Testimony by Michael Ralston

Michael Ralston

Director of Quality Demonstration for Kaiser Permanente Medical Care Program

Good morning. My name is Michael Ralston. I am a physician in The Permanente Medical Group and Director of Quality Demonstration for Kaiser Permanente, California Division (North). I would like to thank the committee for the opportunity to offer written and oral testimony regarding the Health Insurance Portability and Accountability Act of 1996. The testimony I supply does represent the position of the Kaiser Permanente Medical Care Program. I will submit written responses to the previously circulated nine questions that relate to the Act and offer verbal testimony to highlight Kaiser Permanente's position. I will be glad to answer any questions that the committee may ask.

Kaiser Permanente is the preeminent HMO in the United States. We have been delivering prepaid healthcare to our members as a public nonprofit health plan since 1946. The program is a group model HMO with the Permanente Medical Groups contracting for the delivery of healthcare services to Kaiser Health Plan members. Our national membership exceeds 7.9 million members in 18 states and the District of Columbia. It is the largest private healthcare delivery program in the United States with 90,000 employees and 9,400 full-time equivalent contracting physicians.

We look forward to participating in an ongoing dialogue related to the implementation of the Health Insurance Portability and Accountability Act.

Questions to be Addressed:

1.What does your organization expect to be the impact of the administrative simplification requirement in the Health Insurance Portability and Accountability Act of 1996 (HIPAA)? These standards include: administrative transactions, coding sets, privacy, confidentiality, security and unique personal health identification numbers for providers, plans, employers, and individuals. Please describe how each of these issues could affect the members of your organization or the persons you represent.

Response: The impact of HIPAA will be large. It is clear that the storage of healthcare information (both clinical and administrative/billing) is rapidly moving from paper to electronic repositories. The HIPAA will not only begin to establish some order in the large arena of administrative healthcare information but will also set a precedent for similar work in clinical information. It is not difficult to envisage the scope of regulation and standardization rapidly expanding. It is necessary to always remember the privacy and confidentiality rights of individuals as these large electronic data repositories are developed. Coding sets must have universal relevance as well as applicability. There must be clear evidence on the need for universal patient identifiers that outweighs the potential for misuse and erosion of individuals rights to privacy. It is a paramount responsibility of the healthcare delivery system (both the insurer and provider) to be primarily accountable to its members and patients to deliver appropriate care and protect privacy.

We believe wide use of EDI using standard formats, codes, and identifiers will result in significant cost savings in the US health care system. However, several factors will affect the impact of the administrative simplification requirements of HIPAA. These include the interpretation of the phrase "exchange information electronically" and motivations introduced to exchange information electronically using a standard format.

Regarding, the phrase, "exchange information electronically", it is not clear if HIPAA covers the use of electronic media such as magnetic tape and disks nor is it clear if it covers electronic exchange using Internet technologies like SGML, or object technologies such as CORBA. One could interpret HIPAA to cover all forms of electronic data interchange regardless of the medium used. This interpretation requires that you consider in your recommendations the implications of technical efficiencies associated with transaction format design that consider the medium used. For example tape and disk mediums would favor a transaction designed based upon fixed position for data elements. Use of the network would favor either delimited data or tag/value pair formats to minimize transaction size. And the format required for SGML would be overly burdensome for any medium other than the Internet.

We anticipate, in the shorterm, that our greatest benefit from HIPAA will come from the standardization of the enrollment/disenrollment transactions followed by claims/encounters. Most of the trading partners we have for these transactions submit to us using either paper or magnetic tape with non standard formats. We are concerned that in our review of HIPAA, there is little to motivate our trading partners to convert to electronic formats or to standardize their tape formats. While we are required as payers to accept the standard format, providers and group purchasers are not required to use the standard format. The absence of legislative motivations will force us and other health plans to provide motivation for providers and group purchasers to use the standard electronic formats.

In the longer term, the claims attachments standards and uniform data standards for patient medical record information and the electronic exchange of such information will likely have the greater impact.

2.Are any of these standards currently priority areas for your organization or members of your organization? How are you addressing/or planning to address these standards?

Response: Enrollment/disenrollment and Claims are priority areas for us. We are currently standardizing on X12 formats (834, 837) for these transactions. We are also experimenting with Internet based interfaces for these transactions. We have our own proprietary format for enrollment/disenrollment transactions submitted to us on tape or disk. However, we have been less than successful in motivating a significant number of our group purchasers to use our format. As a consequence they continue to use their own preferred formats. We are now investigating the economies of using a clearing house to convert submitted formats to X12 formats for us.

