawyer professor and a philosophy professor at the University of Utah. I am a member of the Full Committee. I have no conflicts. With Linda, my job is to encourage all of you to join the Privacy, Confidentiality and Security Subcommittee. I am also a member of the Population Subcommittee.
MR. SCANLON: Good morning. I am Jim Scanlon. I am Deputy Assistant Secretary for Planning and Evaluation here at HHS. I am Executive Staff Director for the Full Committee.
DR. GREEN: I am Larry Green. I am from the University of Colorado, member of the Committee, and I have no conflicts.
DR. TANG: Paul Tang, Palo Alto Medical Foundation, member of the Committee. No conflicts.
DR. NICHOLS: Len Nichols, member of the Committee, and I have no conflicts.
DR. BLEWETT: Lynn Blewett, I have no conflicts, and I am very happy to be here.
MS. GREENBERG: We need a little more information.
DR. BLEWETT: University of Minnesota School of Public Health.
DR. GREEN: What do you do there?
DR. BLEWETT: I have a research center there. It is called the State Health Access Data System Center and we do a lot of work that states using and interpreting other federal data for state health policy purposes. I do a lot of work on implementing health reform, funded by the Robert Wood Johnson Foundation.
DR. GREEN: We are so glad you are here.
(Introductions around the room)
DR. GREEN: Who do we have on the phone?
MS. HORLICK: This is Gail Horlick from CDC in Atlanta. I am staff to the Subcommittee on Privacy.
DR. GREEN: Again, welcome to everyone. I would like to, before Jim gives us a Department update, I want to run the agenda with everyone and get everyone sort of clear as to where we are going to wind up. I am very fond of the idea that it is always a good idea to start off with the end in mind.
As is our custom, we are going to learn what is going on in the Department of CMS, ONC, and we are going to be hearing more about Privacy from Laura and Sue at ONC and OCR. We will take a break after that. And then this thing innocently called, NCVHS Planning for 2013, aligning with Committee themes, at this point we are going to hear from co-chairs of all of subcommittees.
To remind everyone, we use the subcommittee structure as engines to get the work done. All the subcommittees are critical. At the same time, for the next stretch of the road over the last year, year and a half or so, we have concluded that there is so much convergence and overlap and the need to integrate and pull things together, that our intention is to overall function as a committee as whole. It is sort of a double message, you are going to work in subcommittees but we are going to work as a committee as a whole. This will get clear as we go through today.
In that 11 o'clock slot we want to hear from all the committees about where they are, what they are thinking about doing, and make sure that the Full Committee is up to speed about each other and what is going on in those areas.
After lunch we are going to slide Ed Sondik in. He is fitting time in his agenda to come this afternoon. We are targeting that to be the first thing. If he is not here we will continue until he gets here.
Then we are really going to dive into this idea of the community as a learning health system. Our deliverable there is everyone being clear about the expectations of the April – is that April 30, May 1 – there is a lot of preparatory work to be done for that important hearing and meeting.
You see the rest of the things listed there. That will be a discussion that will largely center around that event and be mostly stimulated by the Population Subcommittee and – I keep having a hard time saying, Privacy, Confidentiality and Security – I am beginning to think I will call them the special committee or something.
We will try and wrap up by 2:45 or so. We will try to summarize where we are sitting right. Then we will have subcommittee work for the rest of the afternoon. Remember all committee members are welcome to go to the subcommittees. I urge you to take advantage of the opportunity if you can stay and do that. Subcommittee meetings are open. You don't have to be a member to go, and I urge you to attend those if you can.
Debbie will get us organized for dinner tonight at some time during the morning. The Populations Subcommittee cannot possibly wait past 8 o'clock to get their work started, so they will start off the morning before we re-gather at 9:00.
We are going to continue this strategy session about how the work interdigitates and moves forward. We want to do something that we have not done before, the Working Group that Justine is chairing, they are going to be meeting Friday afternoon and usually most of the Full committee is gone by then. You are welcome to attend that meeting. We would love to have members attend that meeting, but we wanted to be certain that there was an opportunity for that Working Group and this Full Committee to see each other, talk to each other, hear what they are doing there, and build a solid understanding of what is going on there. I think that is a particularly important thing for us to get done there.
We are very fortunately to have Dr. Queen, who is as she said to me earlier this morning, this is not about new measures, this is about using measures we have got. That is also, I think, something that is really critical to this community as a learning health system idea, and all that stuff too. That promises to be a very informative session, too.
Then we will figure out how to wrap it up. The end here is we hope that everyone on the Committee and all the staff will walk out of here at noon tomorrow, quite clear about the workload, work plan, the sequencing, into the summer. If we can get there we will declare a victory and keep going.
Any clarifying questions from the committee members? Staff want to add anything for the plan for the meeting?
(Housekeeping)
DR. GREEN: Okay, Jim.
Agenda Item: Updates from the Department
MR. SCANLON: Thank you Larry. Good morning everyone. I attend some meetings at the National Research Council and one of the committees numbers its meetings individually. So the Committee on National Statistics there usually says that this is a 168th Meeting of the Committee on National Statistics. So I think I am going to figure out that his is probably close to 200.
MS. GREENBERG: We actually are required to report this year how may recommendations the National Committee had made in its lifetime. It has been around since '49, so Marietta, we came up with something.
MR. SCANLON: So four meetings a year for 63 years or so. But anyway, we will do that next time.
I want to welcome all the new members, we were very happy that the Secretary supported our recommendations and we were very happy that you were nominated and that you were willing to come and serve. Again, we asked Justine to stay on to chair our Work Group on Data Access, which is a big initiative for HHS to bring together and make accessible the information we have to improve health and health care across the U.S.
I think we know have agency liaisons from pretty much all the agencies now. Not all of them are here but they should be attending later today. We have some new staff, in our office we hired Lily Bradley, who was an Innovation Fellow, HHS Innovation Fellow. She will be staffing, she will be staffing the Data Access and Use Work Group here at HHS, as well.
I don't want to fail and mention that the Secretary has reappointed Sally and Walter for another four year term. We are very happy that they were willing to serve and we are happy to have them as well.
As Larry said, I think we are at our full complement, and we will be there for most of the year, of committee members, and hopefully staffed as well.
Let me turn a little bit to HHS programs and policy and planning. Generally, I think I reported last time that we will be carrying out continuity in all the policy programs that you have seen for the last four years with all of legislation. So there may be a few tweaks, but basically the initiatives that we started, everywhere from health reform to our public health initiatives, and so on, and our data initiatives, they are all underway and will continue.
We are in the process of updating our HHS strategic plan. We will be doing this for a four-year forward look. I think I have discussed the major goals with you previously, and I will certainly send those around again. Again, they basically have to do with strengthening the health care system of public health, protecting public health, prevention, and related programs, so we have human service goals as well. I might mention that data and information and EHRs and automation, are big parts of the process of being successful on our strategic plan.
We will be updating that and I can arrange a briefing of where we are headed on the strategic plan, as well.
In addition to the strategic plan, we have a number of other initiatives that we have begun and these will all continue. Let me just mention a few of those. In general they have action plans associated with them. We have a monitoring management system in HHS where we monitor progress towards the goals in all of these plans. So let me mention a few.
We have a strategy for tobacco control for HIV prevention, and control for health care acquired infections. We have a disparities elimination plan as well. You all know about the National Quality Strategy and the National Prevention Strategy, as well. We have plans relating to global health, early childhood health and development, which will be a big initiative, as we go ahead. And we have plans focusing on Alzheimer's and disability related, as well.
In general, as I said, when we are forming an initiative, we usually include some data and evaluation experts to be sure that number one, we are not repeating or duplicating something, but in general, to be sure that we are stating the goals in a quantifiable ways where we can actually measure progress. We use indicators where we actually have data.
I don't know how much to say about the famous "S" word, except that we have in HHS, we have been very – one thing we do well is planning – so we sort of hope for the best and prepare for the worst. We will be affected like every other federal agency. If you are a Medicare provider, you are probably going to see a percent reduction, as things stand now. So Larry, you have got a cut in your income.
If you are NIH grantee, which you are as well, you are probably going to see a delay or even fewer grants, as well. Virtually every grant program is affected to this 18th percent or so. But again, we have been very prudent and conservative in our expenditures to date in HHS, so we will probably absorb those cuts in terms grants and contracts and so on. We don't anticipate any furloughs or personnel actions as things stand now.
Again, the committee should be reassured that we don't anticipate any personnel actions or other things that would adversely affect the Full Committee. Again, that is today, tune in tomorrow.
Let me talk a little bit about health reform, and particularly about the data parts of this. As you know, from the very beginning in health reform we wanted to be sure that we could monitor the implementation of health reform and the impact of health reform. We are moving through the implementation stages. October 1st, of course, we hope to have state exchanges operating and Medicare expansion and the other insurance coverage expansions beginning then. There will be a great effort at enrollment and so on.
We had a lot of discussions about how could we improve our data resources, our surveys, our major data systems, and so on, to better impact on the implementation. As a result we looked at all of our surveys and we have made a number of enhancements to many of them; the Health Interview Survey, the MEPS insurance component, which is a survey of employers, as you know, household component, which follows individual households, 14,000 households over almost a two-year period, and focuses on insurance and expenditures of health care use and so on.
And on the provider surveys as well. We have added a number of questions to the Ambulatory Care Survey, to be able to look at for example, has the use of preventive services that are available with no co-pays now, is that increasing, and so on. So we are able to monitor that as well.
We are also working with the Census Bureau on questions that would help us identify participation in the exchanges or market places as referring to them now. Which is a little tricky. I think I mentioned, the only state that has experience is Massachusetts. I don't think anyone in Massachusetts thinks of this as an exchange or even a connector, I think they think of what name of the health insurance they have. So when they are getting subsidies or whether they participate in an exchange, it is not an easy thing to measure as the focus group showed.
We are working and trying out some questions. We are working with the Census Bureau. They are a little ahead of us and we figured if there questions were in terms of measuring participation in the market place or subsidies, we would use their questions. It has been very difficult because again, we are sort of ahead of the game in terms of where this activity is taking place. In Massachusetts it seemed to be very difficult to be able to follow this in a survey, as well. There will be a number of administrative data improvements as well.
So surveys, we have gone through a round of enhancements, and will be – in terms of state data, in addition to the census data, we have added some categories on insurance coverage to the behavior risk factor surveillance survey at CDC as well. As we monitor the information, we ought to be able to see, along with the administrative data, how things are going.
On the standard side, here I am referring to data collection standards. You remember that the Affordable Care Act required the Secretary to adopt a set of basically demographic data collection standards for use in all of our HHS sponsored health surveys. So under our Data Council, we looked at what standards may be candidates.
Again, a standard is different than a question. A standard is actually something that has actually met some high quality standards and performance standards of how to ask the question and how to analyze the data. So we were fortunate we were able to identify standards for race and ethnicity – and this is well beyond the OMB standards. I think we are able to get a lot of very useful detail in terms of disparities and equity here.
In addition we were able to find a standard for – sex was an easy one, for disability we were able to find a question that was used in the census American Community Survey, that has sort of six items but it measures various dimensions of self-reported disability. And primary language, we were able to find one or two questions that actually identify English proficiency, and for initial granularity, what exact language was spoken so that in terms of planning public health and public health policy, that information will be included in all of surveys now.
The questions are now being implemented. Many of the questions were included to begin with, but we are now heading in this direction.
The other thing we were asked to look at was are there demographic data collection standards that we would use in our administrative data systems. The third leg here is are their standards, demographic items that we would include in the EHR incentive program, Meaningful Use items that would be included in the electronic health records as a demographic. I think the idea here was a common core of data items that we would pretty much define in a standard way and that would just allow better analysis of understanding and comparability among these various sources.
ONC, Judy may report later, got comments on some proposals for some of the demographic items in cycle three, maybe. In the meantime we are looking on the administrative side, what are the standard set of demographic items we would want to include. It might be – and again, we are not trying to increase a lot of burden on administrative forms. It will be very parsimonious there, but there are items that if defined relatively simply, and included in all of our administrative data collections, income for example, and particularly related to poverty levels. Employment, for example, and a couple of other things, it would really be an immense contribution to how we can analyze the data and utility of the data. So we are heading in that way as well, and I think we are probably going to ask one of the committees' advice on some of these things.
I did want to mention Susan Queen will be briefing you on this later today but part of the monitoring process was the development of the Health Systems Tracking Project. Here we got consensus groups together to look at what were the major domains or content areas that you would look for in terms of improving the needle on the dashboard in health reform. Then in those 10 areas what are the five or 10 indicators that you would want to look at. So, again, this is fairly 30,000 foot level, but the content areas include Access to Care, for example, is measurement of access improving or getting worse. Cost and affordability, insurance coverage, obviously, if that doesn't move up that would be an issue. Quality of Care, impact probable populations, workforce, primary care workforce, and so on.
Measures of innovation, there are economist who believe that the more you aim at controlling cost and regulate health care, it has a detrimental impact on the willingness to invest in innovation. So we have some measures of that.
Population Health, these are traditional public health measures. Prevention, specifically, these are preventive services and so on, and adoption of health information technology.
All of these things together, you would hope to see positive changes on the dashboard and on the needle and so we have measures in each of those measures.
We are updating the data from our data agencies on the website and Susan will show you where we are there.
We published on our HHS Data Council website a guide to HHS major surveys and data systems. Again, so we can look at them in terms of how do we want to improve data.
A couple new projects I wanted to talk about, we had a micro-simulation meeting in the fall. The idea there was to look at sort of a post-mortem on how did everybody do with the various models, but specially on are there good practices that people could identify, particularly for the consumers of models. We had a very good turnout, a very good discussion, and I think we will probably be publishing some proceedings that provide some guidance. Again, this is not for the technician or the modelist themselves, this is more for the folks who buy the models or use the models or have to interpret the models.
We are planning a study on a small area data. I think we would like to get as many involved in that as well. We have just finished a study on public health – sort of public health involvement and issues in the Health IT adoption, where we had a lot of participation from the states and public health organizations. In many ways, public health, other than some meaningful use measures, public health has sort of been on the outside, obviously you focus on clinical medicine first. But public health has somewhat been on the outside and still doesn't quite have a strategy for how to deal with this.
That report, which I think we have finally gotten the final report, we would be happy to brief he committee. Obviously the major focus is on clinical care, obviously, but the public health area should benefit from the adoption as well.
We also have a project, I might mention we developed a data strategy and we focused on number one, what were the major data gaps. I think much of those were health policy data gaps and we are beginning to fill those.
The second area was are our surveys in data collection systems benefiting from the latest in technology? Are we doing the best we can in terms of getting the data? Everyone says they want high quality data quickly and cheaply, and usually the statistic agencies say, we can do two of those. Now we have to kind of do – it is not cheap – but at least officially.
We looked at all of our surveys and as a result we are looking at how can we use technology to improve the data quality, improve the turnaround, improve the availability? We have two examples I can give you. We are piloting a web based panel as part of the Health Interview Survey, which was very interesting because we already have their phone numbers and what personal computer capacity and browser capacity they have. We are using a short questionnaire, a subset of questions on the full HIS. That will be a way of getting a fairly quick turnaround.
With the MEPS at AHRQ, similarly we are looking for how to do a quick turnaround kind of data collection within the MEPS. So it would be sample from the MEPS. They are looking at could you use Skype technology or telephone technology or some combination. So we are moving along there as well.
We added questions to the employer survey part of MEPS. Everyone wanted to know all kinds of information about what employer's would do in health reform and we added a number of questions there.
The third leg of our strategy was integration and alignment. Here we are looking at how can we promote and assure that the data advances in our surveys, public health and research, our administrative data, and our EHR technology, how can we promote and encourage and hopefully assure, that all of those developments align with each other, converge on the same goals and provide data resources for more than just their original clinical decision making.
So we have a number of projects where we are looking at the standards help a fair amount. The other area is looking at how can we look at EHRs, we generally work with plans that have been using EHRs for quite a while, what is the potential there for number one, for example, providing data to our provider surveys. So we are experimenting with the National Inventory Medical Care Survey and a couple other provider surveys, based on pilot studies with actual health plans that have electronic health records.
We are also looking at how for research on small populations, to what extent – there are different ways to do this as you know – to what extent can EHRs help us here where the population is probably so small that a survey is not the official to do this. So you are looking at registries or administrative data or claims or EHRs. We have a pilot project there with again, a couple of plans to see how well we can do there as well.
Of course we remain committed to the Health Data Initiative, which really is to try and take all of this data that we are generating and others, to make it readily available in an accessible way to communities and all of the communities we normally deal with, researchers, public health, plans and so on, to really improve health and health care, which ties in with our Community Data Initiative and a number of other initiatives. So we are trying to tie all of this together. Let me stop there.
DR. GREEN: Bruce, I think you have a question. Does anyone else want to ask a clarifying question of Jim? I know Denise and Judy and Sue are here, if you could all come up to the table.
DR. COHEN: Great stuff, Jim. It is always very exciting to see the breadth and depth of activities. I would love for you to report more on some of these details.
Just a couple of observations. One on the challenge of identifying impact of HIEs. There is a narrow window of opportunity that we found in Massachusetts when we implemented our Health Care Reform law, people realized that they were getting covered because of new requirements. For the states that initiate coverage there is an opportunity. In particular we found most states know there general level of coverage and can identify the populations that don't have coverage. So focusing on those populations, in Massachusetts it was young adults, and it turned out to be Hispanics. We were able to identify folks who gained coverage.
So I think there are potential strategies to identify by being more targeted through surveys about how to examine the impact of HIEs.
The other comment had to do with the core standard socio-demographic variables and administrative datasets and EHRs. Again, speaking from our experience, the issue isn't developing these standards, the issue is training admitting clerks and intake workers to do this in a consistent fashion. If ONC and HHS has resources or develops training materials, there could be a huge and measurable positive and constructive impact. I think the focus really needs to be on ubiquitous training development and requirements for collecting these data. I think the standards themselves can be developed in a straightforward fashion, the issue has always been the lack of consistency across administrative data. When we talked to admitting clerks, it is I don't know why I am required to collect this information. I don't know how to respond to somebody who says, why do you need to know my race. Whatever the issues are. I think there is enormous potential for HHS and the feds to get into this training space.
MR. SCANLON: I might mention, this goes back a long ways you know, it started with Medicare, can we get better data for Medicare and Medicaid. We actually had our, Sue may remember, I think we had – we actually issued guidance to the plans based on work at IOM and work that we did that civil rights reported for example, to make it clear that that only was not in violation of any rules but that it was encouraged that you would do a better job in your plans if you did have this.
The plans themselves, a number of plans, had begun forming groups to actually look at collecting the data and then looking at what they have learned and do it in a standardized way. We actually include in the plans when we were looking at what should we look for. Basically we want - the standard, I think you are right, it could be fairly straightforward for most of these.
Again, these are self-report. This is what the individual – the way that we conceptualize this is what the individual reports about themselves. When it gets to administrative data or hospital discharge data, it is a little trickier about how did that data get there. We need guidance and we would need training and particularly plans, and others.
I think it is even now, Judy can talk about this, but I think when people see these data items on meaningful use suggested core, even there they say, why do I need to ask this? Why do the vendors have to include this? We have to do it in a fairly sophisticated way.
DR. MAYS: Bruce was very good in bringing up what I also wanted to bring up but I want to add a couple of additional points because I think this is really the crux of the matter to make the change in terms of the quality of the data. There are two things, one is it possible that you can either print or put in a journal or somewhere for also the researchers and others, just a here are the demographic standards, so that there is a publication or something. Then we can keep it at that level.
Then at the level that Bruce is talking about, if people could make even if they are like YouTube videos, something where you actually demonstrate the asking of the question and something about why it is. If it is at that level what will happen is that we can very easily mandate it as part of training of individuals when they first start certain positions. But it has to be short and simple and very easy for us to drive somebody a website or some place to do it.
DR. GREEN: Great suggestions. Let us proceed to hear from CMS. Nothing is going on at CMS. (Laughter)
MS. BUENNING: Good morning I am Denise Buenning, I am the Deputy Director of the office of E-Health Standards and Services of CMS. I am sitting in this morning for Rob Tagalicod our Director, he wanted to be here to give you this update, but of course the minute he walked into the building, he got snatched away into a meeting.
