DR. EMERSON: Before I start, what I would like to do is just set in context the difference between the two reports, so that you know what you are looking at there.
Solomon Appavu and the identifiers team worked quite independently in coming up with our two reports. We had very different charges to start with, in that Solomon was specifically charged not to recommend a specific identifier, whereas our team was charged with recommending a specific identifier.
We also have a few differences in the way that we approached the task, but I think that if you look at the two reports, you will find that they are complementary, and it is kind of interesting to look at the two together.
What I am going to do is tell you how our team went about its activities, and give you an update on where we are and the reasons that we are making the draft recommendation that we are.
We started with the inventory of candidate identifiers that had been developed by the American National Standards Institute, Health Informatics Standards Board. That inventory told us that there was one standards developing organization that had published standards on the unique identifier for individuals, and that was the American Society for Testing and Materials.
What they had published was a standard guide for properties of a universal health care identifier. So these were properties that they felt any universal health care identifier should have.
As part of this guide, they also had documented and described a universal health care identifier which they called a sample universal health care identifier. It is a 16-position numeric identifier. They describe check digit algorithms that would be used with the identifier, and also describe some encryption characters that would be used with the identifier.
In the ASTM guide, this is not presented as a proposal. However, it has been selected as a proposal, and is now thought of as an actual proposal for a universal health care identifier.
The ANSI inventory has also listed six other candidate identifiers, the social security number or an enhanced social security number, as had been recommended by the Computer-Based Patient Records Institute, the biometric identifier, an identifier based on personal immutable properties -- these would be properties of a person that would not change during their life, like date of birth or place of birth, et cetera -- a directory service, and the director services is actually what we might think of as a master patient index of characteristics about the individual, along with an electronic system of cross- reference directories that allows you to find the places where records of that patient have been stored in the past.
There was also an identifier based on a two position practitioner prefix, plus a local medical record number. Lastly, a cryptography proposal was listed in the ANSI HISP inventory.
While we were working on our evaluations, there were several other proposals that we became aware of or that were submitted to us. One of these was a proposal based on the civil birth registration system. Another was the identifier that is in use in some Department of Veterans Affairs areas. That is based on the ASTM universal health care identifier, plus a master patient index.
For the team to begin its evaluation, what we decided to do was to take all of the candidate healths and to evaluate them, using the ASTM criteria that had been set forth in their guide. These are 30 criteria that they felt any identifier for individuals should have.
We contacted the proponents of the various proposals to try to get full documentation on each proposal. In some cases, the proposals themselves were not complete proposals, and so we documented the assumptions that we felt would need to be made to bring that proposal into a full proposal that could be evaluated.
I might mention that this is one other area where I think our work differs a little bit from Solomon Appavu's work, in that our proposals as evaluated include some assumptions that were needed to flesh them out, whereas I believe that Solomon APPAVU took each proposal as it had been presented, and where there was not sufficient detail he simply said, not sufficient detail to evaluate this particular item.
When we evaluated the proposals that we were dealing with, we found that they fell into three categories. The first category was proposals for unique universal identifiers. The second was proposals for identifiers that were not designed to be unique or perhaps not designed to be universal. The third was proposals that were not really identifiers.
Just as examples of the kinds of things that fell into each one of those categories, in the unique universal identifiers was the ASTM UHID, the social security number, the biometric identifier and the identifier based on personal immutable properties. In the category where the identifier was not really meant to be nationally universal or nationally unique would fall the Medical Records Institute proposal, where you would use a two position practitioner prefix and then the local medical record number. That could produce a unique identifier within an institution or within maybe an enterprise, but probably not nationwide.
Then lastly, the cryptography is not really a proposal for an identifier. The directory service, although it is a method to locate medical records of an individual wherever they may be, it is not really an identifier as such.
Our group felt strongly that we should recommend a universal unique identifier. Two reasons jump right out. One of these is that that is actually what is required by the HIPAA law. We are to recommend a standard unique identifier for every individual. Secondly, if you just think about the practical need for administrative simplification, in order to use this to identify the patient in the electronic transactions that we are talking about, we need an identifier that can be used for that patient.
When we began to look more carefully at the universal unique identifiers, we felt that there were two possibilities that really stood out above the others. These were the social security number or the enhanced social security number, as CPRI had proposed, and the American Society for Testing and Materials UHID.
What we ended up recommending -- and this as Bob mentioned earlier today, of course, is a draft recommendation. One of the reasons I am bringing it to you today is to begin to get some feedback on it. But what we ended up recommending was the use of the Social Security Administration as the trusted authority for administering the unique health identifier for individuals, and the use of the ASTM UHID as the identifier itself.
What I would like to do is to go through what we thought were the advantages of SSA as the trusted authority, and also the advantages of the ASTM UHID as the identifier itself. I might say that the Social Security Administration has not commented on the proposal, and so this in no way represents their thinking on the subject.
DR. STARFIELD: Do they know about it? Do they know about your recommendation?
DR. EMERSON: Yes, they do, at least to some extent. There is a member of the Social Security Administration who is on the team, and the paper has been sent to other individuals there as well.
First, I'll start with the recommendation of SSA as the trusted authority. There have been numerous improvements over the years in SSA's ability to verify the identity of individuals. Some of those are documented in the paper. They have a highly efficient and accurate way of identifying people and assigning unique identifiers to them.
We feel it is very likely that both for SSA's own traditional functions and also for other supporting functions such as perhaps to support welfare reform or immigration reform, it is very likely that SSA will continue to institute improvements in their ability to verify the identity of individuals.
They have an infrastructure already in existence that can assign unique identifiers. They have the infrastructure to verify the identity of individuals. They have a very extensive infrastructure for dealing with the public, and a lot of experience in dealing with the public on a program that touches every citizen's life.
Because of this already developed infrastructure and experience with this type of program, we felt that the Social Security Administration would be the most cost effective choice as the trusted authority for administering a health identifier. So I think the natural question then is, if we think that the Social Security Administration is the good choice for administering the identifier, and if the Social Security Administration is already administering the social security number, which is a unique identifier, why not just choose the social security numbers as the unique identifier for health care?
We felt that there were some significant advantages to having an identifier that would be used only for health care. I would like to go through what some of those are.
First of all, the governance of the health care identifier would not be affected by necessary changes that might be made for the identifier if used by other programs. Just to give one example frequently given in the literature about this, a foreign tourist comes to this country, gets injured, needs health care, needs to have a health care identifier, but is not eligible for a social security account number in the current meaning of that.
If we were to assign social security numbers to such individuals for their health care, there would need to be a system of procedures and exceptions and so forth for dealing with this kind of identifier that had been assigned for health care rather than as a social security account number.
Other advantages of the ASTM universal health care identifier as described are that the check digit and the encryption method are planned from the beginning. They could be when the number is first instituted, and they would be a part of it.
Another advantage is that the ASTM UHID has been designed to be able to last for the foreseeable future, whereas in some areas of the country the social security number probably will not have enough capacity to last for the foreseeable future without some design changes.
We also believe that having an identifier whose use was restricted to health care would allay some of the fears of the public about their medical records and medical confidentiality being compromised by that information being linked with identifiers that are used for other purposes.
So in conclusion, we felt that the changes that would be needed for SSA to administer the social security number as a health care identifier would be costly and significant anyway, and still would not result in the advantages that I have mentioned that having a unique identifier that is used only for health care would give. We believe that the American Society for Testing and Materials UHID with SSA as the trusted authority combines the strengths of SSA's experience and infrastructure with the advantages of having an identifier used only for health care. We believe that that would give the most benefit to health care for the least additional cost.
So that is the rationale for what we chose, and I would be glad to try to answer any questions that you may have.
DR. STARFIELD: I just have a clarifying question. Did your group deal with the notion about the definition of what health care means? We all know what health care means in a clinical setting, but I'm not sure we might all agree that a health survey is health care, like the national health interview survey or one of the census surveys that gets health information. Would you need the health care number for those sorts of things or would you have to link the social security number with the health care number?
DR. EMERSON: We did not deal with that question. That is a very interesting question, but not one that we dealt with.
DR. COHN: Now, first of all, you have my sympathy, because you have probably the most contentious part of the --
DR. EMERSON: I recognize that. I was not a little taken aback when I found out that the paper had been leaked, so probably people are already up in arms about it.
DR. COHN: So rather than even getting into the discussion about it, I actually just wanted to also ask a clarifying question before even trying to discuss this.
You made some comment about the relationship of the work done by Solomon APPAVU and your work. Yet I am still sort of confused, because I don't understand -- are these works in completely different environments without any relationship at all to each other, even though one work was commissioned? Was he commissioned by HHS to do that, or is it by the NCVHS? So those are NCVHS consulting work, and yours are completely separate, and other than reading it, had no effect on any of your recommendations?
DR. EMERSON: Right. Well, our team had seen his draft report the last time he reported to you, to the committee here several months ago. But other than that, we have not worked with each other or consulted with each other.
DR. STARFIELD: The APPAVU report I believe was commissioned by this committee.
DR. COHN: I guess I was getting confused, because they seemed like they were using very much the same framework of evaluation with very different results, but used the same framework of evaluation.
DR. EMERSON: That probably is because both of us used the ASTM guide, those 30 characteristics that were deemed important for an identifier. Both of us used those characteristics in evaluating the various candidate identifiers.
DR. MC DONALD: Can there only be questions here, or can we disagree?
DR. STARFIELD: Maybe we can get the clarifications out first, and then the discussion. Any more requests for clarification?
DR. BRAITHWAITE: Mary, was there any discussion of the difference in costs, which seems to be the balancing factor in peoples' minds, as opposed to the privacy? Was there any discussion of how much extra it would cost to issue a new identifier versus using an existing one?
DR. EMERSON: We did certainly discuss that, but we didn't have any hard figures to go on. One of the things that that we hoped to do was to get some feedback as to whether this type of proposal has enough support to develop that kind of information about, but we haven't developed that yet.
DR. MC DONALD: Now can I? I actually happen to have a letter here that I responded to and didn't get it sent off in time. But there are two issues. One, there was a cost figure. I think it was four billion dollars, was stated in your report. But I don't think the issue is between your conclusion and say the other intention, which would be the social security.
But there are some particular issues in the ASTM proposal I think that would have to be changed, to make it be workable. As it stands now, it is between 16 and 28 digits long, which would preclude its practical use in keying in or communicating over the telephone. That is one.
Secondly, the check digit selection of six was completely capricious. I sent a letter of contention about that as an ASTM member, and I never got a satisfactory response. They basically just made up six, because that would be a lot. So I think that is overkill.
Thirdly, if you use an encryption, that has the same exact effect of error detection as the six digit check digit, so you don't really need both of them.
So I would strongly urge that one would consider whatever -- the issue of a new one and an old one is a difficult issue, but if you do a new one, you ought to think about letting some other letters in. I strongly suggest staying with the same trend as has already been agreed by HHS to do for the payor I.D. Just stay with something that works, and you don't have to have people change it very much.
So that would be my main suggestion. You end up with a smaller number, and the encryption -- I think the length of that too is probably arguable, but you are really talking about a hash encryption, so your whole number comes out different. That same thing actually could be applied to social security, maybe at some better cost, maybe not. It would have the same end effect, except you would have the same problem with the number of digits in social security.
DR. EMERSON: Just to address the check digit aspect, we also felt that probably, the six check digits was overkill. We also know that there are ISO -- there is either one or maybe more ISO approved check digit algorithms, and we wanted to be sure that whatever we chose as the check digit to be used here fit in with international standards in that way.
One of the things that you will see in the report is a recommendation that further study be made of the check digit. We felt that the six positions was too long for the check digit.
DR. MC DONALD: These weren't justified positions. They just pulled them out of the sky. But I plead with you to consider making it shorter. You can make it shorter without losing enumeration capability by using more characters. In ancient days, we didn't have alphabets in our keyboards. We didn't have lower case and upper case. So there is this historical bent toward pure numbers. For humans handling them, you can get them shorter and just as rich with using more characters.
DR. STARFIELD: I wonder if we could take three minutes to read your letter. Then I think we will all be a little more informed. We'll be right back.
(Brief recess.)
DR. STARFIELD: John Lumpkin.
DR. LUMPKIN: Thank you. I have to make a confession to start off with. That is, I was the liaison to this implementation team. While I didn't make eery conference call, I certainly got all the listserv notes and participated in a good chunk of the day-long conference call, where we went through and tried to normalize the evaluation.
I think that we as a committee are charged with making recommendations to the Secretary on the universal health identifier. Our original recommendation was for the social security number with a check digit.
We heard a lot of testimony when we were on the West Coast about how it is not uncommon practice in certain communities in L.A., and I'm sure it occurs in Chicago and other places, for as many as 200 or more people to all have the same social security number, whether or not that is assigned by their friends or assigned by the Social Security Administration. They may all be using that same number.
So I think that we have to start off with saying that the social security number as a unique identifier is broken, and needs fixing. In many ways, having said that, if we are going to use the unique identifier, there is an up-front cost that is associated with fixing the social security number that is independent of the issue of having a health identifier. So we have to begin to look at some of the options.
Also in San Francisco, we heard of an interesting system which is fairly similar to something we use in Illinois, which is by using certain facts about a person, their immutable facts that you can get to identify a person with five or six different factors.
The difficulty I have with that kind of system is that it is going to have to generate a number, anyway. Trying to use personal immutable facts means that you are going to have -- while it is easier to remember, if you have mother's maiden name, that is at least -- Lumpkin is six or seven, I can't remember right now. Then you have other facts which now starts to get to be quite a large number.
However, I think in looking at this number, I would like to suggest that there are two pieces that we would like to look at. I would suggest we call one the front end and one the back end part. What we are looking at here would be a unique number that would be the back end.
If we are going to go through the same process, which I believe we need to do, with the social security number for other issues of cleaning up this whole social security number, we can link the social security number with this unique health identifier, and not have to use it. So if someone has their social security number, it would be easier to within 200 people to get to the unique health identifier.
If you are going to exchange information, it is much easier to exchange information with a unique number, whether or not -- from one location to another or one institution to another within the same organization. So having that number as a back end is certainly a very important step.
There are many other front-end issues, which is how do you uniquely identify that person who is with it. I think that will change with technology. It may be that very early on in this process, we have this unique health identifier, and then some institutions or some locations, depending on regional basis, may be able to use personal immutable characteristics in order to get to that number if someone forgets their card. Ten or 15 years down the road, it may be as simple as walking up and having somebody scan your iris, and that will get to that unique identifier. But if we build our systems based upon an identifier, that front-end recognition piece becomes hooked onto it, rather than the fundamental basis of which records are associated with each other.
So having gone through the process, I am fairly comfortable with where we are going with this particular recommendation. I do have some concerns about length. With a numerical identifier of the length that we have, I figure we're probably good for about a million generations. That may be a little bit more than we need. If you put alphas into it, it certainly lengthens that a lot. So I think we ought to look at some sort of shorter -- consider some shorter number, which I think is also recommended by the team.
But I did want to weigh in and say that it was a very deliberative process. I think the co-chairs really should be congratulated for going through to this point, and really giving us a national view on a unique identifier that eliminates some of the hassles about linking us to any issue that is related to the social security number.
DR. COHN: I was going to comment. As you know, I was not the liaison between the implementation team and this committee. Obviously, I have been an observer of unique patient identifier issues for quite awhile. I must admit, as I was reading over both your report as well as Solomon APPAVU's report, I found that there was a lot more confusion in all the reports I was reading, rather than clarity, as best I could described.
I came away actually very deeply troubled. I think that one of the responsibilities we have under administrative simplification is to actually save the country money, as opposed to spend it. Now, certainly the fact that there were no financial proposals, though people threw out four, five, six billion dollars on whatever proposal says to me that there probably needs to be some cost-benefit justification.
Now, one of the things that I found lacking in most of these, and perhaps on a re-reading I might find more here than I had actually thought, but certainly in the HHS proposal was what I described as lack of fundamental principles that I could then use to build a conclusion from. The principles are not so much the requirements from the ASTM proposal, but more like, if we are going to have one, yes, we need to have those principles. But I kept coming back, wondering what is the additional value of having a unique personal identifier that is the same across the country, that is going to cost four billion dollars, and I didn't see any proof there that was compelling to me.
Now, the facts that I understand in my world -- I don't live in a world where everyone has the same social security number, but I would observe that that is probably not because, as Clem commented in his letter, people were inadvertently all given the same social security number, but that there are socio political issues having to do with insurance, coverage and otherwise that would make them use the same number regardless of whether it was a UHID, whether it was the same social security number or otherwise.
So in the world that I have seen, and as I ask most insurance carriers, most everyone has a unique number that exists within their coverage, within their environment, be it an HMO, be it an insurance company or otherwise.
So what do we need a unique health identifier for? It really becomes an issue of linkage outside of that domain into other information. To do that requires a robust network. It requires master patient indexes galore. It requires a whole lot more than just a unique health identifier. Once we have gotten all of that, I begin to say, if we have all that linkage information already with this robust infrastructure, I go, what is the additional value of spending four billion dollars to get a unique identifier?
I would be happy to have those questions answered. It isn't that I am saying that there is no answer to all of these things. But I think that a document that proposes to spend four billion dollars of taxpayer money better begin to address some of those value added areas.
DR. STARFIELD: Can we talk about this four billion dollars? What generates that? Is it the new number that does that? What if social security were to generate that large cost, because people collect that, anyway.
DR. EMERSON: I'm sorry, I couldn't understand.
DR. STARFIELD: This four billion dollars has been mentioned twice. What is that? Four billion to do a new number, is that it?
DR. LUMPKIN: I think that is the labor costs associated -- it is not the enumeration, it is the labor costs of verifying that the person who -- you can't just say, we're going to assign new numbers. You need to have people come in and bring some identification, and that all takes time, because it is not an automatic process.
DR. STARFIELD: So it is limited to a new number?
DR. MC DONALD: Or going back and checking the old ones. But there are about three different themes here. One of them is, should we have a unique number or not? There are some policy issues there that we heard good discussions about.
But the other savings is that everyone doesn't to do this checking every time the patient comes in to the same level. It would be wonderful to have a patient come in the door and not have them wait a half hour to get registered. So there are some nice features to having a number, if it could work. But there are policy issues that I think we should leave separate.
The second one is, should we use some kind of permuted or distorted social security number or some new kind of number? I think those are decidable by economic forces. If you are going to decide to do it, you should economically analyze it and see what it costs, because you can get the same goods and bads out of both of them.
This idea that the new number is going to be perfect is nonsense. There is no error free system in the universe. There are proofs and theorems and all that. So you're going to have 20 people with the same new I.D.
One of the numbers we found most commonly used, we found 800 people in a hospital with the same social security number. It was the one that used to be in the magazines. It was like 00-1, whatever it was. That is what everybody picked up. Now, none of this is going to get stopped by putting any amount of effort in a new system.
The most important thing is, there is a dual system here. We have this fake number that means absolutely nothing. We don't put bar codes on peoples' heads, we don't put chips in them like they do animals. So we don't have any really unique link with that. The linkage is always back to these so-called immutable characteristics, and that is a lie. There are no characteristics that are immutable, because you have errors in entry and you have things that change that you don't think changed. Cities go out of business, there is renaming, there are always changes. But those are the things you use to tell whether this person is the person they say they are when they come back another time, or when they come back to get registered the first time. So you want as many of those things as you can get, and it is a statistical sort of thing.
I think people will still use those when they get this unique number, just to double check stuff, depending on how narrow they have their system scope.
DR. EMERSON: Or any time a person comes in and doesn't remember the number or whatever.
DR. MC DONALD: Well, that makes it even tougher. That is the reason that you might want to get -- the numbers and digits stuff, the reason why the alpha character is in there is to reduce the number of positions and have the same number of numbers.
DR. STARFIELD: Just the terminology. Does the legislation call for a unique patient identifier or a unique individual identifier?
DR. EMERSON: Unique identifier for each individual.
DR. STARFIELD: But I think that is a critical distinction. That doesn't call for patient identification, that calls for an individual identification. I think that is a consideration, because the identification of a patient and identification of individual is different. We are talking bout individual identifiers, if we are responsive to the legislation.
DR. LUMPKIN: I think that while there are a number of theorems and proofs that show that you can't do something perfectly, none of those theorems and proofs are perfect in and of themselves, kind of a cyclical logic.
But I agree with you. I think that obviously any system is going to be running at a certain degree of proficiency and will have errors and will have duplications, will have people who have multiple numbers.
I would like us to -- as Simon said, are we actually reducing the administrative burden? When he said that, I tried to think back to my model, which is a model of a small practitioner in their office who deals with multiple health plans. Obviously, when that person comes in the second or third or fourth or fifth time, that person is going to -- the issue of them being associated with their number is not an issue.
But if they come in the first time and they belong to one plan, and then the next time they belong to a second plan, and the second plan that they are involved with uses a different lab than the first plan, and maybe they have other associated things, so now they have got three or four different ways that they are associating with that person on the second visit. Then a year later, their company has a different benefit package, and now they have got three or four other things. Every time they do that, that person is going to have to be uniquely associated with their payor of that particular service.
That requires some process that would be so much simpler if, the first time they came in, they had a unique number, and no matter how their benefit payment system worked out, that provider would not have to change that number, or that mechanism of interface.
So I think in some regards, there is a utility to having a number, because it would prevent or eliminate the need. Payment system A may have the master patient index that indexes upon five characteristics, and payment system B may have a different master patient index that has five or six different elements, which may be different, which leads to a certain amount of complexity in the system that would be simplified by a unique number.
DR. EMERSON: I would just like to ask about the money figure that you questioned earlier. Is it in the paragraph that lists three to six billion dollars as the amount needed to re-verify identities? This was from some testimony that Shirley Chader gave, which was related to re- verifying the identities of people to whom social security numbers had already been assigned, and re-issuing social security numbers or social security cards to the people that had been verified as unique.
What we thought was that this amount of money is needed in any case, even to use the social security number as the health care identifier, to make sure that it is verified to be associated with the individual.
So it would be used -- or this amount of money would be needed to re-verify social security numbers and issue new social security cards. It would also be needed to verify the identity of people for assigning a universal health care identifier that was different from the social security number.
DR. STARFIELD: I guess I am having trouble understanding why the social security number wouldn't continue to be important anyway. It is going to be used to help us sort out the problems with the unique health number and having to have two numbers means that people have to carry around two numbers and people have to put in two numbers. The logic of that escapes me.
DR. COHN: Actually, I had two comments. One was to follow up on John's comment. I think you bring up some very good points. We are looking once again at cost-benefit issues, is it really a benefit to the provider community or insurance community or others to have a single number.
At least to my memory, I'm not sure if I asked them that specific question, about whether it is cheaper either in the short or long term to change over to a single number, versus keeping their old number. I would actually be very curious to hear from people. So that may be a question that we need to ask some of those groups to really see what they think of the cost of conversion versus the mapping that we would describe it.
There was a second comment that I was going to make, and I unfortunately have forgotten it because I got so involved with this first one. I'll remember it.
DR. STARFIELD: It will come back. I think we probably need to make some kind of recommendation today, because if not today, I don't know when we're going to do it. We certainly have to make a recommendation for discussion tomorrow.
DR. COHN: I was going to ask, what are the next steps to this? If we were to accept the HIPAA time frame, this thing is supposed to be out as a recommendation to be published in October. I said if we are, I didn't say we were. So what is the proposed recommended time frame on this one?
DR. BRAITHWAITE: Well, obviously the ideal time for publishing the draft of what this unique identifier would be would be by the end of October. Because it is such a controversial issue, we have been kind of holding back at HHS, doing our analysis and so on, but holding back and saying here is the date we are going to announce this one, because we expect and hope to get a recommendation from this committee before we commit, and to vet it through a number of political environments before we commit, and that may take us past the end of October.
So we have not been telling people that for sure, this one is going to be out by the end of October, because we realize it is more difficult than most, and will probably take us longer.
DR. EMERSON: You have the real world experience, and we would be very appreciative of knowing your thoughts.
DR. STARFIELD: Can I ask Don, Don, you've done a lot of this stuff in Europe and different countries, if not with the European Community. They are struggling with the notion of transferability of information across countries, and some of those countries feel very strongly about privacy and confidentiality. Is there anything we can learn from what is being done elsewhere about these numbers?