3. Do members of your organization have any concerns about the type of transactions specified under HIPAA? For the producers of data, how available is the information that you need to report in the transactions? For organizations and individuals that use these data, is the information useful for bill payment, managing the care process, and health policy analysis and assessments? Do you have comments regarding the quality of these data?

Response: Kaiser Permanente primarily uses HIPAA specified transactional data for purposes of managing (assessing and improving) the healthcare delivery process and broader analysis and health policy assessment. The type of specified data is largely available through both clinical and administrative information systems within our integrated healthcare system. It is also a priority for KP to be able to transmit and receive administrative information electronically to facilitate eligibility for coverage and payments between KP and payers and other health plans.

The privacy and confidentiality of individually identifiable healthcare information must be assured. It is necessary to have individually identifiable data for numerous purposes and at the same time necessary to protect individually identifiable data from improper disclosure. Individually identifiable data is necessary for (among other possible reasons) purposes of tracking care over time, assessing and intervening on adverse health risk, and moving information (with patient authorization) from one provider to another. It is critical to protect individuals from disclosure of such information to such parties that may not have a legitimate care need and that may have the potential for misuse (e.g. employer).

The quality of the data stored and transmitted electronically in Kaiser Permanente is high. We do not subscribe to the notion that the paper medical record is the "gold standard". The electronic storage of administrative and clinical information is as accurate as the paper record and, given problems with moving paper records from site to site, is in many cases more comprehensive and timely than the paper record. The broad aggregation of information across large populations through both clinical and administrative electronic information systems is necessary for policy determinations on many levels (e.g. resource allocation, provider performance monitoring and staffing, evolving benefits determination, and delivery system configuration).

The other concerns we have are that the transactions be developed using a open, consensus driven process like the one used by X12. We are active members in X12 and have found it a useful forum for making our needs known and accommodated in the standard and the implementation guides. The X12 transactions provide sufficient content for administrative functions like billing and enrollment. However, for managing the care process, claim attachments using HL7 structures are more appropriate. The use of standard transactions do not increase the quality of the data but is does simplify syntax checking the data. Data quality dimensions such as accuracy, completeness, and timeliness are still issues, even with HIPAA.

4. How can administrative simplification best be achieved while balancing clinical and payment needs with maintaining privacy protection for the individuals?

Response: Kaiser Permanente's history is based in prepayment for comprehensive care. This is, in essence, broad capitation for care of our members. As such, we have little experience in the traditional claims payment type of financial transaction. However, increasingly group health purchasers are requesting individual level data from us to assess the value they are receiving, to risk adjust payment, and to better manage their overall health care costs (including costs of absenteeism and disability). We are very concerned about the challenge of protecting privacy as we strive to meet legitimate needs of purchasers.

Our general position is that there should be strong protections against improper disclosure by health plans of information pertaining to individual health plan members, patients and providers. Provisions specified in law or regulation should address:

Appropriate use, confidentiality, and security of information, as well as protection of individual privacy.
Appropriate circumstances under which persons may be given access to individually identifiable information. Such information should not be disclosed to any person except:
For purposes necessary to perform required quality assurance functions, to meet requires of purchaser and providers (e.g. to determine entitilement to coverage and administer payments), or to conduct approved, bona fide clinical or health services research. These data should not contain patient identifiers which could lead to violation of individual privacy and harm to patients.
Upon the express consent of the covered person.
Pursuant to statute or court order for the production of evidence or the discovery thereof or other legally mandated disclosures.
In the event of claim or litigation between the covered person and the health plan.

A health plan should have written policies and procedures governing confidentiality and should ensure that the confidentiality of members or patient information and records is protected.

Our history is as a large multispecialty group practice model of care so we do have extensive experience in the need to move clinical information related to the care of individuals from provider to provider. In a dispersed geographic model, it will become increasingly necessary to rapidly (electronically) move clinical information concerning individuals from one site to another to deliver optimal clinical care. The standards and rules concerning the movement of that information must balance the need for privacy and confidentiality with the clinical need for comprehensive, accurate information. The governing principles should be established in: 1) standards; and 2) delivery system policies and procedures concerning confidentiality. The overriding guidelines should rest on: 1) protecting the right of the individual against disclosure of such information to parties not involved in the delivery of that clinical care; and 2) clinical need by providers (all providers involved in the care of the individual) to have complete, accurate information .

5. Recognizing the intent of P.L. 104-191 of administrative simplification, what coding approach would best meet your needs? Please suggest how administrative simplification could be achieved while reducing administrative burden and obtaining clinically useful information.

Response: Kaiser Permanente is satisfied with the current approach of using CPT-4 and ICD-9-CM. We also recommend that, absent compelling cost benefit evidence, an evolutionary approach to the improvement and updating of these classifications. We believe that this will minimize the costs associated with retraining and updating those involved with the coding and analytic activities and allow for better data integrity in our healthcare data repositories.

