[This Transcript is Unedited]

National Committee on Vital and Health Statistics

Subcommittee on Standards

Hearing on HIPAA and ACA Administrative Simplification – Operating Rules, Review Committee

February 26, 2015

National Center for Health Statistics
3311 Toledo Road
Hyattsville, MD 20782


CONTENTS

  • Welcome and Introductions – Standards Subcommittee Co-Chairs
  • Morning Session: Proposed Operating Rules
  • Overview of Proposed Operating Rules – Gwen Lohse, CAQH CORE
  • Review of Proposed Operating Rule – Part 1
    • Rich Cullen, BCBSA
    • Sid Hebert, AHIP
    • John Evangelist, CMS
    • Karen Shields, CMS
    • Melissa Moorehead, MPHI
    • Peter Basch, ACP
    • Heather McComas, AMA
    • Stacey Barber
    • Margaret Weiker
    • Review of Proposed Operating Rule – Part 2
    • Laurie Darst
    • Debra Strickland, Xerox
    • Debbi Meisner, Emdeon
    • Sherry Wilson, Cooperative Exchange
    • Eric Christ, HATA
    • Subcommittee Q&A
  • Public Comment
  • Afternoon Session: Review Committee Evaluation Criteria and Process
  • Review Committee Overview – Standards Subcommittee Co-Chairs
  • Review Committee Evaluation Criteria and Process
    • Durwin Day
    • Stacey Barber
    • Margaret Weiker
    • John Quinn
    • Charles Jaffe
    • Gwen Lohse, CAQH CORE
    • Steve Posnack
    • Jean Narcisi
    • Robert Tennant, MGMA
    • Gail Kocher, BCBSA
    • Sid Hebert, AHIP
    • John Evangelist, CMS
    • Melissa Moorehead, MPHI
    • Debbi Meisner, Emdeon
    • Sherry Wilson, Cooperative Exchange
    • Subcommittee Q&A
  • Subcommittee Discussion and Next Steps

P R O C E E D I N G S

Agenda Item: Welcome and Introductions

DR. SUAREZ: I think we are ready to get started. Good morning everyone. I am very glad to see you all. I am glad to have you all here and certainly very glad you made it in this fairly stormy weather that we have been getting. We are going to start with our hearing today. We had to adjust of course the time because of the weather. We have a number of the people on the phone that will be able to provide testimony. We have a number of you here in the room.

We are going to modify the agenda in terms of the time. We are going to still keep the same two topics, and for the most part pretty much the same testimony. We are, again, adjusting some of the time as well as some of the order in response to some of the need for people to leave early or not be available in the later part of the afternoon.

We are going to cover in a minute, all the logistics. As always, we always introduce first ourselves as members. We are going to do very quickly that so that we can move to the testimony as well as the people in the audience and then we will move along. Terry is going to be covering some of the logistics and some of the changes also as we start this hearing.

A couple of points. This hearing, of course, covers two different topics, the operating rules, the proposed operating rules for different transactions in the morning and then in the afternoon, we are going to talk about the new function that the national committee has been assigned to address and that is a review committee, a provision under the Affordable Care Act. I will talk a little bit about that in the beginning at the second part of our day.

But one thing we wanted to note is in no way as always, with all our hearings does the content or the testimony express during the hearing is intended to reflect or represent or be used in any sort of a compliance process. We are really very interested in hearing your open and detailed testimony. I know that there has been some questions about and potentially some concerns about testimony that might reflect some situations about compliance with standards or transactions or elements under HIPAA. It is not the intent here to discuss those at all in terms of compliance or identify any individual organization or linked them with any particular compliance.

I wanted to just be very clear about that and particularly as we really prepare for the June hearing, which will be our first formal hearing under the review committee process. You will be learning more about it in the coming weeks.

We will be very interested in discussing at that hearing how things are going with the transactions and what are some of the big value and benefits achieved by the transactions and what are some of the issues that some of the transactions currently have. That is going to be all part of our hearing in June.

Today, our hearing in the afternoon that deals with the review committee really focuses on identifying elements that we can use to evaluate all these various standards, operating rules, codes and identifiers that have been adopted and used. I just wanted to be sure to point that out as we prepare for this hearing today as well as for the June hearing.

We are going to start very quickly again with introductions and then move onto the logistics and then we will get to the agenda.

My name is Walter Suarez. I am a member of the Standards Subcommittee, co-chair of the Standards Subcommittee and member of the National Committee. I do not have any conflicts.

MR. SOONTHORNSIMA: Ob Soonthornsima. I am a member of the Full Committee and co-chair of the Standards. No conflicts.

MS. KLOSS: Linda Kloss, member of the Full Committee, member of the Standards Subcommittee, co-chair of the Privacy, Confidentiality and Security Subcommittee and no conflicts.

DR. STEAD: Bill Stead, member of the Full Committee, co-chair of Population Health, no conflicts.

MR. ROSS: Dave Ross, member of the Full Committee, member of the Population Health Subcommittee, no conflicts.

MS. GOSS: Alexandra Goss, Pennsylvania eHealth Partnership Authority, member of the Full Committee, member of the Standards Subcommittee, no conflicts.

MS. DEUTSCH: Terri Deutsch, lead staff of the Standards Subcommittee.

(Introductions around the room)

DR. SUAREZ: Thank you. Do we have any members on the phone, members of the National Committee?

DR. CHANDERRAJ: Raj Chanderraj, member of the Full Committee as well as the member of the Standards Subcommittee.

DR. SUAREZ: Thank you, Raj. Good morning. Thank you. Anybody else?

DR. LINCOLN: Mike Lincoln from the Department of Veterans Affairs and the Standards Subcommittee.

DR. SUAREZ: Thanks Mike. Anyone else from the Standards Subcommittee or the National Committee on the phone? Okay. Terri.

MS. DEUTSCH: First of all, I want to thank, we all want to thank the staff for the wonderful way that they were able to get this all together with all delays. We can thank them all very much.

If any of the individuals who are testifying if you have to leave early because of need to catch a plane, if you could let me know, we will move around the schedule to accommodate you. If you need a cab, then let Janine know. Janine, you want to just raise your hand. Janine will be able to arrange a cab for you so that you can get to the airport on time.

The other thing we want to do is if you are on the phone, please make sure that you mute your phones when you are not speaking otherwise we hear it and it causes a lot of interference.

If you are speaking at the microphones, please speak slowly and into the microphone so that it can be recorded and everybody can hear you.

When you leave here, if you have a badge, please return it to the guards at the guard desk so they can discard it appropriately. If you are next to the microphone, please move any of your devices away from the microphone so that there is no interference.

We have adjusted the schedule. Rather than saying what it is, we are just going to move it along. We have not eliminated anything with the exception of the fact that we are not going to have any subcommittee discussion and next steps after the morning session. We will combine that in the afternoon session. That saves us a considerable amount of time. We have also cut a break from 15 minutes to 10 minutes, but please feel free to go and leave the room if you have to. Lunch is going to be 40 minutes so that we can catch up. If we do that and if everybody provides their testimony within the five-minute timeframe, we will be back on schedule in the afternoon and we should be fine. Thank you.

DR. SUAREZ: Thank you. We are going to start our morning session with a presentation from CAQH CORE about the proposed operating rules. Without any further ado, I will turn it to Gwen. And then from there we are going to be inviting testimony from the other participants that will be presenting testimony on this topic.

Morning Session: Proposed Operating Rules

Agenda Item: Overview of Proposed Operating Rules

MS. LOHSE: Good morning everyone and thank you for letting us to take the time to give you an update on the third set of the ACA Operating Rules. I am Gwendolyn Lohse, the managing director for CAQH CORE and the deputy director for CAQH. And what we are going to be doing today is just giving you an overview of CAQH CORE. I see some new members. We want to make sure just to ground set on who we are and how we got started and then give you a little bit of an overview of the parameters that we considered when we went into the third set of the operating rules for the ACA. And then talk about the process both how the CORE participants have been involved and then the public has been involved. Then highlight where we are with the scope and the status and then some next steps.

With regard to CAQH CORE, we started an organization before the ACA actually in 2005 to meet the needs of business rules for the administrative transactions. It seems hard to believe there was a pre-world of health reform, but it did exist.