DR. DETMER: I think it is ultimately a matter of societal decision. I don't think there is, quote, the answer to this. I think you can argue that we shouldn't do this now because we should do a lot of testing. You could say we should go with social security and with some check digit. At some point, you're going to have to decide some criteria that you think will stand up through the kind of process that we live with.
I don't really honestly think that there is that much experience from another country that will help us sort that one out here. The very absence of good privacy legislation in our country makes this candidly the wrong conversation in a sense, because we don't have the kind of foundation that you would really like to need.
Now, I think as a matter of tactics, if we were to recommend a number and say that is our recommendation but we don't think it should be implemented until the Congress actually passes the legislation, that is responsive to the letter of the law. But I see this as one of those deals where everybody is going to find plenty of ways to criticize it, because there isn't an answer.
Actually, it is possible -- I don't know, it is possible that if indeed the committee were to recommend a number and say, contingent on passing something, it might help move legislation. I don't know that, either. But I think that that is one of the difficulties that we face. If we had the protections, I think the issue would be much simpler.
It is parallel in my view to our discussion when we came up with our first privacy recommendations, that if in fact we had any discrimination statutes on the books, it would change the flavor of our conversation on the privacy side. I think we are stacking up a bunch of these things simply because we haven't bitten a very important public policy on the front end. Then I think we could start seeing a number of things go.
DR. FRAWLEY: Mary, I was just curious, I didn't have a chance to cross walk both of the documents. But on the directory service, one of the things that I was concerned about, which is on page three -- you say this proposal has the appeal of being able to identify a person without having to remember a specific number as an identifier, it had the negative aspect of requiring a national master patient index or a national pointer system to regional indexes. Then you said concern about the privacy of the American public argues against the federal government establishing such a system.
I guess what I am confused about is, we are talking bout HIPAA and the specified transactions, which means, I go to the provider, I receive a service, the provider submits a claim to my payor, there is coordination of benefits or whatever. I don't understand why that would require a national master patient index.
I guess I don't understand the team's thinking there. It just jumped off the page at me, because I kept thinking, why would you need a national master patient index? It is a transaction between the provider, the payor, whether it goes through a clearinghouse or whoever the other parties to the transaction are. I couldn't get the sense of why you were thinking that way.
DR. EMERSON: The thought was that since there was not an unique identifier associated with that proposal, that the way that the records of the person would be located would be that certain identifying characteristics of the person would be matched as others have said against records that were already on file, so that you could locate the different places where medical records on that person had already been stored.
So we were viewing this as a master patient index. The identifying information, the personal characteristics of the patient having to be stored along with those pointers to where his or her former medical records were.
DR. MC DONALD: Many other countries have national and medical numbers. Canada, most of them do.
DR. STARFIELD: Separate numbers?
DR. DETMER: The national legislation on privacy.
DR. MC DONALD: So having a national medical number of some kind is not radical.
DR. STARFIELD: It is a separate number from their social -- whatever?
DR. MC DONALD: Yes, mostly it is separate. In Canada I think it is separate, for example.
But I think the real issue is, we've got two or three steps to decide. One is, should we have a unique identifier, and there are political forces and issues there. I think frankly, once we decide that, the rest of them it doesn't matter. They are all about the same, in terms of access to the patient. Because as we all said, we've got all these matching keys. We can get there anyway.
Now, having said that, I think the second set of decisions is, should we use social security number with some modifications or something brand new. I would not support the current proposal in this document with 28 digits, period, but a new number I could support.
The political connections and the lightning rod effect of the social security number might suggest -- even though I basically think it makes more sense to think social security number first, I would suggest we would be better off with a new number. But I think it is going to end up being, we need some significant financial analysis. Someone has got to spend a half a million dollars, or a lot of money, to really do a proposal, make some bids, and see whether one of these things is a lot more expensive than the other one.
Then on that basis, we could balance the -- but I would hope we could vote to say we are going to go for a unique identifier because it will make things more efficient. If you look in hospitals, check-in rooms, ERs, you look how long people sit there, a lot of that is waiting to be registered. Registry stuff is all tangled up with -- they can't have an easy way to verify who they really are. A unique identifier doesn't do the whole job, but it pops up a lot of stuff you can check it against.
So I think we should suggest that, and I think we should suggest that the contention between a social security approach versus the other approach should be balanced between political aspects and costs. We don't know the real costs. That is, $16 a human in this country is four billion dollars. That seems like a lot of money to get through Congress these days, no matter what. Even though it sounds cheap per person, two movies, I think, at the current price of movies. But I think we have got to look at those costs.
It might be a lot cheaper with social security, it might not.
DR. STARFIELD: Well, do you want to make that our first motion?
DR. MC DONALD: Yes.
DR. BRAITHWAITE: The motion is that we all go to the movies.
DR. STARFIELD: The motion is that we have a unique number.
DR. MC DONALD: We have a unique number to improve the efficiency and the costs and save patient time.
DR. STARFIELD: Do I hear a second?
DR. MC DONALD: Then there is a second part. There is a second one that comes after that.
DR. STARFIELD: Let's take them separately. We've got that one with a second. Discussion on the motion?
DR. MC DONALD: We'll take flak.
DR. STARFIELD: Well, we are already on record for that, actually.
DR. COHN: I guess I would just make a comment. I have no idea who is voting for what here, or who would vote for or against this proposal. I would just speak for my own views of this.
As I look at what is going on, and I am somewhat convinced by Don's comment, which is a comment that I have made in the past, that without adequate privacy and confidentiality, I am very fearful of beginning to have this sort of thing come out of this committee. I think if we were to see significant activities going on that made me feel comfortable that we were going to have adequate privacy and confidentiality legislation, as opposed to the hope that maybe this week we will get something being presented, I would feel a lot more comfortable voting for something like that. That is just my own personal opinion.
But obviously, we haven't voted yet, but that is just as part of the discussion.
DR. DETMER: Just to test Simon's rule here, assuming that you had a law that met our guidelines as we put them forward on privacy and confidentiality, assuming those recommendations had been put into law, then would you favor a unique identifier?
DR. COHN: Yes.
DR. DETMER: On the basis of our own work.
DR. COHN: Assuming that there was a cost-benefit that identified that it actually didn't cost the country money, and it saved the country money.
DR. LUMPKIN: I think that for process, it might be easier if we first voted to add on the introductory statement, which was that implementation of any unique identifiers should be delayed until we have a national privacy act, consistent with the position of the committee.
DR. STARFIELD: Do you accept that amendment?
DR. MC DONALD: No. I'm not saying we don't want to have that. It is in the law that they are going to have that. There is already a law that says we're going to have privacy within X years. I'm afraid if we get it tied in too tightly to this, it will get -- no one will do anything, I don't know where we can go.
Help me with this. Is there anything that anybody can do with this if we have those kind of conditionals on, where we can't know what is going to happen?
DR. WEISS: If we don't have the law, then the Secretary is going to put out regulations, written by the same people who are opposing these identifiers.
DR. DETMER: But that is why I was asking about something that met the standards of our report, because I would like to think that the Secretary, if she did go the regulatory route, would reflect on what we had talked about.
DR. WEISS: I think that would be consistency there.
DR. STARFIELD: We can always do what we want with this motion and then have a second motion.
DR. MC DONALD: Yes. I think it is getting too tangled.
DR. MAYES: I just wanted to make one point. I think that through all the proposed notice of rulemaking that we are putting out, one of the thoughts is, we are putting this out for comment. We in fact are inviting extensive comment on the others, and we would of course want to invite extensive comment on this.
I don't know how the committee feels about the recommendations, but we certainly feel that if we get a lot of comment on any of our proposed rules, we are going to go back and rework them, based on that comment. So when we go out with our proposed rules, it is not a take it or leave it, you like it or you don't like it. It is, give us your feedback, we will then take it back and rework it. We may in fact come out again if the comments are substantive enough, saying we are going to start over and show you something else.
DR. FRAWLEY: That's a good point, Bob. One of the things that I am concerned about is that we are seeing these reports for the first time. We really haven't had a chance to even talk them through, and now we are voting, which is kind of scary.
We haven't even had testimony from industry. We haven't had a chance to talk to people in terms of -- most places right now have a medical record number, a patient account number, social security number, a series of data elements.
We heard in California that the state of California is going to mandate their new proposal starting January of '98. So if California says thou shalt start using the FHOP proposal in January, we have no information on what impact that is going to have on all of the providers and plans in California. If we turn around and say you're going to go do this, we are pulling numbers out of the hat.
I understand we are supposed to have a notice of proposed rulemaking out, but on the other hand, I don't feel comfortable voting on anything, because I'm still trying to cross walk between Solomon's report and looking back at this report. I see sentences in reports and I say, wait a second, according to who is this information coming from.
We haven't even given it a chance for anyone from industry to come forward and say, these three proposals, we have tried these, this is what works, this doesn't work. We just don't have any input from anyone. There are people sitting in the audience listening to this discussion and we have -- I feel very uncomfortable.
Every other topic we have approached very thoroughly and gotten a lot of information. I got these on Friday, and I still haven't finished reading the other report yet.
DR. STARFIELD: There was one thing. Solomon had a table in this draft one. Is he here? Come join us, please. He had a table at the end. Now that table is gone. I think we asked him to take it out, if I'm not mistaken. But now we have an unlevel playing field. We have one report that has got a table on the end where it has been deleted which hampers us. At least we could have seen how they were rated by two different --
DR. COHN: This is obviously feeling very hurried. I tried to read it over, and trying to cross walk things, plus getting new drafts without revision marks on them from various groups makes it a little hard also.
But we need to be very clear that we are the National Committee on Vital and Health Statistics, and we are not the Department of Health and Human Services. It is our job to advise HHS as a public advisory committee to the best of our ability on what we think are the right answers to these issues.
We are not required, at least as I read the law, to recommend a unique health identifier by 12 months after the law is passed so it will go into proposed rate making. If we for example feel that it is foolish to proceed on this until confidentiality and privacy is handled, I think we need to say that. I think we are empowered to say that.
DR. STARFIELD: The only problem is, if we don't act, others will act. There will be action on this, and should we be weighing in.
DR. COHN: No, I'm not saying if we feel that we don't say anything. I am saying that we write a letter saying the type of thing that I am just describing, that we advise you stop, you not do this, that it is against the public interest. That is what we send in, as opposed to saying, we know you need to do this by then, so therefore, even though we don't have an answer, we don't feel we have done due diligence, we're going to give you our best guess because of the time frame.
DR. STARFIELD: Also, I'm going to ask Marjorie to comment on this. The core data set did recommend a unique identifier, and there were hearings that led up to that core data report, which I don't think should be neglected. There isn't a lot of history around this table, but we do have that.
MS. GREENBERG: I was thinking about not just the core data element, but many years before on the UHDDS and the uniform (word lost) care data set. The committee recommended a unique identifier, and where we are now saying we don't want to recommend one would be inconsistent.
But I don't really think so, in the sense that -- yes, when we have the round of hearings on the core data element, and it says that right in the report, the single most important element identified by the people who provided testimony was a unique individual identifier. Everyone agreed that that was the most important element that there had to be agreement on. That basically validated everything that the committee had been hearing in the years before.
But the language of the committee's report -- I don't have the core data element report with me right now, believe it or not, I usually carry it with me all the time, but the language in that report and the earlier reports mentioned with appropriate privacy protection. I think having now gone through a whole process of hearings, et cetera, both the process that the department has gone through and the process that this committee went through, it is documentably obvious that there is not adequate privacy protection.
So I think to back away from even thinking it is a good idea to have a unique identifier would seem to be a leap backwards. But again, this committee is free to make whatever decisions it wants. But I think it is consistent that supporting a unique identifier with appropriate privacy protection, and then you just have to decide where you want to be at this point.
DR. MC DONALD: If I could let the motion change and say with appropriate privacy protection, rather than insist on a new law being passed, because we actually have other stuff in the current law that should get to something, that may make it move a little better. But I think it is ludicrous that we are the agency that we are, which is national health and vital statistics, where you can't count them and you can't statistic them. If you don't have a unique identifier you can't do any of it. So we are just throwing away out of the brouhaha any kind of coherency for what this organization has to do.
DR. STARFIELD: Do you accept the amendment?
DR. LUMPKIN: Sure, I do. I think that I would like to explore our options. If the committee takes no action, then our prior position is what is out there, social security number with a check digit, with the appropriate privacy protections.
So I think in a sense, we need to come back to where we are at, which is, do we want to change anything, now that HIPAA is there. I think because of the issues that were raised -- and this really comes out of testimony we heard at our hearings, we are even considering a non-number identifier system. I just have difficulty believing that no matter what system we are talking about, even the system in California that we saw, there is a computer number that is generated.
There is a data representation of that person. Now, how they get to it, whether or not they carry a card in their wallet that has their numbers -- I can never remember my drier's license number. I just can't remember it. I can remember the first three digits and that is it. I can remember the first letter, which is L, which is the same as my last name, but it has a certain utility.
So I really believe that if we can't get to what the numbers should be, if we want to pull back from social security number with a check digit, I really believe that we cannot make a recommendation that is not a number and say that we understand the systems of identification. It should be as simple a number as possible.
DR. DETMER: As you say, the committee does have a position on record. We haven't heard all the testimony and the cost data and a whole variety of things on the implications of this, nor in fact has the department on what they have done.
One other option would be to let things sit, saying this is the current stated position of the committee, but that we see a need to clearly explore this iteratively with better data, because it not only is frankly a major issue aside from the privacy issues, there are major efficiency issues in this and cost issues in this.
DR. STARFIELD: You are talking about the particular number now, rather than whether we should have one?
DR. DETMER: Excuse me?
DR. STARFIELD: You are talking about the particular number now, rather than whether we should have one? When you talk about cost implications.
DR. DETMER: We are on record in the core data set for a number with privacy protection. That is already on the record from this group, as what is warranted. I think the point is, we on the other hand have not embarked on what does that mean in the contemporary kind of sense. Would we in the process that we are under otherwise come out with further refinements of that? We are on record for a unique identifier, and we are on record for privacy.
DR. STARFIELD: Well, I'm not a parliamentarian, but I think we have to vote on the motion if there is a motion there, unless the motion is withdrawn.
DR. MC DONALD: Well, the motion was amended to say with the appropriate privacy --
DR. STARFIELD: Apparently we are already on record for that, is that right? Or maybe not. I think it is useful to reaffirm it, if that is our intention.
DR. LUMPKIN: Eventually, before we move to the next item of business, we have to retire that motion. As long as we are discussing that motion, would it even be in order to table that motion, or to vote or defeat it. But I don't think that needs to be -- at least from what I have heard, we haven't changed from our discussion of that particular motion.
DR. STARFIELD: What I am going to suggest is that we take care of this, whether we have it or not in one form or another, and leave the other issue for subsequent discussion.
DR. COHN: I'm not sure what you just suggested.
DR. STARFIELD: What I suggested is that we take care of it, whichever way we see fit, whether we have a number or not, and then table --
DR. COHN: Okay, then I propose that we table the motion.
DR. LUMPKIN: Second. You have to table it to a specific time.
DR. MC DONALD: No, you can table it indefinitely or table it to a time specific -- there was a lot of enthusiasm, but I think it has cooled down. But I really think we are not stepping up to the plate. There are ten people around this table who have thought about this intensely for the last five years, so we are not quite saying what we know.
You have heard testimony all over the place about this. You have some strong feelings on it. It is not that you don't know anything about it; it is that you don't want to say it.
DR. STARFIELD: I don't want to leave it on the record that we haven't had hearings. We have had hearings. It hasn't been in the past year. We have had hearings.
DR. MC DONALD: I will withdraw the motion until we can move the meeting.
DR. STARFIELD: I think we probably ought to take this up later on today or this evening, and move on to the next item on the agenda. Mary, do you want to weigh in before you go?
DR. BRAITHWAITE: I don't know if Mary finished.
DR. EMERSON: No, I had finished.
DR. STARFIELD: Solomon has joined us now.
DR. APPAVU: I thought mine was done. I brought an updated draft of what was distributed. It is a little bit more readable. I noticed that it was difficult to read, so I was going to pass this out. It has no change in the substance. You may not want to read it now, but I will distribute it for the record.
DR. BRAITHWAITE: While we are waiting for that to be distributed, I should point out that even this year we have had a significant number of hearings, both on the privacy side, in which a great deal of sentiment was expressed about what kind of unique identifier ought to be used. On the standards side, which expressed -- at least a dozen different witnesses testified about what they felt about that.
So even though we haven't had a hearing on this particular topic, it is not like we haven't heard testimony about this topic throughout the last several months of hearings. So I don't think we should ignore that.
DR. FRAWLEY: No, I agree. But the point is, when we had the coding and classification here, and we asked people specifically to come in and talk about the systems they were using, talk about the strengths and weaknesses and what problems they saw and the problems they saw and the costs associated. We got specific data from people and made the decision to continue with the present system through the year 2000.
So the problem is, if you narrow it down to two or three choices, it would be wise to get some input from industry. I agree, we have heard a lot of testimony. But the point is, we haven't put something out there for people and said, tell us what you think. At least with the coding and classification, we said to people, here is what our thinking is, tell us what you think, and we got some good input from industry, and modified some decisions as a result of that.
DR. BRAITHWAITE: So are we ready to narrow it to two or three choices that we can get further input on?
DR. FRAWLEY: I would love to hear Solomon's report, and at least be able to walk through it, so we understand what we have got in front of us.
DR. APPAVU: You have got the revised report. I prepared a two-part report. The first part, I went through all the process of the unique identifier, its components, its purpose, its functions, and then the second part basically an evaluation of every option that is available.
I don't want to go through all these slides that I just passed through, but I'll go to the substance of the report and rather answer your questions than make a presentation.
In the last meeting I went through the study plan and the analysis approach and all those things. We started out with eight options, and ended up with 13. If you include the manual, it became 14. We are looking at the unique patient identifier, and then alternatives to the unique patient identifier.
When I closely looked at the different options, that is how it came down. There are seven unique patient identifier options, like social security number, universal health care identifier, parametrics identifier and so forth. Then there were seven other identification methods, which are basically based solutions: directory surveys, core (word lost), patient identification and so forth.
That is on page three, the UPA options, the various options that are available, UPA options and alternatives to UPI. So those are the seven unique patient identifiers and seven alternatives to unique patient identifier.
If you notice, there was a lot of discussion about the family health outcomes project core data elements in the previous session. It basically turns out to be a software approach. You take a set of identifying data elements and then use computer programs to clear the value, and that is used as the identifier. But it changes. If there is a typo or if there is a name change, if anything happens, that value will change. So it is strictly not an identifier; it is a software solution. So all those things are listed under alternatives to UPI.
These things can be further divided into two categories. One is a new proposal and existing identifiers that comes with some enhancement. For example, the social security number is an identifier and has been there for a long time and is used widely. With enhancement, it can be used as a unique patient identifier.
The existing medical record number. If you look at the HL-7 mediation process as well as the (word lost) patient identification service process, you can use the existing medical record number for identification purposes. That is again based on software solutions.
So you can take the existing solutions and add pieces to that, and make it a process that will do the job. It is not an identifier, it is not a unique patient identifier, medical record number, but you can use that to accomplish the task. Two options, the existing options and then the new proposals.
I'm not going to go through the security measures. For easy reference, the reports consist of nine different parts. You probably looked through that. The findings; as I just said, identifier that are already in use, identifier that are new proposals. The new proposals are more at a conceptual level.
I said this in the past meeting, and I made more investigations, a lot of discussions in detail with the proponents of the various methods. I had extensive discussions, numerous calls and so forth. All these options are at a conceptual level.
One of the other things I did was looked at the various components that an identifier should have. An index identifying information, security protection, some masking encryption kind of thing, check digits and so forth, and then the infrastructure that is necessary for that unique patient identifier.
Altogether, it came to like six different components. I believe they are on page two, the last slide, components of UPI. The identifier identification, information, the index that links the identifier and the identifier information, mechanism to secure the identity. That is basically to mask the identifier. When you transmit confidential information like an HIV test result or whatever, you use the mechanism to hide the identifier itself. Then the technology infrastructure and administrative infrastructure. The technology infrastructure rests at both ends, in the (word lost) organization as well as the governing body. One of them has to have the necessary infrastructure. Some of the options present a lot of difficulty in doing that.
In addition to the 30 criteria that the ASTM standards provided, I used these six components identifiers should have. Any identifier proposal should have these six components.
What are the findings, what are the results? The findings are basically -- the key issue is privacy and confidentiality, the check digit, the encryption. Those are the primary concerns still. The key question comes down to what do we do, whether we enhance an existing option or we start with a new identifier, new identification method, abandon both of them and go with a software solution. So those are the three major things that are existing at this point. You can take an existing solution and improve it, or you an go with an ideal solution, or you can leave both of them and go to a software based approach.
The software based approach is not an identifier approach. A lot of times you use patient information, a patient's name, age, sex and so forth. We do not want to use the identification information explicitly while you are communicating, while you are transmitting information, so that is not a good approach. But that is what is used to buy software based solutions. It will help if you have a unique patient identifier. Both the HL-7 as well as the (word lost) representative indicated that if you have a unique patient identifier, that will help the process. In the absence of it, they will use the data element themselves to search, match and all those things.
One of the other things that needs to be there as part of identification information is the location of the previous sites of care, where the patient's record resides. The previous sites of care information should be part of that.
One interesting proposal that is based on the birth certificate, it has a three level identification data. The first level is permanent data, like the date of birth, place of birth, which never changes, and then information that accumulated over a period of time, like social security number or driver's license or whatever we get over a period of time, and then the third level you have -- this proposal tracks the different episodes of care, where it was provided, the provider I.D. and the location, type of service and so forth.
That is a very key thing, if you want to communicate nationally, if you want to transmit information, if you want to integrate information, if you want to clear a longitudinal patient record, if you want to aggregate information, you want to know where that data resides. That is not addressed by most of the options. Almost all of them except that one that I mentioned, that was the last one that I received during last week, none of them address that portion, where data reside, how do we reach them.
The bottom line is, what do we do, enhance an existing option, start with a new (word lost) or develop software based solution? Not all the components that are addressed by any of this proposal -- in other words, none of the proposals address all six components that I identified. The alternative solutions like software based solutions have limited focus. They only look at the interoperabilities, searching and matching. But you need the patient identifier, the patient identification, a positive identification of the patient for several things. For the delivery of care, if you are going to do a blood transfusion or an important surgical procedure, sensitive tests, all of them need positive identification. If you use a software based research and matching mechanism, those things do ont address those functions.
So most of the alternative solutions do not address the identification of the patient, but only the identification of information, where the identification resides, and then identify that information and bring it back. It doesn't address all the basic functions of a unique patient identifier.
The new options are not implementation ready. They are not ready for implementation. One of the options - - as I was talking to the proponents, talking about, do you have check digit, and what is check digit and what is encryption, all right, we can do it, we'll add it. So they are all in the conceptual level building their thoughts. They are all building the concept, and most of them are not ready. Some of them are more complete than others, but most of the new options are very conceptual, very basic conceptual level. They are not implementation ready.
Also, the new options lack infrastructure, the administrative and technology infrastructure. All of them are not adequately addressed by them, at least. Some of them can (word lost) these are implementation issues, these are policies, organizational policies, so these are not covert.
The infrastructure issue is not addressed by the new proposals. The options are not ready for implementation. The strength of those new proposals are, they address longevity, they are universal, they are unique, they address encryption, therefore security, privacy and confidentiality, they are all there. They have check digit for data collections. So all those are new features and functions the new options bring, but some of the most important things, the infrastructure and a few other components, are not a part of that.
So what are the courses of action that are available? In my view, there are three courses of action available for the committee. It is not my charge to make any recommendation, but I wanted to bring to your attention these three courses of action that are available for the committee.
You can look at the identifier that is used the most as a unique patient identifier, look at the one that is most ready in relation to other identifiers, and the one that meets most of the criteria, the unique patient identifier as well as the components as well as the basic functions that they need to fill. You can look at that and select one.