Thank you. Again I am here to give you a quick update on our transaction and code sets operating rules, health and identifier, and ICD-10 implementation at CMS. Of course over the years, HIPAA has grown, the impacts of HIPAA and the stakes involved and the administration of healthcare have grown and we are moving from very much a paper to an electronic environment with more than five billion transactions being conducted annually, saving the health care industry more than $23 billion. But as we all know, there is still plenty of room for return on investment. Some additional estimated $29 billion to be had, if all of our health care transactions were done electronically.
Of course this places great pressure on both the government and the industry to work together. It is no longer industry versus government or vice-versa. Medicare and Medicaid, and of course our new entries into the systems such as our exchanges, our ACOs, represent the world's largest health plan. So together we are the industry and we need to all work together to strike a balance between the timelines that Congress has set out for us to enact these changes, what we as an industry can bear, and the need for collaboration between all the concerned parties to get the better, faster, cheaper stages without negatively impacting patient care and quality. Of course this all needs to be done, exchange accurately and securely, and this is a tremendous challenge.
So the future on e-health basically is the alignment that I think we heard this before previously, the alignment of administrative simplification, meaningful use, all of our different areas of concern. HIPAA is just one element in all of this. It is a roadmap to the future of e-health and as we see it, all these factors need to come together seamlessly, securely and accurately, so that both clinical and administrative information can be exchanged in real time when and where possible and feasible, and among health care entities and payment transactions go through so that the process does not use paper, and reimbursements and reconciliation can occur as fast as an electronic banking transaction.
The ultimate goal is a better health care system that addresses the needs of providers and patients alike. I think that in a lot of administrative areas we always think of providers as being the primary audience. I think patients are also an important part of this. But just because we are embracing this electronic health care environment, we still have to ensure that safeguards are built into our efforts and we are very cognizant of that.
So for the past couple of years now, a lot of our work has been focused on section 1104 of the Affordable Care Act, with having to do with the administration simplification. We made some progress on some of these, others were kind of in the development stages, and still others are in the works. I will give you a quick overview of where we are on some of these.
Again, if anybody has any concerns about why we need administrative simplification, the numbers are going to tell the tale. Health care costs are rising and they are expected to be 20 percent or one-fifth of our gross domestic product in just another seven years. Thirty-three percent of health care spending is administrative cost, the business of conducting health care. Twelve percent of a typical physician's practice, annual revenues go to billing and insurance related costs. What they call the BIRC.
And from the resource perspective, two-thirds of a staff person, or approximately 27 hours a year, is needed for these types of tasks. It is also has been demonstrated that health care entities that have higher administrative cost traditionally deliver diminished quality patient care.
So here is where we are in terms of some of the things we are working on. On January 1, 2013 our operating rules for eligibility and claim status increase went into effect. However, as I think all of you are aware, the Department announced a discretionary enforcement period until the end of March, to allow industry and vendor installations to catch up.
Per the Affordable Care Act, as of December 31st of 2013, health plans must certify and/or provide adequate documentation that their status systems are in compliance with eligibility, claims status EFT and ERA standards, and some of the other associated operating rules. However, before health plans can certify, they must obtain a HPID. So we are looking to align the dates and timing of the HPID Initiative with the Health Plan Certification requirements. That NPRM is currently being worked on by our staff so that will be forthcoming in the near future.
Of course on January 1st, 2014, standards for electronic funds transfer and operating rules for EFT and electronic remittance advice go into effect. And of course, finally, my favorite one, October 1st, 2014, ICD-10 launches.
Going into 2014, large health plans need to obtain an HPID, and small plans have until November of the following year, and both that proposed in final rule are completed and on the books.
Per the Affordable Care Act, health plans must certify by the end of 2013 and again in 2015, that they are compliant with some of these standards and operating rules. Just to elaborate a little bit on that. We were are working to try and make attestation as clean and as simple a process as possible, that is why it is taking us a little bit longer for us to get something out there for the industry to react to.
January 1st of 2016 calls for Claims Attachment Standard and operating rules for the remaining transactions and industry discussions regarding claims attachments, I know are underway. Attachments is going to be a great opportunity for us to leverage existing infrastructure so that we have consistency in the exchange of clinical information both from a format and a transport perspective, with other regulatory and industry initiatives. We don't want to recreate the wheel. We are trying to align our work with what may be adopted for example, in the potential stage 3 of meaningful use. This is where we start to see the intersection of clinical and administrative information that is foundational to future health care payment a delivery models that focus on payment for quality.
Finally, November 2016, HIPAA covered entities must use, must start to use their HPIDs to identify health plans in the standard transactions. Again, that was finalized this past September.
Basically here is what we have completed. We have HPID, ICD-10, Operating Rules for Eligibility Health Plans, Claims Status standards for EFT and operating rules either in the works or in the hopper.
Then progress we have in NPRM Final Rule for Health Plan Certification. The Operating Rules for the remainder of the HIPAA standards and transactions, which as you know, the Secretary named CAQH Core last September. And then again, working for a standard for claims attachments.
Our Health Plan Identifier. This is required under the ACA to eliminate and streamline the multiple, proprietary identifiers. We basically structured this by saying that they could enumerate as a controlling health plan or as a subhealth plan to a controlling health plan.
The other entity identifier is voluntary. You must have a need to be identified in the standard transaction but not be identified as a health plan under the HIPAA. You cannot have an NPI at the same time. You can't be eligible to obtain HPID and you can't be an individual. So there are some stipulations.
Our Health Plan Identifier enumeration system is about to go live most likely within the next two weeks. What we have been doing since last November has been guiding the health plans in terms of providing them with information on how to access the system, how to possibly enumerate. We have had lots and lots of webinars and conference calls. They can start again, obtaining the HPID or the OEID by getting into the Health Insurance Oversight System, or HIOS. This is a system that CMS has that all the plans are familiar with. They have already registered a lot of their information and the data has been captured. Those needing to register for the first time can also do this by going into this landing cage, and there they will be directed to a HPOES registration page.
Again, some of this information may be pre-populated for the plans. If they already have a HIOS registration, but this pre-population will not include any other identifiers that have been used in either the HIOS or another system. So all the health plans that are applying for an HPID are going to get a new identifier.
This is a website that everybody can go to if they want more information on upcoming educational events that are taking place with regard to HPID.
Now this is one of my favorite ones. This is Health Care EFT ERA. We are big fans of this Standard and Operating Rules for Electronic Funds Transfer and Remittance Advice. We think it holds great potential for administrative costs, cost savings, and speeding provider reimbursement. Who doesn't want to be paid for their services quickly, accurately, eliminate paper checks, trips to the bank and calls to the plan to try and figure out what exactly they are getting paid for. We think this is a case where the Standards of the Operating Rules will mean real meaningful change for provider operations. This goes into effect in 2014. It adopts the NACHAA CCD plus addenda as a standard for the EFT between the health plans financial system and the plans bank or financial institution. The other part of the standard is the X12 TRN segment or the 835, as the standard for data in the addenda. The Operating Rules of course, are supporting that transaction and that standard. We think that again, it will be great benefits, along with this Standard of the Operating Rule. We think that it will eliminate some of the biggest obstacles to the use of EFT/ERA, that being the reconciliation at the back-end, because it demands that a trace number be included in the transaction.
Yes, some providers are going to have to reregister their information with their payers and their plans, but we think that in the long run it is going to be a great benefit.
ICD-10, I think you all know what the data is. I am not going to rehash it. However our approach to ICD-10 has definitely changed. I think again, the word alignment keeps popping up in all of our conversations and I think that ICD-10s part that is unmistakable. The connections among CMS's e-health initiatives requires really interoperability, requires us to think about it in the total picture. I think that our mindset of kind of talking about ICD-10 as a separate initiative, is a thing of the past. I think that one of the things that we can point to is the fact that ICD-10 was included in stage 2 meaningful use as one of the criteria for electronic health record certification.
I think you are going to see more alignment as we go forward. We are also going to see more alignment with electronic quality measures. So I think that all of this is going to absolutely intersect going forward. You will hear more conversations about intersection of data, of quality, standards, and other initiatives together.
So we are continuing with our implementation of ICD-10 internally to CMS. We still have our ICD-10 Steering Committee, however it has morphed, it is now called a e-Health Steering Committee. I think that that reflects the feeling again at CMS, and I think that is starting to permeate throughout the industry, that it is not just ICD-10, it is not just this initiative or that initiative, it all converges together and it interacts together. Our E-Health Steering Committee is going to be looking at not only ICD-10 implementation throughout CMS, but also Operating Rules, the HPID and the other initiatives that we have going forward with regard to e-health.
We have internally, an estimated 63 percent completion rate. Again, some of these dependencies are going to have to wait until the last minute while other things get done first. Our goal is to have all of our business processes in place by October of 20123. That is a little far off. (Laughter) More like 2013. So we will have a year for industry testing and we are continuing with our industry outreach and focus on small providers as they continue to try and get their arms around the ICD-10 transition. As we know it is going to be an arduous one and one that they are going to need some help on.
Standards Testing and Compliance. As we all know from our conversations on 5010, despite all of our standards or operating rules or identifiers, we still have varying discussions about the vernacular and our interpretation of some of these terms across the industry. So we need to come to some kind of a consensus as to what we are defining as end to end testing. What does it mean, what does compliance mean, what does readiness mean, these are all really important questions that are going to help us operationalize ICD-10, as well as the other HIPAA standards.
We hope to tee up some of these discussions in front of this group and we think it is an appropriate venue to make that discussion happen. We are also proactively working on pilots to develop protocols so that standards that the Secretary is considering for adoption get pre-tested so that we ensure that the standards work seamlessly in the transactions.
We have another pilot to explore end-to-end testing questions and implications. So now we have the tale of two pilots.
One of the biggest lessons learned from 5010 is that while standards may appear on the surface to be ready for prime time that oftentimes the implementation issues arise when we get into production mode. This can be due for a number of different reasons; different interpretations, edits, unanticipated issues, for example issues with Post Off boxes, addresses, et cetera, the list goes on. In testing, it is often hard to try and consider every possible configuration. However, it is evident that we have to have a better way to both pre-test standards prior to adoption, as well as conduct testing with trading partners that results in a smoother overall implementation.
Towards that goal we have two specific pilots that each address the standards adoption at opposite ends of the spectrum. Using a 6020 platform, which we are not adopting, but we are just using the latest version of the X12 standards as a platform, CMS is working with Emdeon to develop a processor protocol to test the standard before adoption to help eliminate the pre-adoption problems and provide better information from which the Secretary can make a decision to adopt or not adopt a standard. This may add some time to the adoption process, we are aware of that, but we believe that overall that industry consensus indicates that this is necessary to a prolonged and very costly standard implementation issues that occur at the backend.
The other pilot addresses what we commonly refer to as end-to-end testing, but again, appear to have no common understanding or agreement. We are working with our contractor, NGS and others, using an ICD-10 as a test case to determine the process by which end-to-end testing can be codified, along with definitions of some key terminologies to help get the industry on a level playing field and eliminate some ambiguity.
CMS materials will also be included in a HMS WEDI ICD-10 pilot, that HMS WEDI participants will use and provide feedback on the checklists. We will be looking at those products and results of the pilot program. That is a one year program.
There you have it. That is a very brief update as to where we are on a number of our HIPAA initiatives. I think if you have one take away from all of this, that CMS is actively engaged, actively working with industry, trying to find ways to employ operational compliance. In other words, what makes practical sense for both the industry and CMS and all of our plans and all of our new entities that are coming into play, so that we can move the industry forward towards HIPAA compliance.
If you have any questions I would be happy to answer them at this time.
DR. GREEN: Wonderful. What I would suggest is we go ahead and get Judy's slides up, if you have slides, and take a question and a clarifying thing from Len and Walter, and then let's keep going. We are going to have questions after we hear from all of these folks. I want to manage the time so that we respect these presenter's time and get them out of here, but we also have time to ask questions after we hear from all of the presenters.
DR. SUAREZ: My name is Walter Suarez, thank you. I am with Kaiser Permanente, a member of the committee and co-chair of the Standards Subcommittee. I don't have any conflicts. I probably should have said that first.
Thank you, Denise, for that wonderful overview. It really puts in perspective a lot of the work that the committee and the subcommittee has done over the last fifteen years or so. I do have two very quick questions. One is about the EFT ERA regulations. My understanding is that the regulations that were published where they are entering final rule regulations – has the final rule notice been published?
MS. BUENNING: Not, yet. It will most likely be published shortly. We didn't receive any substantive comments back that would make any changes in what we had in the interim final.
DR. SUAREZ: The other question is about compliance certification. Everybody is I think looking forward to seeing that notice. You mentioned it is potentially being published shortly, too? I missed that part.
MS. BUENNING: I don't think I said being published shortly. We are working on it. This is one that obviously the industry and of course the health plans are very concerned about because of the very stringent and very heavy fines that could potentially be levied against any plans that fail to certify or that obviously misrepresent – that is a whole different level of penalty.
But because the statute was a little bit ambiguous, we are taking this one a little bit more carefully, a little bit more slowly. We are looking at the HPID enumerations system to provide us with the base of health plans. SO in other words, if you get an HPID, then you would qualify as a health plan and you would have to certify that your systems are compliant with the operating rules and the standards.
That being said, we are trying to make the attestation as simple as possible. We want to make it so there are ways to test to see if your transactions are working correctly. We are trying to make some accommodations so that, again, not only is it not onerous for the industry, but also for CMS as a regulator. We do not have the resources to track transactions, paper, et cetera.
So we are trying to find a balance between the two. We had some ideas, some concepts on this, and then got some additional industry feedback that made us say, okay, let's take another look at this. We had something ready to go and we kind of took another look and said we want to re-examine it.
DR. SUAREZ: Maybe I will misquote you on this, but is this going to be an NPRM?
MS. BUENNING: This is going to be an NPRM. The reason again for that is because this is something we don't have any experience with. It is new for CMS. And also the industry doesn't have a lot of experience with. SO we felt it was absolutely proper to go the full NPRM final rule route on this one.
DR. SUAREZ: Thank you.
DR. NICHOLS: I'll try to be quick. I notice the October 2014 goal for ICD-10, and I have heard a rumor that there are a few other things happening in 2014, and there is obviously huge pressure to postpone this for all kinds of reasons. I know everybody is tired of postponing ICD-10. Are we just acting as if we are going to hit that? What is the probability of postponing ICD-10?
The second question is, I don't know what ERA is or whatever that is, but what I want to ask about is a concept that is simple maybe, maybe too simple for this incredible view you just gave us, and thank you for doing that so fast and completely – administrative simplification sometimes means claim adjudication simplification, as opposed to just standards for electronic submission attachments.
Is claims adjudication simplification on the agenda of this process?
MS. BUENNING: To answer your first question, I have been given no reason to believe that ICD-10 will be delayed any further. WE have had discussion about this at our level with our administrator, and it is my belief that she is committed to that date. SO that is your first answer.
With regard to the whole process of administrative simplification and claims adjudication, the standards and transactions obviously set a platform for moving forward for any changes in adjudication. I can't say that is a specific target, a specific endeavor that we are undertaking; I don't want to say it is collateral to what we are doing, but it certainly I think may impact the way we see claims adjudicated as we move forward. I think as the industry adopts these standards, the operating rules, and sees what the benefits are, I think we will take a look and see – and we have kind of talked about the future. Maybe in the future there isn't anything to talk about as a claim. Maybe it is all virtual. Who knows that the future is going to look like?
The whole goal is to make this go through the system faster, better, accurately and securely. I think that is something we certainly don't overlook, but we don't talk a lot about the security of some of these transactions. It is something that we have top of mind.
DR. TANG: Just a question from the Left Coast, you mention the ICD-10 as the CQM. As you know the meaningful use is standardized around SNOMED. Is there any chance we could – because everybody is going to be coding in SNOMED – move towards using SNOMED in the quality measures as we try to align these programs?
MS. BUENNING: We had the discussion before about SNOMED being a substitute for ICD-10. I know there have been a lot of studies, reports, et cetera. It is not a substitute for ICD-10 because ICD-10 is used specifically for reimbursement purposes, and SMOMED is a clinical vocabulary that really doesn't meet the needs of reimbursement.
That being said, I think you are going to see an alignment of all these different types – you're going to see LOINC, you're going to see SNOMED, you're going to see clinical quality measures, ICD-10, electronic health records, meaningful use – all converging and working together. And that is something I think we have talked about, but we haven't really seen concrete steps or progress towards that. And I think we are starting to see that now as we work more closely with ONC, as they have set up their criteria for the certification. Again, as we go through each stage of meaningful use I think you will see that as being an impetus for also moving along ICD-10.
DR. GREEN: Any comments or questions form the Right Coast?
(Laughter)
DR. CARR: This is just a quick one. This being my 37th consecutive full committee meeting, I remember sitting in Vicki's seat and listening to all these acronyms and wondering if I was in the right room because I didn't understand them. I suspect there may be some new members and old members who don't understand them, and I go back to what we did them, which was to make a glossary of terms. It would be helpful.
MS. GREENBERG: We have a share point site. If the new members haven't been introduced to it – I think you have been but we certainly will. I believe we have the acronyms listed on there and we will try to make sure it is updated.
DR. GREEN: My goal is to see that Sue gets fair representation here. SO here we go – Judy.
MS. MURPHY: My first slide is about meaningful use, professional registered and paid, and when you look at it you can pretty much see the dark red is about a third. SO about a third have been paid through their Medicare or Medicaid for meaningful use of a certified electronic health record. About another third are registered, meaning they have their gun sights, if you will, on the program and then about a third are still pretending that it is not happening.
In the hospitals registered and paid I think you can see the numbers are just lots better. We are dealing here with almost 75 percent paid, Medicare and/or Medicaid. You may recall as part of the meaningful use program that hospitals can receive money from both. Whereas in the previous slide it is one or the other, Medicare or Medicaid, but the hos
Here is the total amount that has been paid out, and by the way all three of these last slides were through the end of the year, through the end of December. SO $10.7 billion is the total paid out. There was never an exact dollar amount, but that is about half, about $19 billion or so was what was designated.
One of the things we don't do a good job, in addition to explaining out acronyms, and when I came to the government I did not even know what ASPE meant or OMB, so I am sitting here like oh, my god. So one of the things that I try to do periodically is make sure that people are aware of the resources that are out there, should you be so inclined to go browsing on the web. SO should you be so inclined there is a health IT dashboard, and these statistics that I just showed you are actually out there. And what is even more interesting, if you go to the next slide, is that you can get state-based and county-based data based on attestations. Again, sometimes I think that is a little known secret, if you will.
I am from Wisconsin originally and what I did was I had my cursor covered over Wisconsin, so you can see that in Wisconsin it is blue, which means we have one of the highest levels – the code is in the lower right-hand corner there. But it is 60 percent of attestations and this particular one is the providers. But again, you can actually click on that and drill down.
So if you are interested in your own geography or maybe competitive geography – but interestingly you can see, and we are really spending a fair amount of time at ONC studying this, it is quite different state to state. What are the enabling factors and what are the hindering factors? And trying to look at that in terms of barriers so that we can break down those barriers. Again, less important related to the hospitals, very important related to the individual providers.
Moving into health information exchange, I think you would have to not read any articles at all to not know that this is a priority for the nation actually is to get health data moving around the patient, making a patient-centered record. SO as a patient moves between either geography for different kinds of care venues within the same geography. So this would be their medication list, and their allergies and their problems list and those kinds of things. Again another reason why standards are so important because typically you can only exchange information that is already standardized. Maybe you can exchange information that is not standardized, but what happens then is when it is received it is a blob of data as compared to being about to be consumed and actually integrated into the receiving electronic health record.
SO just to make that point, it is the difference between having a piece of paper that would have lab data on it as compared to being able to consume it and actually display lab data on a flow sheet. SO again, extremely important that we are looking at standards and lab space – we are talking about LOINC and I will stay away from some of the other standards that are more controversial.
But we are making strides. However, this is an area quite frankly that is lagging. In stage 2, in which the final rule is out and systems are beginning to be certified for stage 2, we have really stepped up the requirements related to health information exchange. One of the things I was just describing, that ability to consume it into a receiving electronic health record, is actually one of the criteria.
SO not only do you have to be able to send a transition of care chunk of information, you actually have to be able to receive it into an electronic health record and do something with it – put it on a flow sheet, run decision support. So it is not just this data blob concept; it is really taking and using it.
Now stage 2 is not ubiquitous yet, needless to say. It is not actually – and I will talk about certification in a minute and how many are actually certified – so these are some of the other kinds of statistics that we are looking at.