We are focused on driving the adoption of health care operating rules to support standards, interoperability, and align clinical and administrative. And the vision is an industry-wide facilitator for trusted, simple, and sustainable data exchange that evolves and aligns. You might be able to see it as much, but that mission and vision were actually revised this year by our multi-stakeholder board. And a point on our board, the board is chaired by a provider. It rotates between a health plan and a provider. Our current board member is the CIO for CHRISTUS Health System, which is a large health system, kind of in the southeast, about 4 billion in revenue. And then there is also a woman who is actually the chair of the AMA board, a provider that the MGMA recommends and then a number of health plan executives and then a minority of vendors. The health plans and the providers really play the larger role and then the vendors and the banks support that. And then we have advisors from the standards setting bodies and also from WEDI.

With regard to the model just as a note here, we do have an integrated model. You will see that there are steps for writing the rules, doing the research, developing a testing process, then developing implementation support, and moving into promoting and getting early adopters and larger adoptions throughout the industry and then moving into maintenance and updates and the cycle starts again. A few notes on the overall model. We are continuing to help entities with the first two sets of operating rules. This is the third set in the ACA. Our commitment with our model is that we do support a lot of implementation. Last year we actually had almost 12 — we have more than 12,000 individuals that attended public open calls to help them implement the first two sets of the operating rules. And then a number of tools on our website that can be downloaded. And then a lot of entities and some of them are in the room that actually present their way of how they have met the rules, how they have worked with their trading partners, what their budget was, who the staff was.

With the maintenance, we are continuing to do maintenance with one of the key areas is the second set with EFT and ERA, the claim denial codes. We are doing ongoing maintenance that is public and private and it has been very successful. It is moving forward well. And then we are going through constant improvement. I think the board is continuing to look at the model to figure out what else do we need to adjust and insert.

As a reminder here, this is the three sets of operating rules. In the middle there on the green, there was — part of the ACA also required that the health plans become certified. You have the first set. It was eligibility and claims status. CAQH CORE was the author. It rolled out a second set. EFT and ERA. It rolled out. Then there was a proposal for certifying the health plans. CAQH CORE has a voluntary certification process. We are continuing to voluntarily certify health plans, but as well as vendors and large providers because they are essential to the process.

And then the third set is the one that we are going to go over today. And just a note on the third set, two of the transactions here are a little bit unique unlike the earlier ones where they actually got used in the health insurance exchanges. I am just going to highlight some research that we did on that because it added a different dynamic to this.

What were the key parameters of the scope of the draft operating rules? We went in and made sure as the CAQH CORE staff that supports the process plus all the chairs and then 140 multi-stakeholder participants in growing any organization can join CORE. They are welcome to the table. We do all the public outreach to those that aren’t at the table. That we followed everything that is required by the regulations and also the legislation.

A few key points here. One is there is no repetitive or conflicting requirements from the standards. There is nothing in this package that you see in the draft that the standards and the operating rules conflict.

Additionally, you will know that ACA in the third set did require operating rules for attachments. Those are not in here because those are the standards issued yet. We did not write operating rules because the standards are not out. With that said, I think there is a lot of crossover. We have heard from all the participants and the public between one of the transactions specifically prior auth and attachments. Once attachment does come out, we will want to revisit the prior auth.

The second point here is we also looked at just the requirements for the entities that are defined as HIPAA covered. Their regulations require that we only write requirements for the HIPAA-covered entities. This was especially challenging with this set because we had a number of recommendations for requirements for the employers and the practice management systems and property and casualty as well. You will hear later two of the transactions really do. They would be greatly improved if the employers were at the table. Because we are writing not voluntary rules like we were before the ACA, we are writing mandating rules. We did not insert the requirements for those entities. But no doubt, it would benefit from that focus.

With regard to what also infrastructure and data content, the regulation allows for operating rules to cover both data content and infrastructure. And the earlier rules actually do have data content. This set is focused on infrastructure as the first step.

Voluntary CORE certification. I mentioned the integrated model with the CAQH CORE. We do continue to push and track adoption by the health plans, the vendors, the practice management systems and the providers through that voluntary certification, which is a simulated testing process. That is a separate document. It is not included in the draft set. Just like we already have done with the already mandated EFT/ERA that is separate.

And then finally there is maintenance included, but any substantive changes to the requirements would obviously need to go through the regulatory process. Those were key points I think that we all want to level set on because we are talking about a regulation.

With the collaboration for this set of rules, we do use our process across the board to write each set of rules and continue to have process improvement. When CAQH CORE was designated by the secretary to be the author for these operating rules, we started the process three months later. We have the letter and we had to make sure we had our resources in line and then started the process.

One of the first thing that we did was to get public input from both CORE and non-CORE participants and did that through surveys. We do town hall calls every other month or quarterly depending on vacations, et cetera and holidays. And then we also reach out and do the surveys. I am going to talk to you a little bit about that. Then once that process happens and the CORE participants meet with subgroups and they review research. They look at criteria, which I know we are going to talk a lot about in the afternoon session. But that criterion has been an essential part of the CORE process. Does this meet business needs? Does it meet the technicalities? Does it meet guiding principles?

And then it moves through to work groups that continue to review what the substantive work that the subgroups do and then it moves up towards the voting process. Just as a note, all of CORE’s draft rules and all of the rules that are finalized are free. We have never charged for any of the requirements. They are up on the website. They are totally free to the public. We do have a website that is completely devoted to what is the status of each set of the — rules.

Monday this week just a few days ago, we held a public call for all non-CORE participants. We are continuing to do those to let them know about the status. There were nearly 400 entities that registered for that. We are just continuing to grow that awareness.

You will see as an example of some of the findings we do with the outreach. This was a public survey regarding this set of operating rules, the third ACA set, which is Phase IV of CORE. You will see there is quite a lot of non-participants that were involved and just about an equal number of providers and health plans, which we see as a really valuable piece.

And then obviously the government entities, the vendors, the clearinghouses, and others like associations, which are also critical.

After we go through the actual high-level process, I wanted to tell you a little bit about what happens within CORE. We obviously are open and transparent and meet the requirements that are essential to any of the regulatory processes in this area. Open, transparent, non-conflict of interest. That is an ongoing theme for us.

Once the rules start developing in the subgroup, they move to the work groups, then they go to an all CORE vote and then they go up to the board. And just a few points here. Right now and across the board, we always look for multi-stakeholder support.

DR. SUAREZ: For those on the phone if you could put your phones on mute. Please do not put us on hold, but rather use your mute button. It would be much appreciated. Thanks.

MS. LOHSE: Multi-stakeholder support is essential. There are required quorums and majority support to pass anything within CAQH CORE. The board, I highlighted, focuses on health plan and provider agreement. The vendors are essential to the process, but it is the health plans and the providers that are the end agreement.

One of the things to note with regard to the multi-stakeholder piece is right now there is no division among the health plans and the providers on any of the draft rules. We always look to see is it the health plans all wanting one thing and the providers wanting something else. Right now, there is not that division within the rules, which I think is essential because at the point it gets to the board, it would not pass.

With regard to adopter focus, there are a lot of entities that are interested in this process. We do at the end focus on those that actually have to apply their budgets and their staff to this. They have to change their strategic plans. In that all CORE vote, it is only the entities that actually adopt that can vote. If you don’t have to adopt it, you can contribute up to that point, but not thereafter. Adopters have been extremely involved at this point. We track it in great detail and have all that information on the voting and the process.

With strategic oversight, continuing to have that. That is done through the board, but also all the participants are essential to the strategic oversight.

One of the things that we have done is recently the board reviewed the ONC federal plan and also we are looking through the interoperability plan and their submitting comments and thinking about how we continue to align with that. That is going to be an ongoing process. You have seen that they have revised the mission and vision to ensure clinical and administrative integration.

I am going a little bit fast because I am trying to give us some more time. If I am going too fast, please let me know. I am speeding up so we have more time throughout the day.

With the scope of the draft operating rules, as the overall effort and all the CORE participants, the public, the implementers, the board, the staff, we have always applied criteria. That is something that there is guiding principles and then there is a criterion specific to the individual rules.