Then after you selected that one, you can look at all the missing pieces, like the encryption, like the check digits, like the infrastructure issues and all the other things, and you can add that, or you can choose a brand new option. There are many of them. As a matter of fact, most of them, like 12 or maybe 11 of them, are new options. You can look at them, choose one of them, and develop it and use it. Allow the industry to bring forth those kind of solutions and do that.
The third thing is, since these are not ready, since the new options are not ready, the old options are not perfect, you can choose to wait and let the industry serve as a catalyst and develop these options and wait for that, and then assess the situation at a later stage.
These are the three courses of action that are available. As I mentioned, none of them address all six components that I outlined, and none of them address all criteria. Some of them are good. Some of the identifiers say they meet all of them; still it depends on the differences in the policy and the difference in the infrastructure that needs to be put in place.
So these are my observations. I will be very happy to answer any specific questions.
DR. STARFIELD: Thanks very much. Are there any questions?
DR. MC DONALD: In your report, the thing called section two looked like a conclusion. Did you mean that?
DR. APPAVU: The one that I distributed just now?
DR. STARFIELD: Yes.
DR. APPAVU: I'm sorry, I didn't explain that. The report part two replaces the social security number. My part two report has about 13 template reports. I noticed the social security number was missing several things, so I revised that.
DR. STARFIELD: The first item on the agenda, we are going to discuss the payor I.D.
DR. BROSEUER: First of all, I'd like to thank everybody for inviting me here. Instead of doing a formal presentation, I thought I would just pick up where we left off the last time at the April 15 meeting with some issues and concerns that the group here had voiced, and I think we have come to some conclusions that we would like to present to you guys today.
The high level enumeration was one of the ones that we had some questions about, and I would like to further define that one. Payor I.D.s are going to be assigned per -- one payor I.D. per legal entity. We have defined a legal entity as a health plan.
Now, the legal entity -- if a health plan has separate legal entities within its business structure, like managed care or indemnity plans, they will also receive a payor I.D. What we had hoped to do would be given sequential numbers so that the main company, the head of the business structure, would receive the payor I.D. and any smaller business entity within that corporate business structure would receive a sequence within that numbering.
DR. COHN: Which adds some intelligence to the number, in a sense.
DR. BROSEUER: Somewhat, but it is not systemic intelligence. That was one of the big points we raised. So we were trying to keep it where -- a lot of the organizations wanted the identity to be known by the number, and so this was an option that we came up with.
One of the problems that we had with blocks of 100 was that the entity could assign payor I.D.s to everything and anything that they wanted to, including processing locations, which took away from the uniqueness of the payor I.D. number. So to eliminate some of that, we went back to the drawing board and this is what we decided, that one payor I.D. per legal entity also identifying the health plan, if it was a separate legal entity, the HMOs, the PPOs, the fee for services, the points of services would also receive payor I.D. numbers.
DR. WEISS: And these would all be assigned by the registry?
DR. BROSEUER: Yes, the registrar would assign those numbers.
DR. STARFIELD: I am having a little trouble because I have nothing to look at. So I am searching for something to focus our attention. What are we really focusing on in this discussion? I know it is the payor I.D..
DR. BROSEUER: We took the minutes that were sent to us from the April 15 meeting. I went through them and there was basically four issues that the group here wanted further discussion on. We went back, we looked at those, and this is basically where we are coming back today.
DR. STARFIELD: Okay. Why don't you just tell everybody, so we know what it is? The subcommittee in their packet got -- we didn't get a document that explained the differences from the previous version.
DR. BROSEUER: No, no. But I think everybody should have at least the --
DR. STARFIELD: Everyone should have the latest version of the NPRM. There is a little cover memo from me, saying -- the subject matter being NPRM for national standard for identifiers of health plans for payor I.D. It should be in your blue packet. Everybody got it?
DR. BROSEUER: One of the other issues that were raised in the -- I'm sorry, Bill, go ahead.
DR. BRAITHWAITE: I just wanted to ask a question. Since the original idea of assigning the blocks of 100 was for the payor organization to sub-assign to whoever they wanted, now the registrar is going to assign the numbers uniquely to each legal entity.
DR. BROSEUER: Correct.
DR. BRAITHWAITE: Why are you still trying to put those numbers in sequence, and all of the problems that ensue from that?
DR. BROSEUER: We heard from the industry. One of them, I think it was the Blues, told us that they still liked the idea of being able to identify a number by sight, not just happen to go through the plan. They became comfortable with associating a number with a specific plan. Therefore, if they know that a plan has the specific nine- digit number -- because we looked at the sequencing like in the seventh and eighth position, so if the first six positions of that number means one legal entity, we know that if the seventh and eighth change, it still belongs to the original organization. Like, Blue Cross/Blue Shield of Maryland, they have a nine-digit number. Their HMO free state would have another nine-digit number, where the first six would be the same as -- all the same, the first six digits.
DR. BRAITHWAITE: And they understand that that is only temporary, in the sense that as plans come and go and get sold and merged and so on, that that intelligence will gradually diminish the value?
DR. BROSEUER: Yes.
PARTICIPANT: The other thing is, by allowing the sequence of numbers, it allows us to tie entities that are affiliated together. So it affiliates those legal entities under a health plan.
DR. BRAITHWAITE: That is what the database is for.
PARTICIPANT: Right, but that is what the sequencing allows us to do also.
DR. MC DONALD: I think there is probably a UPC like thinking, where you give a manufacturer a stub and let them use the other numbers internally the way they want. But then two digits isn't going to do it either.
DR. BRAITHWAITE: Except they changed their thinking. Now they can't do what they want. They have to go back to the registrar to get a number for each legal plan.
DR. BROSEUER: At one time, what they really wanted was to be able to hook a payor I.D. number to a processing location, which like I said, loses the uniqueness of a payor I.D. It is not to identify processing, it is to route those transactions where they have to go, but also -- so that is why we changed that way of thinking on that one.
DR. COHN: I just wanted to get a little more clarification, and I apologize if I am asking you something that you correctly answered just a couple of minutes ago. But I want to understand a little better about how you were dividing the numbers up.
We had talked at times about the level of granularity of the programs. So these are not actual things that are being marketed. These are our plans that are stated based, national based, however the --
DR. BROSEUER: Or company based.
DR. COHN: Company based?
DR. BROSEUER: Yes. It is in the company's own business structure. And there are many ways that they do that. We have been looking at it to identify the health plan, assigning a payor I.D. to the health plan within the business structure.
DR. COHN: And you are able to define that as a separate entity. Does it have to be a separate corporate entity to get a separate number? It can't just be a division?
DR. BROSEUER: If division means another processing location within the building, no. It would have to be a separate entity that a plan could be identified with that.
DR. COHN: What I meant was, I'm trying to get what your definition of plan is. So you are talking about a separate corporation that has its own employee identification number and other things like this.
DR. BROSEUER: Yes.
DR. COHN: Would a single plan that involves multiple states be considered one plan or be considered multiple plans, one each in each state?
DR. STARFIELD: What is the example, Simon? A single plan that evolves from a state plan, is that what you said?
DR. COHN: Yes. I was just trying to think in my own mind -- because of various peculiarities, sometimes there are state laws that are sometimes a unified plan that may involve multiple states, but might have to have separate entities in other state environments. There is one plan that handles multiple states. I was just trying to figure out whether state boundaries had any relationship to that, or state coverage characterizations. Does that have any meaning, or am I making useless characterizations here? It would just be on the basis of whatever corporate entity was structured?
DR. BROSEUER: Yes.
DR. COHN: If that corporate entity got changed in any way, say it was an HMO today and it became a traditional fee for service tomorrow, does that stay the same number, or does that get changed?
DR. BROSEUER: That would be changed.
DR. COHN: How would you know that that --
DR. BROSEUER: The entity would have to come forward to make that change.
DR. COHN: And why would it be changed then?
DR. BROSEUER: To keep the confusion down.
DR. COHN: What about if it is a managed care entity selling certain products, and those products change radically, but maybe not to a traditional fee for service? Would that be changed?
DR. BROSEUER: No.
DR. COHN: I'm just trying to figure out where the lines are on all of this stuff. I'm still a little bit confused. But it may become clearer.
DR. BROSEUER: We tried to address the issues as it was in the NPRM, so it might become a little bit clearer as you read that document in front of you.
DR. STARFIELD: Are there any other questions or comments from the subcommittee?
MR. ZUBELDIA: Help me keep the confusion down here. Let's say for instance that a company has an HMO and a PPO that is one legal entity, but they have two totally different businesses, indemnity and managed care. They may be operating under different states. Would they get one number or two numbers?
DR. BROSEUER: Two numbers.
MR. ZUBELDIA: Although it is one legal entity. Will Medicare get one number or one number per state or one number per state for part A and one number per state for part B? It is one legal entity.
DR. BROSEUER: We are looking at Medicare and Medicaid a little bit differently. We are looking at the contractors there; they are separate legal entities.
MR. ZUBELDIA: I'm still totally confused. Why did you make an opening statement that says the payor I.D. is tied to the legal entity?
DR. BROSEUER: Well, even if you were looking at the employer group health plans, there are many employer group health plans. You can't just give a number to them, because there is no way to identify the plans that they sponsor. So each one of those sponsored plans would also receive a payor I.D. But they are separate legal entities within the corporate structure.
MR. ZUBELDIA: So the payor I.D. will be assigned to any legal entity that solicits a payor I.D., and they may get more than one payor I.D., depending on their needs, is that correct?
DR. BROSEUER: Let me back up here. If you have a business, you are an entity, you are a health plan, you will get a number. If you have no other lines of business, no other corporate structures like HMO indemnity plans, you will get one payor I.D. If you go the other way and you are an entity that has different health plans within, meaning HMO indemnity plans, each one of them -- you will have to come forward and register each one of those additional health plans within your own corporate structure.
MR. ZUBELDIA: So a company like Prudential, that runs hundreds, thousands of health plans, will have hundreds or thousands of numbers?
DR. BROSEUER: Yes.
MR. ZUBELDIA: So it is not tied into a legal entity the way most of us think of a legal entity. It is tied to a health care entity.
DR. BROSEUER: Yes. We are thinking of legal entity in the respect of a health plan.
MR. ZUBELDIA: Then I have another question. The payor I.D. that is being used in the industry at least by the clearinghouses today is made up of five digits or five letters or five positions typically, and there may be some exceptions to that. Then within limits, the payors have the ability to define what we call a sub-I.D. So the payor can define together a payor I.D. and sub-I.D. that is necessary for the payor to know how to handle those transactions.
In the NSF and most of the existing transactions in the UB-92, the payor I.D. and sub-I.D.s are distinct fields, to distinct elements. One is five, the other is four positions. If we now go to a payor I.D. of nine positions or ten positions, whatever it may be, is the sub- I.D. still going to be available for the payors to define their own business needs in routing the transactions? Or is the payor sub-I.D. going to be dispensed of and the payors will have to invent a new way of routing transactions internally?
PARTICIPANT: The payor I.D. replaces both those fields, the five and the four digit on the NSF and the UB- 92.
DR. STARFIELD: We didn't hear you.
PARTICIPANT: I'm sorry. The payor I.D. replaces both positions in the UB-92 and the NSF for payor identifier, insurance identifiers.
MR. ZUBELDIA: So the recommendation will be that a payor I.D. that replaces both be issued for any payor that is currently using sub-I.D.s or may need to use sub-I.D.s in the future for whatever reason they may want to use the sub- I.D.s. Then the registrar will assign a new payor I.D. for each one of the sub-I.D.s that they are currently using, is that correct?
PARTICIPANT: The I.D.s that you are currently talking about, one is for primary insurance, to identify primary insurance, and it is really not an identifier, but it is a five digit place where you can put a name of an insurance company, and the four digit is for the medi-gap insurance company if you had a medi-gap policy. It is primarily for Medicare purposes. I'm not sure if private industry uses those fields.
MR. ZUBELDIA: Well, I am sure that private industry is using those fields. That is why I am bringing up the question. The sub-I.D. is used in a number of instances to identify a specific claims handling unit. For instance, when there is a large payor that has a claims handling unit that processes specific insured policies, a specific employer's, then the claims get assigned a payor I.D. and sub-I.D. that identify that specific handling unit. It may be a group of five people in a Florida office, and that is how the claims get routed.
Those are specific needs of the private industry today. If the payor I.D. registrar wants to incorporate those, I don't see much of a problem. But I don't think they can be dispensed of without providing an alternative.
DR. STARFIELD: I'm not really sure that is very relevant to the discussion here. What the industry wants to do is separate.
PARTICIPANT: Let me just make one final comment. I think part of the reason we have these identifiers is to standardize costs to industry. We do have a lot of individual use of different types of suffixes, et cetera, of doing business. That is what we are trying to really move from with the payor I.D.
DR. STARFIELD: There is another comment.
DR. FEIF: Hi, Kathleen Feif, HIAA. This comment I have to make I also would like Simon to listen to very carefully.
Currently at my employer, I have the choice of four health plans: Kaiser, Kaiser point of service, New York Life Indemnity, and (word lost) HMO. How many payor I.D.s do those represent?
DR. BROSEUER: Four.
DR. FEIF: Four. So Kaiser is going to have thousands of payor I.D. numbers, correct? Thousands, because the product that you have offered, the two products that you have offered to HIAA are unique, right? Or do you offer the same product to many, many employers?
DR. LUMPKIN: I might argue that if you have an EIN to identify the employer, and you have the UPID, or whatever we are calling this, payor I.D., you have defined that benefit package.
DR. BROSEUER: Yes, it is a combination of the two.
PARTICIPANT: (Comments off mike.)
DR. LUMPKIN: That is correct, but we said that they would get four numbers. But how they would differentiate HIAA's point of service from state of Illinois point of service would be by the EIN. That is how you would differentiate the package.
DR. COHN: That was what I was mulling about, was whether -- the question is, do other PLS's from Kaiser, for example, all have the same payor I.D. My bet is that even though they may be subtly different, one to another, they probably would have -- I am looking at her, because I'm not sure either. As long as they are within the same state, and by the same --
DR. FEIF: Is Kaiser in Mid-Atlantic a different legal entity than Kaiser in California?
DR. COHN: Yes. It gets a little more involved.
DR. FEIF: It is more involved than that. My point is, we get down to the product line level for health insurance companies and for managed care organizations. So there are going to be lots and lots of numbers here.
DR. MC DONALD: Having heard all of the discussion, I think we have got to be very sure that this number serves industry. That is, there may be elegancies in what we want to get, and I'm going to speak about one in a minute, but that shouldn't supersede the requirements to serve the functions. It sounds to me like there is something, call it a legal entity or something, maybe a little smaller, but something that is unambiguously identifier, and then there is a bunch of plans, and those have different problems and issues. It sounds like for sure, this extra little piece, if it is not going to be in the number, it is going to be in the database.
There has got to be a way to deal with this little piece that -- it could be arbitrarily that organization's internal number used for whatever purpose.
MR. ZUBELDIA: If I can answer that, the database is not a solution to it. If I have a number that says that this is Kaiser and the database tells me that Kaiser offers plans in 50 different states and that the plans are 500 different plans, it doesn't tell me as a clearinghouse how to route that claim to a destination. That is a real problem, because it won't tell the provider how to route the claim, either.
DR. MC DONALD: So the scope of the problem is defined. I guess you're not done, maybe.
DR. STARFIELD: The question is, are you done with us?
DR. BROSEUER: No, not yet. There were a couple of other things I did want to bring up. I think one of the other concerns was the change in ownership. I think Simon went to this a little while ago. If an entity is either purchased or is bankrupt, what happens with that payor I.D. that was assigned to that company? That number is retired. However, it is maintained active within the payor I.D. because of health care transactions that are coming through so they can be processed. But a date is actually hooked on to that retirement time of that number.
If a company is purchased, then the old number is retired and that entity will pick up the I.D. of the new company.
One of the other things that was a concern for the group here was the connection between the ERISA plans and third party payors, and whether you would be able to determine the relationship. The answer is yes. We are expecting ERISA plans to come in to apply for payor I.D.s. When they do, we are asking them for the person that processes their claims. That will be within the database, so the identity will be known on that one.
We have also expanded or modified the system as well to include the identity of the dental, the visions, the drugs and the long-term care plans. There was a request to do this from a couple of the research areas out there, and we felt it was beneficial for them to do that. So that is basically the four issues that were raised before, and we tried to cover them this time.
DR. MC DONALD: You talked almost apologetically about retiring rather than reusing, but I would like to applaud that. Basically, the rule is, you would never reuse any numbers.
DR. BROSEUER: No, it's gone.
DR. MC DONALD: The other question I had is, why just use numbers? Why not make a smaller thing by using some characters? Is this an industry thing?
DR. BROSEUER: From what we understand, if you go all numbers, it is easier on the keypads. Certain alpha characteristics you wouldn't be able to use, because of similarity with the numbers, like the O's and the 0's, those type of things.
DR. MC DONALD: But you have dealt with that in the other part of HCFA with the payor I.D. I like your arguments about it. I think in general, if you are on a keyboard, having more is faster than having less, if you have to stretch out. If you had to type in 20 characters versus 10, you get it back. This digit stuff came from the fact from the old days, when we didn't do well in alpha in systems.
DR. BROSEUER: We haven't excluded the fact that we will not go to alpha, but with the nine-digit numeric payor I.D. we can enumerate up to 100 million health plans, if the need exists. We could have that expansion capability to move over to alpha.
DR. MC DONALD: I think you could do the same with five if you had alpha mixed in with it. You've got to remember the tradeoffs. You get back an awful lot of reduced stroking, which may not be good. But by increasing the character set -- most of this isn't going to be keyed in actually anyway, but when it is keyed in -- I would like to think about it. That is one for the payor I.D., and the provider I.D. is something similar, although the provider I.D. might more often be entered in by hand.
DR. LUMPKIN: I think one factor to consider in that, because we did hear testimony that switching some of these fields from numeric to alphanumeric would require a significant amount of recoding.
DR. MC DONALD: This is a new field. This is a new invention.
DR. LUMPKIN: Right, so I think we have to look at that versus the old fields that were on the UB-92 and other locations, whether or not the costs may offset.
DR. COHN: I was actually just going to pipe in that WIDI when they looked at these issues thought that at least from their view, and obviously they have a mixture of very old systems and new systems, felt they could tolerate some alpha numeric if it were pretty well determined where that alpha numeric was going to start and might be spread from, as opposed to just loading it on. So I think your approach is probably a judicious approach.
DR. BROSEUER: Again, this is what we are hoping. We have got a lot of the information from industry, but I am sure there are industries out there that we have not heard from. So we welcome them to come forward and make their comments. We will consider all of them.
DR. STARFIELD: So this isn't the last time that we will see this, is that right?
DR. BROSEUER: Hopefully, this is it.
MS. GREENBERG: You may have covered this in the beginning when I was taking care of some other business, but you have included some amount of taxonomy?
DR. BROSEUER: Yes. We went back in and we included the HMOs, the PPOs, the fee for service and the point of service as a taxonomy. That is not part of the number, that is part of the database.
MS. GREENBERG: Right. Is that in the --
DR. BROSEUER: Yes, it is.
MS. GREENBERG: I just haven't been able to find it yet, okay. Thanks.
DR. BROSEUER: We had talked to several organizations, and those were the four that seemed to be widely used. So they said you might get a combination, but that is not very often. But this is what we would like to see.
DR. STARFIELD: I think combinations are common, and I don't know how you are going to decide whether it gets the same numbers, one of the two parents -- anyway, thanks very much. I think we are going to move on.
Pursuant to the discussion we had this morning, I'm going to ask John Lumpkin to chair this part of the agenda on security standards. Five minute break? All right.
(Brief recess.)
DR. LUMPKIN: We had some discussion this morning on the draft letter on security. Having heard that discussion, does anybody want to change our letter? Okay, let's go ahead.
DR. FRAWLEY: I made notes from the discussion this morning on the letter, in terms of some of the comments. The only thing I wasn't -- I know Barbara had talked about expanding the letter to focus on some of the other areas of discussion that came out in testimony. I guess the only concern I have there is that without the transcript, we would really have to rely on what --
DR. STARFIELD: Well, I actually have the transcript upstairs, but I don't think we want to review the transcript. I think what I was really driving at was for each -- first of all, to explain what each of these are, and second of all, to identify the major issues that have to be addressed in them, and third of all, to really hit on the point that every organization has got to do these things if they want to be in the game.
DR. LUMPKIN: I was wondering if -- we probably need something in maybe another introductory paragraph or something that talks about why this is important and what this means -- why this is different than the other recommendations that we have done. A lot of this relates to organizational practices as well as standards. And probably to discuss the scalable nature of our response, and that we think that we are beginning, and that we would expect as time goes on that as the use of security in the industry begins to mature, that the specifications would become more specific.
I suspect by the next time we revisit this in a year or two, we may have a workable standard from an SDL that we can adopt flat out.
DR. MC DONALD: A guideline, maybe. You can't automate most stuff in life, the truth is.
DR. LUMPKIN: Sorry, that doesn't compute.
MR. ZUBELDIA: I have a question. Is the recommendation explicitly that the Secretary shall not adopt a standard for security?
DR. STARFIELD: No.
DR. MC DONALD: It isn't like a standard for RSA. It is just a whole bunch of processes and procedures and approaches and beliefs and enforcements and watching over.
DR. LUMPKIN: Did anybody happen to bring a copy for the record?
MS. GREENBERG: I have it.
DR. STARFIELD: I have it also.
DR. LUMPKIN: Is there a glossary? Could we perhaps lift out that glossary as an appendix to this letter? I think probably that would define these terms that may be not clear, like authentication and access controls. We can take a look at that.
Were there other things that we wanted to do?
DR. STARFIELD: Well, I took notes this morning, so why don't I remind you of what you suggested?
DR. FRAWLEY: There is no glossary.
DR. LUMPKIN: There is no glossary?
DR. FRAWLEY: There are terms defined within the body of the report, and the security team at HHS has been working on compiling a glossary of security terms. There are recognized definitions out there that could be incorporated into this letter, if that is what you were looking for.
DR. STARFIELD: Yes, I think that is the first. There were similar suggestions made this morning. You made one which I thought was roundly supported by the people around the table.
DR. LUMPKIN: That is probably why I didn't write it down.
DR. STARFIELD: Dr. Lumpkin recommended this morning that we add some language in the letter recommending that HCFA put into place standards for participation, that they have to address these things in order for participation in Medicare and Medicaid. So that was one idea.
Bill then had a suggestion that we should specify the criteria against which the principles can be judged, and that this would be necessary to provide the Secretary with some guidance.
I think you mentioned in your oral presentation that in fact, there are technologies out there. The biggest problem is implementation. The letter needs to say that. You also made the point that there are many solutions that can meet the principles, and it probably isn't necessary to decide on any one or more of them now.
Somebody also mentioned that it would be helpful to mention what the problems are, the costs. And we need to indicate how forcefully you feel each of these principles can be implemented, given the current technology. Those are the main notes that I think I've got down.
DR. JANES: Also, you had made an analogy I think to this being an evolutionary process and where we are in relation to quality standard for health care delivery versus where we are in relationship to security standards. It seems that what we are talking about here are really structural standards, to extend that analogy, meaning the capacity to secure data, as opposed to actually securing it.
But I would suggest that we could perhaps go a little bit further towards some process standards, by not simply saying on the second page that there be some organizational practices, such as the presence of certain committees or a data security officer, but that in fact the organization have some methods for measuring compliance with these principles within their own organization, that they have some monitoring in place.
I think we are not ready necessarily to define standard monitoring measures across the industry, but at least that an organization doesn't just put these in place, but actually checks whether they are working, and has some measures to be able to assess that.
DR. MAYES: I think it would be useful to keep in mind that there are a number of industries in this country that have very well developed, very well defined, very well implemented security systems and standards, that deal with information nationally and internationally. So it would be useful to separate the idea that security in general somehow has not been well developed or is not understood with specifically the areas in health care that there is a concern about.
We have had in fact the presentations that were made before, that basically pointed out that in finance, for instance, this is not an area that they are particularly questioning anything on, because they have got something in place that works pretty well. And certainly defense.