E-prescribing, based on some nice incentives by our partner agencies here, has been quite well adopted. Ninety-four percent of pharmacies are active in e-proscribing. Forty-three states and territories are beginning to use the direct standard, to use directed exchange, and I have the statistics there in terms of the different kinds of messaging that is going on. Twenty states have query-based exchange. The difference, for those of you who are standards geeks – one is solicited and the other one is a lot more like e-mail. SO in directed exchange I know that my patient is going to see Scott next week, so I send Scott the information. I know how he is; he knows who I am; I refer to him and I send information.
Query-based exchange is the more complicated. It is the one where I say I am going to be seeing this patient next week and I want to know if anybody has got anything about this particular patient. SO it is more complicated and it does start to require trust relationship development, which means when I get information from somebody I don't relay know, because I am not getting it from Scott, I am getting it from Susan and I don't relay know who she is, I have to establish these trust relationships in order to be able to accept the information. So you can see that is lagging behind a bit.
Then we have only four states that are saying they are not doing anything, and there was some consent guidance that I actually think Scott might be talking about.
So moving off of health information exchange to our Beacon communities – these are the 17 grants that we put out to communities to kind of show the way in terms of how a community can come together and use the patient-centric record, between public health, the clinics, the ambulatory settings, the pharmacies and the hospitals in a particular geography. Again, we have some featured success. The Beacon communities, the funding go away this year. SO we are in our final push in terms of what lessons learned have we gotten from the Beacon communities and how can we package those up an disseminate those so that those best practices that they have learned can be learned by other people. I will suffice it for that right now because you do have the slides if you want to go into more of the detail.
The workforce training programs are also winding down. We had three years of funding. Remember we started in 2009. So this is the community college program enrollment and graduation. They have their last cohorts on the right now. Again you can see how many have successfully completed and how many are still enrolled. This particular program has exceeded our expectations. We had hoped to graduate 20,000 students and you can see we are over that right now.
If we go to our university-based training programs on the next slide, here again the last cohort is still in motion, but you can see that pretty much we are meeting our targets here as well, represented by the diamonds. Some have exceeded and some are a little bit under, but if you look at the program as a whole we are doing well.
What we are doing in the workforce training programs is really now changing our focus and saying what kinds of things do we need in the industry, and what we are hearing from people is competencies. They want to understand not just what kind of competencies informatics-trained individuals should have under their belts, but at the graduate level of nursing, the graduate level out of medical school, what should these practitioners be able to do related to health IT?
SO there is some activity kind of pivoting taking place. No big grant money. We are using that word that is in our title, the coordination word, to start looking at some of the ways we can contribute to the industry without having chunks of money to provide assistance for graduates.
Another area I mentioned – interoperability was one big area that we focused on this year. A second big area that we are focused on is patient engagement in their own health. Again, if you are just about reading anything, even in the public press today, you are hearing a lot about that. In fact I will point you to PBS did a special that our director of eHealth is in, as well as ePatient, Dave, if you are familiar with him. He is one of our very famous patient advocates. That is exactly what he is. He just happens to be a patient who got engaged and interested in this particular topic. SO if you do go to the PBS website as of today it is on their website. It is an hour-long special. So if for any reason you are interested in diving a little bit deeper on this particular are.
So we have organized our work around three areas, access, action and attitudes. Again I won't go into the statistics here but you can see that we have been using pledge programs, we have been using – and I will show you this in a little bit – our challenge programs to get some focus and some interest going around this particular area. Again, we are not alone. The health care community on its own has really rallied to this. You may have heard this quote but patient engagement is probably the blockbuster drug of this century, meaning that we can move some from our health indicators more with patient engagement than we can with some of our other interventions.
SO gain a very interesting area and a very important area when we think about patients a=engaging in their own health and engaging in their own health care. When you relate that to the triple aim it becomes fairly important, too, because I am sure they would like to be engaged in lower costs as well.
In terms of overall policy and planning, I mentioned already that the final rules for meaningful use stage 2 and the 2014 addition, which is the companion certification criteria, were published. Just by way of notice, 14 different electronic health record vendors have already certified their products to stage 2. The certification has been available since the first week in January. Of the 14 that are currently certified, three of those are complete EHRs. You may recall that you can do a modular certification or you can do a complete certification, complete meaning you have all fo the criteria covered. There are three electronic health records that have been certified as complete, two for ambulatory and one for hospital. So that is really in motion at this point.
The requests for comments for meaningful use stage 3 did close on January 15th and the comments that were received from that were reviewed at the January and February Health Information Technology Policy Committee. Demographics, as was described earlier in this meeting, were definitely discussed and there were actually a fair number of comments related to that.
How the process works with this is those comments have now been turned over to the meaningful use workgroup, which is chaired by none other than Dr. Paul Tang. So any thoughts that this group has specifically about the harmonization of different kinds of standards really do sit at this point with the meaningful use workgroup, because the next set of criteria that will be evaluated and put out for public comment comes from the meaningful use workgroup through the policy committee, which Dr. Paul Tang also co-chairs.
Very important, I think, there was a fair amount of discussion by Jim about the harmonization of efforts around HHS. So really important to only to get the harmonization of the standards, but your point was really well taken on training. When I think of training I also think about implementation specifications and being clear about how do you implement it in a way that is going to make sense. And that's where the training comes in. If people are expected to do something because it is a governmental regulation it is completely difference than if you explain why it is so important and how collecting ethnicity, for example, at this umpteenth level of specificity is really going to make a difference, and why it would be important to the nation.
The request for comments for our safety action surveillance plan was a task that we got through the IOM study. IOM was concerned -- we actually commissioned the study from ONC. In late fall of 2011 they did publish that report, which said we are not paying enough attention in health IT to safety and we need to step up not only our expectations in terms of the products that are being put out, but our surveillance as well.
So we put out an action plan for comments. Those comments closed February 4th. They are being compiled as we speak and you will be hearing more about that. In fact we are going to be talking a bit about that at our HMS conference already, which is next week – that is the industry health IT conference.
We are also using a non-regulatory approach for governance related to health information exchange. We had out a funding opportunity announcement for some pilots to help us move to the next level of where we need to be related to governance. There will be four, probably four, maybe only three awards announced in the not too distant future in terms of that, and that is going to be moving that forward.
And the last thing to talk about is prescription drug monitoring programs. This also has gotten a lot of attention in the nation just in terms of being one of the problems that we have to solve. Health IT is relay a bug assistance, meaning that if you have that interoperability and data exchange between organizations, we will know about people who are going from ER to ER to ER and shopping got drugs, if you will.
That is one of the examples of what a prescription drug monitoring program can assist with.
I mentioned certification already. We did transition to our permanent program and I think that is about all I will say on this. There are some gory details but I think none of you are particularly interested in that.
We do have almost 3,000 certified electronic health record products. Again some of them are complete certification, some of them are modular certifications, and you can sort of e eth breakout there. Those products are form 930 unique vendors.
There has been some discussion already about the quality measures. Denise kind of broached it in terms of ICD-10 and how we should be thinking about harmonizing efforts a bit better at HHS. That is exactly what we are trying to do with this quality measure workgroup. Really look at the measures and make sure that fi we have a program in CMS and a program in ONC and a program in AHRQ, that actually all of them are using the same measurements, down to even how they are measured potentially..
So there is a huge effort toward looking at aligning those measures. The idea also being that potentially an organization could report once and then they reporting once would actually be used by the different agencies for their own measurements, rather than report to this agency and report to that agency and then report to that agency. SO you might actually get credit for many, and then again building on the standards.
Some of the things that are going on, and again we don't relay have time and this is getting to a level of detail that maybe only some are interested in, but we are using automated tools around the standards to actually automate the process of how the quality measures are actually looked at in stage 2. What I mean by that real pragmatically is when a vendor goes for certification of the quality measures at stage 2 they are actually given the data set that they have to run through their software and then we compare the output of that particular vendor's software to a pre-described output. So we are actually automating the testing of the interventions as well. That is basically what these all say.
I am sure many of you are aware of our standards and interoperability efforts. This represents 12 streams of work, each row is a stream of work. The ones toward the top are close to done because the color of the row is filled in closest to the right. You can see the direct is pretty much done. Transition of care and lab results interface, which are actually needed at stage 2, are balloted at what we refer to as HL7, and I am sure that many of you know that is the standards agency that we get agreement on across the industry. Then there are numerous other projects that we certainly don't have time to go into.
But I do want to point out sort of the columns across the top. Similar to what we were talking about with other things in terms of training and implementation, that with these standards we are actually trying to get to something that when it is published is going to be understood and be able to be implemented in a standard way.
So the RI in the second to last column to the right is reference implementation. We are actually going to take these things and look at reference implementations and pilots to make sure that these are doable by the industry writ large.
Our website had been redesigned. If you haven't been there recently it is a great place to go. This is just my commercial break on that particular thing. There is lots of new information if you want to go to the next slide, which is just a hint at some of the different kinds of things you can look at. We are refreshing our news a couple of times a day. We try to get at least one or two blogs out every day or so. That is how we are keeping everybody apprised of what is going on and what is changing.
Another website that is a little known secret I think, and I only became aware of it after I worked at the government, was challenge.gov. So I will point you toward that if you are interested in any of the challenges that are going on around the government. If you go to the next slide, specifically ONC – so if you are at challenge.gov on the right-hand side there is a navigator bar and it just goes to show you by the way how we don't follow our own standards, because navigator bars are usually on the left-hand side, but on this particular website they are on the right-hand side. If you go down to the Office of the National Coordinator, that is how you actually get to this particular screen. We have been using this to spawn some innovation in the industry.
There is one I particularly want to highlight where we did do a redesign challenge linking with CMS data. Some of you may be aware that the CMS data is actually publicly available-+ to individuals, to patients, and you can sign up to get that with your Medicare number. SO when you go to the website you sign up and you can actually see your information.
We had a challenge to create a mobile app to be able to access that information. The mobile app was actually not only created and the challenge winner announced, but they have actually commoditized this and it is available for free in the iPhone app store. Just last week they released the Droid version of it. SO for you or for your loved ones if you have anybody that you know that is on Medicare, you can get them to sign up on the regular web site and once they are signed up there you can activate the mobile app – it's called iBlueButton on the app store. You can get that to hook into this an actually get all of the Medicare information that is known about an individual beneficiary on your mobile phone. That's enough for that commercial break. I could go on and on about that. This is really exciting.
I will end with this is all about each one of us doing our part, and your part especially in terms of patient advocacy, if you will, and sharing some of the stories about how important it is to get patients involved in their own care. Thanks.
DR. STEAD: Judy thanks for the awesome overview and I cannot compliment ONC enough for the effort to make this actionable for the providers and the vendors. One question, from the evaluation of the PCAST report back in early 2011 there were many pieced of that, but probably the simplest was this idea of externalizing the data in a universal exchange language, where we had a very simple syntax. I know that things like the N&I framework around segmentation and privacy are working out layers of the meta data, for example, but I was curious – is there an effort under way for this idea of a naming authority that would basically mean that we didn't have to harmonize all the standards, that we could in fact pick up a chunk and look up what that standard was and unpack it. Is that part of the roadmap at this juncture or not?
MS. MURPHY: I do not know the answer to that, because I did not dive deep into the S&I work at this point, which is where that would fall. Do you happen to know?
MR. WEINSTEIN: Like you said, we are looking at it on the privacy side in terms of ways of using meta data to classify sensitive information. And to apply privacy characteristics to data. I will talk more about that in my presentation.
MS. MURPHY: But as an overall initiative, if there was a big chunk of time and work I would know about it. What I can commit to doing though is finding out more about that and reporting at the next meeting.
DR. SUAREZ: Great comment. I am also very impressed with the report and particularly with the measurement of progress. I think it is very critical to know that there is 97 million exchanges already happening and 2.9 million exchanges using Query Health.
To Bill's point, the Standards Committee and the vocabulary work group and the Clinical Operations Work Group, has talked about that concept of having a central repository if you will, of reference data that can be mapped across so that while we work towards harmonization, there is still going to be flexibility in the way data is really maintained. What we need is a reference place where this dataset has this type of meta data structure and the content. So people can bring multiple data sets and look at the meta data and look at the central place where the meta data reference point is and do some cross analysis. I think there is some work being done about that.
My question goes back to really one challenge that I see. I think that it is just an incredible display and array of activity that are going on and keeping the momentum going will require on-going funding. I talked about in the past, of something that I have been referring to, the fiscal cliff, that HIE organizations are going to face. A state HIE grantee's are going to begin to face stoppage basically, the end of their funding in the coming months. There are challenges about the sustainability model that some of them have.
The same can be said about the regional extension centers that are funded for a limited time period. The Beacon Community grants, that are grants ultimately. So the question I have really is how can we look at either replacing some of that funding with some other support or validating this sustainability model that regional extension centers and state HIEs and other organizations funded through grants from the Office of the National Coordinator will have. Is there a sense of what -
MS. MURPHY: It is a really good point. The Health Information Exchanges, which are state based, so there are 56 of them, there are a few territories in there, we haven't changed the number of states. (Laughter) Sometimes I feel like I would like to. The regional extension centers, you may recall that there was a regional, so there are 62 of those, they have been tasked with sustainability plan.
That being the case, we are also helping think about how we can go about doing that. One of the things that got talked about here today as one of the things on the table, and that is ICD 10 assistance. So maybe I am not helping with stage 1 meaningful use anymore as a regional extension center, but I am helping the small practices, the rural hospitals, the rural providers, or just people who need help implement ICD 10 and again, this sort of idea of harmonization.
That being the case, I don't know that CMS has a spigot of money they can just turn on either, for this sort of assistance. But as we think about holding to that date, one way to hold to that date is to stick with it but also provide help in the last year, for those people who are probably going to have a problem with being able to do it.
So some of these use cases, if you will, I think are going to come. A second area for provisional extension centers that we have been looking at, patient center medical home, accountable care organizations. The way to do that particularly when you look at the data mining and the data measurement that is required, is not intuitive to absolutely everybody. If you happen to be in a community where there is a large integrated delivery network who has resources, you are probably going to be able to figure that out.
If you are in a smaller area and you don't have those kinds of resources, you might not be able to. So again, it is the second example of a return of investment kind of idea. Have we figured out how we could fund those kinds of things – no, but I think this interagency agreement discussion stuff, has at least begun.
DR. GREEN: Scott and Sue, how are you doing? Are you going to be able to be here for a little longer.
MR. WEINSTEIN: Yes, not a problem.
MS. MCANDREW: Hey, my role is done so I am cool. (Laughter)
DR. GREEN: To the committee, if you had any fantasies of a break anytime soon, forget it.
DR. TANG: I know it has been said already but it is so exemplary I just have to repeat how wonderful the work at ONC has been and how your presentation and summary hit with measures and you are making public on the website, it is just really, really very helpful.
I would like to bring up the SNOMED issue again, mainly because I think it is an inflection point and it is very relevant to this committee. One is, as we know, and almost the industry has unanimously said, we need to almost abandon some of the old measures and go towards what are described as de novo measures, for lots of reasons as we transition from the administrative claim sources to the clinical.
At the same time, when we are causing this change, we certainly don't want to contemplate yet another change. So I am a little nervous that we are going to redo all these new quality measures in ICD 10, when we really have actually mandated that all the physicians in – and you know as an implementer, we are now teaching them to now code in SNOMED, and the discordance, there are two different terminology sets for two different reasons, and should, one, appreciate the Department's perspective on that and/or advice to this committee on whether there is any advice to be rendered about that or opinion on that.
I would hate to lose the opportunity as we retool for – bad choice of words – as we go towards de novo measures to contemplate having to do something with another translation step or another conversion. Maybe your perspective on that.
MS. MURPHY: So first of all my perspective is to really get informed by the clinical documentation hearing. We really do rely on you all, the FACAs. One of the, I think it was the Certification and Adoption Work Group of the Policy Committee, held hearings just two weeks ago on clinical documentation.
The idea is you are typically using SNOMED things when you are doing documentation. Is documentation then the path to billing or is it a separate activity? That is kind of what you are bringing up. It is kind of like the difference between what does ONC do versus what a CMS does because we do clinical things and they do billing. We typically don't go in their billing.
I know that they are interchanged or intertwined, excuse me, because we have this whole issue of the potential of using systems to create documentation potential by copying or pasting or using templates, for work that actually wasn't done and then creating billing fraud.
I don't know what the path forward is but I see the link between SNOMED and ICD 10 as inextricably linked as I see today documentation and billing. I don't know that we can divorce them so therefore we have to figure out how do they either live in harmony or does one rule.
DR. TANG: I so appreciate the discussion, and I know the Department is doing this about the alignment, it would be a shame to teach physicians to enter once and then not use it.
MS. MURPHY: And oh, by the way, come back –
DR. TANG: And oh, by the way, also code for billing, which was the old way to go to quality measures when they are being redesigned right now. It seems like something we could render an opinion on and it should have been yesterday – oh, actually we did do it yesterday, but to reemphasize it because we are still at that time when quality measures are trying to get in the pipeline.
MS. KLOSS: Just a related comment, I think that this committee, several years ago, at least took up the concept of looking more broadly at the development dissemination promulgation of coordinated versions of all of the code sets. That work really does remain to be done because if we are going to harmonize these systems then the way that they are developed and updated, has to be relooked at too. I do think that is the sweet spot where this committee should be looking at.
MS. MURPHY: We would really appreciate it.
DR. GREEN: So you guys will bring this back later in the meeting, right? Michael.
DR. FITZMAURICE: Thank you for a great presentation Judy. It is remarkable all the work that ONC has done. I want to pick on one of the good things that you have done and that is the Work Force Training Program. You know when agencies go in front of budget committees and then go to OMB, the question always comes up, well, if this is so good then salaries will rise and people will flock to that area. Why do you need to have a training program in that area? The stock answer to that is well, yes, that is true but we want to do it faster. It is critical that we do it faster. And so, you have the back and forth, but we are always looking for success stories. Here is a training program that worked and here is our measures of working of how well it worked.
I wonder if you would consider looking at the percentage of trained workers with HIT jobs, say over the next five years, and maybe also developing a job bank program or a training inventory bank, for employers to searc.
MS. MURPHY: Thank you, those are good suggestions. We have not yet looked at that, but I think that would be a good sustainability kind of --
DR. CHANDERRAJ: I was a participant in the Community Work Force Development and I successfully completed that. But unfortunately the answer to that question about how many people are gainfully employed as a result of completing the course, only four candidates out of the 30 candidates that have been enrolled in the community program, are employed now in the health force.
So it is going to be very, very hard for them to get jobs. Especially in the days where physicians are seeing less and less reimbursements. The ONC has done a wonderful job because it got grants and funding, but you are imposing a lot of heavy burden on the small groups trying to implement all of this. Now the ICD 10 coming and the SNOMED and things coming, you are putting a terrible burden on the physicians community and I don't know how many of them will be able to participate in the Meaningful 2 Certification process. It is going to be a very onerous task.
Also, I question how many of the respondents who just gained the Meaningful Use bonus for stage 1, how many of them are Medicare participants? I know a lot of physicians, especially in my state, the implementation rate is only about less than 30 percent. How many of them are retiring or refusing to participate in the CMS program to get meaningful use. From the census from AMA, there are about 700,000 physicians, with the target for ONC is about 500,000 physicians, and only two-thirds are participating yet or got meaningful use.
MS. MURPHY: So the number, I think it was 503,000 physicians, is related to CMS, and they come up with the number of eligible providers. I do not know all of the reasons for the difference, but the remainder, the difference between their 500 and what you are saying, 700, is those are ineligibles. So they are either working in ineligible areas or they do not have enough Medicare or Medicaid complement to be eligible. That is where the 503 came from.
DR. GREEN: Okay, Scott?
MR. WEINSTEIN: So thank you very much for inviting us to speak here today. I am sitting in for Joy Pritz, who is our chief privacy officer at ONC. I know she would have really liked to have been here to present to you, but she is on the Left Coast today doing a conference there.
I just want to give you an introduction to our office. It was a position that was created by the High Tech Act specifically, and the duties were listed in the Act when it passed. They included advising the national coordinator on privacy, security and data stewardship, and coordinating with other federal agencies, including state and regional efforts, and as Joy really likes to point out, also international efforts with regard to privacy and security. The international sphere is one that is really growing in terms of concerns with cyber security particularly.