Lessons learned. We have two sets out right now. I think Walter made a really good point earlier that there is still people implementing them. We are still learning, but we have enough implementations that we could apply lessons learned.

And then targeted research. We always do specific targeted research. In a lot of instance has actually hired independent parties to do it and then have the CORE participants and the public validated. We have that third party perspective.

You will see with the fourth set of the CAQH CORE operating rules that it is infrastructure focused. Let me just go through some of the lessons learned and the criteria. With the public surveys, we highlighted all the guiding principles especially about that we were writing this in response to a regulation. We still got a lot of comments back about people wanting to have requirements for the employers, for instance. Those were removed, but we have them in our treasure trove of things we could do after we are done with the mandated work.

Additionally, the alignment of the federal health IT efforts is a critical is a critical core criteria. We spent a lot of time about how to align with that within the connectivity and security area.

Another piece was two of the transactions being used in the insurance exchange. We actually felt that because of the timing of this set of draft operating rules and the first roll out of the insurance exchanges, we needed to do a study. Two of the transactions here were used in the insurance exchanges. We wrote out some requirements. We looked for a firm that had federal health insurance exchange experience. We also had state-based insurance exchange experience that could give us information directly from the ground and then interview people and then look at all the companion guides, which God bless them. They did a review of all the companion guides, the state exchanges. Then we took that information and they gave it to us. We had CAQH staff look at it. Make sure we understood it. Then we shared it with the CORE participants. And our staff member here — Erin, raise your hand. She can give you a lot of detail on this if you are interested. I think it is very informative.

We went out and then we validated that research. We obviously have to find the right firm and do that process, but it was an essential piece of it and we are happy to share it.

With rule-specific criteria, one of the things we looked at, for instance, was business and technical focus. I think most everyone is familiar with DIRECT through the ONC. Within the CORE connectivity subgroup, they actually looked at DIRECT and they measured against the connectivity criteria and the guiding principles. It came up really high with regard to the guiding principles, but it did not meet the technical criteria for the administrative transactions because attachments are not included. But for the prior auth and the claims, it did not have the needs to send that large volume. That may change over time and we are continuing to follow that.

With regard to the transactions and best practices, we are always looking for best practices. Rather than creating something new, there are a lot of entities that are actually some of them in the room that are using the current transactions and the standards and applying best practices that we do not need to pilot test. We should just all do it. We looked for things that were similar to that. I think, for instance, the claim acknowledgement is one of them.

And then finally, with the rule language, looking through the rule language and figuring out how to improve it, the CORE site has many FAQs on it about contributors that have implemented and questions they have asked. We have it all documented. It is just tips and experience about how to implement. We have taken that plus those, almost 200 entities that are CORE certified. And then the feedback for the public calls and improved any of the clarity of the language of the rules. Those are all lessons learned, criteria, and targeted research that contributed to the process.

This is a sample of — I mentioned the health insurance research. This is a sample of that research. I think this is an interesting piece. When we originally went and thought about are the same resources and staff that work on the traditional HIPAA transactions going to be the same resource and staff that work on the health insurance exchange resources. We had very strong opinions around the table. Some people said absolutely not. There is no point in doing this research. There is going to be no crossover. We are a non-profit. As you know, only 10 percent of the dues and the certification actually cover our cost and then the other fundings comes from CAQH and they are not involved in the governance. It is multi-stakeholder, but we are getting funding externally so the dollars are tight. It was a hard decision to do the research.

We found out actually a high percentage there is crossover with the IT systems as well as the staff. Anything that we do in this area needs to really take into consideration to that because the insurance exchanges — they are going to continue to grow. I think we already see a number. There is already growth in the second year. We cannot put extra burden on those that have to adopt when they are using the systems and the staff for both of these things. It is a key factor for us to take in.

This is an example of a work plan. We have the overall work plan that I showed you the vision of contributing throughout the market and the different steps with the outreach, the subgroups, and the work groups. Then we have the voting within CORE. And then the actual nitty-gritty work within the subgroups. When the rules are drafted, the research is reviewed. They go through detailed work. This is just an example of the steps that they take. Some steps take longer than others and they may go back on a step and revisit things. But it is an important piece of the process to make sure we are getting the feedback. And in all the language, the requirements before those are even written, we have agreement on what we are doing, why we are doing it, and how we expect it to work through. That is a lot of the discussion that happens.

This is the details. We are getting into the fun now. The details of the draft rules. There are five draft rules just as an overview. I believe Terri had sent the committee members. We had shown you an overview and then links to the draft. I want to emphasize that these are drafts. Obviously, they have opportunity to change as they go through the whole CORE process. This is an update.

The four of them are transactions specific to the four transactions. They have common infrastructure within those four. You will see that. One is connectivity and security rule that just applies across the board.

The scope of the draft rules. We can sit back here because I know this is a complicated chart, but we thought it would be useful to provide a high-level overview of the rules. Feel free to ask questions because we are trying to simplify what is no doubt a complicated topic. Hopefully, this is useful.

With regard to the chart here, the items on the top columns are the four transactions. Those are the ones that the congress put in the ACA that we had to write operating rules for in this third set. Again, it does not include the attachments because there is not a standard for it out yet.

The items on the left are the infrastructure requirements. For the new committee members, let me just emphasize infrastructure and content. Content in the previous two operating rules. We had done a lot of work throughout the industry to figure out people wanted to use more of the X12 eligibility standard, for instance. The operating rules required year-to-date deductibles, co-pays, co-insurance, a host of things, trace numbers for payments. That is content. They are allowed in the operating rules and they are mandated right now. The infrastructure is how fast does the transaction flow. If you send something overnight for a batch response, does it come back in two hours, two days, two weeks? If you send a real time, does it come in two seconds? Does it come in ten days?

We all have been to the ATM. You put it in and you can get a receipt to acknowledge it. If you register something on the website, you get a receipt. On my parking tickets in DC, I always get a receipt once I pay for it online. It is things like that that really just help the flow of the transactions and that is the focus of this set although we want to add content as we are moving forward. Those are the things on the left.

The processing mode with regard to each of the four transactions, there is a little bit of a variance. This is because there is a little bit of variance with the transactions.

Prior auth batch or real time is required. You have to be able to meet the requirements laid out in the operating rules, the draft ones, the batch or the real time. You have to pick one. You are going to have to do it. That is what is proposed.

For the claims and the enrollment and the premium payment, batch is required. You will have to meet the requirements in batch because those transactions are all done in batch. That means that they really have to meet a certain timeframe and get acknowledged. If they do real time, they also have to meet requirements. Now there are not a lot of entities doing real time with these transactions although we have had entities speak up and say they do them. We are not pushing for real time. The participants did not want to require real time. They just wanted to say if you do real time, it is totally up to you if you want to offer it. You need to meet some requirements. Then there is some common understanding within the industry what that actually means. We are heading on the road to shared infrastructure and expectation about flow within these transactions across the industry.

With batch acknowledgments, you will see again. If you offer batch, you have to do an acknowledgement. If you offer real time, you have to do an acknowledgement. We heard loud and clear from all the surveys and the outreach and the participants that acknowledgement so there is not a black hole. I know you all, as a committee, have always — NCVHS has always supported acknowledgements. This is a critical part of the infrastructure and it is missing.

Connectivity, safe harbor. Just as a note, safe harbor is not — you do not have to shut down all your connectivity methods. But you have to offer out this way to connect. It starts putting a way in which anyone could offer and connect if they wanted to. It does align with what is going on within the ONC arena and that was a critical part of that process.

Then system availability. Across the board, some systems are not available. We are continuing to have problems with that as an industry. Getting through to say we have to have basic system availability across all these transactions. If you can make the best requirement, you could have all the data content. If your systems are not down, it is not going to matter at all.

With regard to the companion guide template, as I have mentioned, we looked at companion guides. We had a third party firm do this. The companion guides still — this is a note. Maybe I should highlight what companion guides are. With every transaction, an entity has to offer here is how the transaction works. There is still a lot of variance in the table of contents, the flow of that, what is required to be in it. This particular operating rule is for each of these four transactions, you have to have a common flow, certain information has to be covered. You have to register things like if your system is going to go down, that has to be highlighted.