DR. MC DONALD: Yes, but those are highly circumscribed, in contrast to what we are talking about here. In defense, like Class A, whatever it means, you've got to have microwave impermeable walls. Well, how are we going to do that in hospitals? Because otherwise, you can read keystrokes.
DR. MAYES: But C-2 doesn't, for instance. There are --
DR. MC DONALD: But those are at a much lower level than the things we are talking about. Some of them would apply, definitely.
DR. MAYES: Right. I am just separating out the fact that it sounds like in some parts of the discussion we are building a brave new world that no one has really worked in, but actually we are not. We are looking how to apply existing technologies and to a large extent, existing practices. And security practices I think are -- fundamentally, good security is not industry dependent. The specific application is perhaps industry or even sub-sector dependent, but the fundamental practices -- it is like good software design. It doesn't really matter whether you are designing health care software or others.
DR. LUMPKIN: In fact, if you were to put the computer next to the MRI magnet, you would be able to be impermeable, too.
DR. LAVORNE: Can I address that a little more fully? My name is Jan Lavorne, and I have been working information security in excess of the last ten years, and three years in health care security.
My estimate is, about 90 percent of the requirements that health care has are very similar to what the financial industry and a couple of other industries have. There is about a ten percent difference. Mainly it has to follow in the types of authentication that you want to do and the levels of access control that you might want to have, and also in the types of tokens that you might want to use for authentication. The rest of them are pretty much the same.
In fact, if you want, I can see about getting a set of software. There are actually documents in software out there that you can do to write your own security policy that list most of the requirements that health care have in it.
While it is new to health care, it is not new to other industries. Banking has been doing this for 20 to 25 years, and have a pretty good track record.
So my opinion is like I said in the August 6 hearings. Let's not re-invent the wheel. The whole idea here is to do cost effective security. To do that, you need to do your risk analysis, like I have said before, but you also want to be able to use as much of the software that is off the shelf that you can. By doing this and looking at the similarities rather than the differences, there are ways of integrating all of the cryptography type things that are currently being used in other areas, and are based on industry standards in the health care software and information processing.
Thank you.
DR. STARFIELD: While we are waiting, Marjorie, when will the transcripts be summarized? When will we expect that will be available? I wonder whether that wouldn't help us put the letter together.
MS. GREENBERG: You have the transcript. When are the minutes going to be ready? I don't have an exact date, but I can give it to you. We've got the transcript in the last weeks, and we have a lot of other minutes backed up. So as soon as possible, but I don't have a date for you.
DR. LUMPKIN: I think that perhaps on this document we have got some comments. We probably just need to draft another version.
DR. FRAWLEY: I'll volunteer.
DR. LUMPKIN: Oh, you're so sweet.
DR. FRAWLEY: What I will do, if I can borrow your book, I'll do another draft between 5:30 and 7:00, and then we can take another look tonight.
MS. GREENBERG: Do you want us to bring you dinner?
DR. FRAWLEY: I was figuring on doing it wherever I was having dinner.
DR. COHN: Thee was actually one question I wanted to bring up about all this. As a comment, I agree with virtually everything that is here, and maybe all we want to do is just add a little more information, as well as defer the criteria question for further evaluation.
I think the only question that I had had to do with some of the testimony back in August that had talked about -- as we know, the DoD has done lots of work on this. There are these rainbow series of books, and we all keep throwing around the term C-2, which as I understand has some relationship to characteristics as well as in some ways criteria. I think some of that is included here.
I wasn't exactly sure what the mapping might be between say something like C-2 and the type of thing that we had recommended, and whether that was something that -- I don't know if that is for this document or for a future document, but the question that I came out of the August meeting with -- actually, Kathleen, maybe you can answer that. Is there a good answer?
DR. FRAWLEY: Well, certainly in this area, we have the rainbow series, and then we heard testimony on the C-2. My only concern is, I wouldn't want to tie us to something that is kind of moving and changing. So I think what I would rather do is highlight some of the points that came out from the testimony, some of the discussion we had this morning and now, use some definitions, enhance some of the recommendations that we have, just make sure that when we are talking about individual authentication, that everybody who reads this letter understands what we are talking about.
Maybe as an appendix, have the list of witnesses, something like that. But I think that one of the things that we talked about at our last meeting is that we don't want to be advocating a particular standard at this time. We don't believe they are maturing enough, and that we know this is a rapidly developing area.
So I just know from the security consultants who testified, there is even within their industry divergent opinions on the rainbow series.
DR. MC DONALD: I think at the level of penetrating the computer, it is the same industry wide. I think that most good purchasers of computers are nowadays aware of that, and you get what you can get.
But there is a different layer of problems. In banking, there isn't the need to trade data between strangers, which really happens in medicine. I'm sorry, I take it back, I don't want to pick on banking. There isn't -- a bank account is a bank account, and money is fungible, and glucose results aren't. So there are some other kinds of problems. Dr. X, who doesn't know Dr. Y, has to take care of patient A because the patient collapsed at his feet when he is making rounds to another patient in the room. So there are all these parts.
These are the policies that get tricky, so we tend to allow more looking at records using the good sense of the institution to control it. But then we've got to monitor that, because we don't have this absolute lock on who can look at it, and the monitoring rules aren't well defined yet, or understood.
We have 400,000 accesses a month. So in a year you get that times 12, whatever that is, and you start to figure out, who should have looked at it. That is not a well defined science yet.
DR. GILLIGAN: Can I just make an observation? This is Tom Gilligan. The gentleman gave a lovely explanation of the uses of data in one part of the health care community. The part of the community that I represent, which is the financial and administrative transactions that go back and forth, has a whole different set of needs. I just want to reinforce that point. God love you.
DR. LUMPKIN: Okay, we have a plan. We'll come back with something after dinner.
DR. STARFIELD: Sounds good. The next item on the agenda is recommendations on the process for changing standards. I don't know that this is something that we have discussed before. I'm not even sure where the agenda item came from. So I would appreciate some background on that.
MS. GREENBERG: Bill, Judy and I discussed the agenda, but maybe Judy, do you want to --
MS. BALL: She was saying I need to talk. As Bill mentioned this morning, the standards that are going to be adopted are not standards for the eons. One of the discussions at the last meeting of this subcommittee was to come up with recommendations on the kind of process that ought to be followed in the future for the adoption of the new standards for the permission to test new methodologies for standards and for revisions to the standards that will be adopted.
MS. GREENBERG: That is new standards?
MS. BALL: Yes, I said new standards. New methodologies, new standards.
DR. STARFIELD: Well, I guess we are pretty expert on doing the standards right now. It is not obvious to me that we have thought about this enough to have a good discussion, but maybe I'm wrong.
DR. LUMPKIN: I think we should have a standard approach to it.
DR. BRAITHWAITE: Well, you understand, the problem in a sense is that the industry, the private sector, has been meeting with standards developing organizations like X-12 and HL-7 and so on to develop standards that meet their business needs. Then they go off and do what they want. In some cases, they use those standards directly, or in some cases they modify them significantly and use them, and in other cases they just do something different. There is no standard in that sense.
Now, we had testimony that it takes sometimes a very long time for a new business need to be recognized in a published private sector standard which they could then adopt. Sometimes it goes into the years. Now we are adding a government process on top of that. We are saying X-12 has now developed a new standard, or they have modified a standard. Now we run it through an implementation team of some kind. We run it up the flagpole, and the standards committee talks about it. It gets departmental clearance, it gets OMB clearance, and eventually, someday it comes out of a modification of the now Secretarial approved national standard.
We have just turned a long and difficult process into a very long, very difficult process. So I guess this is looking at that whole process from a global perspective that this committee represents, representing the private sector's feelings and knowledge about this agglutination now of a private sector and a federal process. What can we do from the committee's perspective to bring these things together in a coherent, more rapidly responsive process which will take a business need and turn it into a change in the national standard in a time frame that makes sense for business implementation, now that they can't do anything else but implement the national standard that we have addressed.
So it really is saying, we have added some restrictions on what the private sector can do, but we have made the appearance at least of a process that makes it impossibly long and complex. What can we as a committee recommend to HHS and to the private sector standards developing organizations that would smooth and speed up that process?
DR. STARFIELD: Does this relate to what you were addressing this morning, on the cross-cutting issues? You asked what would be the infrastructure to support the recommendations, where does the responsibility lie.
DR. BRAITHWAITE: It certainly addresses some of those cross-cutting issues, yes.
DR. COHN: Actually, I first of all want to set expectations for this discussion. I see the title called recommendations on process for changing standards. I actually think this is the first discussion on the process of changing standards. I don't think the expectation is that we come out of this discussion with recommendations that are going to go to NCVHS tomorrow for balloting.
Now, this is a very, very complex area. This not only involves a single standards developer, it also involves -- single standards developers have some issues around syntax and envelope issues that evolve. But there are also content issues, and we haven't even figured out who is responsible for content issues. There are lots of people that have a lot of concern. NCVHS is only one of them. But that is obviously another piece of the evolving transaction and the standard.
This is an area where I think really, what we need to do -- and I think we identified this back in August -- what we need to do is come up with the right questions to ask, so that we can begin to elicit some public comment. I would say that we need to hear from standards developers, we need to hear from other interested parties. I think we can all think of three or five of them pretty easily. We need to understand what their interests and what their suggestions might be on how an evolution might occur. Certainly they have all been involved with trying to come up with things. UCC and UCB have certainly been active in trying to deal with some of the data issues.
It isn't just a question of changing, but it is a question of what sort of ownership and what sort of participation ought to occur as we evolve into the future. As I said, I thought the conversation was really more trying to come up with the questions and trying to figure out what sort of hearings ought to be held on this.
DR. STARFIELD: Let me jump the gun a little bit on this evening's agenda, and say, is this something we want to think about, in terms of the work plan for next year, or put it off for the following year. Let's develop a plan for thinking about it.
MS. GREENBERG: Are the NPRNs going to mention this? Bob, I guess you are the one to ask. To what extent will the NPRNs that are going out in October address this?
DR. MAYES: Not to a large extent. This is actually going to be an implementation guide sort of issue. But it is actually a little broader. Each transaction or each standard is going to have some specifics about this. But there is this whole -- not only is the technology changing, i.e., the wrappers or whatever -- we've got object technology coming down the road, and all the standard organizations are working on them.
But certainly the content is going to change as well, because as we see changes in the health care delivery systems in general, what we define as for instance a claim attachment, we've got an extra year, but it is becoming obvious that it is not just going to be ten attachments or ten standard ones, because people are coming out of the woodwork saying, well, I've got to have this in mine.
So our concern -- and I agree with Simon, this is really just the first initial discussions -- is that we do not -- standards are to be put in place to facilitate the work that we do, to facilitate the business process. Unfortunately, whenever these things get taken over by bureaucracies, there is a tendency for it to become an impediment and to become ossified and to become something that people try to work around, or whatever. We would like very much that this not occur, that these standards that we adopt and the process that goes along with them -- because it is just the beginning on February 21, it is by no means the end -- that these in fact remain dynamic enough, so that as changes occur throughout the industry, they continue to be aids towards moving forward, and not impediments towards that.
So we are really just trying to begin to look for input not just from the committee, but I think certainly through further hearings or whatever.
Now, there are some time constraints. I don't suggest we put it off for years, because we have to come up with something when we start to implement these, so that people can say in one year, February '99, the Secretary could in fact promulgate new changes. So there are short- term and long-term needs.
DR. MOORE: I think something else that goes with that is that as we have discussed these regulations and the data, there are two types of changes. There is adding new elements, which really changes the structure of the transaction potentially, versus adding new codes, which we don't always believe will change the structure. It will take two different processes for changing that.
We don't anticipate -- we would hope that we can make the process for adding new codes to an existing element rather minor, so that we can make that flow easy, so that business can get the business done, versus adding a change in the transaction set dramatically, by adding new data elements for other business needs. That might need a little more discussion in some other place.
As far as new transactions, do we need to have this go through Congress? Because these were mandated by law. I don't know that we are going to come up with regulations that are going to mandate the industry use a new transaction in their own private business. We might be able to do it in Medicare or Medicaid or the VA or one of the government -- but as far as what Aetna does in their commercial practice on a new transaction set, if it is not one of the ten that are identified, I don't think there is any requirement in the law that says that, other than going through Congress, you have the authorization to do anything.
DR. BRAITHWAITE: There is a permission clause for the Secretary to adopt additional standards, where it will save money, and the usual stuff.
DR. MOORE: Who decides what that additional standard be? It was difficult enough just working with the one that we already identified.
DR. MC DONALD: I think we could get mired in the standards that we have now to such a degree that we will never be able to do much of anything. What you mentioned is really the crux of happiness. If we can convert what is now structured in the list of codes, to the degree we can shift the variability in the tables out of the structure of the standard, the easier it is going to be to live.
But we have a lot of funny structure. My favorite example is the UB-92, which may not be there anymore, it says, are you older than 100? That is people there wasn't room for eight digits of the year and date, so that is how you can tell about the century. That is going to get codified in this thing.
But those are the things we've got to clean out. There is lots of that. There are a thousand fields in that database. Some of them are very specific things, like creatinine and PO-2 inspired, and some of them are much more general things, and we've got to get it toward the more general.
The data modelling is going on, and the standards group is going to help with that, but I think we have got to pray for some new paradigms, or we are going to get such a big stack of standards and fields that we will never be able to sort them all out.
DR. LUMPKIN: I think there are some questions we need to ask. First of all, I would be interested in seeing what are the criteria that the SDOs use to come out with a new version? At what point do they say, now it is time to change?
The second is to note that there is an advantage to a bureaucratic delay. There was a time when I used to buy the newest processor that was out, and used to be on the cutting edge. I have discovered that being one or two processor generations behind did not reduce my productivity, but it certainly reduced my costs. So we may not always want to have this process on the cutting edge which we are at, because I think it makes it much more difficult for the providers if we keep on changing. So I am not as uncomfortable about the bureaucratic delays.
The third is that we need to try to have some assessment of impact. The criteria that an SDL may have to change may not be the ones that we would have to change, because it depends upon how big of an impact it is, what kind of a retro compatibility exists with the new system and the old system, so that we actually do a cost benefit analysis. There may be a time for change, but that change may not be beneficial to the industry if it happens rapidly, unless there is some fundamental benefit that exists for making that change, not just because there is a new version.
MR. ZUBELDIA: Let me change hats and ask the co- chair of the X-12N digit two work group 12 in the interactive claim. I am very concerned about this discussion.
First of all, X-12 has a change process in place, whether this committee likes it or not. X-12 is going to come out with at least two, maybe three, releases of the standard per year, release or sub-release, one release per year and two more sub-releases per year.
That doesn't mean that they have to be implemented. It doesn't mean that we have to change every time X-12 has a new sub-release. Traditionally in health care, we started with version 3020, then it was 3122, 3030, 3132, 3040, 3142, 50 and so on. We went past the 3072 and now we are in 4010, 4020.
Out of all those, we only have implemented very few in health care, namely, 3030, 3041, 3051 and now we are looking at 3070 or 4010. So the change process is already established by the SDO. It doesn't mean that in health care we have to change every time the SDO changes. We can go with changes that are significant for our industry only.
It is relatively easy to change codes and to add segments. That is typically done within three to six months of a request, and doesn't take very much time. It takes longer to change a structure, like Bob Moore said, to add a completely new structure to a transaction.
I believe that the proposal is to not change structure for three years after the standard is allotted. So even that is not a problem with the SDO.
What is a problem -- I see as a problem is new transactions that are coming out that have the same or similar name as the ones defined in the legislation. For instance, interactive claim, which is the group that I chair, has put together a transaction that can be adjudicated in real time in a few seconds.
There is already a claim transaction defining the legislation. Will we have to stp the development of the interactive claim because there is already a claim transaction? Interactive eligibility, which is coming right behind, there is already an eligibility transaction defined. Will interactive eligibility have to stop their work because there is already an eligibility transaction? There may be other transactions coming down the line that we don't know yet that probably will need to be developed, and there may be conflict with the same name that is already defined in the legislation.
Obviously, if it is a new transaction that is not defined, it is out of the scope and there is no problem. But those of us that have the same kind of transaction that is already defined for a batch, I would like to see a process from NCVHS where we can be allowed to implement those transactions at least during the test phase to demonstrate that it is working without being penalized with a financial penalty as defined in HIPAA. Once it has proven that it works, maybe even adopted in a new release of HIPAA. But until it is adopted in a new release of the regulations, have the ability to test a transaction somehow.
I would like to see this committee recommend what the process is for that.
PARTICIPANT: The issue of interactive eligibility versus batch eligibility is going to be an issue that will be raised in the regulation that goes out on the transactions. The transaction as it stands now proposes batch, which are more than one transaction, and fast batch, which is one transaction. The intent of the fast batch is that for eligibility or something of that nature, they are going to send it out, and in the same session you get back your response. That might be five seconds, ten seconds. In some quarters, I have heard that they are at seven and a half seconds in response time, in fast batch.
My question is, what is the business need of doing interactive eligibility versus fast batch which is, you get it back in five seconds, or less than ten seconds? Would it add confusion, because I am not sure what is in the interactive transaction set? Is this conversational? You ask a question and you get back part of the answer and that leads to another question?
So I think the committee needs to understand that, because they may be asked to pass on our transaction set, so I would like for you to explain a little bit to the committee the difference between what X-12 considers fast batch and what you consider as the co-chair of that group interactive transactions for eligibility.
MR. ZUBELDIA: I'm not co-chair for interactive eligibility. It is interactive claim. So I'm not sure about interactive eligibility. I want the ability of maybe testing that transaction later on, without being penalized. I want the ability of maybe testing some object oriented messaging later on without being penalized. Maybe we can do some interactive or some object oriented claim later on. We don't know what the technology is going to be in three years. That is the fear that I have, is that three years from now, we will be locked out of any further development in the existing transactions.
But let me answer your question. Interactive eligibility is a conversational mode in which the eligibility transaction during the same conversation could be followed with an interactive claim or it could be followed with an interactive referral. Somebody could do an eligibility -- and during the same conversation determine that this patient is eligible for referral to a specialist, and follow that as one message in the same conversation, not just send, receive the response and disconnect, much like the airline industries have the ability in a conversation to select a seat assignment in a plane, and it is the same conversation in which you make the reservation. The seat assignment, the car reservation, the hotel, it is all one conversation.
PARTICIPANT: But in this industry, where you have the payors having to develop the infrastructure to support the batch for those who want to use it, the interactive for those who want to use it requires significant change, and potentially, additional cost to the payors. We would be mandating that that become the standard.
DR. LUMPKIN: Let me jump in here, because I don't think the issue for us is between batch and interactive. But I think the point that is being raised that I think is very important is, if an SDO comes up with a new changed standard, is there a mechanism for that to be field tested, so that we then would know the answer to your question, not by hypothesis, but by some trading partner having to field test a new version of a standard or a new standard itself that is a divergent point from a currently existing standard. I certainly think we would like to see that being possible.
MR. ZUBELDIA: That is the concern. We have now today several payors that want to do interactive claim, and the concern is that come 2000, they are going to have to stop it.
DR. COHN: Can I just ask an odd question about all of this? Bob, you may want to jump in. As I listen to you talk about interactive claim, I am reminded that one of the chief differences between X-12 transactions currently and NCPDP transactions is the difference between interactive versus non-interactive, at least as I understand that.
MR. ZUBELDIA: Fast batch. NCPDP is fast batch. This interactive claim is developed under Edifact. It is not even X-12 syntax. It is under X-12 as part of the Edifact international syntax. It is ready to go for a ballot in October.
DR. COHN: I guess there will be some evolutionary issues as we move along.
DR. MAYES: If I could just hop in, I am a little concerned, because I have heard this 30 month or 36 month deal before. As I read the legislation, the Secretary can - - the time for the 12 months starts from adoption, not from the implementation. So the change could be made as early as August 1999. So we wouldn't even be waiting 30 months or whatever.
The other thing is, I just want to let you know, I don't know if it makes you feel any better, but the testing issue is one that we are very concerned with as well in the implementation teams. The trick is to develop a system that allows trading partners who have agreed between themselves to test new systems, to produce those so that you can get the data needed to know whether or not to recommend a new standard, while at the same time not just opening it up as a giant loophole, so all you have to do is say, I am testing this, and then you can go forth forever.
So we would be very interested in getting suggestions or plans or models from the industry to help us try and resolve this issue.
DR. STAHLECKER: I'd like to take us back for just a minute to a prior point in our conversation. My name is Chris Stahlecker, I'm with Empire Blue Cross/Blue Shield.
We talked a little bit about a paradigm change. There is one little subtlety about the first set of HIPAA transactions that are going to be mandated. I think when you talk about new transactions, you might lose sight of the fact that some of these transactions that are mandated by law for initial implementation have multiple business purposes. I don't know that new implementation guides have yet been addressed.
For an example here, like a 278 authorization and referral transaction could also be used by a primary care physician to find out what referrals exist for them. But that won't be part of the initial set of HIPAA transactions.
So when you are talking about building in a process for addressing new transactions, you might want to also consider extended use of already mandated or legislated transactions. That might work together with the providers and the payors to get more effective use of the HIPAA transactions, and bring about that paradigm change that we are all anxious to see.
It was just a comment. Thank you.
DR. STARFIELD: Before you go away, could you clarify the example?
DR. STAHLECKER: Yes. With the initial authorization and referral transaction, the idea is that a physician could submit a request for authorization to a payor for sending the patient on to a specialist. Well, over time, all of those authorizations that that primary care physician has created would be building up in a payor's database, giving them privilege.
So sometimes a provider might want to do an inquiry to find out how many outstanding authorizations exist that the patient hasn't really followed up on yet with a specialist. So that inquiry transaction is now part of the first implemented use of a 278 transaction set. Yet once payors have invested in their infrastructure and providers have too, it would be a great sense of building upon that to get a paradigm change.
Right now, the choice is going to be for providers to go electronic or go manually, and we all want them to go into an electronic environment. So we need to keep building upon the benefits of what we want to implement with phase one HIPAA transactions. So extending the benefits of the ones that will have already been implemented to get the maximum use out of them by both sides, by both parties, might bring about this paradigm change.
DR. STARFIELD: Thank you. Well, I think what we will do is take this up again this evening when we decide on the work plan, or where does it fit into our work plan.
DR. COHN: Can I ask an unrelated question, of where this fits in the agenda? We have a thousand and some item data dictionary. Is that under maintenance of data content?
DR. STARFIELD: That is this evening.
MS. GREENBERG: Yes.
DR. STARFIELD: Well, we have a couple of choices to make now. We are not supposed to adjourn for another hour or so, and then reconvene, assuming we don't finish our business over dinner, at 7:30.
MS. GREENBERG: And also, we are on the Internet, and people out there think that we are meeting until 5:30 and then reconvening at 7:00 to 9:30. So to the extent possible, we should try to keep within the time frame.
DR. STARFIELD: Okay. So what shall we discuss for the next hour?
DR. LUMPKIN: How about the annual report?
DR. STARFIELD: We are supposed to stick to the agenda.
MS. GREENBERG: Well, we have already changed things around all day, so that is to be expected. These are always tentative agendas. But I would like to pretty much stay to the time frame.
DR. STARFIELD: Okay, we have a nomination for the annual report, or we could also go back to the unique identifier. Anything else, any other nominations?
MS. GREENBERG: How about the work plan?
DR. STARFIELD: The work plan. Kathy, do you have any suggestions?
DR. COLTIN: I'm just feeling like we have had a lot of discussion on all of these items on the agenda, and we haven't reached the point of being able to make recommendations to the full committee on any of them.
My sense is that, as painful as it may be, I think we need to go back and decide what we are going to say tomorrow when we report back to the full committee regarding each one of these. Are we going to say we have no recommendation, we have no consensus, or do we have a recommendation, and if so, what is it?
So I think we need to go back and revisit some of these, maybe before we move forward.
DR. STARFIELD: Yes, I think that is a good idea. So let's take it in order. Let's start with the payor I.D.
DR. LUMPKIN: I'm not sure what action we are being asked to do on the payor I.D. I think we discussed it, and we have taken a position on it.
DR. MAYES: You had made a recommendation. We were just providing the information, because there was some clarification that had been asked for in the last meeting. So we had just testified so that we clarified your issues, unless you wanted to change your recommendation.