We work in these three main areas of privacy and security development. One is policy development in which we coordinate efforts to insure that key privacy and security protections are in place, to insure public trust in health IT adoption, health information exchange and meaningful use. And this includes consulting with private and public stakeholders to evaluate and develop privacy and security policy, particularly as it relates to electronic storage and exchange of health information. That is obviously the real change in the industry that brought about the creation of the chief privacy officer.
We also provide programmatic support, as we are subject matter experts in privacy and security in the support of ONC programs throughout the United States. So we provide our subject matter expertise to ONC programs like the Nationwide Health Information Network. Our regional extension centers, which are established across the country to assist particularly small providers in adopting certified electronic health information technology. We assist them in educating providers about the new privacy and security means that arise as they adopt electronic health records.
We work with the strategic health care IT advanced research projects on security, the SHARPS grant programs. So we coordinate with those grantees in their efforts to insure alignment with the efforts that are ongoing at ONC, and health IT security and privacy committees. We work with the beacon communities, the health IT workforce, as was mentioned by Judy. We look at obviously the adoption of meaningful use stages, the certification criteria, and meaningful use criteria as they relate to privacy and security. And we manage the privacy and security aspects of healthit.gov.
We also do large amounts of research and policy implementation, where we are researching how providers and patients are reacting on privacy and security requirements, and the new concerns that arise with the adoption of health information technology.
I have kind of gone over this in the previous slide, but these show some of the government and federal advisory committee groups that we work directly with in our privacy and security policy coordination and development. I mentioned the Policy Committee Privacy and Security Tiger Team, and the Security Committee Privacy and Security Workgroup. We help staff those teams and take their recommendation and bring them to ONC for potential implementation and the certification rules, and meaningful use stages. We also work with the Inter Division Privacy and Security Task Force. That is within HHS. Then we have a step above that, the federal Health IT Interagency Privacy and Security Task Force, the NSTC, the National Strategy for Trust Identities in Cyberspace, NSTIC, which has been really active in the areas of provider and patient identification, the Office of Management and Budget IT Workgroup, the HHS Privacy Committee and the federal CIO Council.
So my presentation is going to focus on these three areas that we are really working on right now, one is going to be this issue that is currently in front of the Privacy and Security Tiger Team, relating to query and response for health information exchange. Meaningful Use Stage 3 RFC, which ended in January and the results, the comments were brought in front of the Policy Committee, as Judy mentioned, in January and February.
I am going to give you a little update on some of the projects that our office has been working on. Let's first talk about the Privacy and Security Tiger Team and the development of recommendations that they are proceeding with around response. Just a little background on this issue. Currently, except where the law expressly requires disclosure, HIPAA permits but does not require providers to release PHI in a range of circumstances in treatment and payment operations, as an example here.
The goal of the Tiger Team in this effort is to reduce potential real and perceived barriers concerning types of clarification efforts, to enable them to respond to queries consistent with their professional ethical obligations, and with privacy and security laws. Just to sort of summarize this a little bit, in today's world we think a lot about what we call push scenarios. Those are the predominant scenarios in health care, such as a primary care provider providing documentation in a referral situation, or a hospital discharge, where the hospital is pushing information upon your discharge back to your primary care physician.
What query response foresees in something a little different, where you go to see a provider for the first time and they are able to either in a directed way query providers that you identify as a patient, as one that you have seen, or potentially in a non-targeted way to query what is out there generally in terms of your health information.
Those kind of summarize the three scenarios that the Tiger Teams are looking at. One is the targeted query for direct treatment when HIPAA is the controlling law; one is when data is covered by more stringent privacy laws, whether it be state law or federal low, such as the Part 2 substance abuse regulations; and scenario three relates to non-targeted queries.
Moving on to talk about the Stage 3 RFC, and what I want to focus on, there are several questions asked in the request for comment, but I think the one that would be of most interest to NCVHS was the questions that was asked by the policy committee about patient consent and data segmentation. Three questions were put forth in this RFC and 74 comments were received about it in response.
The first question was how can EHRs and HIEs manage information that requires patient consent to disclose so that populations receiving care covered by these laws are non-excluded from health information exchange. This particularly implicates, as I mentioned before, substance abuse programs, which have heightened restrictions under law that are in place in order to encourage patients to seek care in those areas, in those potentially stigmatizing areas, knowing that the information, when they go to seek care, cannot be disclosed without their express consent.
So in response to this question there were suggestions that referred to our initiative, the data segmentation initiative, the work that has been done in terms of meta data tagging as a way of communicating these policy requirements with the data. And there were concerns in the comments expressed about whether the capability is in broad existence today, a concern that perhaps it would be better to focus on punishing inappropriate use of data as opposed to the appropriate use of data, and the idea that maybe PHRs would be a good way of providing this granular control of patients as opposed to doing it in an exchange environment.
I think question two related to how can meaningful use be leveraged to improve the capacity of EHR infrastructure to record consent, limit disclosure of these particular types of information, to providers and organizations specified on a consent, and the managed consent expiration and revocation, as well as communicating these limitations on use and re-disclosure to providers that receive this specialized data.
The responses here focused on creating EHR capacity to do this. There was a sense in the comments that EHRs currently might not have the capacity in the way that they manage data to be able to segment or identify what is protected, what constitutes substance abuse information in the first place? What constitutes HIV information?
This kind of goes along with the second comment of creating specialized fields for specially protected information, potentially to make that an easier endeavor within EHRs. Then requiring certified EHRs to manage patient consents and control re-disclosure, either in a general way allowing EHR vendors to determine how to do it, or to describe a way, as some commenters suggested.
Question three was, are there existing standards such as those identified by the data segmentation for privacy initiative, IG, which I will talk about later in the presentation, that are mature enough today to facilitate the exchange of this type of consent information. Many commenters felt that indeed the initiative did identify a useable, implementable way of doing this. They point to other code sets, such as HL7 confidentiality and sensitivity code sets, and existing pilots through the data segmentation initiative that are on their way to becoming live pilots. Then another commenter pointed out the eHealth Initiative blueprint on building consensus for common action.
So now I want to shift to talking about, or giving an overview, of some of our current initiatives. This is a snapshot of everything we are doing right now and it would take a long time to go through every single one of these. So what I am going to do is kind of take a select grouping of these that we think are of particular interest to you at NCVHS. I am happy to answer questions of some of the other ones that I don't address.
As I have already mentioned in this presentation, this is an initiative that is near and dear to me as the project manager for it, the data segmentation for privacy initiative, which, as Judy mentioned, was part of the standards and interoperability framework, which involves bringing a group, a community together that are both standards experts and vendors, implementers that are interested in coming up with a solution to a problem that involves either a lack of standards or the existence of standards, that are not being used in a harmonized way.
So the idea of this initiative is to figure out a way to implement disclosure policies, whether they originate from a patient's own preferences, the law – as we mentioned, concern with substance abuse information – or organizational policies. We hear a lot of organizations use data segmentation currently when it relates to VIP patients, for example.
In implementing these disclosure policies we want EHRs and HIEs to be able to operate in an interoperable manner, to be able to communicate these privacy restrictions with the data, so that industry, when they receive specifically protected information from any of the patient law organizations, they know how to implement that. They know how to handle the data and handle it appropriately.
The initiative built on the recommendations from NCVHS and PCAST in this area on how to use meta data. NCVHS really focused on what areas are needed for this granular consent. That relay factored into the use cases that our initiative selected, focusing on substance abuse and HIV, for example. The PCAST recommendations discussed the use of privacy meta data in order to hit that interoperability piece.
Currently, just to give you an update on where we are, the IGs were completed last year and we have several pilot demonstrations next week and HIMS. One is the Department of Veterans Affairs and SAMHSA have teamed up together to really tackle that substance abuse use case, as well as the Department of Veterans Affairs unique use cases as it relates to their need to protect HIV data and data related to sickle cell anemia. They are working on classification schemes in order to create rules so that they know what data within their system falls into those categories. Then applying the privacy meta data that our community came up with to then limit access to that information appropriately, and then when it is sent from one system to another, that access control carries because of this specialized privacy meta data.
For more information on that pilot and our other pilots, which involve private EHR vendors as well as the University of Texas Austin has teamed up with a private vendor as well, Tampa Bay 211, which is a substance abuse referral network – not just substance abuse, mental health and behavioral – they have teamed up with a private vendor to work on how we can adhere to a patient's privacy wishes in these sensitive areas. For more information I have the wiki page for our data segmentation initiative.
Then we have our eConsent project, which involves development of innovative ways to educate patients about their choices in terms of exchanging health information electronically. This project has piloted four different facilities in Western New York, the use of tablet computers. In the waiting room the patient is given a tablet computer and they are given a basic two-minute video that describes information exchange generally. Then after that video there are subcategories that the patient can choose to drill down into if they have concerns in particular areas.
So it is really about giving that broad overview, that broad educational knowledge, but allowing the patient to decide where they need more education and more information. The next steps for this project – we are conducting a debrief with pilot site personnel, we're analyzing the data collected during the pilots to prepare a final report that will inform future implementations of this strategy for both educating patients about health information exchange, and obtaining their consent, their educated consent in a meaningful way that exemplifies the recommendations of the policy committee, which were that patients should have meaningful choice for their information to be included in health information exchange.
We've worked on the security training game. We are working on activities that will assist providers in understanding their obligations as they are adopting health information technology. One of those is some of the security concerns, the new security concerns they have to take into account as they are adopting further health IT. For example, this is a screen shot from the video game that we developed. AS you can see, the question here is, "Can I take my laptop home tonight so I can get caught up on billing for last week?"
So what is being discussed here is mobile device laptop policies. That is something obviously that, as health IT expands, more and more providers, particularly small providers, who never had to deal with this issue, are going to have to think about it. This provides a platform for at least starting that discussion. Providers are going to have different policies based on the way they do things, but this starts the discussion in that direction – how can those end users be trained in these new areas that they might not be familiar with, that they didn't learn about in medical school?
We are also working—we established a web site on healthit.gov surrounding mobile devices. This was an area that has been extremely rapid in development, something that has evolved in the past five years where mobile devices were something that were strictly used for work, for e-mail, and now have evolved with the smart phones to being personal entertainment and knowledge bases. We are seeing more and more providers in our outreach efforts using BYOD, using the same device for work and for home, and exploring some of the security concerns that arise when devices are used in that way. This web site is aimed at providing educational videos, some research on how mobile device security works, so that providers can secure mobile devices in public spaces, on site and at remote locations.
We are working on a project in conjunction with the Office for Civil Rights on the notice of privacy practices, using innovative ways to identify barriers to consumer understanding of the privacy notices and looking at formats and approaches to the notice that an communicate effectively to consumers, while still conforming to the regulatory requirements.
We've conducted – actually last night was our first focus group where we worked with patients, consumers on reading the HIPAA notice, and their reactions to how their information is shared. I can tell you from being there, one of the most interesting things that came from that focus group was how interested they were in the new rights that are coming from the Omnibus Rule. They were extremely interested in those rights and learning more about them. So it was early helpful knowledge going forward as our contractor, in conjunction with ONC and OCR, looks to come up with this new innovative way of presenting the notice. As you can see our time line, we are running through March 2014.
We are doing various surveys, other surveys that look at consumer attitudes towards privacy and security and health IT. We are leveraging the Health Information National Trends Survey in doing this. This consumer survey has been completed and the results analyzed. Along a similar line here, the mobile health focus groups, where we are assessing consumer attitudes towards mobile device applications as they are sprouting again. Mobile is huge, it is growing at a rapid pace. More and more consumers are using applications to manage their health care. And the key take away that we have found so far in this projects are that the consumers do have privacy and security concerns. And consumers actually do make case-by-case determinations when they are deciding whether to us an application or not. The factors that they are weighing when making the decisions are their own technological literacy, their trust in the app developer – who is providing the application, whether it is their provider, whether it is a third party - their control in terms of how they can manage information in the application in the context in which it is being offered to them. And consumers are broadly interested in their information being safeguarded, which shouldn't be too much of a surprise.
So that is it. I know there was a lot of material we are working on. As you can see we are working on a lot of different issues of privacy and security and health IT. I am happy to take questions.
DR. GREEN: Question?
DR. MAYS: Thank you again for an exciting and really great presentation. I have two questions. One is in the area of laws around protection of data – HIV and substance use are very specific examples. But one of the areas where we are finding problems is in terms of mental health. Typically it has always been carved out and it was kind of separate from – so those of us who are working in this area of integrating behavioral health into primary care, what we hear from people is that one of the things that they like is everything else being fairly open and accessible, but have concerns about it. I don't know if you are thinking about it or if it is something to put on the radar as one of those really sensitive areas, and it's not just the substance abuse, but it is the psychiatric disorders, it's some of the distress issues that people bring in that they are trying to find a way to protect it more than the other things in their record. I don't know if you are thinking about that.
The other question I have is, there seems to be some – and gain it is kind of like coming from the way in which we work – in public health screening activities quite often there have been in the past volunteers that go out – like in LA we have these huge screenings where we might have thousands of people that are there that don't have access to health care.
We are starting to cut back and be very concerned because we thought it would be a lot easier to collect data using tablets and what have you, and give it to people, to even give them thumb drives and say now the handover to this particular agency for you to go and continue, and we are told that we really have to worry about collecting data like that, because we have to have another level of protection. It is not clear.
So there are a lot of moving targets here about what is applying in this. I am just kind of throwing that out because I think that the perfect is killing the good here.
MR. WEINTEIN: So on the mental health question I can tell you that while we did data segmentation, obviously we focused on those Part 2 use cases. Mainly the reason we focused on those use cases is because of how broadly applicable it is in terms of it being a federal regulation, something that every provider in every state that have these treatment programs have to abide by. And not just those treatment programs but anyone who receives data from the treatment program has to be able to abide by the restrictions.
We made it very clear in our initiative that we weren't limiting the functionality to just that issue. There is a lot of interest among our pilots and among members of the community towards expanding this capability. This project data segmentation was not just about implementing Part 2, but about providing an avenue for potential granular consent in other areas, like mental health.
In terms of the second question, in terms of tablet use – I think you are talking about the security concerns of having additional devices data as a result of collection, I can at least tell you with eConsent, my understanding of that project was that they were very careful not to store information, the consent that was captured, locally on the tablet. So immediately when someone would document their consent, it would be sent to the server and would not be stored on the tablet specifically.
Our mobile device work relates very much to those concerns with tablet use and USB use, for sure.
DR. GREEN: Let's go to Bill and come around the table this way. We will wind up with Leslie.
DR. STEAD: The segmentation work is awesome and is really beginning to provide very concrete examples around things that were quite abstract a couple of years ago. So congratulations on that.
Really the concern and question I have surrounds how we begin to think about his, not as something that is applied external to our electronic health care systems at the exchange, but how we actually begin to apply it internal to those systems. At Vanderbilt, as I wrestle with how we can actually respond to this requirement, not what we allow patients to restrict access by payers to events they paid for – the Rule 45CFR. Practically speaking, since we at least are not smart enough to segment except at the encounter level, if I see a person for a plastic surgery procedure and I discover they are HIV positive in that event – and it is all part and parcel of that event – the next time they see a provider they are going to have to know that if they care about it.
So as best we have been able to tell we can meet their request, provided they will pay for all downstream care. That will obviously be a very expensive payment. That would become possible if we, in fact, had these segmentations internal to the base systems, but none of the current systems are designed that way. That is where the power of getting to where the universal exchange language is actually part of the base infrastructure.
So I don't know if there is real attention to try to get to that in time to let us deal with some of these regulations.
MR. WEINSTEIN: What I can speak to is at least one that I didn't mention in my presentation that we have started, and that is data segmentation for Provenance project. We are conducting interviews of vendors to see how they at least manage provenance within their system. That is an area that could potentially be a lever for segmentation. You can segment based on source of information. That is at least one step forward. In order to do that, like you said, the provenance information has to be internal to the system in some way.
We are using this project to explore how it is being done currently and where there are potential gaps in that area.
DR. SUAREZ: Thank you. Another example of when you have people, power and passion – I was going to use the "P" for money but I can't think of one. Anyway, it is just an amazing amount of work. I am pleased to have been able to work closely with a number of these initiatives, including the data segmentation for privacy.
I have three very quick notes – not so much questions. Number one, on the provenance part I am glad you touched it because I was going to mention it. It is truly beyond the data segmentation portion. It is really a provenance issue, and this is a major issue for health care organizations, because right now the expectation is we are going to be required to or expected to accept data from different sources and incorporate that data – not that we are not doing it, but we are doing it not in the way that is expected to be done into the future. Provenance, including provenance for data that comes, for example, from EHRs and other sources, will be very critical, again not just for data. So to me that is one of the most critical priorities for the next several months.
The second topic – and the other two are really adding to the point about some other areas where we need some work to be done collaboratively, is in the area of privacy of what I see as the next Holy Grail for us, and that is genetic information. I think privacy and security for genetic information is going to raise the bar even much higher than where we are today.
The other area, of course, along the way, is privacy and security with respect to the cloud systems and the cloud applications out there. More and more data is actually being put into these clouds and some of the clouds are cloudy to say the least. I think that is another major area for potential consideration.
DR. FRANCIS: I want to thank you. I also want to say that we are actually working in some ways with you and on that slide of all the groups, it might not be a bad idea to put us there, too. But I am on the Tiger Team. So for example, in the query discussions, basically as a liaison from the Privacy, Security and Confidentiality Subcommittee.
I would say one of the things with the personal health record letter that we did a couple of years before the data segmentation letter, we can sometimes take a problem and sort of chew on it and framework it in the same way we have been doing right now with data stewardship ad community engagement.
If there are topics like that, where we could brainstorm where it would be helpful. I am assuming there is a hard copy of your slides over there. So we can go through the kinds of things as a privacy subcommittee. But if you have particular thoughts for us about areas that would be analogous to the data segmentation it would be enormously helpful.
DR. GREEN: Sue, you get the morning's award for patience.
MS. MC ANDREW: I am happy to have the opportunity to speak and I am more happy to be able to have a final rule published and be able to talk about that instead of the litany of, it is coming soon. We now get to say that about other things, and people know what that means.
In terms of where we are, we did publish in the Federal Register on January 27th our Omnibus Final Rule that implements a number of provisions that stem from the HITECH Act. We call it an omnibus rule because we threw into this rulemaking anything and everything that we could possibly have in the regulatory chain so we could get it all done at once, which helps align implementation dates for our covered entities as well as relieving burden on the reg processing pipelines.
So we also, in this Omnibus Rule, incorporated the final rules on the Genetic Information Nondiscrimination Act, and those privacy provisions that we had an NPRM out for some time, we included review of the comments that came in on the two interim final rules, the one on breech notification and the one on the enforcement penalties. Then we also threw in a number of non-statutory provisions that had been percolating through, including a number that addressed recommendations that had been on the table for some time, coming out of this committee.
So in terms of what is in this final Omnibus Rule that is new for consumers, courtesy of the HIGTEC Act, consumers now will have a right to get an electronic copy of information that is in electronic form at the entity. This will be primarily the electronic health record. One the plan side it will be basically their payment record and whatever additional information is held in electronic form.
So this right is envisioned in a way of allowing the individual, not just the covered entity, to play in the wonderful world of manipulating electronic data instead of having to deal with reams and reams of paper, and trying to find a way of organizing and looking at all of that data.
They also have the right, under the HITECH Act, to direct that that electronic copy go to a designated third party, largely designed as a way to empower personal health records. I think what was envisioned was that instead of having this electronically delivered to you, you would direct it to be delivered to your freestanding personal health record and then be able to access it through that mechanism. However, it was not limited to that so we took this opportunity to broaden that and empower individuals, whether they their information is electronic or not, that they have the right to direct their copy, whether it is electronic or not, to a designated third party.
In fact, we have enabled people to do that under the current access right even now. This juts makes it a little stronger. We do indicate that the entity needs certainty about who this third party is and how to get the information to them, we do require that this direction to the designated third party be in writing so that everyone is clear, and there is documentation available as to where the individual wanted the information to go. As in normal HIPAA standards, this can include an electronic writing – the writing can be electronic, so it doesn't have to be on paper.
Courtesy of the HITECH Act covered entities are prohibited from selling protected health information unless they have the individual's authorization to do so. That is not necessarily new. They were never allowed actually to sell the information, and that gives you the permission to disclose it, but if you did have permission to disclose it, then we do not care, prior to this, whether or not you were reimbursed or what you charged the party for the disclosure that we otherwise permitted.