That is an overview. When you see the X’s, those are requirements and then the other things are if something is offered then it needs to meet the requirements.

I am going to go into just a little bit of detail on each of the rules just to super highlight because I want to make sure we are paying attention to time here. I will do this high level, but if you have any questions thereafter just let us know.

Batch processing mode. This sets a requirement. It is a bunch of batch transactions, which could mean multiple inquiries on multiple patients are sent out by a certain time. They have to come back by a certain time. This allows all the providers to have their appropriate staff. It helps a whole host of things about building expectations when you are going to get a response.

Same time with real time. Just to note, there is time stamp requirements for each of these. We can go back and we can — we can go back. If someone has a compliance issue, time stamps are required. We can actually check. Did you meet the timeframe? Because without the timestamps, you cannot even tell.

Acknowledgments. A piece here. This is for acknowledging both the batch and the real time and it supports the 999 and the 277CA. Those are written by ASC X12. I know Margaret is here. I think we have testified multiple times. And you have heard all of the CORE rules to date include acknowledgments. I am going to talk about this a little bit later, but we think it is a great opportunity right now to finally mandate the acknowledgements given how much the market has wanted them.

The real time acknowledgment. The safe harbor connectivity. This, again, is a way to connect. It does not mean that you need to shut down all your other connections. We know and we have heard all the chairs for the subgroups, the work groups have heard. Whether you are a vendor, you are a provider, you are a health plan, and there are multiple ways to connect right now. A lot of them still tend to be proprietary. This is a way to say here is one way you can connect. You know it will be offered out. It meets certain technical requirements.

There are additionally some improvements that were made within this set to make sure security was firm. I think we have all heard a lot of security issues. Because it is a safe harbor, we are asking — this organization or this effort was chaired by a provider who would not the work group and the subgroup stop thinking about important PHI was. We had some people that really were not sure if they wanted to go to the next level of security. He said for the safe harbor, it is essential that this has good best practice security. You will see it has digital certificates and SOAP and web services. Again, entities can use other ways to connect, but for the safe harbor, it is meeting best practices.

There is a slide here about the improvements. I am not going to go into this in detail, but should you want to, we have obviously got a lot of detail around why they did this, what the key features are. We have heard a lot of positive feedback from the CORE participants and non-CORE participants about having a safe harbor mechanism. For any of the processing modes, again, you have to offer up the safe harbor.

System availability. This is what is a way to start setting expectations about when systems go down, how often they are up. If we start adding on more content like we did with the first three sets of rules and the systems do not even work and we did find that some of the systems are not working at the level of expectation I think we would all want, if that system is not up, adding more things to it is not going to help the process. This allows us to move in that right direction.

Companion guide requirements. I went through this. Just a note here. With the claims, the group felt that it was important for coordination of benefits, claims that have issues because the member has more than one set of coverage. There is a small section that is required. If you have a way to specifically handle claims that have coordination of benefits, you need to put that in your companion guide. That was added because a lot of the claims that get denied, get denied because I may have CareFirst and I may also have United as coverage. How does the health plan handle that and what could the vendor that was assisting the provider with the transactions what do they need to know to improve the process? That is the high-level detail with the rules.

I want to give you some — there is no doubt lots of debate around this. I would be very disappointed if there wasn’t debate because this is a really difficult topic and we are all trying to go in the right direction. I think that any discussion with the draft rules are led by chairs, again, from adopting entities. They manage the debate. And then we have staff that supports the process and contract out. And then all the participants contribute and debate as well.

Some areas of debate. Acknowledgments. This is a critical area. You will see in the appendix and I can go into this in detail if we have time. Acknowledgements are a key part of infrastructure. They are not stand-alone. You do not send an acknowledgment with no transaction. It does not happen. There is no reason. There is nothing to acknowledge. Just like the infrastructure, getting a federal mandate on acknowledgement, this is a great opportunity. To date, it has not happened. I think it would be valuable to go through the appendix about why we think this is a good time right now.

And something to note. The insurance exchanges actually do require acknowledgements. They are doing it right now.

With regard to higher level of security, the higher level of security is digital certificates in the safe harbor. There are some entities that are concerned about that additional level of security. It is more costly. In the earlier CORE phases, it was passwords and also digital certificates. You had an option.

We have moved to just digital certificates because of PHI. Again, this was led by a provider. He is a physician as well as an informatics expert. There was contribution from vendors and from health plans. They felt this was an important piece. This is a cost no doubt. There are people that are concerned about it.

With regard to real time, there are, again, minimal entities that are doing the transactions real time. There is not a requirement that you have to offer it. But if you do offer it, it has to meet the operating rules. But there are some entities that are concerned about that. No doubt there are other issues and areas for debate. But I thought these were three ones that were important to highlight.

There are benefits of the draft operating rules. I am not going to go through in any great detail. I think across the board there was a clear signal from both the CORE participants and the non-CORE participants that there needs to be a national infrastructure set up and expectations. This is heading us in that direction. There are not black holes. That there are expectations on response time. There are expectations on what documentation and how it will flow. That every entity and the providers and the vendors and the health plans all have expectations on the system availability. That is setting that up. And then of course, by setting that up, you are getting benefits to move to more automation, staff time, appropriate use of your staff time and that is especially important for the larger providers and the larger health plans and the smaller ones. Efficient processes and customer service especially with those transactions that relate to payment and enrollment. If we cannot have the employers at the table, we still need to help those processes and make them more standardized.

What are our next steps? As we think about where we are going moving forward, the rules are going to be finalized and they will go through that process that I highlighted. With that, the participants can clarify the language. They could add requirements. They could remove some requirements. It really is up to those participants.

I think right now what we have seen is there is majority support for the rules within the CORE participants, those 140 plus entities. But there are areas where there needs to be improvement on the rule requirements and the language and they will focus there. And there may be things added.

There is a timeframe. We put it out on multiple town hall calls, on our website, on any presentation that we have done. There is an expectation around that timeframe and that also is communicated and is on track. We are happy to come back and present again should you like that.

We do think it is important that there is a realistic timeframe once the rules are finalized that you would want to recommend to HHS for the market. There is a lot happening in the market place right now. Do the entities that need to adopt these need a year and a half, two years? Something to just acknowledge that.

Originally, the adoption for these was in January 2016. And entities were not even done with the first two sets. We had no way to write the third set without experience from the first two sets. And neither did we have experience from the health insurance exchange. We could not get that research. We worked with the timing to make sure we had the right inputs before we did the work. HHS will need to think about that and make sure they communicate out what is happening. I am sure you can contribute to that.

With the evolution, any of the CORE rules we see as something that needs to evolve. With the eligibility and claims status, there is already a draft rule that has more data content, but I do not think the market is quite ready to adopt it at this point. But we see this evolving. And then as we get to this next stage, being able to add data content, add other requirements. CORE has a voluntary process. I think I highlighted it at the beginning that it started before the ACA. The board is actually — right now, they are going through one-on-one interviews to say what are we going to do as a board to focus our efforts on voluntary adoption where we can get entities that are willing to come to the table and go above and beyond because there is interest to go to that next step and then potentially those things would then be available for mandated options.

I guess Walter and Ob and Terri, would it be valuable with regard to the acknowledgements to just to highlight some of the points there?

DR. SUAREZ: We are very aware of the acknowledgements. Actually, that is probably one of the important topics to discuss. I don’t know that we need to really cover it. I think it is in the materials and we will be able to review them. But thank you very much for the testimony. This was very helpful.

MS. LOHSE: I would like to highlight when you do look at the acknowledgment issues, we hired Sidley Austin, which is a large firm that has a lot of HIPAA experience. They actually have some of the staff that used to work in the general counsel at CMS. They actually had the lead person from that office look at this issue. We do have documentation on that should it be of interest to the committee.

DR. SUAREZ: We will. Thank you. We have time for a couple of questions. Let’s just jump in.

MR. SOONTHORNSIMA: Thank you, Gwen. I will jump right in. I think you noted a couple of points. I just want to reiterate and make sure I heard it right. One is around content — structure. I understand the difference. The question is that I think maybe you have alluded to this or maybe I took it as such that sometime the content is not there. It is very difficult to come up with operating rules. I thought that is what I heard. Maybe you can correct me there real quick.