DR. STARFIELD: I guess the only action type item you could take is with the NPI. The committee said we think you should go forward and publish this for public comment. We haven't specifically said that about the payor I.D. because there were questions from the last presentation. If you feel the questions have been adequately answered, at least to go out for public comment, I guess that is an action you could take. Am I correct on that, Bill?
DR. MC DONALD: I thought there were one and a half issues. One of the issues was, for want of a better name, the routing sub-I.D. or some chunk, and how will that be represented. I didn't think I heard that that was answered. I guess you wouldn't have to call it routing. You could call it the payor's own private use sub-chunk. Maybe it could be called router's number, but it had to be discussed with the industry.
The second thing was the question about why it was chosen. This is my question, so that is why I called it a half, why it should be pure numbers, and where is that coming from. Is that an industry requirement?
MR. ZUBELDIA: I know where it was coming from. I don't know why it has to be that way. But it is coming from the fact that if it is all numbers it can be included into a magnetic stripe for an I.D. card.
DR. STARFIELD: Would you repeat that, please?
MR. ZUBELDIA: If it is all numbers, it can be included in the magnetic stripe of the I.D. card.
DR. MC DONALD: I'm puzzled, because it has dashes in it. It is required to have dashes, which you can't store as a binary.
MR. ZUBELDIA: No, the dashes won't appear in the magnetic stripe, but the magnetic stripe will contain the ISO prefix for the object identifier and the I.D. number, and it is all digits.
DR. MC DONALD: It has to be?
MR. ZUBELDIA: Yes.
DR. MC DONALD: That makes sense.
DR. LUMPKIN: I would like to move that the committee approve the national payor I.D. as presented as a nine-digit number, similar to what we did with the other ones, that we recommend that while it initially will be a numeric, that we stake out the option to make it alpha in the future, and that in addition to the currently presented payor I.D., that we would suggest that there be some available place for routing the information for subunits of an identified payor.
DR. STARFIELD: Is that a motion?
DR. LUMPKIN: That was a motion.
DR. MC DONALD: I'll second.
DR. MAYES: Are you suggesting the number itself would include this routing information?
DR. LUMPKIN: No.
MR. ZUBELDIA: I would suggest that the payor I.D. not include the routing information, and that explicitly something like the routing information available today not be replaced by a payor I.D. So whatever routing mechanism there is today, it continue to exist without muddying the issue with a payor I.D.
DR. LUMPKIN: I think that was consistent with my motion, that there be additional consideration, which may be the current routing -- it could be any process that could be developed, but there obviously is a need.
DR. MC DONALD: Call the question?
DR. STARFIELD: Do you want to restate the motion?
DR. MC DONALD: I just seconded it.
DR. COLTIN: I have a question, given what we just heard about the magnetic stripe limitations, whether we do want to ask that further consideration be given to an alpha numeric.
DR. LUMPKIN: The reason why I said future consideration is because as smart card technology becomes more commonplace and available, then you are not going to have the same limitation of trying to put it on a magnetic stripe.
DR. MC DONALD: Is it that all magnetic stripes can't get alphas on them? That is puzzling.
MR. ZUBELDIA: They can get alphas in another --
DR. MC DONALD: So it is not an absolute limit there.
DR. COHN: Also, isn't this a hundred million numbers?
DR. MC DONALD: I'm sorry?
DR. COHN: Aren't there a hundred million numbers in the payor I.D.? So we probably have a couple of years.
DR. LUMPKIN: If the transitions are occurring as rapidly as they are in Illinois, I don't know. The motion was that we would support the payor I.D. proposal of a nine- digit number with provisions for the potential to move into an alpha numeric in the future, with the recommendation in addition that sub-organizational routing information be made available outside of the payor I.D.
DR. STARFIELD: As part of a data set?
DR. LUMPKIN: Yes, that there be provision to handle subunit routing.
DR. MOORE: That you would query the database to find the routing guide? Is that what we are saying? It wouldn't be part of the I.D.?
DR. STARFIELD: No.
DR. LUMPKIN: That is correct, it would not be part of the I.D.
DR. MOORE: My person says for me to let it go.
DR. STARFIELD: What's that, Bob?
DR. MOORE: I'm just teasing Bob.
DR. LUMPKIN: For instance, on the UB-92 it may replace the payor I.D., that five digit code we talked about, with this new nine digit code. It may allow the presence of there being a four digit routing code.
DR. MOORE: I guess what I am getting at is that not only do other people have to make changes, but organizations like Kepa's may have to make changes too in the way they route and process data, using the identifier. So by saying that we make this routing guide something else, that takes care of Kepa's problem, but it causes another problem for us.
Not everyone is going to come out a winner in all of the standardization. I'm not sure -- if I've got a nine position identifier, replacing a nine position identifier, how do they lose?
MR. ZUBELDIA: The concern that we have is that there is -- we don't have a program with a nine position identifier replacing a five position identifier.
DR. MOORE: But have enough specificity to use as a routing guide within itself, right?
MR. ZUBELDIA: And that is why I asked if they are going to allow us to request as many of those, and the answer is no. Therefore, I think that the other four position identifier cannot just be eliminated with a stroke of the pen, because we now have a nine position identifier that replaces a five, now we are going to get rid of the four position identifier. I think that is not quite apples and apples.
DR. MOORE: I just didn't want to jump on it today, because we have had exhaustive meetings for days on end on this, when that issue didn't come up, when we were down in Virginia and other places.
DR. LUMPKIN: I think my motion as I originally stated it is that there would be some provision for subunit routing. That could be accomplished by having a more granular use of the payor I.D. But I think it is a -- I'm just saying that I don't think we are trying to solve that problem here, to identify that the issue of sub- organizational routing is an issue that needs to be addressed.
DR. MOORE: Are you saying that I have to address that in the reg that is going to go out by the end of this month? Or can I do that when the final goes out, after I have published the NPRM, and get comments?
DR. LUMPKIN: Yes.
DR. MOORE: I'm not trying to get to the point where we get something out of the door.
MR. ZUBELDIA: May I suggest that the same as the payor I.D. is not going to replace the group I.D. or the policy I.D., and not replace the sub-I.D., either. It just replaces the payor I.D., not the payor sub-I.D. or the policy I.D. or the group I.D.
DR. MC DONALD: Who knows the routing information? I always worry about that when I start talking about transactions. Who will know to write it down?
MR. ZUBELDIA: The payor.
DR. MC DONALD: Yes, but the practitioner is the one that has to send it to get it routed, so it doesn't help any if the person they are sending it to know it and the sender doesn't know it. So I just want to work through that once.
MR. ZUBELDIA: Currently, the payor has the insurance I.D. card, which contains both the payor I.D. and the sub-I.D.
DR. MC DONALD: So the patient has it.
MR. ZUBELDIA: The patient has it, and they communicate it to the provider. Some payors will identify the payor I.D. and then they will say, if routing I.D., some will say payor I.D. and sub-I.D., one will just print one long number
PARTICIPANT: I am with Catholic Health Initiatives, and as usual, I come to this microphone to present the provider's side of this.
Right now, I have two different vendors providing my HIS. They both store a five digit payor I.D. I need to know if it is going to be nine digits or if it is going to be 12 digits or it is going to be 16 digits. My vendor needs to know.
For me to make a database change or for my vendor to make a database change, we may be talking about the year 2000 over again, because all the interfaces have to be changed when I send information off to the laboratory system, who also stores a payor I.D. I have to change all of my interfaces there. I have to change my laboratory system.
So the sooner a decision is made here, the better we who are the ones that are collecting the information are gong to have an opportunity to be able to provide it efficiently.
DR. MC DONALD: One last thing. Wouldn't that maybe be an argument for making a five character alpha numeric instead of a nine digit, 100 million digit number thing? Which everyone will maybe be happier with?
PARTICIPANT: I'm back. Right now, what we store in our HIS is a five digit numeric. To change that to an alpha, that is a major change in the system. You can't just wave a magic wand and say, now you are alpha.
DR. MC DONALD: It depends. If it is COBOL, you can. It is five positions. It usually means --
PARTICIPANT: No, it is defined as numeric. Unfortunately, most of the identifiers are defined as numeric and that is what the system looks for. So it has to be numbers. It can't put special characters in there or anything.
DR. MC DONALD: One last thing. I think the database probably wouldn't have to change, just some of your filters would have to change. My bet is the vendors have got those five positions.
MR. ZUBELDIA: In the clearing house we handle payor I.D.s with alphas and numeric both. The older systems were all numeric. What has happened is, the thinking went, if we have a payor I.D. that is five positions and a sub- I.D. that is four positions and they are right next to each other in the database, maybe we can just combine them into a one-position payor I.D.
The business function of those two fields is different, and I don't think you can just combine them just because you need to gain four additional positions in the database.
So this is going to require a reorganization of databases to allow for a longer field and to make sure that it is alpha.
DR. BRAITHWAITE: I think John's proposal is fair. It gives the team some negotiating ability. If it turns out that routing information can be derived from the plan I.D. and the group number, for example, making the sub-I.D. unnecessary, then we can go with the current procedure, and if it turns out to be necessary, then we can put it back in. I think that's fine.
DR. STARFIELD: It sounds to me like we are ready to vote. That is what we do here, we vote, right? All in favor of the motion, raise your hand. All opposed? Number one, done. Number two is the security standards.
DR. LUMPKIN: We're going to come back with a document.
DR. STARFIELD: That's right, we're going to come back with a document. The next one is the individual identifier. Actually, John, we had talked about this before, and you had a suggestion about how to present this tomorrow. Do you want to just tell everybody? Do you remember?
DR. LUMPKIN: What I would like to suggest is that we have a position that we re-emphasize our concern, which probably might best be part of our annual report. I don't believe that this committee, this subcommittee or this committee is in a position to make a decision. I just think there are too many questions here.
DR. STARFIELD: About what?
DR. LUMPKIN: About whether or not there should be a number, whether or not it should be a number and scheme. I've just heard too many questions here. I would propose that we look towards trying to make a decision at our next meeting. If there is a need to move forward in the implementation team, then we rest on our laurels of our past position. But I don't see us having the ability to change our prior position at this meeting.
DR. STARFIELD: The prior position means, should we have a number or not. The position is that we have it.
DR. LUMPKIN: The social security number or check digit coupled with privacy and confidentiality legislation.
DR. STARFIELD: The problem with saying that we are going to discuss it at the next meeting is that we have to have a mechanism to do the discussions.
DR. COHN: I think there is a spectrum of choices we have here. One of them is to obviously rest on our laurels and not to anything, but if we're going to do that pending November, we need to figure out what it is that is going to move us from here today not being able to make a decision, to having enough information, and whatever it is that we need to do so that we can make a decision in November.
I guess that is one option. Another option is obviously to come up with something that is actually a statement of where we are today, rather than not saying anything. I wrote down something, I don't know if it is very good or not or whether anyone would even like it, but that is another option.
What I wrote down here is, while the NCVHS has historically been in favor of a unique patient identifier and continues to be, we feel it would be unwise to proceed to identify and implement a unique patient identifier in the absence of implemented provisions to assure the confidentiality and privacy of health care information. Once we are assured of this protection, we recommend that the UPI be selected on the basis of the ASTM criteria coupled with a cost-benefit evaluation.
I'm not saying that we should do that, but that is a type of a communication we could send out.
DR. FRAWLEY: Building on what Simon just said, because I like what he had to say, one thing we need to think about right now is that most organizations do have a mechanism for identifying their plan participants, whether they are subscribers or patients, and whether they call it a master patient index or a directory service or whatever. They build on core data elements. Basically, what they have got is the name, the address, the date of birth, the social security number and some other identifying elements.
So I think that certainly at the best, we could preserve the status quo, which is that we have this mechanism, while it is not a unique number known to all. The problem that I have is that we haven't narrowed any of the choices down and gathered enough data to say to people, if tomorrow you had to comply with the ASTM proposal, what would that mean to your organization.
I guess I'm still at the point where I'm still not quite sure how the team came up with its recommendation. I still haven't quite figured that out.
Then secondly, I just don't think we have gathered enough data. So I think that we have our recommendations from the core data elements report. That certainly is the way industry has been working for awhile. I like the idea of coming to some decision at some point, but my concern is that there is a list of things that I would love to see us decide on. I don't even know if we have narrowed choices down or where we are.
DR. LUMPKIN: I would suggest that we do have an ASTM recommendation that we are mulling, and we have a prior recommendation of a social security number with a check digit. Given what we have gotten in the past, I'm not sure that having a hearing is the best way to resolve this. But I suspect that we may want to perhaps either post it on our web page that we are considering these two, ask for written comments, that we go with something along Simon's suggestion as an interim statement, and then revisit this issue, having gotten written comments back, having a chance to review in some depth the two documents that we have, and then use that as the basis of taking some action at our next meeting.
DR. STARFIELD: The two documents we have, you mean the recommendation from the team and the report?
DR. LUMPKIN: Right.
DR. STARFIELD: The report doesn't have a recommendation in it.
DR. LUMPKIN: That's correct, but that report, I suspect, now that we have received it, can then be made available publicly. It is that report for which we can also get some feedback.
MS. GREENBERG: I think we need some process for that. There is a thick report; we just got a new version this afternoon, so we need to agree -- you need to agree as a subcommittee that you will get comments to Bill by X date, so that we can finalize it and bring that to closure. Then we could make it available.
DR. LUMPKIN: I think it is a report to us. I think it would be clearly labelled as a report we commissioned.
MS. GREENBERG: Okay, I thought there was concern about not having an opportunity to review it.
DR. LUMPKIN: I don't think he said anything bad about the Pope or the Queen of England.
MS. GREENBERG: Then you need to agree that you have accepted the report as the final report of the consultant, and then it would be made available.
DR. COHN: Yes, I think it makes sense for us to review it prior to accepting it. But John, I agree with you that we don't need to somehow vote on it or whatever, in that sense.
DR. STARFIELD: Well, then let's set a date by which we all will have reviewed it and a mechanism for deciding whether we can circulate it.
DR. COHN: Yes, but of course that is a different question than the one we have just been dealing with, which is trying to come up with what we are going to say about unique patient identifiers.
DR. STARFIELD: About what? What we can say about what?
DR. COHN: We are discussing a different issue now than the issue of unique patient identifier. We just went off on a tangent, basically.
DR. STARFIELD: No, I think we are accepting the sense of your suggestion.
DR. COHN: Can we type this up and have us discuss it after dinner?
DR. STARFIELD: Yes, please.
DR. COHN: Because I don't think it is quite what everybody wants, I would suspect.
DR. MAYES: If I could, a quick question, Marj, for you and then two comments. I was under the impression that the identifier team also gave you all their matrix, in addition to their report. So you have three documents, not just two? Because that matrix actually formed the basis of how they came to their decision to do that. So I would suggest that you review that as well.
DR. STARFIELD: The trouble is, the rating doesn't support your recommendation, unless you are willing to say the difference between 128 and 131 is not important. The rating was higher for the modified social security number.
DR. MAYES: Right, against the criteria. Two comments. One, there will be privacy either regulation or legislation by the time this is to be implemented, so it is not really a question of if. The language in the law says that if in fact legislation is not passed, the Secretary by February 2000 --
DR. BRAITHWAITE: We all know how hard it is to get those regulations --
DR. MAYES: I'm just saying, according to the law. Then the third thing is to remember, it is our understanding that to utilize the social security number will require legislative change, because currently, the Social Security Administration is not allowed to use that number for identification purposes, only to identify social security accounts. So it is not just an issue of saying that you are going to use this number.
DR. COHN: I just actually wanted to make a comment about the fact that we would have privacy and confidentiality regardless. I do want to point out that in our previous report of June, we identified and actually recommended to the Secretary that there needed to be legislation, because the way things had been prescribed in the law, we did not feel it was going to be adequate. So I think that is the key response to your point.
DR. BRAITHWAITE: Could I ask the committee to specify a date by which I can publish on the website the Upperville report if I haven't heard comments or information to the opposite?
DR. COLTIN: September 15.
DR. STARFIELD: September 15, is what Kathy just said. So, September 15. And if you don't hear from everybody you will assume that they approve.
PARTICIPANT: I just wanted to make a comment, and make the committee aware of something that came up at lunch. Those of us that are in the provider end of this industry, those of us that are automated, have signed contracts with vendors to provide our computer systems to us. I worked with a lot of them. The contracts as they are written only provide that the vendors will free of charge provide us with changes that are mandated by federal statutes. So if you make recommendations but not make them federally mandated, then we don't have a hope of getting them implemented without great cost or a lot of time.
So I just wanted to make you all aware of that, and perhaps to raise your consciousness to that level. We need to know what the recommendations are, and we need to have them federally mandated in order to get our vendors to comply. Our vendors are generally rather slow, especially now, with all of the changes that they are trying to make by the year 2000. So the sooner that you can come up with your recommendations and make them federally required, the better chance we will have of implementing them.
DR. MOORE: The federal requirements will be in the regs that come out. Hopefully, what this committee recommends is also the same as in the reg. If there is something different in the reg and this committee has a recommendation to the Secretary that is somewhat different, it is the reg that is still the federal law.
DR. LUMPKIN: That makes us feel good.
DR. STARFIELD: The next item is on the recommendation for changing standards, and we have already decided what we are going to do with that. We are going to put that into our plan somewhere, whether this year's work plan or defer it to next year. We have to discuss it this evening, is that right?
Okay, Kathy, what else haven't we done?
DR. COLTIN: I think we have done as much as we can do until tonight, when we get the revised letter.
DR. STARFIELD: Okay. Can we adjourn 15 minutes early?
MS. GREENBERG: Yes, you can adjourn early.
(The meeting was adjourned at 5:15 p.m., to reconvene at 7:00 p.m. that same evening.)
DR. HUMPHREYS: We are going to outline these proposed changes in the NPRM, and we will be inviting comments on these, as well as on the recommendations for what the standards will be in the year 2000.
DR. MOORE: Betsy?
DR. HUMPHREYS: Yes?
DR. MOORE: I'm not sure we have told the committee, but some may know it and some may not. We are not going to have a separate NPRM for medical coding.
DR. HUMPHREYS: Oh, yes. The medical coding recommendations will be part of the proposed rule for the transactions. So this will be a nice large package for people to review.
At any rate, there are three areas in which we think improvements can be made. One is in the area of dental codes. As you know, HCPCS includes CDT, which is also issued as a separate by the American Dental Association. The format of the codes as issued in HCPCS and as issued by CDT as a separate are different.
This was brought up to us and they said, which way are you going to go? In HCPCS, the codes are preceded -- the first character is a D, and as issued by the American Dental Association, the first character is instead a zero. The reason why the D was substituted for the zero in HCPCS is because there is potential confusion and in fact, direct overlap with some CPT codes, if you view these CDT codes just in their plain form.
So what HCFA is doing is approaching the American Dental Association to see if we can eliminate the two alternatives and just go with the ones with the D at the front. If that happens, then the D codes will be issued only as the separate, and the duplicative codes will be taken out of HCPCS.
The second area has to do with the J codes, which cover drugs in HCPCS. These are not nearly as specific as NDC codes. The lack of specificity in the J codes in HCPCS is one of the main reasons that various insurers develop special local codes, because they need greater specificity in the drugs.
So the proposal is going to be to eliminate the J codes and to use NDC codes instead. This will mean that we are using NDC codes across the board for drugs, because as you know, our recommendation was already to use them for pharmacy transactions, since they are a de facto or actual standard for that.
So HCFA has gotten together with the FDA on this issue, and it looks like we will eliminate these drug codes from HCPCS and use NDC throughout.
The last category is the much maligned local codes, which is level three of HCPCS, which essentially gives each insurer the ability to define codes that they need because they are not available elsewhere. And of course, a local code is essentially a non-standard, we have to say.
For the Medicare population, Medicare providers, HCFA has been gradually attempting to eliminate these or narrow them by establishing a national -- by having a national process, where any local provider that needs to have a local code can register it nationally. If there already is one, they can be informed of that, and the number of these can be kept to a minimum.
What is going to be proposed in the NPRM is that we develop a similar national process to be used across the board, so that when the standards are implemented you may not have local codes that duplicate any of the standard national codes.
Apparently this is a big practice. People established these things ten years ago; now they are in the national systems, but they have never gone back and deleted them. So the standard will essentially proscribe against that practice.
With the elimination of the J codes and the much more specific NDC codes becoming the standard, this will eliminate a lot of the reason for many of the local codes, in fact, perhaps the bulk of them.
Then what we are proposing is the development of a process for people to say, I need an additional code for this purpose for that to be made available, probably in an electronic format for anyone to use, once it is registered in between official editions of HCPCS, and then everyone can use that one for that purpose until there is a formal update.
What we are going to be doing in the NPRM is outlining these. Because they have not been proposed by the committee before, we are essentially coming up with these proposals in reaction to comments that we have already received from people about what they would like to get rid of. We will focus people's attention on these changes in the NPRM and ask for comments on them and suggestions related to these recommendations.
We just wanted to alert you to this. I think myself that it is very much in line with your recommendation to move as quickly as possible to get rid of some of the procedure coding problems. I think this will be a good start in that direction.
I can take questions if anyone has any. Otherwise, that's it.
DR. MC DONALD: The NDC codes are a big advance, but we have run into trouble in terms of our local hospital. There are a whole bunch of codes that a drug company may generate because of a special contract. The database people that translated the more generic ones don't know about them unless we submit them to them. Is there some national place for all the bidding, special NDC codes, are registered?
DR. LUMPKIN: Sure there are.
DR. MC DONALD: See, the NDC code is like UPC code.
DR. HUMPHREYS: What you're saying is, as I understand it, and I will certainly assert right up front that I do not yet have the amount of expertise with NDC codes as I will probably unfortunately soon have, but I do think I understand this, which is that a portion of the code is basically identifying the manufacturer, and then we get down to the point where the manufacturer is actually attaching numbers to make the specific NDC codes.
If you are asking me whether there is a national registry of, every time each manufacturer generates a new NDC code, I don't know the answer to your question. But I will find out.
DR. MC DONALD: About 20 percent of the drugs at our university weren't loaded into a very large database, because they generate a special billing arrangement with an institution. They make up a new code and send it that way. So it might be hard to equivalence NDC codes as to what they really are in these circumstances. For the local pharmacy, I don't think that happens.
DR. MOORE: That is not my experience, Clem. We use Medispan for research. As long as you continually buy the updates and have the historicals, it matches really well, at least with a lot of the drugs that I am familiar with.
DR. MC DONALD: We take our whole formulary, and i can tell you, there is a --
DR. HUMPHREYS: I guess we probably need to look into what are all the problems and where they came from. I think myself that getting rid of these much less specific HCPCS codes and then having the NDC codes used in the pharmacy transactions and in the ones coming from other in- patient settings and whatever, to me sounds like a great advance.
As I say, since I was not the one that negotiated this and got this going, Pat Brooks and others at HCFA are the ones that did it, I believe that HCFA deserves a lot of credit for moving in this direction.
DR. MOORE: One of the things, in reference to Clem's issue, we do the rebate process for the Medicaid, where we get all the Medispan red book and blue book on tape, we get the codes, and we work that out so we get the specific utilization from the states. I don't think we have any problem in coming up with drugs that are not there, because we go back to the states to get the rebates from all the manufacturers.
So I think we can check on that to see if there are a lot of drugs that are missing. I'll talk to Betsy about that.
DR. MC DONALD: Well, the drugs aren't missing. It is just the very specialized NDC code.
DR. MOORE: The codes. I can assure you, if there are drugs being given and we don't have a code to get our rebate, we get very upset.
DR. MOR: I think the one area where you are going to have to watch who is responsible -- I still haven't figured out how this is supposed to happen, but when one pharmaceutical company buys up another, there is a merger of the four digits of the NDC code that occurs at some point, and they have to come up with a new one. I think this is how it happens.
When Burroughs go to Wellcome, they create some things that are independent an they manufacture from that new label on. So one needs to keep that updated.
DR. HUMPHREYS: If they do that from the new one on, we don't have a big problem.
DR. MOR: Right.
DR. HUMPHREYS: Thank you. We will be sure that we understand that.