That has now changed with many, many significant exceptions. So I think going forward, for instance, certainly treatment and payment disclosures are not subject to this test. Public health disclosures are not subject to this test. Information that flows as part of the sale of the business itself is not subject to the test. So there are a number of examples that are totally outside of this prohibition.
Otherwise, including research, and we had many, many discussions with our research community, this does apply to the research community, and we took the standard that Congress had devised for the research community and decided to apply that standard basically across the board to the permissible disclosures. So essentially it is not considered a sale if all you are being paid for is the cost that it takes you to assemble and transmit the data.
So it is a cost-based fee and as long as it is just your work to assemble and transmit this data, that is fine. But otherwise, if you get more than that then that can be problematic.
We also, in the preamble, note several research scenarios where the payment you are receiving really is for a broader purpose, such as general participation in the research program or study, and it is not just that the money is coming to you in exchange for the data. So even though there is an exchange of data as part of this larger program that you are participating in or getting a grant for, that is not considered a sale either. So we really are looking for a very targeted payment for the disclosure of that information.
Similarly, marketing got tightened. There are some more limited exceptions to this. For the marketing communications, which are paid for by a third party, those also now will require an authorization. An exception is for refill reminders and information about adherence programs and information about current prescriptions.
But this was an attempt, I believe, by Congress to close a loophole, if you would, in the way the current marketing definitions work, so that this third party could pay the provider. The provider then would send out these "Dear Doctor" letters to either a targeted subset or across their patients more broadly, urging them to switch drug regimes to this new drug that was being marketed, or other kinds of using the goods and services of this third party.
So while the information was prohibited – you know, the third part could not have bought the consumer list from the doctor to send out their own letters, they could use an intermediary to do this, so Congress was interested in closing down this last avenue through which these marketing materials were still being disseminated and that is the provider can no longer take money from the third party to market that third party's goods or services.
It does impact health plans in a somewhat unexpected way because we did run into issues related to certain ways in which health plans were advising their beneficiaries about value-added goods and services that were not actually part of the plan's benefits. These are going to be impacted to the extent that the vendors of these value-added goods and services pay the health plan to promote them to their beneficiaries. Those kinds of transactions would no longer be permitted. They will now become prohibited as a marketing communication and require an authorization.
What we have talked with the vendor community about is the way the marketing prohibition payment works. It does not prohibit in kind exchanges. So the vendor can provide the materials themselves to the health plan, as opposed to giving them a cash payment to send those out.
There was an additional requirement to insure that there is an easy way to stop fundraising communications. Again, the current rule does require these communications for fundraising to inform the recipient that they can opt out of future communications. The HITECH direction was that this opt out notice to the individual must be clear and conspicuous. So you are now required to have a clear and conspicuous opt out. The exercise of that clear and conspicuous opt out needs to be in a way that is not overly burdensome or costly to the individual to exercise. There is also much more of a hard stop at the other end where the individual does exercise the opt out.
So there may be some need to tweak systems to make sure that whoever is receiving this opt out information is in a position to act on those promptly.
Finally, as was mentioned, in the areas of the right to request restrictions of disclosures, there was one change. Currently, while the individual has the right to ask for the restriction, we have allowed the covered industry discretion to agree or not to agree to the requested restriction and enforcement follows only those restrictions to which the covered entity agrees. Congress has decided that in one area the individual would actually have a right to demand and control disclosures, and that is when the services and the treatment is paid for in cash or out of pocket, then they can request that their health plan not be advised or obtain that information, that disclosure.
We did struggle with what to do with downstream disclosures. One noting that risk right to restrict runs only to the health plan. So it does not limit, or run to other providers. So the exchange of this information is not n any way restricted across providers, but there may well be the same sensitivity from the individual's point of view with regard to how these other providers disclose the data. So we have tried to deal with that in the regulation, but we have not imposed an actual obligation on the covered entity to insure that the restriction flows downstream with the data. So the only prohibition really runs to the health plan.
I mentioned GINA. What the Omnibus Final Rule does is also implement the privacy protections now that will go to genetic information. It has always been treated as PHI to the extent that genetic information is identifiable – and that is a whole other discussion. What we were asked to do is make that explicit and so genetic information, as defined by the statute, is now to be treated as PHI. So that won't be a relay big lift.
It does prohibit health plans form using and disclosing genetic information for underwriting purposes. This again should not be that big of a lift, largely because they are currently under an interim final rule that was issued at the same time we were. We issued our NPRM – this prohibition went into effect for the purposes of actually determining coverage and eligibility for benefits, health plan eligibility. So these prohibitions not to use genetic information for underwriting purposes has been in place since I am going to say 2010.
We have been very careful to try to align the terms and definitions in the privacy are, to track those that are being used by the entities, the Department of Labor and a portion of CMS, and the Internal Revenue Service, who are responsible for the actual nondiscrimination provision as it effects health insurance itself. We try to include all of the definitions that were required by the statute and to make them aligned as much as we could with these other provisions.
I will say there is an enforcement track that go to the prohibitions in using this for underwriting purposes. They are administered on the nondiscrimination side. What this does is impose, in addition to those or as well as those, it makes using these for underwriting purposes subject to HIPAA penalties. The last time I looked I do not think there was – it is not one or the other where you wind up getting both sets of penalties.
Just briefly, on some of the non-statutory provisions, student immunization was something we heard from this committee about some time ago. So we took this opportunity to insure there was an easier way than the authorization process that is currently in place for parents to allow their providers to release proof of immunization directly to the schools. So that is now permitted.
We also from this committee, as well as our general discussions with the research community, took this opportunity to try to align how the privacy rule works with again the informed consent and the Common Rule. So we have made it easier to use a single authorization form for more than one research purpose and to relax the policy on when you can get an authorization for future research. These have been two rubs that we've talked to the research community about quite a bit in the past couple of years.
These changes will require an update to the Notice of Privacy Practices. We have also used this opportunity to relax the distribution requirement on health plans, who would have been required to send out this updated notice within 60 days. So now, to the extent that they can just post this on their web site, then they can just mail the revised notice out within the next annual mailing. And we did relax some of the rules related to access to decedent information, including putting a time limit on how long the privacy protections would attach. And also to make this information a little more accessible to friends and family. We ran into a number of problems with regard to difficulties with access.
One of the bigger areas of change is the business associate requirements. I think this is going to have the largest impact going forward in how we perceive of the privacy protections, and what the scope if my office's enforcement efforts are. So business associates are now directed to comply with the same security rue standards as the covered entity.
They are also directed to comply with use and disclosure requirements that are expressed in their contracts, and they cannot of course do anything that the covered entity itself cannot do. So they can't do any use or disclosure that would otherwise be in violation of the privacy rule. These requirements, these obligations on business associates, will now be enforceable, not simply by whatever contract remedy the covered entity had with the business associate, but they will be enforceable to the same extent that my office can enforce against a covered entity, and they would be subject to the same HITECH civil monetary penalties that a covered entity would.
So our book of business is now going to encompass this world of business associates, and we have made clear that this is not something that the business associate can insulate themselves from by simply contracting out with yet another entity. So to the extent these business associate obligations flow downstream from the business associate, the subcontractor to that business associate just pops up now as a business associate themselves, and their contract downstream now is subject to the same thing.
This obligation on the part of a business associate to protect the information and secure it in the same way that a covered entity has to do will follow the information through this business stream.
There were a few tweaks that we made in terms of breeches and enforcement provisions, in particular. Just briefly on the breach notification, we did get a lot of blow-back from a standard that we had in terms of defining a breach by the potential harm to the individual. So we have replaced that with a standard that still allows the entity to do an assessment of the circumstance's and the nature of the information that was involved in the breach, and to make a determination whether there is a low risk as a result of the breech that the information disclosed would be compromised.
We are hoping that we can focus the entity on looking at what were the factors in the breach, what was the nature of the information that was lost, and to do the assessment based on those which are much more knowable and, if you would, objective for the covered entity to assess than trying to speculate about whether or not there would be some harm to the individual.
In enforcement we did provide some additional information about what would qualify for some of the higher tiers of culpability, including willful neglect and reasonable cause.
Briefly on dates, as I said, it is published in the Federal Register January 25th. The effective date is March 26th. So we are using this period between the publication and the effective date to do as much outreach as we can. We do conferences, we do webinars, we are running around eh country talking about this. That will not stop after March 26th. Between March 26th and September 23rd will be the compliance period, and we will begin enforcement efforts with regard to these new provisions come the end of September.
We are giving entities that have a conforming business associate agreement in place as of publication date of the Federal Register, so they get an extra year, to 2014, to conform those contracts as necessary.
I did want to say just a few things about some of the outreach that we are involved in. I will get some of this, and the URL sites, to you, but we do have – a couple months ago we did put up on the website our de-identification guidance. That is available to entities to help them figure out not only how to comply with the current safe harbor method to de-identify, but we have tried to make the expert determination method of de-identification more accessible, for covered entities in particular as they move forward in an electronic world with larger and larger electronic data sets. It is really this expert determination that is probably going to be more useful to them than the safe harbor method.
In conjunction with the Omnibus Final Rule we did publish a sample business associate contract language on our web, and that is now accessible. We do have, in cooperation with ONC, we did work on the mobile device guidance, and we are attempting, both in terms of that endeavor and work that we are doing with ONC on the security rule, we are trying to scale down the security rule requirements so they, too, are more accessible to a smaller provider, is to make sure that those tools are not just best practices and good ideas and suggestions, but that we can actually use them and give them out to entities as a way of complying with the security rule, in sort of this data in one multiple uses that these kinds of guidance materials can be both educational as well as a compliance tool.
On the consumer side we are working to update our fact sheets. We have those ready for posting, and we have had them translated into seven languages. So those should be up shortly on our website. I understand the current stumbling block is we had two Chinese versions, simplified and traditional, but our landing page only wound up in one version, so we have to go back and get the landing page expanded to two versions of Chinese. But we expect that to be done by the end of the week. So those should be up shortly. We also are getting good feedback from the number of YouTube videos. Someone mentioned YouTube videos. We have those largely for consumers, but we do have a couple of security t=rule You Tube videos that would be a good starter kit for some smaller providers. And we are looking for other ways, additional videos that we can out up there.
So with that I thank you for your time.
DR. GREEN: Thank you. Let's take a question from Walter, and another quick burning question. I sense that you are just about exhausted.
DR. SUAREZ: Thank you. Very quickly. It is amazing to see 500-plus pages reduced and summarized so nicely into five slides. So I thank you for that.
The first question is about accounting of disclosure. Is that still on the agenda for this year? And can this committee help in any way?
Then the second question very quickly is back in May of last year there was a publication of an NPRM modifying CLIA to allow for laboratories to disclose lab results directly to patients. Is there any sense or do you know the status of the final rule on that?
MS. MCANDREW: Thank you for bringing that up. That was another note I made to myself. I hadn't included it in the slide deck. This is out the door, so yes, regulatory activity now continues on other fronts, but smaller fronts. So we are continuing to collaborate with CMS to bring out a final set of access permissions for information from CLIA from the labs. I believe that should be on track for some time – I won't say soon, but I think it is kind of in its final laps. So look for that.
Accounting of disclosures has many laps to go before it sees its final lap. But we are putting that now back higher in our hierarchy focus. So we are hoping to be able to move forward on that. I think in all likelihood there will be some additional collaboration that is done. The possibility is still there that we will end up re-proposing, depending on what the final solution looks like. If it is distinctly different from what the proposal was, what our commenters hoped it would, so that is definitely a work in progress, but it is something that we are going to be focused on.
I would just want to say one third area we are going to be working on is in collaborating with the White House as part of the gun violence initiatives. There we are going to be taking a look at the Privacy Rule as well as privacy in general, in terms of what impact that may be having on entities being able to report individuals who are prohibited under the Brady Bill and the other gun control statutes, as not being eligible to purchase a gun. So our first step there will be an advance notice of proposed rulemaking. We have not made any final determination about whether there are privacy barriers to being able to report into the criminal background database. But if there are we will be looking for ways to address them.
DR. GREEN: Let's go to Leslie and Vicki and then to Len.
DR. FRANCIS: One thing that is still open from the HITECH Act is sharing penalties and figuring out how to value privacy harm. Is that at all on the radar screen? The reason I ask is it is something that we have back burnered on the Privacy Committee, but it is something that we considered taking up.
MS. MCANDREW: That, too, is an issue out of HITECH that we have not had a chance to address. That is also something that we would probably do as an advanced notice of proposed rulemaking in order – it is not an area in which we have within the office good expertise. It is also something we are having some difficulty finding reasonable models out in the real world.
So to the extent that the committee can be at all helpful in vetting some practical ways of doing that that would help us move forward in this area, we certainly would be interested.
DR. MAYS: I wanted to ask about, in your first slide about the right to direct copy to designated third parties. It sounded like when you were talking about it you see those third parties as entities? Is it that, for example, that these could be directed to like one's family member or someone else? And if so, in protecting the security of the transmittal, will the person on the other side need to be kind of either technologically sophisticated to unencrypt data? What is the thinking in terms of that?
MS. MCANDREW: It is not limited to entities, so it can be sent to third parties, individuals, family members, attorneys. We have not, outside of our covered entity, and now business associate, universe, we don't require the individual, or if they are sending it to an individual who is not a covered entity, to have any particular – you know, they are in charge of their own information and privacy with respect to that information, and security with respect to that information.
So other than some general education in terms of what the risks may be, we would not be imposing standards on what the recipient of that data has to do to receive it or protect it, unless that entity is a covered entity. It is an interesting issue.
DR. NICHOLS: So I, too, marvel with Walter at that reg into seven slides. If I had a hat I would take it off. That's point one.
Point two, I was relay struck at the provision on restricting the flow of information about what one bought with cash back to one's insurer. I realize this is a done deal and you are very happy about that and I am proud of you, too, and I don't want to re-open the issue as a policy discussion, but I will just raise the point – is Kaiser an insurer? My doctor is paid by Kaiser Permanente Federation, which has an exclusive contract with Kaiser, the health plan. I might want her to know what I did with this money and bought this stuff that made me feel good. But you are telling me that we can't let Kaiser, the plan, find out.
I raise it more – we can argue on the head of a pin whether Kaiser is or is not a health plan – but I would just offer the observation that in some parts of our country plans are actually leading the edge in trying to improve managing care. So preventing them from getting it as if there is something special about them just strikes me as odd.
Second, if you are in a contract where you have a medical savings account type of arrangement, then it seems to me you kind of have to tell them what you spent the cash on. So I am just curious as to how that all has implications for us as we go forward in the health care system. I am just worried about these arbitrary boundaries that the plans are over here and everybody else is over there. In fact, it is pretty -- I believe Walter used the word "cloudy."
MS. MCANDREW: One thing that I would emphasize, that this is not a uniform requirement. So it is still up to the individual to ask for this restriction. So it is not like all cash transactions are now prohibited from going to the plan. It is only if the individual paying cash, usually for some degree of confidentiality, so it is to honor their perceived interest in keeping this information just between them and the doctor. The party that would have no interest, presumably because it has already been paid for, so the provider is not going to be going to the plan to get payment, then the plan has no interest in the services.
One can debate the pros and cons of that. Nonetheless this is the law we got. This is the law we put into place. I think we have tried in the preamble to work through as many scenarios as we could. We do recognize there are some payment scenarios with regard to CMS where you can't unbundle these things. So the individual is faced with having to pay for the whole thing in order to get the protection, or they cannot enforce the protection.
We have tried to make it as manageable as possible.
DR. GREEN: Some of you will recall that after our last meeting, about eight members of the committee said that was a fire hydrant that we got in the reports from everybody. There was so much going on that we need to take more time for this. Secondly it would be a whole lot better if it was done in person because the quality of the information and the communication exchange was much higher. And it would be relay nice if everyone came with a PowerPoint. So we did it differently this time and I want to thank your presenters very much. I am sorry the other two are gone already, but your being here in person is very meaningful, very helpful. We appreciate it very much and we appreciate the preparation you have put into it and the way you presented it. I know I speak for the whole committee that we are deeply grateful. You have helped us. You have helped us a great deal. You are a great enabler for the work that we want to do.
We are going to take 45 minutes for lunch.
(Whereupon, a luncheon recess was taken at 12:12 p.m.)
A F T E R N O O N S E S S I O N (1:05 P.M.)
DR. GREEN: I am going to be capricious and arbitrary here. We are going to be passing around the leadership of our work this afternoon and our conversation to the different Subcommittee co-chairs. Unless they object, I think we will start off with the Populations Sub-committee. Then I suggest we go to Privacy and Security. Then I suggest we go to Quality. That will give Ob and Walter the longest period of time possible to recover from yesterday to make their presentation. It was quite a day.
Again, the idea here is just to hear what the committees are up to, the direction they are headed, the things they have got in their sights, where they think the priorities are, and to give everyone else a chance to query the other committees and to go back and forth about what do you mean by this and what do you mean by that. The intellectual product we are looking for here is spotting the overlaps and the synergies and avoiding having two groups of NCVHS basically plowing the same ground from a little bit different perspective, aiming to come out of it with enough conceptual coherence about what we are doing across the subcommittees so that we can function as a committee of the whole around our three themes.
One of the assignments of all members of NCHVS is to be able, on demand, in the elevator, to explain to someone what our three themes are. That is not between floors one and 63. It is between is between floors one and four. You have to be able to spit them out.
Standards, communities as learning health systems, and convergence -- convergence across the nation's health data infrastructure and enterprise that is so fundamental to developing information that can improve individual and population health in a way we can afford it. That is what we are going to work on. We have the added advantage of having a workgroup that is trying to be very specific about helping the data we have be used more productively. We will hear more from Justine and that crew tomorrow morning.
Should we rehearse it together? Can all members say what our three themes are? You have to have those in mind. The assignment is listen. Keep those three themes running through your heart and mind as you are listening to your colleagues, here, on the Committee talk about the work that they have in mind. That can sort of provide you a little bit of a guidepost.
Marjorie has something she wants to say before we pass it to Bruce.
MS. GREENBERG: Because I have you all together, here, I wanted to, first of all, say that, yes, we heard you about wanting to be able to process all of this incredible information from departmental representatives better. I really want to give credit to Debbie Jackson -- there she is, Miss America -- because she worked -- these things don't just happen. She worked closely with each person. We got the slides. Of course, we are meeting here, though. It does have its challenges because of the security. In any event, trying to get people in person and have the slides, we will continue to try to do that. Debbie really did a lot of work on that.
The other thing I want to say because now, this is the second meeting day in a row that we have not only drunk from a fire hose, but without a break. I just need to explain and I haven't had to do this for a while, but because the co-Chairs are here, too, and I don't want to just pick on our Chair, here, but all the people who run meetings are here and some of you might be running a meeting even if you aren't a co-Chair.
I know that individual members can get up. They can run get a cup of coffee. They can run to the restroom. We have people who are recording this. We have people who are making sure that it is -- for the transcript. We have people who are making sure that people are watching the webcast. They cannot leave as long as your words of wisdom are being expressed. We have to not do this again. Two days in a row.
I, personally, I don't know about the rest of you, but if someone is speaking, I don't want to walk out on them. We have to have -- after about two hours, we need to have a break. I know we are just so dedicated and we work so hard that we don't want to lose 15 minutes, but we really can't do this a third day or a next meeting. Understand that is the reason because there are people who are supporting this meeting who do not have the option to just get up and walk out for ten minutes.
DR. GREEN: Did the Office of Civil Rights talk to you over lunch?
MS. GREENBERG: A suit is pending.
DR. GREEN: Bruce.
DR. COHEN: Hopefully, this won't take two hours. Actually, if it does take two hours, it means that we are having really good discussions. We will build in a break.
I am going to be giving a quick overview of the Populations Sub-committee. Feel free to interrupt me. I have a planned presentation, but I find the richness of the interaction is really helpful. If you have any questions as I present, please feel free.
DR. GREEN: Bruce is Sallie on the phone?
Agenda Item: Subcommittee Activities
DR. COHEN: She was planning to be on the phone earlier, but since our schedule got changed, I just don't know here availability.
Before I start, obviously, I have to acknowledge Sallie. I have the wonderful team right here -- Tammara and Kassi and Debbie, who were invaluable helping put this together and help organize our stuff. The incredible dedication of everybody on this sub-committee is to be commended.
MS. GREENBERG: And Susan Kanaan.
DR. COHEN: How could I forget? Thank you all.