And then the second question therefore is somewhat related. If you think about the adoption and you talk about over a year to two years, perhaps even longer, would you stagger this out in terms of these different transactions or are you suggesting doing all of those transactions all at once over the two-year period?

MS. LOHSE: Thank you. With regard to content and infrastructure, the regulations and legislation — remember, we already have two sets of operating rules already out in the market mandated adopted — here is an entity right here from — that has already spent their effort to adopt those. Operating rules can cover both infrastructure and content. They are both extremely important.

With regard to these transactions, the four that are in this set, there was a lot of discussion and input from all the CORE and non-CORE participants that the infrastructure for these is not flowing well at all. There needs to at least start with the infrastructure and then we can add on the content. We started with the infrastructure in this set because of that feedback. I think it is essential. You cannot have more content if the system is not even up. It is not even going to respond. I hope that is clear. Does that help?

MR. SOONTHORNSIMA: That does help. However, I assume that there are certain transactions that the content seems to be much more robust whereas others lack consistency —

MS. LOHSE: Absolutely. I tried to highlight in the testimony that the prior auth is an area where absolutely there is a lot of work to be done on the content. We already started some research on that several years ago. But because of the infrastructure being where it is and also the attachment standard not out, we do not have — attachment standard is additional documentation that is sent along. We have some new members. I want to put in things in context.

When the attachment standard comes out, we are going to need to, as an industry, revisit the prior auth because so many of the attachments are actually prior auths. You will see later today as CAQH CORE, we are paying attention to an efficiency index. We did a lot of research with over four billion claims to track how many of the attachments relate to prior auth. And then we have also done a number of public calls throughout the year. We hired a third-party firm to study the issue. Absolutely, Ob. I think content for prior auth.

And then content also for some of the enrollment and dis-enrollment. There are certain areas that that transaction would really value from some commonality. That is going to need to take into consideration the health insurance exchange —

MR. SOONTHORNSIMA: That is why the second question — related. Off the cuff, what would you —

MS. LOHSE: Off the cuff, we have to get started on the infrastructure. Waiting is not going to serve us well. As we get started on the infrastructure with these four then we can add things on. But waiting to not get the infrastructure moving means that when we even start working on those other things, the systems may not even be able to hold the information.

MR. SOONTHORNSIMA: From your perspective, implementing all four —

MS. LOHSE: Absolutely. That is my perspective. I just want to highlight.

PARTICIPANT: All four at once as opposed to staggering them.

MR. SOONTHORNSIMA: That is exactly where I was going.

MS. LOHSE: If you think about these are common infrastructure that was implemented for the first two sets. There is the experience in the market place already with what needs to be done at each of the entities to meet those infrastructure requirements. These are not new concepts. Now that we have the first two sets of mandated rules, we have an experienced market place.

DR. SUAREZ: Linda.

MS. KLOSS: Could you comment on how excluding the non-covered entities changed the design of these. Is this an instance where we are holding back progress because the regulations just were covered entities only? What would be the benefit?

MS. LOHSE: Absolutely. As we know, HIPAA was written many years ago. And the definition of covered entity does need an update. I will give you some examples. With the employers being excluded, it means for the enrollment and dis-enrollment that the plans do not have updated information for the employers. No matter how much the plans improve their systems and there are areas for improvement. They may not get accurate information. All of us are lucky enough to have a place of employment and coverage. They may not have that information. We can improve the process, but only by so much. That is one example. The practice management systems. The voluntary CORE certification process actually has a requirement for the practice management systems. I think we all know. The providers rely on their practice management systems. Unless the providers make sure in a contracting process with the practice management systems or other methods, they may or may not be following the requirements. The providers have to actively write a contract to say you need to follow X, Y, or Z. They are engaged in the process. We have had a lot of good vendors and practice management systems at the table. They want to contribute. It is not lack of contribution, but it is a hole in the regulation.

MS. KLOSS: Contributes to the patchwork.

MS. LOHSE: Exactly.

MS. KLOSS: I have a number of questions, but one other. How does your process accommodate the dissent opinions? Do the work groups consider the objections and then the majority vote?

MS. LOHSE: I am happy to show you a lot of documentation because we have all of it. Every single comment that comes in is documented. The detail of those comments are shared as well as a summary. And the summaries are important because everyone has only so much time. Then we try to highlight and focus through working with the chairs. And, again, the chairs are actually adopters, health plans, vendors, and providers. And then try to focus the subgroup and the work group efforts on the key points. At some point, we do — this is usually up to the chairs. After a lot of debate, maybe it is three or four times. If it is a minority viewpoint, we do move on, but it is all documented. As you know, there are quorums required as well as majority. Anything that passes has to have a quorum. It has to have a majority.

MS. KLOSS: Thank you for the great testimony.

MS. GOSS: Linda, you set a good stage for my question. You made a comment earlier, Gwen, and by the way, your presentation was really good. You got a lot of great foundational information to make sure we all have a good basis in which to have the subsequent discussions. You made a comment about the — all the rules and requirements are free and available to the public. I am pretty clear that there is a comment period for those that are inside the process within CORE. Is there a comment period by the larger public on the drafts?

MS. LOHSE: Great question, Alex. What we have done to date is help town hall calls to update entities that are not participating in the process to inform them of what the requirements are. Those are always all free calls. I mentioned that there is one early in the week with about 400 registrants. At those calls, we let people know they could reach out to their association and comment. They can also send in comments to CORE at CAQH. Then we take those comments and we forward them on to the subgroups and work groups so they can get shifted into the process. And then additionally, we end up always asking entities to pay attention to NCVHS and the HHS process during those pieces.

And also the board is considering the process of actually asking entities when they are not participants because there is a small fee to participate if they want to have a trial participation so they can get more engaged in the process.

MS. GOSS: Part of the process that you are going through, what is your organization’s thinking on going after ANSI accreditation?

MS. LOHSE: We have looked at that. We are not a standard-setting body. It has typically been a standard-setting body that ANSI accredited is. But we don’t write standards. We adopt standards whether they are industry-neutral standards written by Oasis. The industry-neutral standards are going to continue to become more and more important I think because technology is becoming more important. And then we also do not write the standards that HL7 or ANSI X12 does. But we no doubt meet all the requirements for conflict of interest, transparency, and openness. But we do not write the standards nor do we have the skill sets to write the standards. We just are not a standard-setting body.

MS. GOSS: I think it opens up an interesting potential dialogue that I will put on hold regarding what do we mean by the word standard and when you start expecting people to conform to either policy or technical or business kinds of rules. Some people do consider those standards.

MS. LOHSE: Great questions. Thanks Alex.

MR. SOONTHORNSIMA: There was one slide that I think you talked about the FFM and SBM, federally-facilitated marketplace and state-based. Could you comment a little bit? I know that the operating rules particularly around enrollment right now — are you only talking about the commercial enrollments and not the FFM?

MS. LOHSE: Absolutely.

MR. SOONTHORNSIMA: That is what I thought. The question really is how would the industry sort of morph this so that there is more consistency that can be established whether it is on FFM, SBM, or commercial.

MS. LOHSE: Very challenging question. You are clearly awake this morning. I guess a few things. With regard to — and we did have a law firm look at how is HHS defining health insurance exchange. Then we had another law firm look at what their definition because there has been a lot of discussion about our HIX’s HIPAA covered entities. Right now, there are some HIXs that are actually also HIPAA-covered entities because in the states, depending on who is doing the exchange, they may be a HIPAA-covered entity so potentially, some of these rules. If you are a HIPAA-covered entity, the operating rules do apply.

For those that are not HIPAA covered, there is no doubt a debate and I think an avenue and a direction we, as an industry, will want to take because of implementers like Humana and others whether they are the vendors serving both because the vendors are essential to that process. They won’t want to write rules for both requirements. We will need to have a discussion about how to bring those together. CMS and Medicare have been at the table contributing to the dialogue on the draft operating rules. They are aware.

And then the firm that we did hire to do the HIX work is also working with CMS. Longer term. Absolutely. Some commonalities between the two are going to be essential.