As I say, I suspect that there may be aspects of all of these changes which deserve comment, and we can get constructive suggestions from the field. As I say, we will be highlighting these proposed changes. They don't actually relate to the standards; they relate to what will HCPCS be in the year 2000 when it becomes a standard. We still expect it will be one of the year 2000 standards. It is a question of whether it will be improved in this way between now and then.
DR. COHN: I just wanted to congratulate Betsy on these improvements.
DR. HUMPHREYS: Well, I don't deserve the credit, but I think they are improvements.
MR. ZUBELDIA: I would like to bring to the table a couple of things that need to be looked at. The first is the difference in length of the code. HCPCS codes are five digits long, and NDC are much longer and will not fit into the current adjudication systems in the field.
The second is, the HCPCS code, although it is not very specific, it will say things like, Prednazone, 50 milligrams, where the NDC will have all the dosage forms from the different manufacturers. So you are going to have a number of codes that correspond from the NDC to the HCPCS. It is not a one to one relationship. That may create problems in the conversion.
In fact, things like Prednazone 50 milligrams could be coded using NDC by taking five milligrams at a time, or ten milligrams or 20 and a half, two pills of 20 and one split that you take every day.
DR. MOR: No, the NDC code for Prednazone 20 will be explicitly 20 as the mode. If the person is taking tens --
MR. ZUBELDIA: No, if the person is taking 50 and has to take two 20s and a half, --
DR. MOR: But they will be actually coming in at two different NDCs, because the actual dosage is embedded in there.
MR. ZUBELDIA: Okay.
DR. MOR: No, the pill dosage is in there. It doesn't count two and a half pills.
MR. ZUBELDIA: So it may create a humongous explosion -- that is a technical term -- of the number of codes used in the medical practice. That is just something to consider. I don't want to -- it is not a question, it is something to look at.
DR. HUMPHREYS: I think the issue here is that in many environments, this data is being recorded at this level, and there are a variety of systems and there will be more by the year 2000, or more approaches to being able to correctly aggregate them, as I am sure Vince has had to do in his research, because he didn't really care who the manufacturer was.
DR. MOR: Not one whit about who the manufacturer is. Medispan or any of the others will give you exactly -- depending on how detailed you want the codes to be. It is a big table, that's all.
DR. HUMPHREYS: At any rate, I do think that one of the issues that will clearly be there for people implementing this, and it is a good issue, is the fact that yes, these codes are longer and people will have to be prepared to deal with it.
MS. NARSCISSI: Jean Narscissi from the AMA. I just wanted to make a comment on the dental codes. The dental CDT codes start with a zero. There is a conflict with the anesthesia codes for CDT. So that is why HCPCS started using the D years ago.
However, in an electronic transaction, there is always a qualifier that tells you the source of the code, so it really shouldn't make a difference if you are sending a dental code that starts with a zero or an anesthesia code. If you eliminate the possibility of allowing the ADA to expand into that extra digit, there may be a problem in the future with the codes.
DR. HUMPHREYS: I think that clearly, this whole thing is going to be discussed with the ADA. Those discussions are already starting, about how to deal with this.
MS. NARSCISSI: I just wanted to let you know that that is how the transactions work. They will know the source, where they are coming from.
DR. HUMPHREYS: Thank you, Jean.
DR. MC DONALD: Just to clarify some of the differences in what I have said and what other people are saying, you don't get detailed -- this is in-patient I'm talking about -- you don't get detailed prescription items and information from in-patient. So it will still be consistent with our experience.
DR. MOORE: You get the J codes.
DR. MC DONALD: From in-patients?
DR. MOORE: Yes, or they are aggregated. But this will be moving to a level of specificity that we are hearing from the managed care industry and health assessment group.
DR. MC DONALD: I'm just warning you, you might find this a little bit of an edge, where there is a whole bunch of special contract codes. Maybe it is ten percent, but it is more than ten in our environment, in the in- patient environment. I don't think occurs in out-patient, because they don't have these special deals with all the pharmacies.
DR. STARFIELD: I have a question about why the drug codes were put in that way. For clinical care, all you need to know is a unit dose and then a multiplier. Is it people of billing?
DR. MC DONALD: It is an FDA regulation. It is a UPC-like environment, where the manufacturer can just manage their own life. What they are required to do, any change in packaging, different color on the box, it is a different NDC code.
DR. HUMPHREYS: Well, it is also for pharmacies and for -- both in the in-patient free-standing pharmacies. It is a benefit to them in inventory control systems, where they have to know how many hundred-pound bottles are left and how many they don't have based on their needs to dispense those, either within the hospital --
DR. MOR: It is all business. It has nothing to do with clinical care. It is only business, business management.
DR. HUMPHREYS: Well, I guess making sure you have enough there is related to clinical care.
PARTICIPANT: Just as a point of reference, we are beginning to code our chargemaster with the NDC codes. So I am very glad finally to hear that I am in congruence with what NCVHS is going to do, possibly.
But I would also argue that this has clinical relevance, and the reason that we are using NDC is because of our clinical decision support system. That is the only way that I could find to be able to determine what actually was being administered to the patient. And in-patient versus out-patient, it doesn't make any difference.
So although it is still a problem, because I don't have enough space to code NDC, luckily I have a user defined field out here, which is what I am going to use.
DR. HUMPHREYS: You'll find space.
PARTICIPANT: But this is again my dead horse, of changes that are made. Whatever their field sizes, we have a real problem with them. But we are using NDC.
DR. HUMPHREYS: Great, thank you.
DR. STARFIELD: Any more comments? There are other issues that we need to discuss, although I am not sure where they come from.
DR. COHN: Is this a chance for us to discuss the data dictionary issues?
DR. STARFIELD: Yes, I think that is what I was just about to say. Do you have a comment?
DR. COHN: I hear that Bob Mays is actually the person who might have any input that we might have about the data dictionary.
DR. MAYES: All of you were sent a relatively simplistic report, although quite a fat report of the data elements that have been input into our data dictionary at this point. I believe they are all the X-12 transactions, except for the first report of injury which was still coming in from the contractor at that time.
There were some questions as to what format to give you this report in, and whether it would be most efficient to give you, as we did, a single report which basically lists each element, the definition that we have for that element, as well as all of the various transactions that element is found in, or whether you should get a separate report for each transaction and do your own collating.
But the reason I bring that up is that I think it is becoming clear to a number of us that this data dictionary effort has far-reaching implications, and may in fact be fundamentally one of the most important things that comes out of this legislation, particularly as we move forward to considering the broader standards for computer- based health records.
So certainly as you work through this, we would be very interested in any comments you have about how to really make it more accessible, the kinds of drilling down or the views that you would hope to be able to get out of this, so that we can continue to enhance.
I will be the first to admit, this is a rather crude attempt that we have done. It was really a very overwhelming task to get these thousands of elements in some form input into something that we could give you a report. But we do not by any stretch feel that this is where we want to end. So we are more than welcome to hear enhancements that you would like to see, or just where it doesn't meet your needs.
DR. MOORE: One other thing for your thought process while you go through this. In the reg when it comes out will be an addendum that will identify each of the transactions. That addendum will list the name that you see here for all the data elements in that transaction. Then there will be something in the reg that says you need to go to Washington Publishing where we will have the definition and the description all laid out for all of those transactions. That will be accessible to everyone through their website.
DR. STARFIELD: Free.
DR. MOORE: We are working on that. We are working on free, but we haven't reached free yet.
DR. MAYES: Obviously, the very limited amount of information on each data element that you have gotten in that report is inadequate. Unfortunately, some of the attributes of the element need to come out of the implementation guide, for instance, their position in the transaction and that sort of thing. Those are still being worked upon as the guides are being developed which is why we didn't include them in this report.
DR. MOORE: One of the other things, too, in that dictionary will be all the code sets that go with these data elements, so you can look at what that is, and it will be set up in such a way that a systems person can go in and just pick it out and then take it down to their system development, without having to recode it and redo it, which is a big problem with accuracy and relationship of the data set. I'm sorry, Simon.
DR. COHN: Oh, no, I actually thank you for making that comment, because I think probably both Clem and I were going to jump in on some of this. Certainly it is an impressive amount of paper currently. It isn't unfortunately very much value. For it to be of value to the committee, which is obviously very concerned with issues of comparability of data, you obviously need to know the definition of the field which you have here, but you also need to know what the code values are to identify comparabilities or incomparabilities between the standards.
Now, obviously this is just a start. For the committee to really be able to find use for this, we need to have included in here and NCPDP standards, for example, so that we can begin to look at cross mappings around data definitions and either comparabilities or incomparabilities of the values. I would actually even suggest that we need to have HL-7, at least some of them.
DR. MAYES: At this point, since HL-7 isn't one of the standards being put forth, HL-7 is pretty broad.
DR. COHN: I think that would certainly be something we should talk about, but certainly you would agree that NCPDP needs to be in there.
DR. MAYES: Absolutely.
DR. COHN: And it needs to be referenced in a way that we can see -- is it in there?
DR. MOORE: I think NCPDP -- we have talked to them and they have given us their data dictionary, and that is supposed to be incorporated as part of the transaction set, because we will have an institutional claim, a professional supplier claim and a dental claim and the pharmacy claim.
DR. MC DONALD: There are a number of questions. It is a good effort; I'm really glad you did it. I would love to see at least the short list of code fields, the actual content in that document, because some of the fields, you can't tell what they are without seeing their code list.
The second thing is, there are a couple of things that I think could be better, but I don't know how deep you have to dig to make it better, whether it is just the list or even the standards. But mostly, the most set of dominant things is the first word; they sort out all together. But then you have other positions and you have a surgical position, so you don't find all the position terms. You might want to think about flipping those, so you would have the hierarchy of words or meanings, so you can find the stuff you want.
I didn't study it real carefully, but I think I saw amino acid doses in there twice, sorting out somehow differently, so maybe they have different meanings.
The other thing is, level of specificity in there is something I have seen in a database with, John Jones is a field in one record and seeing patient name in another record. You in fact have something in there like a test code and then you have something called PO-2's and you have something called creatinine and then you have a bunch of other ones. I think that is going to cause a mess for the world.
There have been some questions raised about getting the so-called attachment clinical data out of that billing thing so it can be more aligned, so all the clinical data lines up, and get it out of the field definitions and into tables, like NDC. So you are not dealing with a field like penicillin. That is about the level you have got in there. No one would ever build a system like that who was building laboratory clinical systems. You are not going to see a code in there for penicillin, but you would see a code in there for PO-2.
DR. MAYES: There has been no normalization.
DR. MC DONALD: This is stronger than no normalization.
DR. MAYES: I'm just saying.
DR. MC DONALD: This is not database normalization, this is conceptual normalization. It is going to be impossible to suck stuff out of clinical systems with those kinds of field definitions in there.
DR. STARFIELD: That was some of my concern, too. This is enormously helpful, because it lays out in front of us just what we need to deal with. But you look at it, and it doesn't seem to have any clinical utility at all.
DR. MC DONALD: I think it is good content. It is this whole -- I'm sorry.
DR. STARFIELD: I'm sure the content is good for something, but it isn't nearly good for a lot of the things we were considering when we were talking about the core data element.
Let me give you an example. It has got something in here called vertical dimensions of the subscriber. It is listed under subscriber height. If you read that literally, -- and in fact, it says it is on the enrollment file, which is silly. As a pediatrician it is silly, as a geriatrician it is silly.
But anyway, I realize this comes from X-12, but I really want to know how things get in there and why, and why some things are missing.
DR. MOORE: This is really more than X-12, because there is a cleansing process that is going on with the transaction teams as they go through the transactions. So if the wording is skewed, we need to know. We are trying to get it all documented, and it was never documented before.
DR. STARFIELD: It is terrific. It is terrific to have it, because you can really see what is there.
DR. MAYES: Yes. Actually, I think there has been some discussion about how formal of a data registry we want to create. There are certainly some who feel that this level is probably adequate, and there are others who felt that we really need to take a much more formal approach, because we want to be able to extend this outward.
There is some utility in putting together this list of data elements and saying let's work through them and we'll satisfy it. But this is going to be an ongoing process, so we would be quite interested in having the committee weigh in on their recommendations as to the kind of approach we want to take that will sustain us over the longer period as well.
DR. MOORE: We spent a lot of time debating the core data elements which were about 40 or so, and the definitions of those, if you recall.
DR. STARFIELD: Right, and it didn't make it into here in a lot of cases.
DR. MAYES: We actually have it in there; it's just not printed out. We asked just for the printout of the X-12 transactions. We do have the core data elements in there, we have the NCPDP, we've got --
DR. STARFIELD: In my computer, I searched for reason for visit and didn't find it.
DR. MC DONALD: I hate to harp on the theme, but the problem isn't to make a data model of this. The problem is eventually to do it differently. You could have instead of a 1,000 field, 300, and do it much clearer to everybody, but you don't quite have that freedom because of the history.
For example, some of your fields are all separate, and you have name, first name, last name, middle name, and the other ones is address where it is all glommed together. There are irregularities all over the place. It wouldn't take tons of work, because it is not a huge conceptual world space, it is just historical accidents that have made it pretty messy.
I really worry, if this becomes the template on which we (recording interrupted) at the same level as putting Mr. Jones in as a field.
DR. STARFIELD: Well, where do we go from here?
DR. COHN: I was actually going to ask Clem, in what form would he find this useful? I have some thoughts, but I'm sure --
DR. MC DONALD: This is a useful document because it reflects in a way that you can actually see it what are all the fields in a database. It is very useful, and it reflects probably very accurately what is in the messages. It is just that the conceptualization of the messages is a pinch of thyme and the head of a horse and an apple. They are all just kind of jammed together.
DR. COHN: But would it be more useful if this were for example in a data model type format?
DR. COHN: There is a data model underneath this. You can kind of work through it with the names. The real issue is, the data model isn't very abstract in some areas and it is very abstract in other areas, and I think getting to the same level of abstraction is what would make it strong.
It gets a little bit more complicated, because X- 12 like HL-7 has some of these things -- you can have multi- potential uses. So when you actually look at the fields and the segments, you can't necessarily know what they are. But I assume you have defined that from this activity. You pulled that level of information out.
DR. MAYES: Yes, that is what we are actually struggling with right now. That is why some of these things -- we have had to actually -- when you give us a definition, some of these things have not been defined, even to that gross a level. Now we are trying to work through with X-12, for instance, and the implementation guys, to get it down to that contextual level what that needs to be.
MS. GREENBERG: Just following up a little how this can be used and might be more helpful, first of all, I was very glad to get it, because one thing I had been trying to find out for some months was whether race and ethnicity was collected anywhere. I didn't think it was in the encounter transaction, but I wondered if it was in the enrollment transaction. So when I looked it up, I found race or ethnicity, and it is apparently in two implementation guides.
Since it is in the enrollment implementation guide, I assume it is in the enrollment transaction, is that correct? I don't know what this other transaction is, health care services, request for review and response. Anyway, but knowing this, I am just wondering, when this comes out, ideally what you could then do would be to drill down and find out how is race or ethnicity actually defined in this. I guess since you have two different transactions, there is a possibility that it is defined differently in the two of them, though it may not be.
But when there is multiple transactions, I assume we should not assume the code set is the same in each one of them. There is a possibility it wouldn't be the same, is that correct?
DR. MAYES: There is, although one would hope that the code sets would be compatible. If you gave a value of one in one code set, it would have the same value -- one would have the same value in the other code set. One code set might have a value of five, which didn't appear in the other one because they only went up to three. Do you see what I'm saying?
MS. GREENBERG: Yes.
DR. MAYES: In broader terms of data dictionaries or modelling data, you probably want to separate the concept, say for instance, the concept of gender from the specific data elements or implementation or context specific things.
MS. GREENBERG: You need to know the code set, though. This only tells me that it appears, race or ethnicity, and probably not both.
DR. MOORE: When we looked at the code set, it would appear that our reg would be about two foot thick if we printed it out. If you took all the different code sets of everything, and we felt that was more than we wanted to put in the reg that might be also printed, so that we would say, the code sets are going to be stored in the Washington publication, and you can go there and look at that data element. If you want to draw it down and look at it, that's fine.
DR. MAYES: One of the broader issues is this issue of version as well. Right now, we are just looking at this as one point in time. It becomes fairly critical. Let's say you start out with a version of gender, and you have one, male, two, female, three, not available. Then you decide that in prenatal care, we really should have something called indeterminate, because if you are dealing with fetuses there may be a value in indeterminate.
Well, you don't want to go, the new version goes one, male, two, male, three indeterminate or not available, because then you are not compatible with your earlier version. There are a lot of these issues.
DR. MC DONALD: But they go deeper. If you have a code set -- if you look at the names of these things, and you look at things that have the same exact name on them, when you look at the list, they are called by something completely different. It is not like adding a code.
The second thing is, the code sets should probably come from some kind of an organized world where you don't have to worry about adding on, because it won't be a replacement. It is not going to change the numbering, that kind of stuff.
If the code sets are very often one, two, three uniquely, that is a big problem. I think you would like to have some bigger space, like if you have colors. Well, I don't want to get too far off, but I would -- and then the other thing is, some of these code sets in the X-12 world, they just have one big code dictionary, so pig iron is mixed in there with jet planes and all these other things. So you can get units of tests mixed in with units of pig iron, and you don't need all that.
I plead with you to talk with Stanhof, where they are working out a way they could work across these standards for the planning fields, and then have a list of code sets that is legal for those fields, often from some larger code set. That is number one.
The second thing is, what we really have to end up with is atoms that don't change. God would have a tough time making the world if the atoms were different every time, and every molecule is different. That is what happens in these things. If we get the atoms the same, we'll have fewer things to deal with.
So when you make up your message, you pull them from the different questions. You can make up a lot of messages that way, and no one is going to care, because it will be well defined by the --
DR. MAYES: That is one of the problems, in fact, is that what we have now is, we have some of these elements which really at the concept level being treated as if they are atomic, and others at truly the atomic level. They are just mixed in willy-nilly across some of these things, when you start looking at it. That is a big problem, and it is going to be a real big problem if we don't structure some way to identify where they should be. Do they need to be more broken down? Are they at the right level, or whatever.
DR. MC DONALD: Well, again, a plea to put the broken stuff in separate tables. There is a way to get from here. This is like the beginning of the universe. This is going to freeze a lot of stuff, for better or for worse. We're going to have trouble going in a whole different direction if we do this one wrong.
DR. MOR: Is there some plan to have this embedded in a hypotext structure?
DR. MAYES: This is an activity that is actually receiving a lot of attention internationally. There are a number of groups that have begun work on doing just that. The Australians have a pretty nice model. They have a national health data dictionary that is linked to a national health information model, which is up on the web, which allows you to drill from data collection tools any way you want.
EPA is working on this as well, and the Department of Defense is also working on this. Those are all based on international data representation standards. So we would hope that we could begin to draw in all this other activity.
DR. MOR: Because when Marjorie was asking about race/ethnicity, I assume you were looking under R. Well, it is also under S, under subscriber or something or other.
DR. MAYES: Right.
DR. MOR: Because it is a preface. It will appear in multiple locations as a function of exactly -- you are using a direct translation of what the label is from all these various code sets. So there are many duplicates of the same things here that are just said over and over again, but that is an intellectual process of mapping, or you need some translation.
DR. MAYES: And that is where this idea of splitting out for representational purpose the conceptual level from the actual data element level. Yes, in different systems there are perhaps legislation reasons for labelling an element differently, and yet they are really talking about the same things. If you can build a map it becomes more obvious where you have overlap and even more important, where you don't actually have the same thing.
DR. STARFIELD: I can't even tell from this what a subscriber is. What is a subscriber? It is a policy holder, right? You absolutely can't use this for individual encounters, right?
DR. MC DONALD: That level is often very important when you are getting down to defining what goes where. I wouldn't be too hard on that, except there should be a bigger definition somewhere.
DR. STARFIELD: I'm just trying to think of how you use this.
DR. MC DONALD: This is used for billing.
DR. STARFIELD: I understand that.
DR. COHN: And cleaning this up will help everybody.
DR. STARFIELD: How can we help you get there?
DR. COHN: I was actually going to ask him what he was thinking about doing, and then maybe we could find out.
DR. MAYES: I think that Bob had talked about it. One of the things that the teams are actually doing is, we are trying to work with X-12 in doing some of this cleanup, looking at this now that we have got it, and find out where do we have things that are called the same thing and don't mean the same things, that are called different things that mean the same thing and that sort of thing.
Now, this committee started to do that the last time we met with the NUCC thing. They started going through element by element, and if you would like to continue doing that, here is the bigger picture.
DR. STARFIELD: But there is some disconnect here. I think we can all agree that there is going to be less and less billing for these kinds of things, as we move to other forms of payment. It is happening; we don't even have to project into the future.
Our whole effort as a committee in the past has been to try to think about better uses of data, not just for billing, and to keep on in the same mode doesn't seem right on any level of discussion.
DR. MAYES: Well, I would agree with you actually in the broader sense. That is why I prefaced the whole thing by saying I actually think that this is probably an activity that has far more implication than most everything else we have talked about.
However, we are proposing ten transaction standards, and those at least at that level have got to be - - we have got to start looking at normalizing. That is what these are. This may seem like a lot, but it is really just the elements from the -- not even the ten, because it doesn't have --
DR. STARFIELD: But what we do shouldn't be incompatible with what we end up doing for the computerized patient record. So we really have to think about that.
DR. MAYES: So whether or not you as a committee want to struggle through looking at each of these data elements and saying I think it is good, I think it is bad, I don't know, that is a lot of work. If you are individually interested in that, maybe Clem would like to do this reading. We would certainly welcome any input like that. But I would say it perhaps might be better if you could give us -- or begin to think about the broader implications of data dictionaries, registries, whatever you want to call them, and the kind of approach that really makes sense, make sure that we don't get bogged down in, as you are pointing out, minutiae, which then really doesn't lend itself to tell us much about the large picture.
DR. COHN: I find myself in a funny position, and maybe Kathy Coltin may feel the same way, since we are both representing relatively advanced health maintenance organization environments. I have to observe that money hasn't gone away in my environment. People still bill me and I still bill them, and I get a paycheck every so often. Money is still a very important thing.
I think to somehow say, we aren't going to bill anymore, therefore X-12 transactions really aren't important. Therefore, we don't need to clean up this area, is a big, big mistake.
DR. MAYES: Oh, I'm not implying that at all. We are going to go ahead and clean this up. Whether you want to be involved in the detail cleanup, that is up to the committee.
DR. COHN: Well, having tried to clean up a little bit of it previously, I would love to review it as you begin to clean it up, but I don't think I would volunteer my nights and weekends to clean it up.
DR. LUMPKIN: Just an interesting little tidbit, to back up what Simon was saying. I think in many ways, managed care may be a misnomer. Perhaps managed fees might be a better definition. Of Americans involved in plans, I think the CDC reports that 58 million are in HMOs and 90 million are in other types of managed care arrangements, which tend to be more managed fees rather than managed care. So I think we are going to be around for a long time, looking at details of traditional kinds of service arrangements.
DR. STARFIELD: Yes, but what we do should not preclude making a better system for other purposes as well, for other modes of payment.
DR. MC DONALD: For some of this, there is a better system. I am very interested, because I have worked in it for a long time, in HL-7. I have also been to X-12 meetings and I was at the christening meeting for the 275.
But the problem is, if you don't see what is going on and you are casting these structures, you don't have to go to Australia to see some pretty neat stuff. I would suggest going to NLM and talking at length with Betsy Humphreys about some of the structures they are building, and get more familiar with the modelling that is going on in both X-12 and HL-7 at that level.
It is not just the modelling; it is a semantic understanding of what the stuff is. There was some discussion of trying to extract out and separate out the clinical attachment stuff that is in the bill. Where does that stand? I know there were arguments underway in the department and various places. Is that still alive?
DR. MOORE: We're going to discuss that. That is still alive.
DR. STARFIELD: Yes, as the next item on the agenda.
DR. MC DONALD: I'd like to fan that item.
MS. GREENBERG: If one were interested in 20 of these elements, do you have a relatively easy way that one could find out how they are actually -- what the code sets are? Right now, I gather if you try to go to the Washington Publishing Company website, you have to give them a credit card or something, is that correct? Thirty dollars or something?