We distilled Larry's three themes into one since it is a lot easier for me at my age to remember one rather than three things. Essentially, the theme of our activity is supporting health data needs for community-driven change. Actually, this is a very powerful theme when you think about it. It is integrative. We hope it will allow us to converge the interest not only to the Population Health Committee, but, certainly, the Privacy and Confidentiality Committee and, certainly, the Data Workgroup. After hearing what happened yesterday in Standards, that certainly fits in and, certainly, Quality as well.
This theme also focuses on data needs because that is what we do best. We have the expertise to focus on data. Community driven change is a key for us because that is really keeping our eyes on the prize. That is where the payoff is, particularly thinking of how we, in the National Committee and HHS, can help promote community driven change.
We have been very busy. I probably over process, but that is my modus operandi. We have had frequent calls and an enormous number of email exchanges. My inbox is always full with activities. Susan is going to talk in more detail tomorrow about the preliminary environmental scan that she has done looking at some of these issues.
We have developed an instrument to get feedback from communities. We will talk more about that later today. Hopefully, we will finalize that tomorrow in order to send it out. I concluded our initial planning and formatting for the joint workshop we are going to have in the spring that is going to focus not only on population health issues, but privacy issues and data workgroup issues.
Finally, Vickie and Nancy and Leslie Cooper have taken the lead in helping put together an APHA session, which will be in Boston in early November on these themes. We have done an enormous amount of work. Let me just give you some highlights.
As I said, Susan will talk more about the environmental scan tomorrow, but it took place over a two month period. The focus was on initiatives supporting community data used to improve local health. The goal was really to help us target where we can make a contribution. Susan talked in three telephone interviews, one email, and six key informant interviews, as well as doing the review of 13 programs, which she will describe tomorrow.
Essentially, here are some of the observations that I gleaned. We talked about this earlier. There is a lot of data already collected and is out there. The issue is how to determine what to use and how to use it at the level for action for communities.
Clearly, feedback that Susan got is that technical assistance is not universally available. This certainly could lead to recommendations from us for the Secretary. It is also important to note, although, I am like a supreme data geek, the data just start the conversations when we are working with communities. People make the decisions. The issue for us is how to empower communities to use the data to create these dialogues to make good decisions for themselves.
Finally, it has become clear that the National Committee can leverage federal involvement to help promote these kinds of partnerships and activities. As I said, tomorrow morning, I think, Susan is going to present more detail.
Feedback questions -- so our goal here is we want to get additional feedback from communities and data experts through outreach. We have been trying to design a feedback form that will cover a variety of topics. The goal for this feedback is to help inform the discussions at our workshop, reveal some areas where the National Committee can make a difference, maybe identify some speakers or participants for the workshop, and actually begin starting the process of thinking strategically about what recommendations the Committee might be making to the Secretary.
Again, we will discuss in more detail I think today, perhaps at the Privacy breakout and tomorrow morning at the Population Health breakout, finalizing this feedback questionnaire. The four basic topics that we hope to get information on are data access, tools and measures used to analyze these data, issues around community understanding, and experience with de-identifying data and privacy. We also want to use this as an opportunity to get more feedback on The Community as a Learning System Report.
This is also a nice opportunity for me to shill for new members for the Population Sub-committee. All of you folks who are new to the Committee, we do incredible work.
The way our -- we are creating and Tammara has been incredibly helpful here in creating an online survey that when we finalize, we will distribute through our listservs through the members of the Committee. I really call on all of you. We will provide you with this survey. Send it out to your colleagues, to individuals, to organizations, to listservs that you think would be interested in giving us feedback on these areas around community data use and community data needs.
We are going to distribute it and talk to individuals and then we are going to analyze the results and use it for the workshop.
MS. GREENBERG: It is a feedback.
PARTICIPANT: We shouldn't call it a survey.
DR. COHEN: I am sorry. I don't know how that word got on there. An online feedback.
DR. SCANLON: A generalized request for information such as would appear in the federal registry. That is what I would think it is.
DR. COHEN: Humblest apologies. Our workshop, I think we worked really well to create a really dynamic workshop. The goals, building on our previous work, again, to advance the understanding of access and use of data, refine our understanding of how communities use stewardship and protect data and really focus on figuring out what the role of government is in helping promote these activities.
The three themes for the workshop are how do communities collect, protect, and compile data? By compiling, I mean put together data they get from secondary sources. How do communities use these data and incorporate them in their decision making process to create local change? Thirdly, how can we -- we being the National Committee and HHS, promote and enable this community driven change?
I am very excited that this is going to be a really powerful workshop not only for content, but for structure. What we are going to do is have a combination of expert speakers and the workshop -- I think some of the key activities of the workshop are going to be breaking the group into small groups to discuss these three major themes. We have the structure of the workshop set up so that we will hear some insights from experts on these topics and then break into small groups. I hope these groups will have folks from communities, data collectors, folks who are interested in privacy, as well as data liberators sitting down together to address these major themes and, ultimately, develop recommendations.
The final activity that I mentioned is our APHA panel that we are developing for November. The APHA panel -- and I really have to thank Vickie and Leslie Cooper and Nancy for their leadership. APHA, American Public Health Association, the granddaddy of all public health conferences. It attracts 10,000-20,000 people a year. It is one of the fundamental places for not only presentations, but gathering of people from not only all over the country, but all over the world to share public health insights. There are lots of different sections and stuff. After you Google it, you will get a sense of the extent of its reach.
The session is going to be entitled, What is a Learning System for Health. Well, the session will be entitled -- I forgot what the title is.
PARTICIPANT: Supporting Health Data Needs for Community Driven Change.
DR. COHEN: I apologize. I am going a little too rapidly here. The content is going to be dealing with a variety of issues. Vickie and Nancy will be moderating and then we will hear first from Claudia Grossman from IOM to talk about what a community health learning system is. Then, Clara Savage from Wooster -- it is going to be in Boston so we tried to invite someone from a local coalition. Clara heads up a Community Pathways in western Massachusetts. She is going to provide a local perspective on data use and issues.
Pat Remington is next going to talk about perspective of just creating an infrastructure to support communities using data. He will talk about Match and other kinds of activities. Then, coming from Tufts, will be Marc Rodwin, who will talk about data as a public good. I will try to sort of put things in perspective from NCVHS' and a federal role of how we can help support this activity.
That is in November. We welcome everybody to come up and really help publicize this, which will be sort of an extension building on the workshop in May. It will just sort of continue with the theme that we are trying to create. Thanks. Any questions?
MR. SCANLON: That's excellent. One thing, Bruce, on the APHA, could we leave at the end maybe make it a two-way conversation and if folks have ideas about data improvements or dissemination improvements for HHS --
DR. COHEN: Oh, yes. The piece I left off here is I think this is going to be an hour and a half. 45 minutes will be us. The other 45 minutes will be dedicated fully to participation from the group.
DR. MAYS: Not quite 45 minutes, but I think we have 20 minutes of time for discussion. I think that was -- the plan was Bruce is at the end of the discussants to kind of then open it up to use it as an opportunity to kind of -- I don't want to call it testimony, but to seek some sense of compelling issues from people and what have you.
Also, we will remember to bring our report and things to distribute at that meeting. If you are not there, if you could send them to us, we will make sure they are in the room.
DR. COHEN: I will need some guidance. I don't know whether I will be representing the National Committee officially. I remember doing those ethics things that I need to be careful what my role is. At some point, I will need some help in how I do that.
MS. GREENBERG: You are local, but, yes, I would think you are representing the National Committee in your role. This is not a National Committee sponsored session, but members and staff worked to put it together. If you all don't know -- maybe you already said her name, but Nancy Breen from NCI and Leslie Cooper, also, from NIH, have been working with Vickie. It was Vickie's idea. I think it is a great one.
Bruce will obviously only be in a position to talk about, with his NCHVS hat, things that NCVHS has already spoken to and deliberated and made recommendations on. It is, hopefully, a good way to get people more interested. We found out a year ago when we had a panel at the NAHDO, the National Association of Health Data Organizations, people were going, oh, you guys do that? We thought they knew us. That is always helpful.
I know there was also -- I mean, there are so many things. This group, you know, you have however many people and there are twice that many ideas. They are all good ones. It is hard to keep up with you all. It is impressive. There was some discussion about maybe trying to have, at least for those who are there, some kind of actual NCVHS sidebar meeting in which you were -- had an opportunity, more, to do kind of the work of the Committee, which is getting, whether it be what you were suggesting or other aspects. If we held it in government space and everything, it probably could be done. Is that still on the table?
DR. COHEN: We hadn't really pursued it in order to focus on putting this session together, but that would be fantastic. I know there were issues about travel outside of the DC area for a lot of folks. It would be great if, either before or after APHA, we could have an official meeting. I don't know what we need to do to get that together, but I am certainly open to that.
MS. GREENBERG: Let's talk about that in your breakout session so that we can get an idea of what you have in mind and whether you really would like to do that and see what we can do. Officially, sub-committees aren't even held to the quorum rule, though they may be in the future. Right now, I don't think they are. There are issues with traveling, particularly staff and all of that. If it is a really good opportunity, we should try to make something work.
DR. COHEN: I think we will probably be hopefully by then in the stages of really -- I don't know whether we will have compiled our final recommendations from our May workshop or developing action plans to implement them, but I could see it being a real nice opportunity if folks would be in Boston for this to meet face to face because those are always a lot more productive.
DR. GREEN: Bruce, I have a question. What would be the product that is going to be produced out of this that the whole committee will see and approve? Not just the workshop at APHA, I am talking about that five part enterprise you laid out.
DR. COHEN: So I guess I see several products. The most immediate product, I think, is making recommendations to the Secretary about what the HHS can do to help support communities in their effort to use data for community driven change. Depending upon how much information we gather, there might be Version 2 of the Communities as a Learning System, building on the testimony, reports, and feedback that we solicit. I see definitely recs for the Secretary and possibly a report.
MS. KLOSS: May I add to that? We certainly contemplated that the workshop would provide real life feedback on the stewardship framework and it would give us insight as to how best to proceed with that.
DR. COHEN: I was remiss in saying we hope that there will be lots of folks from the data workgroup involved in this, too, because I see a huge potential leverage point for liberating data and providing different levels of access at the community level emerging from this, too. I see a real synergy here.
DR. CARR: Not only will I come, I will host a dinner.
(Laughter)
MR. SCANLON: I am assuming we are talking about healthcare data, too -- population data and healthcare data.
DR. COHEN: Yes.
MR. SCANLON: So the whole CMS side, claims data, administrative data -- that is for community use.
DR. COHEN: Yes. I think it will be nice not only to focus -- I think as we discussed gaps and future needs, my experience is communities are less aware of the potential use for emerging claims data and a variety of data that might emerge from compiling EHR information. It will be very interesting to hear communities talk about this. I am looking forward to that.
MR. SCANLON: If there is a model from some folks that have already done it, maybe we could find out from CMS what groups have already qualified for that data sharing.
DR. COHEN: Thanks for reminding me, Jim. We have eight slots for speakers as part of this workshop. We have some ideas for some of these speakers, but if anyone has any suggestions about folks for data liberation or privacy and confidentiality, we really need to begin to get our priority list of invitees either to speak or just to invite to be involved in this.
MS. KLOSS: I might suggest that we ask if we could return to that topic tomorrow after the sub-committees have met and we kind of put in place the suggestions that we now have and bring that to the full committee and ask for your help in filling out or confirming that.
DR. CARR: In the spirit of converging, I am just looking at envisioning a federal role, the 14 things that we outlined in the community health data report. I think it is important for us to really build off of this so we continue. The work done in this was fabulous, just tremendous work. We should really build bridges from this to what we are asking, what we are finding, and how it ties together.
DR. COHEN: I agree. I keep looking back at the Community as a Learning System report. If you haven't read it recently, it has a lot of insights and ideas. Some of the detailed questions that we developed for the workshop derive from some of the issues highlighted here.
DR. CARR: Yes, but, to Larry's point, I think committing ourselves to, of those 14, an outcome is going to be we are going to address four of them and we have developed the question so we really have some continuity. I think we are close. I think just committing to that continuity will help frame the next report.
MS. GREENBERG: Speaking of that, and I appreciate that, not only is Justine a former chair of this committee, but she has joined Susan and me as a historian. She doesn't look old enough.
You didn't exactly mention it, but it is in the feedback tool trying to get, also, the input from a report from the early 2000's, that schema of the influences on health of population health and incorporating that, as well. That went into the community report and we are continuing it forward. I think that is the nice thing about having a history.
There was something else -- had we had the morning session that we didn't have this morning, the one that is duplicated by this session so it is okay we didn't have it, but I think we would have talked a little bit more about these three themes that we -- the Executive Sub-committee agreed to in August. We did talk about that on the orientations, which we had.
We had two orientations by the way. Not all of you know, particularly if you are not on the Executive Sub-committee. We had two phone orientations with our new members. We have these three themes. One is really this one about empowering communities with data to improve their health. The other is standards. The third is the convergence amongst all of these clinical, administrative, electronic data. We heard that all day yesterday.
We see that the standards and the convergence theme are definitely integrated. The convergence and this workshop are also integrated. I just think that is the bigger picture that we want to keep in mind. From what Jim asked, will you be talking about all different types of data? Yes. I just wanted to bring that in so we got that perspective.
DR. GREEN: Another question and then I will go to Vickie. Timing. It is very clear what is going to be happen is April/May and when APHA is going to meet. There is a very clear message that whether or not there is a Version 2.0 of the report and if it emphasizes four things and gets framed up that way depends upon the interval work to some extent.
There is going to be a letter for sure. We should be managing ourselves to get that letter produced in a timely way. Could we just talk about that for a minute, please? It seems to me that the steps that we have to go through to produce a letter -- that key pivotal point where the purpose of the letter for the questions or issues get agreed to that the letter is going to address and some draft work about what the recommendations are going to be, it seems to me it would be possible to have that step done at the June meeting of the full Committee.
We will come back to this. It may be too ambitious. I am thinking that it would be very nice if we could actually have a letter for action at our September meeting. I am quite confident that this is complex enough that it is quite unlikely that the initial proposition will be the final proposition. This will evolve.
We are constrained by when the Committee can be convened so if we miss that June window to agree on the conceptualization of the letter, it will be the November meeting that we could do this. Do you have a preference?
DR. FRANCIS: Could I actually interject something? Just to be clear about this, this is a jointly planned hearing of Privacy with Populations. One of the questions that is going to need to be thought about about product, timing -- I very much appreciate your timeframe, but it is actually going to be -- I think it is an open question whether there would be two letters? We haven't resolved that. It is going to depend on what we learn. I think our current intent is to have it be a combined, but we don't know.
DR. GREEN: I absolutely agree with that. Maybe it is time for us to go to discussion with Leslie.
DR. MAYS: I just want to say that we have the feedback tool we are working on. Again, we keep talking about convergence. I just want to make sure -- we are almost ending it. To the extent that the other groups wanted something in it, it is today, right?
DR. COHEN: Our plans are by the time we fly out of Washington, D.C., we will have a finalized feedback form. We are going to be discussing it perhaps somewhat this afternoon at the Privacy -- that section, at least, at the Privacy breakout and tomorrow morning at the Population Health Breakout. If anyone wants to be involved in those discussions, if there are other issues you want us to collect information on, it needs to happen by tomorrow at noon.
Next week, what we are going to do is, even though it is not a survey, clearly, we are going to pilot test it with some community groups just to get some feedback, to make sure that the feedback -- the questions we ask make sense to these groups. The following week, hopefully, Tammara and Kasee can get it in final form so it will be available to all the Committee members and all of the Data Workgroup members to send out to their listservs and their contacts.
Then, probably, that takes us to the middle of March. I think we will have it out in the ether for a month to the middle of April. We will be collecting information until then. That will help us refine our final focus of some of the questions at the workshop and begin building some recommendations.
I see us -- whether we write two letters or one letter, we don't need to finalize that right now. Hopefully, by June, we will have some idea of some of the larger issues, the key issues that we are going to want to focus on. I am comfortable with that. I think September is a reasonable time to try to finalize the letter or letters.
DR. GREEN: Scroll this up. Keep going. What needs to be added into this?
MS. GREENBERG: May I just say one thing? If you are going to try to use either the session, itself, or a sidebar meeting during the APHA, that meeting is before the November NCVHS meeting. If you wanted to get some feedback, et cetera, then that would speak to maybe finalizing it in November. You just have to decide how you want to use that if you want to take advantage of that. It is a short window, but it is just something to think about. Otherwise, I applaud Larry for not wanting this to go on until we implement ICD 10.
MR. SCANLON: Bruce and staff, let us see before you send anything out. Let us take a look at it so we can make it look like a request for information that we do all the time, but not a survey. You probably want to put it on the website, I would think.
MS. GREENBERG: The idea is it is an electronic tool. We are developing some language. It is really for each of you with your day hats, in a way, to help the Committee by gathering -- first of all, we would go back to the people who have already testified to the group and we have already been working with, who were people involved and communities involved with putting together that report.
We have a lot of back experience doing that -- going back and getting feedback on reports we have done. That is fine. It is this broader outreach, which, as I see, is kind of being done by everybody with their day hats to further inform the Committee. We are working on some language so that everybody sends it out the same way. We do not want people saying we are conducting a survey, et cetera, because that is not what we are doing. We are trying to get feedback.
We want, for sure, for you and Maya to take a look at this. We want everyone -- I wanted to say if you are going to push it out to groups that you are working with and that you think could be useful that you use the language that we develop.
MR. SCANLON: A FACA doing a survey is the same as the Agency doing the survey. This has happened before. This is an RFI, like you heard from Ankh and others today. You can ask generalized questions like this. That would work fine. That is really what I think you have in mind. You probably want to have it on the website where it is centrally posted, maybe the NCVHS website as well as if people want to send copies out, that is fine.
DR. GREEN: I would like to issue an RFI to Leslie.
DR. CORNELIUS: It is this bit about the website as opposed to -- because I remember when we talked about moving it to the subgroup it was really because we were playing the fine line between us, here, and how to get this information back. When I hear the item about putting it on the website somehow I am a little stressed and worried.
MR. SCANLON: It has to be located somewhere centrally. If it is a survey HHS is doing it. You don't want to go there.
DR. GREEN: Leslie.
DR. FRANCIS: Linda and I co-chair the mouthful committee. We worked this up jointly. Linda is going to actually handle any questions and discussion. I also need to say that Maya back there, who is our lead staff person, is enormously helpful. We have had a number of sub-committee meetings and conference calls that have gone into this. What we just tried to do with these slides is give you a very brief sense of where we have come and what has motivated us in shaping the way we are approaching the hearings in April.
Right after the CHIP report, we, as a sub-committee, with the thinking that the goal was convergence on themes, including communities as learning systems as a paramount theme, how data could be used well, we did a lot of brainstorming about who our stakeholders were, what are the major issues, to try to decide where we should focus the sub-committee efforts. This is now going back before we produced the stewardship letter. This is just a non-exhaustive list of some of the more important stakeholders, patients/consumers. These are all stakeholders in what gets done with data -- public health, health plans, policymakers, regulators, vendors, exchanges, legislators, and so on.
Here is a very small list of some of the issues for -- I guess I will call themes that we had seen running through many of the discussions. The critical importance of trust we heard about this morning. If people don't trust how data is being used, there are going to be problems. There are going to be problems in getting the data, keeping the data, using the data.
Consumer education. It is really important for people to understand what is going on. Community engagement to improve health and all the wonderful roles that data can play in that. The important of innovation. We are tremendously aware of what an innovative field this is. The expansion of use of health information in non-health contexts. I don't even know what counts as a health context anymore. Where you locate your grocery store is or maybe isn't a health, for example. I certainly know that my health insurer doesn't pay for my lettuce. How we even think about health is complicated.
All the myriad secondary uses -- cloud technology, the idea of having rules following the data. Should the rules follow the data? Should the rules be segmented to the custodian? Patients expect the rules to follow the data so that their data in one place is as protected as it was in another place. The whole regulatory structure we have doesn't work that way.
This is actually a slide from a year and a half ago that we thought might be interesting to see how we identified issues.
We had a hearing last April. These are some of the themes from that hearing. This was the hearing that was designed to result in the Stewardship Letter. The Stewardship Letter was the coordinated side of the CHIP report. What the CHIP report said essentially, at the end, was unless we have good stewardship, we are not going to be able to do all of these great things to improve community health. We took our role, then, to be to take that next step and to think about stewardship.