Where the responsible party is I think time will tell. You are going to need input. The HIX requirements were written in a different method than the operating rules are.

DR. SUAREZ: We are going to have testimony actually from market place later on too.

MS. LOHSE: I hoped that helped.

MS. KLOSS: Gwen, this is more of a subjective impression question. In your experience in tracking the adoption of operating rules, do you see that the covered entities are becoming more facile in adopting them? Are we going to get better at this? Are we getting better at this over time?

MS. LOHSE: Absolutely. I think we have seen that the ability for the trading partners to collaborate around what is needed has greatly improved. The vendor community is obviously essential to this process. They are now reaching out to their health plans more. I saw one vendor that serves a lot of the managed Medicaid. They are contributing and providing implementation tools, education. There is no doubt that health plans are getting more facile. Their staff are more aware and educated on the process. Absolutely. Between trading partners with staff resources, staff knowledge. And then I think across the board, the industry looking for ongoing education and figuring out how to share best practices. That is why with this HIX work that Ob, you just asked, we have no doubt the CORE board is thinking how can we contribute and make sure. Is there a role for CAQH CORE to have the HIX and the HIPAA come together? Is there a role for operating rules to do that?

MS. KLOSS: Are there any recommendations for what this committee can do to help speed or support the speed of adoption because I think we are all in agreement that we want to see an improved system, more efficient system?

MS. LOHSE: One of the conversations for later today is about the review committee and metrics and measures. I think it would be extremely valuable for the NCVHS to have a debate about setting some goals for the industry. What are our goals with regard to adoption? What are the realistic goals? Because if we can all get around a set of goals whether it be adoption levels on average, whether it be how many eligibility transactions per claim, things like that, and we can track those and you all can lead that dialogue, that would allow the rest of us to continue to target things that help that process.

DR. SUAREZ: Thank you very much.

MS. LOHSE: — another comment, Linda, too. We found that — I had mentioned there were over 12,000 individuals on these public calls that we hold. Most of those are calls actually that entities that are implementers present how did I get here. What did I need to do? How much staff did I need? What IT systems did I need to change? How long did it take me? What was the budget? All of those things. This goes back to Walter’s earlier comment. We all need to share and feel comfortable to share and know that by sharing, we are all going to make the process move more. Anything that you can do to encourage as the committee that those that have gone ahead and forged ahead and have lessons learned good or bad as they made and even things that you shouldn’t do, getting them out and helping others.

DR. SUAREZ: Thank you very much for the testimony. We are going to move very quickly to the panel. What is the order? We are going to start with Rich.

Agenda Item: Review of Proposed Operation Rule — Part 1

MR. CULLEN: Thanks Walter. Good morning. My name is Rich Cullen. I am an executive director with the National Programs Division for the Blue Cross Blue Shield Association. The association is a national federation of 37 independent community-based and locally operated Blue Cross and Blue Shield plans covering nearly 105 million members. On behalf of the association and our member plans, thank you for the opportunity to participate today and provide some comments on your questions.

Given our snow day here, I will try and highlight some of my written testimony for the committee and try and save a little time. In responding to the questions, trying to address three overarching issues. First, we definitely support the adoption of operating rules and helping to support, maintain, and implement standards, not to supplement what is already defined by the standards organizations.

Second, the current drafts of the CAQH CORE Phase IV operating rules are appropriately focused in our view on the infrastructure requirements and meeting the objective of the business rules.

However, the current drafts do raise a few concerns about potential cost impacts that I think merit continued consideration by NCVHS. I think Gwen refer to these as minority viewpoints.

Third, just any information technology requirements including these proposed operating rules really should be considered in the context of the broader environment of mandates and requirements with significant IT implications that we are all faced with implementing.

Regarding a question from the committee on the business needs of the industry that the operating rules intend to address, the current draft of the operating rules addresses the exchange of transactions and connectivity between trading partners. Our plan sees these drafts as enabling the increase of reliability and performance of the data exchange while not impacting the data content of the standard.

We are concerned, however, that the operating rules go beyond supporting existing standards by identifying acknowledgments for the receiver to return the transaction centers.

While we are very supportive of voluntary adoption of acknowledgments by our plans and the health care industries and we believe acknowledgments are important support for business transactions, addressing acknowledgments and operating rules should happen only if coupled with the corresponding acknowledgement transactions being adopted as HIPAA-mandated standards through the federal rule-making process.

Next, I would like to comment on the potential impact of operating rules to various health care entities and really falling into three categories. One on system changes. Two, workflow changes. And three, the cost of implementation. We are getting system changes to implement the Phase IV operating rules. Plans need to review both their front and back end electronic data interchange systems as well as reporting systems for all the transactions within the Phase IV rules.

It is significant that I refer to systems, plural, because these transactions for claims, benefit enrollment, premium payment and authorization referrals frequently rely on separate internal processing systems. This will really increase the effort to review for any impacts.

On workflow changes in contrast with the corresponding transactions for the current Phase I through III operating rules, I think this was already alluded to. Some of the corresponding transactions for Phase IV are unique in that they apply to trading partners who are not HIPAA-covered entities. Unless all changes are fully implemented by all trading partners, which is unlikely prospect, plans will experience impacts on systems and personnel resources as well.

Turning to implementation costs, at this time, especially given some of the uncertainties I just mentioned about impacts on systems and workflow, it is difficult for plans to estimate the level of implementation cost. However, I do want to bring to your attention the issue involving submitting authentication methods, which has changed as Gwen mentioned between Phases I through III and Phase IV. Currently, many plans offer the login password option and have indicated that not all providers have elected to adopt Phase III connectivity.

Phase IV operating rules move away from the login password option to the digital certificate approach. While there is a safe harbor that would allow plans to continue offering the login password option, the change is likely to have an impact on both plans and their trading partners especially providers because plans will still have to expand resources on the digital certificate approach. Plans have significant concerns that providers will not elect to shift to the digital certificate approach especially in the claims environment. We believe building system capabilities that will be adopted little to none at all by providers obviously raises significant concerns.

I will comment a little bit more on the digital certificates also, but wanted to switch to the 834 and 820 transaction standards, neither of which were developed to support real-time processing and references to real-time within the rule concern may mislead implementers. Once the standards are developed to address the exchange of enrollment, premium payment information of real-time environment, applying the operating rules at that time to that exchange would be appropriately. Conducting these transactions in a real-time environment is currently not feasible for most trading partners and further research on how these can be conducted in such an environment needs to be explored to ensure the standard accommodates all the needs and operating rules can be subsequently applied.

Finally, I agreed with Gwen’s comments here regarding the statutory compliance state associated with the operating rules, given the timeframes and effects that industry is already in their 2015 budget cycle, stakeholders are going to be pressed against budgetary constraints if the statutory date holds and would encourage the committee to look at a realistic timeframe.

A potential advantages of the operating rules and tend to address or facilitate. I just wanted to go back to the privacy or security component. It definitely is of the utmost importance to us and our members ensuring the safety of our providers and members’ information is critical and all stakeholders must move towards more secure infrastructure and the current environment of which we find ourselves. This is not achievable over night and without all stakeholders moving together to the next level of security. Placing limitations on submitter authentication methods for one transaction that do not exist under other mandated operating rules for transactions including eligibility or claims status creates a burden for the plans, which may impact providers as well, especially those connecting directly to plans.

Safe harbor provisions are a two-edged sword. They allow plans to continue using existing methods with creating partners, but they also hinder plans from moving their trading partners to the more secured method. Yet if plans were to move solely to digital certificates, there may be additional costs associated with this for the provider community as well. We are concerned that this might be an unintended impact resulting from moving towards a single connectivity method. Therefore, we would suggest that a further broader research of the timing and cost associated with all stakeholders moving to a more secure method for all transactions needs consideration to ensure there are no unintended negative impacts, again, especially to the provider community.

Privacy, security, and confidentiality are of absolute importance. Operating rules should consider privacy and security. We support the approach taken in the Phase IV operating rules, but want to reiterate that privacy and security requirements should remain within the existing federal and state regulations including HIPAA.