DR. MAYES: Some of the smaller code sets we have put in, the larger ones we have simply referenced. For instance, if it says ICD-9, we don't have -- we're not going to put stuff there.
MS. GREENBERG: But for example, race or ethnicity.
DR. MAYES: Yes, we can get the code sets that --
MS. GREENBERG: So we can get the code sets to you and someone can give us the answers?
DR. MAYES: Yes. Do I understand then that the committee would like us to take a -- do you want to put together a recommendation for the type of approach that you think would be most helpful for us to follow, in terms of the data dictionary effort?
DR. MC DONALD: There is a question about how much is anchored. Right now, you are dealing with balloted standards, aren't you? What can you change?
DR. MOORE: I think right now, the effort to get to here is to come up with some standardization in naming and describing and getting agreement with the X-12 people and the other federal people who are involved in that, now going back to look at where there is redundancy and overlapping; we need to do that.
Then we intend to go like that, because that is going to be all the time that we have. To get deeply into doing some of the things you were talking about, Clem, I won't get this reg out soon. I want to put that with the information. Does that mean we can't go back and clean it up and refine it and improve it? No, it doesn't mean that. But right now, we need to get something out to people to tell them what it is that we are saying in these transaction sets, and how they can make the best decision they can as to, does it meet their business needs.
DR. MAYES: We can get that report out of a whole lot of different structures, in terms of data dictionary structures. So it would be useful to have some input as to what you see ultimately the goal of this whole exercise is, beyond just the NPRM publication, so that as we continue to build the structure and input the data and describe the attributes of the elements, it will lend itself without further analysis down the road.
DR. STARFIELD: Well, how can we be helpful specifically? You've got to move -- and we would like to see you move ahead.
DR. COHN: I think what you are describing in the near term makes a lot of sense. It also includes NCPDP in the mix, and getting it cleaned up is part of it, and provides a good foundation.
I think I have some ideas, and Clem probably has some ideas. I think we would be happy to provide input as you move along. I have other people also in my organization who are going to be responsible for many of the data dictionary activities in X-12.
DR. MAYES: Yes, people have looked at X-3, for instance, which is the data representation group.
DR. STARFIELD: But we ought to have some input from someone who is thinking about the computerized patient record.
DR. MAYES: Right, and that is the concern. We share the same concerns. We don't want to -- because of the fact that we are under a time constraint and we are currently looking at ten specific transactions, suddenly lock ourselves into a model that we are going to regret six months from now or ten months from now, when we then begin to turn our gaze towards broader issues.
DR. MC DONALD: The actual claims has a ton of clinical data in it right now. It is called attachments, but it is attachments going forward. Then there are attachments coming back. The attachment set is very, very rich in clinical data. If we don't get the clinical stuff straight before that gets frozen, we might as well forget the medical record, at least a nice one.
DR. MOORE: The claims attachment is not coming out until next year. We are looking at those things being defined in there for that.
DR. MC DONALD: But half of that is in the claim. I didn't realize that. I don't really understand these fields. There is a way to represent the -- what is the claims bill, 837? It has got a gazillion fields. It must overwhelm anybody trying to write a program. I used to think of them that you had these row, the billing item and the charge and the fee, and it goes on and on. You've got records for implantable pacemakers, you've got records for all these things.
DR. MOORE: That is one of the things that I think the attachment team is beginning to address. Over the years, instead of looking at another way to put the clinical in a separate envelope, they just made it another loop in the claim. Maybe we need to take that out as we get further into this.
DR. MAYES: That is certainly the philosophical position starting point for the claims attachment group. They feel a claim should be stripped to really its essence, and then attachments should be standardized. But there are going to be many different attachments, because there is a whole variety of situations that are still somewhat standard.
DR. MC DONALD: The atoms should be standard. Then you can group them any way you want. It is not expensive.
MS. NARSCISSI: I just wanted to make a comment on the 837. That is how it is built. It is like this monster transaction, and several implementation guides are built from that 837, the institutional, the non-institutional, the dental. There are just a number of them.
What the NUCC dealt with was trying to look at a more or less traditional kind of claim, the core claim. Yet there are still the DMEs and the labs and everything else that get thrown there. So hopefully, maybe not by October, but we can all help you work on this.
MS. STAHLECKER: I am helping to work on HCFA's proof of concept project on the attachment. I don't mean to jump into that agenda item, but I did want to at least say to the group that yes, that was not an initial objective of the attachment proof of concept, but early on as we started to look at the data content and formulate our tentative structure for the attachment, it seemed to make sense to make a recommendation of how to lighten the load of the claim or the 837.
So that would be a suspected recommendation coming forward out of the attachment proof of concept that we are conducting.
DR. STARFIELD: It also is obvious to me why some things are in here as part of the claim. Height and weight are --
DR. MC DONALD: It is the stuff that they use to verify the dose (words lost) it generates these things. You've got little pieces of Velcro and you throw it in and you pull up the whole city.
MR. ZUBELDIA: On the interactive claim, we have taken exactly the opposite approach. We took out all the attachment information, all the certification information, all the information that would be in the payor's files already, that doesn't need to be conveyed with a claim for payment.
That is why it is important for us to continue with that work, so we can show a clean claim without any of this clinical additional information that doesn't really belong in the claim.
DR. STARFIELD: Doesn't really belong in the claim.
DR. MC DONALD: By the way, Chris taught me a lot of what I know about attachments.
DR. MOORE: I wondered why you were so knowledgeable.
DR. MC DONALD: Knowledgeable? I was overwhelmed.
DR. STARFIELD: Maybe it is time to move into the claims discussion. Bob, you got at least a feeling from us to talk to the --
(Simultaneous discussion.)
DR. COHN: I was just going to ask, Bob, what is your time sequence and dates and all of this related to this particular piece?
DR. MAYES: I think actually by now, we have the first report of injury. So we really should have input into our basic database all of the elements, each of the X-12 transactions, including NCPDP represented. So over the next four to six weeks, the teams will be looking at those to try and find out at least if there is any gross duplications or obvious representation problems.
There were no names for these elements, so some of these names are just taken -- as was pointed out, they really were taken off the values list, because we had to come up with something to name them. So there will be some activity over the next four to six weeks, working with X-12 as well, to try and one, be sure that we don't have these kind of inadvertent duplications, and also to take a look at the naming and try to make it a little bit more reasonable. It was here to get the name out there, so we had some way to sort it and identify it in the interim.
Then by the time we have the NPRM, we would then hope to have at least the element lists for each transaction pretty much spelled out, with the name, the definition, not much more than what you have here, so that they can be referred to when individuals begin to comment on the NPRM.
There is continuing work on the implementation guide, however, so there will be a continuing focus on the data elements specifically to the transactions as the implementation guides are developed. Ultimately, when we get to that level, there has to be a lot more detail than is just listed in this report.
DR. STARFIELD: There are a couple of other items under this general rubric of maintenance of data content that have to do with process and criteria, things that aren't on your agenda. Marjorie, maybe you can help us sort things out there.
MS. GREENBERG: I know we are definitely running behind here. But when we met on August 5, 6 and 7, we had a preliminary conversation about content. At that time, we didn't have the document we have just been discussing, but we did have the information from the National Uniform Billing Committee and the National Uniform Claims Committee.
We started going through elements, but particularly without the full picture and with reduced members at that point, we cut that short, or cut it off.
What we did agree to do was a few things. One, we said we would try to provide some background on the issue of criteria for deciding whether an element should or should not be included in a transaction data set. Judy did some research and we got the criteria from the NUCC and the NUBC that they used, and also provided you in your blue folder with what these basic criteria were that the uniform data set activity over the last 25 years has basically driven.
What I did, I put it all on one and a third pages, at least from the written documents what the NUCC criteria are, the NUBC and the UHDDS, but UHDDS drove the other data sets as well.
Another issue was what organization should be responsible. I think you have all seen the letters that came in from the NUBC and NUCC to the Secretary, recommending that they respectively be responsible for the institutional and noninstitutional claims.
One of the issues that we have discussed in the department is -- well, one of the things that I assume will be included in the NPRM, but I don't know for sure that it will be, is who will be responsible for content, or how it is going to be determined who is responsible for content of the transactions.
DR. MAYES: I think the latter approach is the one that we are going to take in the NPRM. In other words, at this point, I don't believe that we are going to come out with a particular organization named; rather, to discuss the process by which the content will be maintained.
MS. GREENBERG: I don't know if there is anything about that that you might want to discuss with the subcommittee. We have been discussing this somewhat in the department, and I think George Argus in his note to Judy gave a preview at least of what the NUBC has been thinking about, in terms of expanding.
DR. MAYES: Actually, those are the kind of issues that we would bring up in the NPRM, the criteria that an organization would have to meet in order to be acceptable as the maintainer of content. In other words, it would have to be an open process. It would have to allow for quite broad representation from the industry or interested parties, that sort of thing. We were given some indication that legally, we probably ought not put those things in the NPRM, like specific organization name.
MS. GREENBERG: I actually noticed that George said something about inviting NCHS to be on the NUBC. I don't know necessarily if it would be NCHS, but there certainly is discussion going on about having public health and health services research represented in these groups. I don't think we have actually discussed that in any way at the national committee. I don't know if you want to weigh in on that, but these trains are leaving the station.
DR. MAYES: One of the other issues is that ultimately, it is the Secretary who approves any changes to the mandated standards. So we need to come up with a process. Even if it is a private sector organization that has responsibility from day to day for maintaining this, there has got to be some process.
If NUCC or NUBC came forward and said we have decided to change the content or change these definitions of existing elements, there would have to be some review process that would likely include NCVHS and the department. It may not be lengthy, depending on the depth of the change being proposed, but we have to come up with some structure for allowing some review, because the Secretary would ultimately have to come forward and say, here is the new definition.
DR. COHN: This sounds like a replay of a conversation we had earlier in the meeting. Maybe I misunderstood what the topic was, but early in the afternoon we talked about the process for changing standards.
I had thought that the issues around this maintenance and updating, changing, whatever were part and parcel of the same issue, as who is going to be maintaining, updating and improving this. I think the committee had decided that we were going to be holding hearings around some of those issues to better understand them.
So I think your description of what should be in the NPRM is probably the right level to approach. But I think there needs to be a lot more investigation.
DR. MAYES: Yes, because this is sort of unusual. You will find if you go out and give talks about the standards that when you say the word standard, different parts of the audience hear different things. To some, it means the very technical standard on messaging envelopes and that sort of thing, and the obvious answer there is always SDO. But most of the SDOs have not focused on the content in their organization. And of course, they are also talking about standardizing content.
So it gets a little tricky. I think it would be wise to have further discussions and input as to, do you combine those two responsibilities, do you separate them out? If so, how do you coordinate between the content standard organization, if you will, and the more technical messaging standard organization, because there does have to be coordination between those two.
DR. COHN: I would think that the standards organizations as well as the public at large might have a lot invested with how all that plays out.
DR. MAYES: Absolutely. The systems people are real concerned about the bits and the bytes, but I think most of the users are very much more concerned about the actual content of the data that is going across the ether.
DR. STARFIELD: We are very much behind schedule. Marjorie, could you just tell us what came around so we can label it? Then we can go on to the claims discussion.
MS. GREENBERG: It is an extension to the -- I wanted the criteria to just go on one page back and forth, but the second page is actually an extension of the UHDDS additional criteria or guidelines for deciding whether elements are included or if there are included, what some of the other ground rules are, such as testing them, et cetera. So that is part of what I --
DR. STARFIELD: It is page two of a three-page document.
MS. GREENBERG: It goes to page three.
DR. STARFIELD: Okay, let's go on to the claims attachment standards. Do we have anything to react to here, or are we starting this discussion anew?
DR. MOORE: We have one of the members on the team that has been involved in this. Chris, why don't you take a seat at the table? And spell your last name.
DR. STAHLECKER: S-t-a-h-l-e-c-k-e-r. I'm not quite sure where to begin to give you a briefing on it. But I can say that attachments have been a problem as long ago as electronic claims. They have continued to be analyzed. HCFA had done a survey some time ago, like '94, and gathered up some documents that we have been recently using in our analysis.
Other points of contact and outreach. We have written some letters to private and commercial payors. Medi-gap payors were a targeted audience. We have spoken to the Blue Cross/Blue Shield Association. At an X-12 session we did speak to the commercial caucus group and invited them to participate.
Last week, Steve Barr from HCFA addressed the state Medicaid directors and explained our project to them. So all of these outreaches were targeted to obtain industry input as to what the attachment problem really is.
We do have an overall project outline for how we wanted to tackle this. We have created the actual proof of concept project, attachment project. That is where we would be modelling different technical structures to contain the attachment information travelling from a provider back to a payor. So all of this outreach was to try to assess the data content that would need to go into these transaction sets.
Our design of this approach was to take place in the July and August time frame this year, and we are pretty confident. We like the 275 transaction set from the X-12 standards development organization, and we have coupled that up with the HL-7 standards development organization for the clinical information. We think the X-12 transaction, the 275, will be a good vehicle to house codified information. It does have a binary segment within it that is often referred to as the empty dump truck, and can be used to transport another standard development organization's messages, such as HL-7, or even the DICOM for X-rays, et cetera, and ASTM when we get to that point.
We have been looking at the technical structure. That was our July and August deliverable. We are actually beginning the development phase of our project, and we expect that to run from September through March of '98. That is when our testing phase will begin, March of '98, running through about the August of '98 time frame.
We believe that we will have our draft standard, beginning -- or the standard ready to be drafted or the initial publication in the NPRM, start to draft it in approximately the July time frame, knowing that it has got to go through a lot of review and approval before it can be available in October of '98 for publication.
That is a general outline of our schedule. I don't know if you have any questions, or if you want me to keep briefing you.
DR. STARFIELD: I think I want to turn to John Lumpkin, because the work group has talked a little about timetables for dealing with claims attachments, right? This is a good time to tell us what you are thinking so far.
DR. LUMPKIN: Well, I think we were looking at hearings in the winter, which may coincide fairly well with the activities of the implementation group. I think that would be a good time to hear from a variety of groups.
We clearly want to hear from the providers, and we want to hear from the payors. We want to know what they are looking for in a claims attachment, and we also need to understand the burden which providing these additional attachments will place upon those who are the producers of the data. I think those would be the two biggest groups I see at that hearing.
DR. STARFIELD: We have got work on getting those hearings going. We probably have to do it this meeting rather than next meeting, that is, to identify the questions that we are going to pose.
DR. STAHLECKER: I should also mention that in the November time frame, HCFA wanted to sponsor a provider and payor work session. The intent was to approach the NUCC and the NUBC and the ADA along with WIDI, to have each of those organizations suggest two providers each that would attend this work session, so that they would have an opportunity to sit in with the group that is pursuing this attachment proof of concept project, so we would have their initial input.
Along with that would be the providers that would be supporting the task. But I did want to make sure I express that we are going out and doing this outreach yet one more time to those industry groups. We are going to be doing that in November.
MS. GREENBERG: Do you know when?
DR. STAHLECKER: We thought that we were going to be speaking with this group November 5, so it would be after that.
DR. MC DONALD: We spent two days with the pilot project folks at an HL-7 meeting with a number of HL-7 people. I had the pleasure of reading about 400 of these attachment requests before the meeting, and I summarized some of them. I've got about four copies.
This is the document that we worked off of at the meeting, or at least we used it to get everybody up to speed. It is not exactly what you think it is; it is more. If anybody wants them, I've got five or six here, anyway.
MS. GREENBERG: If everyone wants it, we can get additional copies tomorrow.
DR. COHN: I think that this is very important work. I think we have always talked about claims attachments as the gateway to the computerized patient record. I think one of the focuses of any further discussion we need to have around this has to do with really seeing how all of this comes together, how the claims attachments relate to administrative transactions, but also how it relates to things beyond.
I am beginning to get a pretty good sense that it integrates, but I think there is a need to explore that a little bit.
DR. STARFIELD: I guess the question is whether we need to start thinking about setting up the hearings at this meeting or whether we can afford to wait until November. John, what do you think?
DR. LUMPKIN: I'm sorry, I didn't hear the question.
DR. STARFIELD: Do we need to start thinking about the hearings this meeting, or can we afford to wait until November?
DR. LUMPKIN: I think it may be a little bit premature to start thinking of the questions, because I would suspect we are looking for a January-February hearing. We set our next meeting tomorrow, right?
DR. STARFIELD: No, it is in the beginning of November.
MS. GREENBERG: We are going to set our full committee meetings tomorrow.
DR. STARFIELD: We already have the next meeting in November.
MS. GREENBERG: We have a full committee meeting November 5 and 6. We are going to be setting the '98 dates.
DR. LUMPKIN: Okay, so we are going to be meeting in November. I think that would be adequate time to do this.
My only thought is, I don't think we have a liaison to this group on attachments, do we?
DR. STAHLECKER: We have created a special interest group within the HL-7 organization that is jointly staffed by X-12 and HL-7 members, and we have a comparable group working within X-12, focused on the attachment issue. We have got some nice cross-membership there.
DR. LUMPKIN: Perhaps for the next meeting you could come in with a list of suggested questions. That would help us get started for our meeting.
DR. MOORE: This is an area that Jeff Blair is also interested in on the HISB. He is trying to pull a group together there. So you and Jeff work together, and you are both members of this group.
DR. MC DONALD: Yes, but I don't want to go to any more meetings.
DR. LUMPKIN: I think we are looking to have some draft questions. I always find it a little bit difficult in these kind of meetings to start off from scratch, when there are varying levels of expertise. If we have already got two people who are thinking about this, then I think it would be very helpful for you to start out with the questions. We could ask Jeff, too.
DR. MOORE: One of the things that we might volunteer to do is, some of the questions and issues that we have encountered as we are working through this, we can submit back to the group and they can then decide if there should be something more that you want to do. So we can help you with some of that.
DR. LUMPKIN: Thank you.
DR. STARFIELD: So we are targeting for hearings in January or February, is that right? And the questions we will work on in November.
MS. GREENBERG: Probably, yes.
DR. MOORE: Should we pass those through Clem to get his approval first, or what?
MS. GREENBERG: Are you actually serving as a liaison to -- you are participating from an HL-7 perspective, but were you suggesting that you maybe didn't want to be the K-2 liaison to this activity, or that you wanted some help with it?
DR. MC DONALD: I was suggesting that if somebody else was interested, it might be useful to have some more help. But if not, I will.
DR. COHN: I would nominate Clem McDonald to that liaison role.
DR. STARFIELD: Are you going to contact Jeff as well, get his input?
MS. GREENBERG: Yes, Jeff is on vacation this month, but I know he is working on the certainly standards and inventory.
DR. MC DONALD: Yes, but I want to make sure that we don't get things confused. There are two standards groups working together. HSB is not supposed to develop standard activities. I think that is going to confuse the heck out of it if it doesn't come through the standards group, that's all. You have got a super group that is making up stuff without --
DR. MOORE: I was just suggesting Jeff, who is also a member of this committee, who also has an interest in the clinical aspects, that's all.
DR. STARFIELD: Do you have any questions of us?
DR. STAHLECKER: Just one of clarification. The question list is really for this group to issue to those that might want to come and testify, to have something to report to you on?
DR. STARFIELD: Yes.
DR. LUMPKIN: And it also gives them a framework for written submissions, for people who may not fit into the schedule to testify, or who may not be prepared at that time.
DR. STARFIELD: It has worked very well in the past. When someone prepares a draft, the committee goes over it and then we send those out. It really helps to focus the discussion. Thank you very much.
We move on to the annual report. Now, the annual report is a report of the committee, is that right?
MS. GREENBERG: We had the old annual report that the committee used to do. The '95 one was the last of those. This is the annual report required by HIPAA to report specifically on the implementation of the HIPAA standards. Having said that, I'm going to turn this over to you, Judy, because Judy has done a draft outline.
MS. BALL: You have in your packet a one-page, two-sided piece of paper. One side has the statutory requirements as they are laid out in the law, and the other side has a very tentative draft of an outline that you might want to consider in making your determination about -- or having a discussion about what you want to go into this first year's report.
Basically, I used the requirements from the law and my recollection of the discussions that you had had in your various working meetings, and tried to highlight the areas that there is already information about the implementation process that you could report to the Congress on.
It seemed a good place to try to highlight some of the special concerns. Certainly, the discussion earlier today again highlights the importance of the privacy legislation for many other parts of this endeavor. Here seemed to be an opportunity for you to take that message to the Congress in yet another way.
DR. STARFIELD: I guess I still don't understand. This is basically the report of the work group to Congress, is that it?
MS. GREENBERG: No, of the full committee.
MS. BALL: The one page shows the specific provisions that the law lays out, the kinds of issues that the report is intended to deal with. As I said, the other page is a very early draft outline of the kinds of issues that you may want to capture in such a report, given your work group discussions heretofore.
DR. BRAITHWAITE: I think it would be useful to concentrate our efforts at this meeting on talking about methods for monitoring implementation, for identifying needs. The last section there on implementation -- because the first several sections are things that staff could pull a draft together, because there are things that have happened that we can describe, whereas the implementation is a description of what the committee is planning to do in the future to monitor implementation as required by the statute, and we need a lot of input from you before we can even draft something like that.
MS. BALL: It would be useful to know also if there are other special concerns that you would want to highlight. But basically, that last section I think lays out the plan for the future to try to monitor and measure implementation.
DR. LUMPKIN: I think the outline speaks to me. But I suspect that -- I'll call this phase zero of our reports. I see them primarily reporting about our findings and our projected recommendations.
Somewhere around the time of the implementation, I suspect that we may want to start holding at least one hearing prior to the time we need to file our report, to allow people to have a chance to make input into the committee on how they see HIPAA being implemented, and whether or not there are problems that they are seeing. That can be a basis of at least assuring that we are not just going on what we are seeing, but a broader sense.
The only addition I would make to the special concerns would be to add security to that. I think it was really quite an eye-opening session that we had. I think we want to highlight that to Congress, that we are concerned about that, and will continue to monitor that, particularly since we see some evolution of our recommendations.
DR. STARFIELD: Did I hear you right, that you think a lot of the material under implementation we are actually not ready to report to Congress yet on?
DR. SCANLON: No. We are pre-implementation. So we can talk about what we accomplished and what we see as the barriers, but really, the implementation doesn't --
MS. BALL: Well, it is not just a matter of what the committee has accomplished, but also your perspective on the process as it has played out in the department and with the industry. It seems that that is an area you are giving special responsibility to, to be the eyes and ears of the Congress.
DR. COLTIN: I think also, as you said earlier, our plans for how we are to monitor the implementation once it actually begins. I think the kind of comment that John just made about hearings is one mechanism for collecting that kind of information.
Another might be through our website, have people submit comments directly under different topic areas about what is working well and what is not.
DR. LUMPKIN: I would also point out a recommendation that we made of encouraging the various certifying bodies to look at security, which is a more on- site one we may want to think about.
DR. MOORE: You mean, there are some you are going to suggest other than HCFA?
DR. LUMPKIN: The existing standard bodies. The states would be more than happy -- at least, Illinois would be more than happy to work with HCFA on that, in a more partnership relationship, but not under contract.
DR. STARFIELD: What is this about, the Faulkner and Gray survey?
MS. BALL: Some of the measurement of the extent to which EDI has been adopted by the world, the industry. The information, much that we have now, is coming out of a survey that Faulkner and Gray does annually. The expectation is that the continued adoption of EDI will be also picked up to some extent by that survey.
Presumably there will be other sources of information from the government or from other places that you will want to look at to track how implementation is occurring.
DR. SCANLON: This might be a measure, Barbara, of the extent of EDI and standards quantitatively.
DR. STARFIELD: Earlier today I commented about having received a request for answers to a lot of very specific questions that were posed. This came from Faulkner and Gray, actually. If we are going to rely on them, we have to figure out some way to inform them, so that they ask informed questions on their survey. We haven't developed that.
DR. SCANLON: That is the send out e-mail and sit back form of journalism.
DR. STARFIELD: That's right, urgent, please reply immediately.
DR. SCANLON: They have a publication, as you know, and that is what the author is trying to do there. I think everybody responds as they can.