These are some more of the themes that came out of that April hearing. The importance of chains of trust, of participation, of consent. That privacy isn't an individual issue. It is a social issue.
From that hearing, we developed a letter that is in your packet, I believe. It was sent in December. I think it was in the agenda book. In which, we identified the following eight elements of a stewardship framework for the use of community health data. These come from fair information practice principles and what we heard in the myriad forms that they now appear in the prior committee work and elsewhere and from the April hearing.
Here were the eight elements of the stewardship framework in that December letter. These are drawn directly from the letter. The importance of considering each of these -- openness, transparency, and choice, specification of the purpose of data use, community engagement and participation, data integrity and security, accountability of a data steward, how the data steward should protect de-identified data, how a data steward should attend to the risks of enhanced data sets.
We also called out in that letter issues when data sets get enhanced and when they are small groups. I noticed -- this morning, I didn't have time to ask a question, but I noticed Jim's discussion about small groups. That is a very important stewardship issue.
This is considering, thinking about if you are a steward. This isn't particular recommendations with respect to stewardship. This is a framework for what you need to think about -- issues of stigma and discrimination.
The Stewardship Letter made these four recommendations to HHS. HHS should facilitate the development and promulgation of stewardship models when health data are used to improve community health. HHS should support the development of dynamic guidance resources, compiling best practices for experts, communities, and other data users based on what is being learned about stewardship. HHS could help by compiling case studies of results that communities achieved through their uses of data so that other communities might learn and be inspired. And that HHS should promote the creation of training materials for researchers who collect and use community health data.
Those were specific recommendations. We have, in cooperation with the Populations Sub-committee, wanted to facilitate what are people wanting to do with the data? How can that be married to stewardship frameworks? How can stewardship frameworks be developed in such a way that they enable communities to use data the way they would like to use data?
We, in conference calls, looking back at the stewardship framework issues and the specific recommendations -- actually, this is also from the Stewardship Letter. I'm sorry. These are high priority areas for resource development in the Stewardship Letter --how-to examples, and case studies about de-identified data, data use agreements and their enforcement, risks of disclosure and data reporting, including information about data aggregation and the small group issue. What are useful methods and practices for openness and transparency about data collection, maintenance, and use? What are good ways of engaging communities and closing the loop with them?
Here was the way we kind of distilled that. This is now what I got a little bit ahead of myself a little bit with for the April hearing. To focus on what are communities doing and what are some of the helpful things that could be shared among communities with respect to when you are a steward of community health data? How do you achieve openness, transparency, and accountability? How do you handle the issues of enhanced data sets and data aggregation? Are data use agreements useful? How are people using them? How are they enforcing them? What are some of the issues that come up? What are some of the models for community engagement?
Those are some of the themes that we want to be able to produce either recommendations to the Secretary or, if you go back here, documents that are helpful documents for folks who are using data, which is more on the model of what the CHIP report did and less on the model of a letter to the Secretary, but which could include, possibly, examples of good practices. Guidance document is actually a formal term. We are thinking more of here are some useful how-to's and here are some possibly useful -- we may learn about useful training materials. We may learn about particular case studies that are particularly useful with respect to questions of openness and some of these other issues.
We are planning in the information request to find out from communities what types of data -- for people who fill out the survey monkey instrument -- the instrument, not the survey -- we are intending to ask them what types of data they collect, what types of data they allow others access to, and what types of data they get from others. Is it all completely anonymous? Is it de-identified in the HIPAA sense? Do they have identifiable information and so on? We do intend to ask questions about data use agreements, as well.
If you want to know more about all of that stuff, we are going to be having two joint committee meetings in the spirit of brilliant convergence. The first one will be spearheaded by Privacy and the second one by Pops tomorrow morning.
DR. GREEN: Questions? I understood right that Linda is going to deal with questions?
MS. GREENBERG: You also want members, right?
DR. FRANCIS: Yes. In introducing myself, I -- I think there is a really important sense, in which if you are -- I am also a member of Populations. I think there is a really important sense in which if you are interested in using data, you have to be interested in protecting it, too.
I see them as -- I don't even know that I want to say flipsides of the same coin. I think of it almost as those wonderful amusement park things that you got that if you looked at the picture one way it was one and if you moved it just a little bit it was about something else. I really am deeply committed to the idea that use and protection go hand in hand. Each enables the other. That is just my own little personal soapbox.
MS. KANAAN: I would like to offer a little bit of almost simultaneous translation, especially for the benefit of new members. We have two different names being batted around for our report. I hope we can come to a single name. What Bruce is calling the Communities as a Learning System report, also known as the CLS report, is, I believe, what Leslie is referring to as the CHIP report, CHIP is sort of the old original working name having to do with community health information. Just so you all know that we are talking about the same report.
DR. MAYS: One of the things that, at least for me, is becoming clear is the differences in who we might need to solicit as participants. It sounds like for your group it really is different than ours because it is a much more sophisticated community group because you are really wanting to ask about this data stewardship, which I don't think there is a lot of groups that have been wrestling with that. Either it is we are asking at a very basic kind of level about the issues that go into a stewardship or you are asking at the level where you want to learn more about models of stewardship. Is that -- can you help me with which is your priority?
MS. KLOSS: Well I think we -- I would go back to last April's hearing. We really had a range of individuals, those who really were carving some new ground in community health and had a sense of the issues of stewardship, but perhaps didn't label it and call it that or have understanding of formal frameworks, and we had people who were good at community involvement, not even necessarily health. I think we need a spectrum.
That is why I think the design of the agenda really allows us to hear from a range of perspective. Because we are using breakout techniques, we need a range of perspective on these complex issues, I think. I think that is the work that we have to do later today and into the morning is start plugging names in. I certainly think we need some academics, but we learned a lot on these issues -- in fact, some of our breakthrough thoughts about privacy not being an individual issue came from people who were working in the trenches on these.
DR. FRANCIS: One of the things that we heard was communities -- a role for HHS is to facilitate people sharing information with one another. That is part of what is behind the workshop design. Another thing that we learned, though, is that there is -- there is need for some more information for communities. They want to know how to think about the small group problem, but they are not entirely sure how to do it. That is a more expert question. It may be that we will learn from the instrument that there are some people out there with great ideas that we haven't tapped into.
MR. SCANLON: As you know, NIH does community based research. They also have policies and processes for community engagement. Now, that is probably a different scale then what we would be normally be talking about here. It carries with it a lot of process that could be costly. If there are some principles that we could borrow -- Robert is not here today, Robert Caplan, but if there are principles, policies, or practices we could look at?
DR. FRANCIS: We actually did hear from people. That was at the April hearing, we heard from some of the folks who are involved in that kind of community -- the technical form of community engaged research. It is a great reminder.
MR. SCANLON: Again, I would just keep in mind that this is a continuum and a scalability here. The governance and the procedure is sort of proportional to the level of effort of the resource, itself. Some policies and practices that would be good for fairly well resourced kind of an activity with potentially identifiable information is much different than pulling together 12 indicators. That is all. I think there is a set of different principles for each one.
DR. GREEN: We saw a year and a half ago this variability of communities in range and scale. We heard from communities that are so far ahead of the privacy/confidentiality screen frameworks that is was, frankly, a little frightening. They are ready for your list of things. They are ready for guidance about how to do this. We also saw communities where it had not occurred to them what they were getting into and where they were headed. We are going to see this range.
DR. FRANCIS: One of the things we learned, I think, is if you ask a lot of communities have you had any problems about privacy, you get the answer no. The reason you get the answer no is they haven't thought about it. It just hasn't been on the radar screen, not that it isn't an issue.
MS. KLOSS: I think as we have talked about what might be a useful output, is describing different case studies that individual communities can identify with. It is not a set of victims. It is really a set of models that they can identify with.
DR. FRANCIS: We were very clear on that in the Stewardship Letter. The recommendations were not necessarily to have recommendations about this is how everybody needs to do it, but, rather, to have good examples for different types of situations that could be helpful.
DR. GREEN: For planning purpose, now that we -- at this stage of the conversation, we haven't heard from two of our sub-committee groups. I think we now know that a letter to the Secretary from this may actually have to be two letters. Or not. We don't know. You have also strengthened the probabilities that there is going to be a report in addition to that.
I think we should go forward assuming that in 2013, products from this work are going to include at least one letter to the Secretary, possibly two, and at least one more follow-on report. The purpose for a plan is to know whether or not you are following it so you know when you quit doing that and you diverge to something else. That is what we will put in the plan to start with.
MS. GREENBERG: We, in one of our many marathon teleconferences, we have discussed -- the groups have discussed this. We even at one point said, well maybe we need two different hearings. There is a really strong convergence desire here to show that these are all, as you said, parts of a whole. I think -- I would hope that all of the aspects of the hearing end up in one letter tied together and then there could be other documents.
For example, as you said, Linda and Leslie have both talked about giving more examples, having models or practices, and all of that. That could be a document unto itself. There may be some other things that come out of more the data population side of it. I would hope that there would be an overarching letter that would bring these together.
It was very interesting yesterday that when we were talking about attachments, which sort of no longer is known as claims attachments, although, that may be step one if somebody is talking about the claims attachments. We had great discussion about convergence of data and all of these different types of data from all these different sources. Again, another marathon morning where we had gone on for maybe three hours before someone mentioned privacy, the minimum necessary, and all of those things. It isn't always the first thing on peoples' mind, but at the end of the day, everyone was going, oh, yes, of course. I think that is why it is so important that these things be integrated.
DR. CARR: Somebody just said something about the idea of giving examples, which really struck a note with me because I think we need to have a sense of what the destination is. I think we get into a lot of challenges when we think in terms of you must, you must, you must. I think what Leslie said before that at the end of the day, it is all about trust.
I think we ought to begin to have the framework that maybe we have guiding principles. There are six principles and achieve as many as you can. I think where we get stuck is we say it must be A,B,C, and D. The more we learn about data and the potential and the abilities, it will come back to -- the fundamental will be about trust. To me, I think it is important for us to define our destination. Is it an absolute or is it a guidance?
DR. GREEN: Bruce, then we will go to Bill. I am going to reverse myself. Let's hear from the Standards folks so that Paul can sort of process all of this at once before he talks about quality.
DR. COHEN: I am ruminating on your focus on outputs. I think, given where we are in our attempt to converge different techniques for dissemination, I would love to see us challenge ourselves to see if some of the outcomes could include development of model apps and YouTube videos of how to do how communities do this. I think when we talk about our output letters and reports are nice, but we have heard constantly that there are a lot better ways or alternative ways to reach the audience that we are interested in. I would love to see us think creatively about having our work product in different venues.
DR. GREEN: I am sure Linda Kloss will have a very hard time with that, but I bet she can get through it.
DR. SCANLON: This is in some ways a follow up to what Marjorie raised and what Justine followed with. What triggered my interest in making a comment was the notion of minimum necessary. It was true that -- I won't say it is because we didn't value privacy, but when you are drinking from the fire hose sometimes it takes a while to get to the topics, right?
This is not quoting from legislation, which is the minimum necessary words, but often we talk about necessary and sufficient. I think we have to recognize that we have been living in a world where we may have had necessary information, but we haven't had sufficient information. Part of the reason why we haven't had sufficient information is because of the burden of collecting it. That was part of what yesterday's discussion was about, how the world is changing and the world is going to allow us to have sufficient -- closer to sufficient information to deal with a lot of the objectives that we have sort of in mind.
While we have that potential, we have to worry about privacy and confidentiality. We also have -- I think this comes to our talking about trust. We have to create sort of a situation where there is enough trust to allow the sufficient information to be sort of in the hands of the people that can use it to accomplish very important sort of goals.
I just wanted to say that because I think that is something where these two come together, but it is critical that they come together and that they work together to accomplish sort of a bigger picture and goal.
DR. MAYS: I think we are all talking about kind of this product and what it needs to be. To me, there are two issues. One is sometimes we are asked to do something because we are responding to the Secretary or to your office. That is one kind of thing. We have to think in that framework of how it helps. On the other end, we are talking about, it seems, trying to help people who are out in the community. That seems to be like a different kind of product than we usually think about.
To some extent, I think we have to have a frame as to who is the primary target that we are trying to offer what to and then to frame how we do that relative to what works for that group. It may not be -- that is why I am a little confused about what we say to the Secretary. Is it that we say to the Secretary we think these things should be done? Or is it that this is an instance in which the community group is empowered if we were to give them something to just run with it?
If we had some great guidance, do we have to go through the Secretary with that guidance? Is it something -- I remember who we are supposed to be a FACA to. The way we are doing our hearings and talking to communities so directly and they are kind of primed to run with this, I guess I am just confused a little bit as to what we give seems to be very different for the Secretary than maybe for the community.
DR. GREEN: Linda, a couple of meetings back, I thought was quite eloquent about definition of the audience. Did you want to make a comment?
MS. KLOSS: Really? I guess what I was going to say is that in the design of the agenda for April, we really allowed the final half day to wrestle with just these questions -- the range of stakeholders and the messages and the products. I think it is hard probably to go very much further than what we have gone today until we are together having heard what we have heard and then start distilling it. We appreciate your message of the sense of urgency.
MR. SCANLON: Can I respond? Your main client, not your only client, is the Secretary, even if you are developing tools and guidelines for others. It is not really that difficult. All you do is inform the Secretary that you believe this is a good opportunity and it needs leadership and convening or other things that HHS can do. One of the things this Committee has already learned is that a tool set or something like that guidance to communities would be very helpful and we are happy to convey this to you. Then you post it on the website and make it available in other ways.
That is different than actually making recommendation that HHS do something. It may be a combination. I don't see them as dichotomous. You should always report back to the Secretary, I would think, just as your boss, basically.
DR. GREEN: Let's keep moving here. We are going to flip this after all. Let's hear from these folks, who just don't have enough to do. I mean they just don't have enough to do.
DR. SUAREZ: Let me switch. I think what Ob and I wanted to do first was to give you a picture of where we are in terms of our Sub-committee work and sort of our plans for -- we will see how this goes. What we want to do first is really give a quick overview of where the Sub-committee on Standards is. We presented this and discussed this with the Subcommittee at a January call. I think it is a good way on introducing the topic that we discussed yesterday at the hearing.
First, I certainly want to acknowledge the members of the Sub-committee and our liaisons and welcome our two new official members to the Sub-committee. Certainly, we are very excited to have Alex join the Full Committee and particularly our Subcommittee.
DR. GREEN: Let's just hit the pause button there. Alex is on this Committee? All right.
DR. SUAREZ: It took us some convincing. No. We welcome all of the other new members, who have joined us as well. I know there is a lot of interest in this topic. I think you will see the connection. That is the main theme, hopefully, that you will see across is the connection between the topic that we are covering and the work that is being done by the entire committee and all of the other subcommittees.
I am now going to very quickly go through this. This slide is sort of a replica of what you saw from Denise's presentation this morning, the CMS Update on the status of the different regulatory activities. You see the operating rules that have been published that are coming up. You see the planned compliance certification, the ICD 10. You see the Plan ID, attachment standards. These are the regulatory dates of compliance with those.
This is something that you heard this morning and I am not going to spend time, but this is, in great respect, the main thrust of the work that the Sub-committee has done over the last several months. It is continuing to do this this year.
Some of the key topics on the agenda for the Sub-committee are basically summarized in this slide. We have to -- we are looking at recommending the standards and operating rules for claim attachments to the Secretary. We are looking at, also, the need to recommend operating rules for the remaining transactions. One of the things that you saw in the previous slide is this item that says operating rules for claims, enrollment, premium payment, preauthorization, and claim attachments are due January 1st, 2016, the compliance date.
Claim attachments is one of them, but there is the need to review and recommend operating rules for the remaining transaction because there needs to be a regulation published about that in 2014. That is part of our responsibilities.
Every year we receive a report from the Designated Standards Maintenance Organization. These are six organizations that have been identified in the HIPAA law to be the designated standards maintenance organizations. They are NUBC, the National Uniform Billing Committee, the National Uniform Claims Committee, the Dental Content Committee from ADA, HL7, HealthLevel 7, X12, and NCPDP, the National Council on Prescription Drug Programs. This report we receive every year around June.
That report, by the way, in some years, is very critical because this is the report that recommends to this sub-committee that the industry is ready to move to version 5010 of the HIPAA standards. Now, we hold hearing and listen to the industry based on the recommendations and then make our own recommendations to the Secretary that, yes, we should adopt regulations that move the industry to the next version or a new standard or new transaction. It is a very important report for us.
Monitoring the industry status of implementation of various standards, codes, and identifiers and operating rules. One of the roles and responsibilities of the Sub-committee is to keep an eye on how the industry is evolving and implementing all of these regulations. Every year, we also hold a hearing in June to listen to the industry on where things are with implementation of 5010, for example? Or how is the planning and preparation for ICD 10? How is the planning for the Plan ID going? All of those elements are part of our hearing every year usually in June.
Again, monitoring the industry planning for upcoming compliance. In addition to how things are going with the implementation of things, how things are going with planning of the upcoming requirements. You heard EFT and ERA are going to come into effect January 1st of 2014. The Plan ID is also in 2014. We need to talk about that and listen to the industry about how things are evolving.
One of the last items is this HIPAA report to Congress. Every year, we look at putting together a report. Not every year we actually do one. Last year, we took the time to do -- two years ago. We took a major effort to do a larger report because it was the tenth report since we have done it.
That is our overall agenda for the Sub-committee in the coming year. We have established a little bit of a work plan. The last two months we have been planning for this particular hearing that we had yesterday. Yesterday, we had the hearing so that is the February NCVHS meeting. That is the Sub-committee hearing. We are having a meeting this afternoon after this meeting to talk about a couple of specific topics -- smart cards and card IDs and NDC, the National Drug Code, a couple of issues around that.
Then between March and June, we are really going to take time to debate and deliberate on the discussions that we had yesterday and the recommendations and the observations coming out of the hearing. I prepare a letter to the Secretary to present to NCVHS in June with observations on recommendations related attachments.
We are also, as you know, we also held a roundtable. It wasn't a hearing. It was a new form of getting together called the Roundtable where we invited a number of leaders in different areas and from different perspectives to discuss really the future of information exchange between providers and payers, really, the future of the data exchanges in support of all this transformative care that we are seeing, transformative activities that we are seeing in the industry.
We need to talk about what are the next steps with respect to that. We, as a sub-committee, have been talking about it and are looking at the possibility of holding a second roundtable in partnership with CMS and others this year at some point.
Now, in June, we are going to be presenting to the Full Committee the recommendations on attachments as well as we are going to plan a hearing, our June hearing, on various topics, as I mentioned listening to the DSMO, report the status of the implementation of the various activities around HIPAA, Plan ID, standards, compliance certification if we see or have anything out already from the regulators.
Those are sort of the main activities, I guess, for June. Then in July and August, possibly holding the second roundtable discussing the observations that came out of the hearing in June and discussing plans for a possible 2013 HIPAA report to congress. It hasn't been decided yet to do that or not. That is something we will be doing in those months.
The later part of the year gives us an opportunity to really look at some of the larger topics that we have and give us some more time. We don't have a lot of detail, yet, on those, but it will certainly give us an opportunity to bring in some of the larger topics once we have dispensed of all of these priorities that we have.
Attachments -- I want to just give a brief overview and then Ob will be closing with some of the themes that we heard yesterday. Then other members of the Sub-committee and the Committee that were there will be also able to jump in and provide some more information for everyone, particularly for the new members.
Some of the quick background about the attachments, particularly claim attachments. This was actually originally included in the HIPAA law as one of the defined transactions. As you can see, Section 1173 identifies a health claim attachment as one transaction for which electronic standards should be adopted or have to be adopted.
NCVHS actually held hearings back in 1998 on this topic and recommended adoption of a standard. Of course, significant work was done between 2001 and 2004 to define what really attachments were and developed some of the standards and tests, actually, for various scenarios and application. Several entities conducted this very, very successful and valuable test on the implementation of electronic claim attachments. Then NCVHS submitted a letter, officially, to the Secretary back in March of 2004 and November 2005. In September of 2005 is when HHS published the proposed rules that describe all of these elements about the claim attachments and the when and why and who and how and all of those details.
Then that stopped. That is where we stopped, basically. Nothing else happened after that. A lot of discussion and debate. If you remember back in 2005, HL7 and all of the other elements around EHRs were just beginning to get a lot of momentum out of the ONC initiatives and HHS initiatives. It really -- I think HHS took the time to take a pause and say let's look at how this evolves and see how this really can be done. If we were to introduce this right now, it would be, perhaps, too disruptive and too advanced. We don't want people to go back to paper, but actually begin to adopt more electronic transactions.