In conclusion, I will reiterate the association. Our member plans support the adoption of operating rules for claims enrollment, premium payment, authorization and referrals. Definitely recognize their value in achieving the overall goal of quality and affordable health care. And affordability and quality necessitates the exchange of patient information. The value of such standards and operating rules would be enhanced if the industry developed a timelier, more predictable maintenance cycle. I think further predictable cycles would also facilitate the coordination and communication that will be essential to keep standards and operating rules consistent with one another as we move forward.

Given the number of mandates with implementation dates in the next few years, we continue to encourage CMS to consult with NCVHS to develop a strategic roadmap, not just for operating rules, but for administrative simplification provisions in general. And the roadmap should also balance all mandates from the ACA including HITECH mandates to really work towards avoiding bottlenecks and overlapping resource commitments. We would also request that NCVHS work with industry stakeholders in developing such a roadmap.

Thank you for the opportunity today. I definitely will answer questions.

DR. SUAREZ: Thank you. I think, Sid, you are next.

MR. HEBERT: I would like to thank the subcommittee for inviting AHIP today for testimony. My name is Sid Hebert. I am the ICD-10 program manager for Humana. Our primary responsibilities are all inbound and outbound electronic HIPAA transactions, our enterprise ICD-10 readiness as well as implementation of administrative simplification mandates from the patient protection Affordable Care Act.

Today, I would like to make a couple of preamble comments. First of all, we are — Humana fully endorses the operating rule approach for consistency particularly in the infrastructure level. We are the first payer to implement CORE Phase III and receive certification. We have been at this for a number of years.

However, I will also point out that in terms of adoption and acceptance, the operating rules are really not structured with a unilateral approach where payers are required to implement the entities. It is purely voluntary. We are not driving the adoption so we are not seeing the administrative benefits that we are going to see or could potentially see until there is full adoption. My comments are more focused in general terms. What is going to drive us forward? Our assumption is operating rules are a good thing and will be here for an extended period of time. We do endorse that.

I am testifying on behalf of American Health Insurance Plans whose members provide health and supplemental benefits to more than 200 million Americans through employer-sponsored coverage, the individual insurance market and public programs such as Medicaid and Medicare. Our industry processes millions of claims, eligibility requests, payments, and other administrative and clinical transactions on a daily basis.

I have been asked to provide a health plan perspective related to the proposed Phase IV operating rules under the Affordable Care Act. Implementation administration of simplification requirements, which includes claims, enrollment premium payment, authorizations. I will address the following things in my testimony today. The potential impact of operating rules to various health care entities, the need for broad adoption to ensure the industry derives value from the implementation of these operating rules. Opportunities for improving efficiency of administrative and/or clinical processes through iterative development of operating rules and timely considerations for implementation and accepts the operating rules.

We have a series of recommendation — along with the health plan industry has invested significant time and resources to implement transactions and operating rules, mandated under the administrative simplification requirements of the ACA.

While existing operating rules have improved electronic exchange of information, the health care industry will not realize the full benefits of their implementation to streamline — workloads and lower administrative cost and ultimately improve the patient experience without broad adoption by all stakeholders.

We recommend the following initiatives to establish broad, consistent adoption and use across the industry. First of all, defining a comprehensive process requires all covered entities and to Gwen’s earlier point, probably should readdress the covered entity definition. They are governed by the operating rule mandates including health plans, vendors, clearinghouses, providers, and other aligned stakeholders.

As an example, requiring clearinghouses and vendors to establish a process and insurers providers receive and have the ability to interpret acknowledgments that are created and sent from a health plan including file failures or single transaction errors, using the — available to us, TA1s, 999s or 277CA as a source for the provider communication. Operating rules should outline a timeline for a provider to act upon these errors.

Secondly, utilize both incentives and penalties to encourage adoption. For example, incentives could be leveraged to encourage stakeholders to adopt operating rules early and penalties should discourage entities from delaying implementations.

The benefit of operating rules is only going to be obtained when there is a bidirectional workflow that includes both the paying entity as well as the service entity. What is missing today is there is a broad gap between those two.

Fourthly, we should build upon existing operating rule certification and testing processes to allow stakeholders already certified in prior CORE phase operations, Phases I, II, and III to perform incremental certification for Phase IV and not to bear the burden of in cost of complete recertification because there is a new operating standard.

Another recommendation to drive value across the industry is critical. The development of operating rules address cross-transactional impacts and maintains a focus on interoperability of content. I do applaud Gwen’s comments earlier of separating infrastructure and content. Today we have strong definitions about infrastructure support. What we are not really addressing is the component that is going to provide the most value is a clear definition of content and how it should be used. Although operating rules I think are driving the infrastructure discussion forward with the noted limitations on adoption, without a comprehensive view of content and how it used, we will never get to highly integrated workflows on both the payer and the provider end.

Additional recommendation is broad adoption of integration across transactions both require iterative development of content to continually improve the value of operating rules. This is an extension of the comment I just made. Content is what this is really all about. The infrastructure rules allow for the payload to be delivered. The contents drive value.

Today, development of operating rules is focused on infrastructure requirements without similar attention to content. While it is critical that we have an infrastructure in place, we must also focus on content to ensure that meaningful exchange of data will streamline administrative processes and bring quality improvements to clinical processes. In the example above related to — actually, I skipped that example so I will jump back here.

A sample of an integrated workflow spanning multitude transactions would be a medical necessity review. The eligibility transaction would inform the provider that potentially a preauthorization and our medical record content is required for adjudication in the substantiation of the payment.

In this example, eligibility authorizations, claim and claim attachment should operate in an interoperation with an integrated workflow in order to allow for informing the provider of what is required, having the provider submit the required content, which would allow for auto adjudication.

Today, we process about 88 percent of our claims for auto adjudication. The things that we do not auto-adjudicate are typically pended for things like medical necessity review. It is a very long manual process that has a dilatory effect on both the payer Humana as well as the provider waiting for fulfilling the request and waiting for final payment.

Finally, we recommend that an implementation timeline be established for no less than two years after the date of publication of the operating rules. Given the current status of operating rules development, we have not allocated, meaning Humana has not allocated, the resources or staff necessary to meet the current January 1, 2016 implementation deadline. A two-year implementation would encompass stakeholder budget processes, technical design implementation, and compliance testing and certification.

As an example, depending upon the timing of the publication of the final operating rules, we would be prepared only to conduct exploratory work this year and would develop a budget for design and testing in 2016. We would be prepared for testing in late 2016 or early 2017. Make an early to mid-2017 to earliest possible date the industry be prepared to go into production.

In closing, I would say that the development of operating rules to date have laid the groundwork for streamlining administrative processes and bringing significant value across the industry. However, significant work remains to be done. In order to realize this value, we must continue to work and develop operating rules with interoperable content that meets the needs of stakeholders across the industry and mandate their use for all stakeholders to ensure widespread, meaningful adoption. Thank you.

DR. SUAREZ: Thank you. John, are you on the phone?

MR. EVANGELIST: I am. Can you hear me?

DR. SUAREZ: Yes, we can. Thank you.

MR. EVANGELIST: Good morning. My name is John Evangelist. I am the director of the Business Applications Management Group within the Office of Technology Solutions at the Centers for Medicare and Medicaid Services. I would like to thank the National Committee on Vital and Health Statistics for inviting CMS to testify and for the opportunity to share with you the Medicare Fee-for-Service perspective on operating rules.

Medicare is a very large and complex program. There are many areas within CMS working on various aspects of Medicare Fee-for-Service policies, systems, and operations. Today, I would like to present thoughts regarding Medicare Fee-for-Service.

Medicare Fee-for-Service supports the administrative simplification function of which operating rules play a significant part. I would like to thank the efforts and hard work of the health care industry and the CAQH CORE to develop them. Per the Affordable Care Act, the goal of the operating rules is to create as much uniformity in the implementation of electronic standards as possible. Such goals have the potential to promote greater efficiency in the exchange of transactions and data necessary to administer and deliver health care and conduct other related processes to the great benefit of the health care industry and the patients it serves.

Today, I would like to discuss three principles we at CMS Medicare Fee-for-Service believes should be taken into consideration during the development of and review of operating rules. The principles are flexibility, investment protection and process improvement.