This is another part of Faulkner and Gray that actually looks at the extent of EDI and other issues in the biggest parts of the health industry. It would be a way to monitor. Clearly, it doesn't substitute for having hearings, in terms of what implementation barriers might be. But it gives you a quantitative sense of what percentage of this sector or that sector is using EDI. We'll probably have to ask them to tailor this somewhat.
DR. STARFIELD: That is the point, because the usefulness of the information we get out of the survey depends on what goes into the survey.
MS. GREENBERG: I think the full committee at least has talked about potential users of the standards who wouldn't be captured in -- or we don't know that they are captured in the Faulkner and Gray, such as public health agencies or community health centers and some of the public sector groups. So they might be incorporated into the Faulkner and Gray or they might be handled by a hearing that the subcommittee held, or different ways that we can capture some of those.
DR. STARFIELD: Okay, Judy, back to you. What do you need as a reaction?
MS. BALL: I guess I'm still wondering, do you all have other thoughts about this measurement activity, how you want to present it in your report? The Faulkner and Gray survey will give us a kind of industry-wide look. Having hearings, including representatives from individual organizations or associations, will give the kind of anecdotal flavor.
The methods here for identifying needs for new standards is one of the issues that was discussed earlier today that we don't really have a resolution on. The methods for identifying needs for new standards, that might also come through hearings, but there may be other avenues that you will want to pursue on that.
Then I guess the bottom line is, do you want to go forward with this report, and what the process for that is going to be.
DR. SCANLON: This will be the first report that is basically the framework for what will come later and what we have accomplished.
MS. BALL: I can't hear you, Jim.
DR. SCANLON: I'm sorry. If the subcommittee is comfortable with the outline at least, with the addition of security and some other issues, we might want to present it to the full committee, and then we would proceed to fill it in, staff would proceed to fill it in, the draft for the committee's review in probably November, maybe earlier than that, as a draft. Again, this is the first, so it will be an interim cycle after this. After we get comments from the NPRMs, we'll have a better sense of this as well.
MS. GREENBERG: Present the outline tomorrow. What kind of time frame are we thinking in terms of?
DR. SCANLON: We tend to do calendar years in HHS. We could probably aim for December. It wasn't really possible in August. It was just -- we were doing so much of this, it was hard to write about what we were doing. We would propose maybe an end of the calendar year time frame and annually thereafter.
DR. COLTIN: I realize that this particular focused report is a requirement of the law, and something that we need to do. My question has to do with the fact that we produce an annual report of the full activities of the committee every year as well. It seems to me that it would make sense to time this, such that this is a component of that report, where this could go lock, stock and barrel into that report, but that report would address other activities that the committee has been involved with besides the K-2 activities.
Now, whether or not the full report goes to Congress or just the subset is that issue that we could debate at another time. But there may be other messages that as a committee we would like to get to Congress. We may therefore want to reserve the right to make that decision, in which case the outline of the report may become somewhat more expansive than what we see here.
MS. GREENBERG: When the committee was rechartered, the requirement for an annual report such as the one that we have done from the beginning -- when we did the history of the committee we had annual reports going back to 1949 or '50, I think. But that requirement was no longer in the new charter. The '95 report, because it was late by the time we got it all together, was actually more of a '95-96 report. But having done that report, the one with the blue and white, there are currently no plans to do another annual report. I think that is something that the planning and implementation group is going to want to look at.
DR. COLTIN: We discussed at our last meeting the fact that there are other initiatives underway that would benefit from standardization, whether it is birth certificates and bringing the kinds of coding systems and data element definitions that are used in those kinds of transactions into line with these. It seems to me that those types of issues might also be appropriate to bring to the attention of Congress.
DR. SCANLON: This is actually the report to Congress. The annual report was to the Secretary.
MS. GREENBERG: Yes, right.
DR. LUMPKIN: So we are going to refer this to the planning and implementation team to coordinate that?
DR. STARFIELD: No, we are going to go ahead with this one and maybe later incorporate it.
DR. LUMPKIN: Would you be kind enough to maybe convey our concept to the chair of that committee?
DR. COLTIN: Sure, I'll be happy to.
DR. STARFIELD: Ready to move on to the work plan? I have a flip chart here for the work plan. We clearly have lots of things we must do, the K-2, and we have other things.
I think I want to start by reviewing our accomplishments based on our prior work plan. You don't have that, I don't think, but I do have a copy. It was marked draft; we apparently never finalized it. But as I look through it, it looks like we did what we said we were going to do.
Let me just briefly try to summarize it. Consult with the Data Council and comment upon input from standards developing organizations; we have done that, including the administrative transaction standards, the unique health identifiers, the code sets and classification systems and data security standards. That was number one.
Number two was, develop a plan for a series of approximately four to six public hearings or fora on health data standards. We have done that. We didn't do that?
MS. GREENBERG: No, the security letter we still have to approve during this meeting also.
DR. STARFIELD: That's not on the agenda. Three is to review the draft HHS proposals and recommendations for health data standards pursuant to the law, and four is to provide continuing consultation and advice to the full committee.
Marjorie just reminded me that we not only have to deal with the work plan, but we have two things left over from this afternoon. So I guess we really ought to do that first.
DR. COHN: Why don't we do the security one first, because it looks great.
DR. STARFIELD: Why don't we discuss the security one? I'll give you a few minutes to read it. We'll discuss the letter first.
DR. LUMPKIN: On page two, all the way at the bottom, organizations that license or accredit health care organizations should consider. We give them wiggle room, because consider doesn't mean they have to do it. Then we should add in, especially HCFA.
DR. STARFIELD: Are we ready to go to the committee with this tomorrow?
DR. SCANLON: It looks good to me.
DR. BRAITHWAITE: The only question I had, Kathleen, was the individual authentication really involves more than just having a unique identifier.
DR. FRAWLEY: I know.
DR. BRAITHWAITE: Maybe we could craft another phrase to beef that up a little bit.
DR. FRAWLEY: Sure.
DR. COLTIN: We talk about organizational practices, one of which is patient access to audit logs. But I don't see maintenance of audit logs as one of the -- in the earlier list of practices. I see monitoring of access, but it is written in a very general form about access to the system as opposed to access to a particular record and monitoring who has accessed that record. If we are going to make that recommendation, I think we need to say something about that.
DR. STARFIELD: Can we just put in another bullet in that list?
DR. LUMPKIN: Under monitoring access, you could say organizations should develop audit trails and other mechanisms to review access.
DR. COLTIN: To individual records, to identify who has access.
DR. FRAWLEY: That is what the NRC report calls for. But the problem was that we hadn't really gone into as much discussion of the NRC report, but the NRC report says there should be audit trails.
DR. LUMPKIN: I think we tended to agree with that.
DR. FRAWLEY: We never went into a whole discussion on it, which is why I phrased what I did. So if you take the spirit of the NRC report, you do have to have audit trails, and how the organization decides how detailed they have to be and how long they are retained and what they do with them -- but the NRC report says you have to start with some auditing mechanism that at some point would be helpful to allow patients to have access to their logs and perhaps also involve the physicians and others. That is all within the body of that report.
DR. STARFIELD: Yes, but the suggestion is just to put in one sentence up there under monitoring access.
DR. COLTIN: Then it covers you for later on.
DR. STARFIELD: With those couple of amendments, we will then present this to the committee tomorrow. Simon?
DR. COHN: This is a -- I wouldn't call it a straw purse, it is really a straw dog. It is really an attempt to put a sentence or two down to describe a position. If we agree on that, then it can be fleshed out into a letter, but we have been spending the whole day trying to decide what our position was regarding all of this.
Now, Kathleen has already given you a couple of changes to it, then we can discuss and see if this is indeed our position. Kathleen has changed the very end of the first sentence, which is changed to read, implemented provisions to insure the confidentiality of individually identifiable health care information and to preserve an individual's right to privacy. Please go ahead.
DR. LUMPKIN: On that sentence, I would suggest that we strike in the absence of implemented provisions and instead say absence of legislation. The whole issue of -- they can implement the regulations under the Secretary, but we are very skeptical of the ability of those protected confidentialities. So I think we are really talking about legislation.
DR. COHN: What do people think about that?
DR. STARFIELD: Comments on whether we should say legislation rather than leave it as an administrative function?
MS. GREENBERG: This gets back to the annual report, because one of the elements that Judy had was the issue of the need for legislation. But this would be an opportunity in your annual report to Congress to really come on fairly strongly about this.
It is an incredibly important element, the unique identifier. It is the kingpin to everything, but there is real discomfort in moving forward with that without legislation. You are kind of throwing it back to them, just as they threw it to us.
DR. SCANLON: But you are not even allowing for the regulations as the hammer ultimately if Congress doesn't pass legislation. The fallback position has always been in the law that HHS would pass the regs. So you are saying statutory law rather than just regulations.
DR. STARFIELD: You want to replace implemented provisions to legislation?
DR. COHN: I just want to make sure that everybody else is --
MS. GREENBERG: Yes, I think the report itself said that regulations should not be considered a substitute, an adequate substitute.
DR. COHN: Comments? Go ahead, John.
DR. LUMPKIN: Then in the second sentence, I thought I would change it to say that we recommend a unique patient identifier along the lines of the UPI be selected on the basis of. So we recommend that a unique patient identifier along the lines of -- never mind.
DR. COHN: Rather than the, it should be a, maybe?
(Simultaneous discussion.)
DR. STARFIELD: I also don't think it should be patient identifier; it should be unique individual identifier.
(Simultaneous discussion.)
MS. GREENBERG: Unique individual identifier for use in health care. That is a mouthful.
DR. COHN: Unique health identifier?
DR. STARFIELD: It's not only health, it is health care.
DR. COHN: I think we had better find out what it says in the legislation and just reference it. Oh, you have a copy? Okay. Other comments while we are looking for the official wording there? And basically we need to retype it. You ought to see what this is already looking like. Do you want me to read what I have here, or just that sentence.
MS. GREENBERG: To assure the confidentiality and privacy of --
DR. COHN: No, to insure the confidentiality of individually identifier health information and to preserve an individual's right to privacy. What wording do we have here? Unique health identifier.
MS. BALL: For individuals to use in the health care system.
DR. STARFIELD: Say it again, Judy, please?
MS. BALL: Unique health identifier for each individual for use in the health care system.
DR. COHN: The second question is, what about the second sentence? Are we okay with that? One of the questions I would have is, are we comfortable with the ASTM criteria? What I am proposing obviously is that the ASTM criteria coupled with cost-benefit evaluation be used to determine the identifier. Is that a recommendation?
DR. FRAWLEY: We were talking about earlier today, we also probably need to get some industry feedback or reaction. Even when we have the cost-benefit stuff, I'm concerned with not having the benefit, for people being able to provide comments to the committee. I'm not suggesting a hearing as much as being able to put something out on the street and say to people, we have narrowed it down to these two choices. Here is what some of our data shows in terms of cost-benefit, are there other factors the committee should consider.
DR. COHN: So we should say and public comment?
DR. FRAWLEY: I don't know if we want to wait to the end to get public comment.
DR. STARFIELD: Why do we have to wait?
DR. FRAWLEY: We don't. That's what I'm saying. I just would be concerned that with a lot of the other transaction standards, people have had a preview, have had an opportunity to react, to provide input, whatever. This one, you hate for NPRMs to be the only vehicle for providing input.
DR. LUMPKIN: I would suggest that we list our top candidates. It doesn't have to be one. We have got the ASTM UHID and we have some version of social security with a check digit as our original recommendation, and enhanced social security. That is what we are looking at, and see what the comment is.
DR. COHN: Haven't we come to that conclusion at this point?
DR. LUMPKIN: The other one that ranked high was the MPI, master patient index or some version of immutable - - and I am willing to toss that into the mix for comment also. I just think we should limit it down to two or three.
DR. COHN: So you would like a paragraph then saying that so far, in our evaluation these appear to be --
DR. LUMPKIN: Yes, I think that would be good, to say that there are two or three strong candidates which we think should be evaluated, based upon ASTM criteria coupled with cost-benefit evaluation and public comment.
DR. STARFIELD: So we are adding coupled with cost-benefit evaluation and public comment of the leading candidates?
DR. LUMPKIN: Yes.
MS. GREENBERG: Then you're going to say what those are?
DR. LUMPKIN: Yes.
DR. STARFIELD: Are we going to save it for tomorrow?
DR. COHN: Are you willing to work with me a little bit after this to see if we can put something together? I think we are beginning to flesh out something that we might actually be able to get out.
DR. STARFIELD: Are we going to suggest right in this statement that we present to the committee tomorrow that we include the leading candidates?
DR. COHN: I would think so. Certainly we should discuss what we think the leading candidates are. We are not saying one; we are talking about a couple of different approaches, all of which need further work to get down to the one.
DR. STARFIELD: Bill, are we going to have this tomorrow? Something written?
DR. BRAITHWAITE: Sure, if Simon will work with me for a few minutes afterwards?
PARTICIPANT: I wanted to just ask, this MPI number, is that a number that someone has generated?
DR. COHN: It is a matching algorithm, I think.
PARTICIPANT: I would think that that would be a very important choice. I realize that it probably costs more to implement than some of the others, but in some of the European countries, they protect that number as well as the association with the name, and using a social security number is no protection if you know that number. You can buy social security numbers, 5,000 for five dollars.
I just wanted to understand that they were independent of any particular organization.
DR. STARFIELD: Thank you, Simon. Now we can go to the work plan. I'm going to suggest that we probably are not in a position to develop our work plan for the year, because we still have some new committee members to be appointed, and that may change our work plan, or at least enlarge the scope of our work plan. But we at least can talk about the work plan for the work group, which you already have, and then if we have time left over, which I hope we do, we can throw out some ideas for enlarging it.
DR. COHN: Can I make one comment about one of the pieces of the work plan, which I think -- is this the work plan?
MS. GREENBERG: That is from the August meeting.
DR. COHN: I was just going to comment regarding terminology, which says medical coding, framework, fall hearing. At this point, there is actually a conference in mid-November that Dr. Braithwaite and Dr. Detmer are going to be co-keynoting, I guess is the best way of describing it. The NCVHS is one of the planning organizations. They will be focusing on medical terminology or health care terminology issues.
I think the question for the committee gets to be whether or not we need an additional set of hearings this fall also, or whether we should have that meeting and then decide in our January meeting what further we need to do after that.
DR. LUMPKIN: I like not having a hearing in the fall.
MS. GREENBERG: I think originally we had talked, and when we invited people to the first hearing on coding and classification we said a second hearing was being planned. But then when the CPRI meeting got scheduled for the fall, I think what you propose makes sense.
DR. COHN: So then we would just change that and have that be an open re-evaluation for the first meeting after that November session.
DR. STARFIELD: I'm not sure I understood that. Can you run through that again? We're not going to hold the fall hearing on terminology because there is going to be a meeting under the auspices of CPRI?
DR. COHN: That's right, that NCVHS is participating in.
DR. STARFIELD: On terminology?
DR. COHN: On terminology.
DR. STARFIELD: Will the work group participate? I know you mentioned who was going to keynote, but in terms of actual participation in the meeting?
DR. COHN: We're hoping to, yes. I'm going to be co-chairing the conference. I believe Dr. Lumpkin hopefully is speaking on one of the panels, if he is available. Obviously, everyone is invited, so we would obviously appreciate full participation from the subcommittee.
DR. STARFIELD: That is what I was getting at. If we are going to make a recommendation out of that, there should be some considerable participation of the work group.
DR. COHN: Yes, I think that would be great. Kathleen, do you have a comment you want to make about this? No. Kathleen is coming, too. But anyway, the key issue on that one is that any further hearings about this gets revisited in January, and that becomes an activity and part of the work plan.
MS. GREENBERG: Winter.
DR. COHN: Yes, probably a winter hearing.
DR. STARFIELD: It is in November.
DR. COHN: It is in November. I'm saying the meeting afterwards.
DR. STARFIELD: Do we want to put that in there or leave that in abeyance? A subsequent winter meeting.
DR. LUMPKIN: After that conference, I think we need to think about what it is that we want to do. We made the recommendation of a new system of terminology sometime in 2001, 2002, somewhere in that area.
DR. STARFIELD: I think that is something different.
DR. COHN: It is another piece of that issue. I think the question gets to be, do we evaluate where we are at the winter NCVHS meeting to see what sort of hearings may be necessary.
DR. LUMPKIN: Right, and I think we added it to our work plan. I think we do want to spend the full hearing in the winter on attachments. I think there is enough there to spend a couple of days on that.
PARTICIPANT: I just had a question. Is that meeting an open meeting, or is that a CPRI invitation only meeting?
DR. COHN: No, it is actually an open meeting. There will be a charge for attendance to cover costs of facilities.
PARTICIPANT: Is that going to be on NCVHS website, the announcement of that meeting?
MS. GREENBERG: It is not an NCVHS sponsored meeting. NCVHS participated in the planning, along with a number of other groups.
DR. LUMPKIN: Probably under CPRI.
MS. GREENBERG: But will it be recorded on the -- the last few have been recorded on the VA website. You can actually listen to them from the comfort of your home.
DR. LUMPKIN: I have no relationship whatsoever with CPRI, but I think that is why they are holding meetings, so people have to go there to find out what happened.
PARTICIPANT: My question was related more to, is it an open meeting that is going to be publicly announced that people would be able to plan on attending.
DR. COHN: Yes, the brochure is being printed right now.
DR. FRAWLEY: It has already been advertised. There have been several brochures out already.
PARTICIPANT: I'm on CPRI's mailing list, and I haven't gotten any notice of the meeting. That is why I asked.
DR. LUMPKIN: They probably sent it to everybody but you.
PARTICIPANT: That probably is right, because I wanted to use NDC numbers.
DR. STARFIELD: It is not on the Federal Register.
MS. GREENBERG: No, this is not an NCVHS meeting, and it is really not a substitute for NCVHS having a separate meeting. It just didn't seem to make a lot of sense to have two meetings on basically the same subject with the same people about at the same time.
DR. STARFIELD: I would like to move on briefly to -- move into other aspects of the work plan for the subcommittee. At the executive committee meeting the last meeting in June, we discussed at some length what charge that the subcommittee has. We felt that we needed to move forward with some discussions on general data needs in relation to health needs as well as accountability for care, beyond the K-2 legislation.
We had discussed having John Eisenburg from the AHCPR come and talk with us about that. So I wanted to present that to you as something we ought to do relatively soon. Now, the question is, do you want to do it within the subcommittee, or would you like to recommend that it be done in the full committee?
DR. COHN: Full committee.
DR. STARFIELD: Okay, good.
DR. LUMPKIN: I do have an item I would like to place on the agenda for the full subcommittee. I don't know exactly how we handle it, but I am a little bit concerned by a statement in a document which is not released, so this shall go unattributed. But I heard rumors that there is a statement that reads something along this line.
In 1988 and again in 1991, the Office of Inspector General, DHHS, cited major weaknesses in the birth certificate issuance process that hampered the ability of both federal and state user agencies to rely on birth certificates for identity. Among the problems cited were the use of false birth certificates to create false identities, many different version of birth certificate forms that are used and open access that lacks physical security for vital records.
I suspect that maybe it wouldn't be out of order for the National Committee on Vital and Health Statistics to perhaps do a -- what is happening with vital statistics. Are they a vital and reliable source of information as we have been suspecting they were supposed to be.
DR. STARFIELD: So that would involve the subcommittee.
MS. GREENBERG: Actually, we talked about that at the executive subcommittee meeting in June, also in the minutes. But the timing is very good, as Elizabeth and others pointed out, because there is the decennial or around there evaluation of the vital standards certificates that is about to be undertaken. So this would be a good time to get in on the ground floor.
Would you want that to the subcommittee or to the full committee? We could do it as part of a breakout session for the subcommittee. I'm sure there would probably be interest in the other subcommittees, too.
DR. SCANLON: John, is it specific aspects or generally what is going on with the revision and other things?
DR. FRAWLEY: We had a steering committee at NCHS on the death registration system, and as a result of that there are some pilot projects going on in states right now on the death registration, moving towards more electronic death certificate, if you want to call it that.
So in addition to what has been going on in birth registration, there was a whole initiative that took place for about two years. That really probably needs to be brought forward, because there has probably been some experiences now in the states, in terms of how that process has been going.
DR. LUMPKIN: It may be that what we need to do is get updated. For instance, since 1991, Illinois was not a birth certificate state; now we are -- 98, 99 percent of our births are recorded by electronic birth certificate. I think that is fairly uniform across the country. So this statement may not be accurate, because so much is being done by electronic birth certificate.
But I think we need to have at least some factual base that we look at other things, so that we are not using this as the foundation.
DR. FRAWLEY: There have been states that have had pilots now with the death registration, doing it electronically. We worked very closely with the Social Security Administration on that task force, in terms of what they needed to know, when they needed to know it, in terms of death benefits and information flows.
DR. LUMPKIN: We may make a recommendation if we look at this to say that given the level of technology, there is no reason why we can't put an additional field on the birth certificate that a death certificate exists that is linked with this birth certificate.
We do that for infant mortality rates, where we link births and deaths but that certainly would mean that whenever it is printed up or when someone requests it, it indicates that person is no longer living, which certainly
would significantly reduce the fraud of people using birth certificates of people who died to create new identities.
DR. COLTIN: So it sounds like what we would like to do is discuss vital records in general, and within those to talk about issues of security, to talk about issues of standardization, content and coding and all of that sort of thing, right?
MS. GREENBERG: Yes. These are going to be recommendations that you will make tomorrow for the November agenda.
DR. STARFIELD: We also will have a request from the other subcommittee, one of the other subcommittees, the population subcommittee, for a joint meeting specifically on two groups of data sets, one the mental health and the other one, the disability classification.
MS. GREENBERG: Functional classification, disability classification. I just spoke to Lisa briefly after her meeting, but ICIDH and other methods of classifying functional status, it was actually one of the elements recommended in the core data elements, but that needed additional work and research. Nobody has picked up on that, I don't think. But the population specific subcommittee is definitely interested in that.
Then there was also a suggestion that maybe there be a joint meeting on ICD-10. I think you could cover the ICD-10 and the ICIDH and functional status, that could all be in one meeting. Then there is the issue of the mental health encounter data set that SAMHSA has been working on.
DR. STARFIELD: So I think we can expect that tomorrow and respond to that, a joint meeting with that subcommittee.
DR. COHN: But when?
DR. STARFIELD: Let's talk about when we might be willing to do that.
DR. COHN: I certainly don't think before the terminology meeting in November, but the question is, sometime in the spring potentially, winter or spring?
DR. STARFIELD: We might have to compromise on winter.
DR. COHN: Yes. I was going to comment also, there is another issue that I think probably needs to be brought up sooner than our items here, which has to do with version control for standards and process for adding standards, which is really this issue of who is responsible for what.
I was sensing today as we went over it a couple of times that it may not be an issue -- it sounded like it was turning out to be a hot issue, and we may need to have an earlier set of hearings on this issue.
DR. STARFIELD: To add to the work plan.
DR. COHN: It is on there, but it is listed as spring. I think on the basis of what I have heard today, it seems like spring may be late for that sort of discussion.
DR. STARFIELD: I don't know about you guys from the West Coast, but we from the East Coast are ready for an adjournment.
(Whereupon, the meeting was adjourned at 9:17 p.m.)
rgani COHN: On terminology.
DR. STARFIELD: Will the work group participate? I know you mentioned who was going to keynote, but in terms of actual participation in the meeting?
DR. COHN: We're hoping to, yes. I'm going to be co-chairing the conference. I believe Dr. Lumpkin hopefully is speaking on one of the panels, if he is available. Obviously, everyone is invited, so we would obviously appreciate full participation from the subcommittee.
DR. STARFIELD: That is whndica COHN: On terminology.
DR. STARFIELD: Will the work group participate? I know you mentioned who was going to keynote, but in terms of actual participation in the meeting?
DR. COHN: We're hoping to, yes. I'm going to be co-chairing the conference. I believe Dr. Lumpkin hopefully is speaking on one of the panels, if he is available. Obviously, everyone is invited, so we would obviously appreciate full participation from the subcommittee.
DR. STARFIELD: That is wh