With that background, let me just highlight a few of the things that have happened. You all are very familiar with this. Really, I think a couple of very critical aspects of why this attachments topic now is so important. These items that I tried to list here -- first of all, this is all about the patient and trying to improve the care of the patient and improving the experience of the patient and avoid potential issues with respect to delays of care because of need to send and back and forth information between providers and payers.
It is also all about data. We heard all morning the importance of the same data is being used in different places for different purposes whether it is a clinical message between two providers being done along the lines of meaningful use or exchanges between a provider and payer to fulfill an administrative transaction. It is the same data. We are finding more and more that it is, indeed, the same data. Actually, there is this lack of perpetuation of the concept that there are really two worlds here. One is the clinical world with all of their data and then there is this administrative world with all of this complex systems and processes and their own data, too.
There are all of these other elements. The triple aim has certainly pushed us to look at improvements in ways of doing business to improve quality and efficiency and the population health. High tech, again, has pushed us, particularly with respect to the EHR adoption and the standards associated with clinical messages. It has really moved the ball forward so far that it actually has permitted what we heard yesterday, which was amazing.
Then there is care delivery reform and all of the things that are coming up with respect to reform from medical homes to accountable care organizations, health insurance exchanges, all of these elements and the payment reform that goes along with it. All of these are changing not just the type of relationship and the business relationships, but also the data needs between these organizations to support these processes. Then there are all these other aspects of mobile health and personalized health care.
You know, this morning I was so excited to hear all of this incredible work that, in a summary, had been done by ONC, by CMS, by others. Then there is this big cloud that we have to be very careful and mindful of and that is privacy and security. At lunch, I heard a couple of very interesting stories from Leslie about real realities of electronic health data and how a lot of people are looking at it and using it. You learn about it in the most incredible ways.
I was really, really very excited this morning and then I went to lunch with Leslie. It was amazing. It was incredible the true stories. At some point, we should hear them because they just give you a sense of how important privacy and security is.
Where does this come from now -- the need to really move again along the lines of attachments? The Affordable Care Act, as many of you know, had a number of provisions. One of them was very specific. It said the Secretary must publish final rules by January 1st, 2014 on claim attachments, specifically. It was a very direct order to move along in that direction. The proposed rules have been published. The idea was now we have to publish final rules.
NCVHS' role then becomes what we have done in the past, which is convene hearings and listen to the industry about where things are and how things are evolving with respect to attachments? What are the priority areas where attachments apply? What are some of the latest developments with respect to the standards, with respect to the technical ways of conducting with the data, itself? Then we make recommendations to CMS on the adoption of the standards, implementation, specifications, and operating rules for claim attachments.
Here you see the timeline very briefly. We had a first hearing on this in November of 2011. We just invited the industry to tell us where are things today, at that point in November, and then how are things going to evolve between then and by the time we really need to make recommendations? It was a very, very useful hearing as well.
Then the second hearing was yesterday where we really focused on the scope and the definition and the priorities and the standards and where things are and what kind of recommendations the industry had for us. We expect, again, recommendations to come out from us back to the Full Committee in the second quarter. Again, the regulations, as it looks right now -- this is January 1st, 2014 to publish those. We will talk a little more in a second about some of the perspectives of these. Remember, the expectation is that there will be a final rule coming out.
Some of the things to consider that we had in mind when we prepared this particular meeting was the scope of what we want. That is why we started to say, well, should we really call it claim attachments? Should we just focus on the general concept of attachments and put it in quotes? We kept putting it in quotes because we felt that -- I think Bill said it magnificently yesterday -- we should stop perpetuating this concept of separating the concept of data for administrative and data for clinical.
When you think of an attachment the simplest way to think of it is simply a message that contains medical documentation to support something -- support a function, support a process, a business process, for example, a claim, an eligibility inquiry, or a prior authorization enquiry. It is no different than the same information that goes from a provider to another provider to support a referral or to support some other transitions of care.
At the end, we are truly seeing -- and that is the unique opportunity that the topic of attachments gives us as a committee is to truly see, finally, the convergence of this concept of information about a patient that is used for different purposes, but it is ultimately the same information. Conceptually, yes, we want to make sure that we align the recommendations and the exchanges with the same type of standards that are being used by providers to exchange data with other providers when they need to do that.
The other topics -- you know, we have to come up with a definition of the business application of this transaction, the applicability, the priority areas of the transactions, and then identify, certainly, the standard that is being recommended, the implementation specification, the code sets of the transaction, the operating rules, the transport mechanism, and a few other things that you see there. That is our sort of need of what we need to cover in our recommendations.
The structure of the hearing was basically a first panel with industry representatives from the standards body, basically. We heard from HL7. We heard from the Regenstrief Institute, which maintains something called the LOINC. I am not going to try to remember what it all stands for. It is the code set that is used to identify the document that is expected to be attached or that is needed from a payer to a provider. The code that identifies that we need a copy of discharge notes. That is a specific code set that is being used for the transaction of attachments.
We heard from the X12 Standard body. We heard from pharmacy from NCPDP. We heard from CAQH/CORE, the operating rules authoring entity. We also heard from esMD, the CMS Medicare project called electronic submission of medical documentation. Nice name for exactly what we are doing, medical documentation exchanged. We also heard from CMS, the OESS side. This is the regulator who basically told us this is what we hope you can provide us in terms of input to draft and to write this regulation.
Then the second panel was industry perspectives, plan perspectives, the provider, multi-stakeholder, the vendor. We did not have the consumer. We probably should have had the testimony from a consumer on this because they provide a truly different perspective of privacy and other things. We went with this. We also heard from ONC in terms of a big picture of how this concept of attachment also fits along with all the other activities that are happening under ONC's leadership.
We sent questions to testifiers in advance, a lot of detailed questions. We asked them to try to address them in written testimony, as well as in their oral presentations. We received an incredible amount of information. Some testimony we received on paper only like the American Dental Association and the perspective of the dental industry with attachments and how it applies to them.
Anyway, we had an incredible hearing yesterday. We really, really appreciated the detailed work done by each of the testifiers. This has been, as I have been hearing from a lot of people that attended, one of the best hearings. The depth and the specificity of the testimonies were just incredible without necessarily getting into a lot of the details because people were able to really follow, people who normally don't follow technical discussions.
Here are my themes. I will then let Ob --
DR. GREEN: Walt, we need to adjourn so you can go do more work pretty soon.
DR. SUAREZ: Let me then turn it really quickly to Ob to just say a couple of things before we adjourn if that is okay.
DR. GREEN: Okay. I am going to ask everyone to hold our questions. You will see on the agenda that tomorrow morning we are coming back to this to crystallize everything. I am going to impose on the Subcommittee time about three or four or five minutes to ask Dr. Tang to comment about the intersections he sees with Quality.
MR. SOONTHORNSIMA: Very good. Thank you, Walter. If you think about, again, stepping back 65,000 feet, you think about all of the things that are happening in 2014 -- ICD 10, Meaningful Use, EHR adoption, HIPAA operating rules, claim attachment, and then we have this health insurance exchange that is taking place this year as well. There are definitely lots of things going on. There are also lots of great opportunities.
If you think about all of the goals of each of these initiatives, they are all very well defined. I think they are worthy goals. However, when you have the intersections or when you have things going on at the same time, those goals may -- the result may be sub-optimized.
This is where convergence -- and we started talking about this over a year ago. The intersections for all of these initiatives, the intersection of these initiatives, the common set of data or requirements that are going to derive from the richness of the data, whether it is clinical, administrative, marrying the two, that is probably where our biggest strategic opportunity lies as a committee.
Recognizing that we have to move away from this concept of claim attachment -- this is a concept of 1998, you mentioned -- what opportunities do we have now to influence and make recommendations for the Secretary so that we can look forward and, at the same time, try to address some of the pain points that the industry is going through?
What we heard yesterday, and I am going to be very brief, a few points -- yes, it was like drinking from the fire hose, but it was very rich and there were some consistent themes. One is that we felt that the Standards Development Organization, SDO, and operating rules entity really are in alignment. They really are coming together and they are recognizing the need for collaboration more effectively. We are seeing that. That came through yesterday.
Everyone seems to agree that this is no longer about claims. Everybody seems to be concerned about the rule being too prescriptive. Again, this notion of why are we trying to address something that is in the past? Things have evolved, even within the last five years. At the same time, don't make it too broad because, otherwise, you are going to make it too daunting for the industry to implement considering everything else that is happening at the same time.
Regardless of the rule on attachment, education and awareness of this is very, very critical. While there has been a lot of ROI -- I guess there have been pilots that took place back in 2004. Again, things have changed. There is not a whole lot of adoption yet. Let's be cautious about what we actually are going to advise the Secretary. Another thing we heard was let's prioritize area where we are going to have the biggest gain.
Lastly, roadmap. I don't know how many times we heard the word roadmap last night or yesterday. We heard roadmap again from Denise this morning. With that said, I think the next step for us is to hone in on the theme. Here is an opportunity. Do we focus on the past? Do we focus on the present? Do we focus on the future where the intersections lie? There are lots and lots of option. Do we narrow it down to just the packaging? Do we narrow it down to the data standards?
I am going to get too technical, but there are different options in terms of what we can advise the Secretary on. Hone in on the themes. Craft different recommendation options. And really get a lot of dialogue going within the next few months. We don't have a whole lot of time. This is a lot of work. I will pause right there.
DR. GREEN: We will reconvene. You and Walter can lead the discussion where you want to in this room in about 10 minutes.
DR. SUAREZ: Yes. I do have to take one more minute to make a very, very critical announcement. I really am very excited about this and it is so important for this work. As some of you know -- and I forgot totally because of how many years -- 20 years ago, probably one of the most seminal, important reports happened. That was the 1993 WEDI report. Many of you remember. Some of you remember. That was the seminal report that actually created HIPAA as we know it today.
Well, WEDI has actually convened an Executive Committee that is going to be chaired by the former Secretary Louis Sullivan, coming back and he is inviting very high level, CEO level people from health plans and provider organization, convening them with the exact same objective that he had back in 1989 when he convened a group that formally created WEDI in the first place.
He is asking them to come back and participate in this group, which is starting April of this year, and look at how they can again transform, truly, the healthcare system, the way the original goals of the 1993 report called for. We are very excited to hear about that, at least from the Sub-committee level. We are interested in certainly following up, working with them, and inviting them at some point to report back to us. I just wanted to take one minute to inform you all.
DR. TANG: Actually, this is going to be good to follow up on what Ob just said. First of all, my one story pitch to the new members. If you want to take advantage of a once in a lifetime opportunity to participate in creating measures for consumers and provider to fundamentally change the healthcare system, then we are your group.
The other point is that -- I don't know -- about a year ago this group said, you know, we do a lot of cross-cutting things. That is the way we ought to do business. We should do it in a convergent way. You will notice that every group re-emerged as the group working in convergent ways except for Quality because we were team players and we said we are going to support all of the three themes. That is what we are doing.
It is labeled as overlap. I think it is overlap, but I think it is also conscience. This is where it is going to follow up with what Ob said. In the whole quality measurement space, after decades of reliance on what we had, which was the administrative and the claims data -- and I think it was as Bill Scanlon was saying. It is necessary, but it is not sufficient. We are at an inflection point where it no longer has to be sufficient or can be to do the job we want to do.
The other things that happened in the past few years have now made EHRs going to be in front of every provider. PHRs, I would say, are going to be in front of every patient and consumer. We are going to have a lot of data that we should not only leverage, but cause to be collected in ways that we never envisioned before. That is what has changed. That is the new norm and the new necessary -- the new sufficient.
At the same time, as I mentioned earlier, we are causing a lot of consternation and change in the providers. We are asking them all to use these electronic tools. We are actually already scheduled to ask them to change their coding system. We had in mind one coding system, but the earlier remark is shouldn't it be take advantage of a better coding system, one that can feed into the things that we want it to do.
We are asking patients, both implicitly and explicitly to take more control of their own health. We are going to give them more financial responsibility. We already have been giving them more financial responsibility. We are going to do more.
Why don't we take this opportunity when we are totally reorienting everybody's sights to do the best -- pick the right rational choices, whether it is data or tools or focus? I am going to talk about two cross-cutting themes on the conscience side.
One is, as we look about -- what Ob was saying was where do we focus -- the past, the current, or the future? I think this is the do we be proactive or are we responsive? We just heard about a litany of things that we are asked to do almost by statute. One of the things we are good at is to look forward when we give ourselves a pause and do that. I think the looking forward, one implication of that is this whole SNOMED versus ICD 10 as a coding system for what we do and about the health of individuals in populations.
For individuals, it is certainly more about the clinical terminology than the classification system. That is the basis for saying should we take a pause, then, at the time we are about to force -- nobody really has yet -- at the time we are forcing everybody to change their coding system, pick one thoughtfully thinking about the future.
The other cross-cutting is actually, ironically, we used to be in the medical -- we still are -- the medical model of thinking about things. It is the mental model of how we think about health is really as healthcare. We have sort of inadvertently flipped over, as I sort of listened to us today, into a population, but population as if it is a thing. It is just a thing. There are people who worry about population health. We are communicating and giving those people tools to work on population health. We sort of forgot that they are made up of individuals.
Ironically, we actually swung the pendulum all the way over the thinking about the aggregate and a little bit less, I have to say, about the individuals. That is a little bit of a caution or conscience in the sense of -- and it goes back to what are we trying to measure? One of the things the former Quality Sub-committee -- there have been many -- talked about were the measures that matter to individuals. We got closer to thinking about them as being a part of a community, but I hope we didn't step over them and forget about the individuals.
An important piece would be personalizing quality measures and care and health around an individual to get the engagement. Could we think about that as we -- sort of looking at the hearing -- and I am a part of that group, too -- we are thinking of putting together, are we talking about individuals or are we talking literally only about communities? I think there is -- when we go back to our roots of data, it is really data about individuals so we can measure what we do with individuals to improve their health and then raise the health status of the country. We almost have to think of it that way to make sure we are measuring the right thing so that the individual consumer, the individual patient, and the individual provider has the tools necessary to do their job. Those are my sort of vote for conscience thoughts.
MS. KLOSS: Can you clarify one thing? When you were talking about SNOMED in this context, you are talking about it as the basis for constructing e-measures, are you not?
DR. TANG: Correct. Well, so what are e-measures? We want to have something that can come back and affect individuals.
DR. GREEN: That is meaningful to providers and patients.
DR. TANG: That is meaningful to the providers and the patients. One of the powerful things we have been tapping is that if it is meaningful to them -- and it has not been so far -- then you get a lot of things, quote, for free. There is so much that both providers and consumers want to do for themselves that you actually don't have to pay them to do that. You just leverage their individual responsibility, accountability, and pride.
If we miss the boat on getting the right measures -- that is why the measure, itself, is so important. That is why the data, itself, is so important. There is just so much elegance in a system that has this positive reinforcement.
MS. KLOSS: My clarification was just predicated on, again, like moving past thinking claims versus clinical data, I don't think we want to go back and revisit the SNOMED versus ICD. We need to understand that they are designed for different purposes and have distinct value. Your point was that for electronic measures, as we look to the future, having the objects in SNOMED.
DR. CARR: One of the constructs that has emerged in the Workgroup on Data Access and Use is separating out supply side issues and demand side issues. This is reminiscent of that. I know that if I think back on the Quality Sub-committee, we spent a lot of time on the supply. What measures can you derive from ICD 9? What can you cobble together? How do you kind of manage that?
The demand was really from payers, not even from providers, really from payers. The world has changed. The demand is really from people, who may be patients, but who are seekers of health. That changes up the conversation. ICD 9 code might be fine for payers. It is fine for paying bills. It had a role and probably will continue to play a role in terms of describing some care, but we heard today people will get their health records electronically from their physicians. They have to be able to understand it.
I think you are right on that it opens up a whole new dimension, the same as what we heard with claims. We have to think in terms of our continuum of care, accountable care across the continuum. I support what you say. I just suggest this construct of supply and demand because each has different issues, but they shouldn't be one instead of the other.
DR. COHEN: Thank you, Paul. Very provocative comments. They are wonderful to think about. I appreciate you serving as our collective conscience.
I guess when I look at the National Committee on Vital and Health Statistics, I think it is difficult for me to think of health written broadly as a sum of individual encounters with the medical care system. I understand the -- for me, it is necessary, but not sufficient. I am struggling with how to incorporate both the focus on individual wellness and the quality of community life.
I think this is a healthy debate and engagement that will continue to drive the work that we do together. I appreciate that perspective. I think we need to think incredibly expansively. Would you like to comment?
DR. TANG: Two things. One is an example. Our measures right now, our quality measures, are averages of populations. Yet, you cannot actually tell whether either an individual doc or an individual patient is doing well.
One example of a different kind of, quote, quality measure is an improvement. The difference to an individual patient or the doctor saying 70 percent of the diabetics I am taking care of in the past year have improved tells me a whole lot more either as a doctor or a patient. That is an example of the distinction.
The other thing you mentioned was the community. How do you focus on the community when you focus on individuals? Most of our scourges in today's health -- obesity, diabetes -- cannot be affected one patient at a time. We have to operate on a community. We have to measure our impact on the community and I would say on an improvement level versus a community average. We got this out of our hearings of the past, too.
It is just very interesting. You get what you measure. You get how you project and interpret your measurements. I think we have a very unique timely opportunity to affect the tool, the data, the measure to really affect care just like across the board. It really has to be done now because we heard that the conversion -- you could almost say the ICD 10 conversion -- this is a little dangerous -- should not be part -- it really isn't -- it is a classification system that can be used for billing, but it actually doesn't have to be front of mind for -- I won't say it. I am just saying we should focus the change on the clinical terminology for the docs and patients. That was my only point.
MS. GREENBERG: Can I say something? Paul and I agreed at lunch -- we are all doing our business at lunch, obviously. Paul and I agreed at lunch that physicians should not have to worry about ICD 10. I have always agreed with that. We are really on the same page except that, yes -- there is something else I want to say, but let me just say this.
Yes, ICD 10 or ICD 9 or ICD 8 or whatever is used for reimbursement, but I think, as the National Committee on Vital and Health Statistics, it is first and foremost use in the world is for statistics. Let's not forget that. I really ask you that at least as the National Committee -- I can't control you, for sure, but I can't control most people --
DR. GREEN: So far we haven't found anybody who could control this group.
MS. GREENBERG: But don't call it a billing code because that is just not what it is. It is a statistical classification and it has an application in reimbursement case mix, et cetera.
Put that aside. What I want to say was that I really think we should keep in mind the schema about the influences on population health, one of which is obviously healthcare. It is the one we spend the most money on, but it is one of many influences on health. That is what I see the Committee maybe coming back to its roots in some ways of focusing on population health, but that doesn't preclude recognizing the very important role of healthcare and that it is a major source of data and that they really need to work together.
Just like privacy and data use, they are not in competition. They shouldn't be. SNOMED and ICD shouldn't be in competition. You are the Committee who can show how these things fit together, rather than compete against each other.
DR. GREEN: I have yet to hear anyone sustain the argument that there is such a thing in real life as a healthy person in a sick community. Nor have I heard anyone be able to sustain the argument that there is such a thing as a healthy community full of sick people. I often think mental health, public health, and so called physical or medical care as triplets separated at birth. I am very fond of the old adage that -- this is a century plus old conversation about how these things fit together.
I have this sense right now that it is a propitious moment. Policy windows are open. To fulfill that old adage about after all our travels, we return to where we began, understanding it for the first time, I think we have a lot of opportunity in front of us. We are going to come back tomorrow morning.
Tomorrow morning is going to be a different type of affair. We are going to be organizing ourselves for work, laying out a proposed schedule for the next few months, swallowing hard when we look at how much -- our aspiration are big here. We are going to have to put them in a, we can do this envelope tomorrow. Come back ready for that. You are going to get more input through two meetings right now, back to back. The next one is going to start at 10 after three. I am pleased to report that it is Ob's and Walter's problem to convene. Then we will go to the next one. We will go to dinner. We will come back. We will work hard. We will wrap up at noon tomorrow. We have a special treat tomorrow. We are going to be able to add to this mix a discussion of where the workgroup is.
(Whereupon, the meeting adjourned at 3:00 PM)