6. What medical/clinical codes and classifications do you use in administrative transactions now? What do you perceive as the main strengths and weaknesses of the current methods for coding and classification of encounter and/or enrollment data?

Response: Kaiser Permanente currently conforms to the industry standard for administrative transactions: CPT-4 ( and the remainder of HCPCS as needed) is used to describe outpatient medical procedures and physician services and ICD-9 CM is used for diagnosis coding and inpatient procedures. We are well satisfied with both coding systems for their intended purposes. A main strength with both classifications is that they are well known and understood in the healthcare community and there exists a significant pool of well trained coding professionals (as well as data analysts) who understand the intricacies of both systems. Developers of both systems have demonstrated significant responsiveness to the needs of the health care system and have in place quality improvement mechanisms.

Neither system is currently optimized to support significantly expanded uses of clinical data including outcomes studies, identification of best practices or decision support capabilities—uses for which admittedly these classification systems were never intended. To meet these needs, Kaiser Permanente is developing a Convergent Medical Terminology, based on SNOMED International, which we believe will be better suited to these tasks. This terminology will be implemented within our Clinical Information Systems and Clinical Data Repositories and the data will be transformed as need to these less granular classifications for external reporting requirements and administrative transactions. We are working closely with the Mayo Foundation to test and validate this Convergent Medical Terminology for these purposes.

7. What procedure classification do you recommend as the initial standard for outpatient transactions? Is it practical to move to a single procedure classification on the schedule required for the implementation of administrative standards? Should the standards continue the current practices of requiring different procedure coding systems for the ambulatory and inpatient sectors?

Response: Kaiser Permanente recommends that CPT4 be used for outpatient transactions and ICD-9-CM be used for inpatient transactions. We are very concerned that moving to a single procedure coding system, either with initial HIPAA implementation or later may result in significant disruption of our information service capabilities, compromise of the quality of our data respostiories and lead to greater costs. A larger problem we believe is the nonstandard modification and application of these coding systems in various sectors of healthcare.

8. Before the passage of HIPAA, the National Center for Health Statistics initiated the development of a clinical modification of the International Classification of Diseases, Tenth Edition (ICD-10-CM) to replace ICD-9-CM. In addition, the Health Care Financing Administration undertook the development of a new procedure coding system for inpatient services, entitled ICD-10-PCS (Procedure Classification System). There is a plan to implement these systems simultaneously in the year 2000. On the pre-HIPAA schedule, they will be released to the field for evaluation and testing by 1998. Should ICD be used for administrative transactions? If so, which version to you advocate and why?

Response: Kaiser Permanente supports the continued use of ICD-9-CM. We currently believe that not enough information is known about ICD-10-CM to make a reasoned judgment about its superiority to ICD-9-CM or the desirability of its implementation. We recommend that ICD-10-CM should be completed as planned and subjected to extensive field testing. A credible transition plan needs to be developed, and a cost benefit evaluation performed. Once these have been completed a reasoned decision can be made about how and when or if to proceed.

We have similar concerns and recommendations regarding the ICD-10-PCS. Despite our involvement on the Technical Advisory Panel for ICD-10-PCS, we are concerned about the significant changes and retraining required for that system. We currently believe that not enough information is known about ICD-10-PCS to make a reasoned judgment about its superiority to ICD-9-CM or the desirability of its implementation. We recommend that ICD-10-PCS should be completed as planned and subjected to extensive field testing. A credible transition plan needs to be developed, and a cost benefit evaluation performed. Once these have been completed a reasoned decision can be made about how and when or if to proceed.

Recognizing costs expected to be incurred by us and other in the healthcare community related to the Year 2000 Problem, we recommend against picking that year for implementation of either ICD-10-CM or ICD-10-PCS.

9. Do you have any advice for recommendations for NCVHS and/or The Department of Health and Human Services related to the implementation of the standards and privacy provisions of the HIPAA? Do you have any concerns?

Response: The NCVHS and US Department of Heath and Human Services has been charged with a large responsibility. There is great value in establishing standardization for the assembly and transmission of electronic healthcare information. This is necessary. However, it must be recognized that various components of the healthcare delivery system are in different stages of maturation regarding their implementation of information technology. The establishment of standards needs to recognize the impact of change on systems currently in existence as well as the cost of implementing systems where not in existence. The guiding principle should be standardizing process to enhance the effective and appropriate delivery of healthcare to our national population. The concerns of Kaiser Permanente relate to: the burden of cost related to mandated change, relevance of mandated change, misuse or unauthorized access to information, and flexibility to evolve and change over time.