Flexibility. We are living in times of swift and dramatic changes in science and technology. Since the passage of HIPAA, we have seen the advent of smart phones, prosthetic limbs that can mimic the function of natural counterparts, and the mapping of the human genome, most of which was not foreseen in 1996. We recommend that any standards related to health care technology operating rules build in the flexibility to take full advantage of technological advances beneficial to patients, providers, health plans, and others. We believe that one example where Phase IV provided flexibility was the processing mode options for the named transactions. Providing the option for both real-time or batch will allow the health care community to determine the best for their business.

Investment Protection. From a Medicare Fee-for-Service standpoint, we want to ensure that the implementation of standards and operating rules effectively use and never waste taxpayer dollars. As with any investment, we believe a holistic approach is essential. As new transactions are evaluated, the ability to leverage prior implementations and technologies should not be hindered. A balance must always be struck between innovation and the ability to leverage past investments. CMS believe that the Phase IV operating rules successfully struck this balance.

Finally, process improvement. Understanding and participating in the process development is essential to the success of operating rule implementation. To that end, we believe the following steps should be taken. Number one, post the operating rule development process on the CAQH CORE website. Number two, consider having the operating rule development process itself be subject to the public review and comment of the health care industry and vetted among CAQH CORE voting members. And three, develop and post on the CAQH CORE website a change management process for drafted rules and proposed revisions to adopted rules.

It is our believe that we can learn from Phases I through III and improve Phase IV to the benefit of the health care industry and ultimately the beneficiaries and providers we are privileged to serve.

We would like to thank the NCVHS again for the opportunity to share our perspectives with you. We do appreciate the efforts of the CAQH CORE and the health care industry to develop effective operating rules that streamline and standardize the sending of HIPAA transactions throughout the health care industry. Thank you.

DR. SUAREZ: Thank you so much, John. You certainly earned an award for being very much on time. Thank you. We are going to go to Karen Shields. She is on the phone too.

MS. SHIELDS: Good morning. My name is Karen Shields and I am the group director for the Office of Technology Solutions, Rapid Deployment Program Group, which is responsible for the operation and implementation of the marketplace activities, which relates to today’s topic.

Also joining me is Mike Cabral from my staff in the Division of Project Management and Governance. Mike has responsibility for the Accredited Standards Committee’s X12 transactions, the marketplace uses to exchange with the issuers, trading partners and state-based exchanges.

Let me state the position of CMS’ marketplace area is to support standards, which improve the business and technical processing of information related to the specific nature of the work performed for enrollment of consumers and the generation of payment activities to users from the marketplace exchange.

With that in mind, the overall design of the daily enrollment transaction process, which was developed with an eye, to the standard acknowledgment model as published by the Standards Development Organization (SDO) ASC X12. Specifically for that traffic, acknowledgements for the following occur. When the daily ASC X12 834 traffic is presented to the EDI platform, a TA1 transaction is generate, which will reply to the interchange envelop level of the payload. The next level of acknowledgement is the ASC X12 999 transaction as defined in the Implementation Acknowledgement for Health Care Technical Report Type 3 for the functional groups represented for processing.

We are pointing these facts out to the committee to demonstrate how a newly implemented program can accommodate standards-based transactional processes with external partners. This may be in contrast to a more mature program such as the Medicare Fee-for-Service, which has a more complex implementation base to consider due to the number of transactional processes requiring support.

Some of the specific questions that we want to address for the proposed operating rules from this sector of the industry’s perspective include a question related to the business needs of the health care industry and the operating rules it intends to address. Current draft of the Phase IV CAQH CORE 454 Benefit Enrollment and Maintenance 834 Infrastructure Rule version 4.0 reads that the use of the ASC X12N 834 transaction is not addressing the requirements of the federal or state health information exchanges. Overall, this is an important position for the draft operating rules to address due to the nature of the business requirements specific to each type of exchange, state or federal, that is being run.

What our federal team is determining, as it relates to the state base exchanges, is that there are additional types of state-specific information that specifically relate to the premium assistance program dollars that are available to consumers. Subsequently, the federal processing platform must accommodate these variations in our build out for the financial management aspects of the program functions.

Items such as these are not immediately apparent when reviewing the transaction standards or the operating rules, which may be adopted in the future, nor would the implications be known ahead of time as it relates to specific processing and timing aspects along with subsequent policy changes that might be made by states.

The second question was related to the efficiency improvement opportunities for administrative and/or clinical process in health care, and strategies to measure the impact. Any time the processing aspects of information exchanged between organizations can be standardized, this can be viewed as an improvement opportunity. However, there should be overarching aspects, which can disrupt business. If this happens, this time may detract from the overall business objectives. These aspects we are suggesting need to be balanced to maintain a balance between standard operating rules and the performance of the actual business functions.

A third question. Potential impact of the operating rules to various health care entities, providers and payers, for example, on the daily workflow transaction process. Administrative costs and the required capabilities and agility to implement the operating rule changes.

CMS response is that the implementation of operating rules should not place an undue burden on the entities exchanging the various transactional payloads. This may even have different impacts and costing models within a given organization due to the specific business payload being processed.

Costing for the different implementations may not be shared across the organization and could inflate the costs associated with compliance to the operating rule for that organization. Additional costs could occur should an organization be contractually or otherwise required to maintain multiple support desks for these types of configurations. When speaking to the agility of an organization to implement the operating rules, the mature nature of the business with respect to the given transaction payload can also play into the discussion. While it may be somewhat easier for a business process newly implemented or a business process being currently constructed to comply with a more mature business process is undertaking the same effort. Consideration must be given to the implemented base of the effected processes. Basically, one size may not fit all.

Potential emerging or evolving clinical, technical and/or business advances for the operating rules intend to address or facilitate was one of the four questions that we were asked. CMS response is that there should be operating rules — should operating rules be proposed or adopted related to evolving technical advances, merely building on previously adopted language may not be a best practice. Moreover, the backward compatibility of previously adopted standards needs to remain in effect. Operating rules, which eliminate previously used standards, specifically, the adopted connectivity, for example, can be very disruptive and costly for both sides of the transactional exchange equation to deal with and to coordinate. Without the ability to seamlessly transition along the way, some business partners may be harmed and potentially impacted from doing business between established trading partners. Having checks and balances when potential changes are proposed should be an expected outcome for any type of operating rule that is adopted to ensure the industry overall does not get harmed. The committee should consider these checks when the recommendations are put forward to the department.

The last couple of questions. Potential impact and/or improvement to health care related data and/or data infrastructure and its applicability to incorporate privacy, security and confidentiality. CMS response is that CMS takes every precaution when reviewing business improvements to data exchanges with respect to privacy, security and confidentiality. Additionally, there may be requirements for the federal government that we must adhere to, which may not be needed to be placed upon commercial enterprises. As such, the operating rules should not place these types of restrictions on the industry, but in the same vein, the industry requirements should not conflict with specific federal requirements that CMS may need to adhere to. This would seemingly seem straightforward, but nonetheless should be something the committee might take into consideration as they move through the rules process.

DR. SUAREZ: Thank you so much. We will certainly appreciate you sending us a copy of the testimony. I was trying to take notes and could not catch all the details, but very helpful.

We are going to go to Melissa next.

MS. MOOREHEAD: Thank you very much for the opportunity to be here today. I am Melissa Moorehead. I am here because of my work with the NMEH, the National Medicaid EDI and Healthcare Workgroup. It has a couple of other names as well, but we call ourselves the NMEH. It is 100 percent volunteer collaboration of state Medicaid agency officials, staff, and vendors helping Medicaid implement their information technology systems.

I have co-chaired subwork groups since 2011 called operating standards, which I think gets at some comments Alexandra made earlier, which was formed primarily to inform state Medicaid agencies about the administrative simplification changes coming in Section 1104 of the Affordable Care Act.

I co-chair this group with my colleagues Tammy Savage at the State of Michigan, Samantha Cook of the State of Missouri, and Chad Warmack of Xerox Government Services who has had expreience in several states doing HIPAA implementation projects.

We host a call every month, an open call that sometimes has an educational bent where we invite regulators or standards bodies to address the group on upcoming requirements. It exists primarily as an open forum for states to raise issues and seek answers together and to try to get at elevating the Medicaid perspective in a way that protects the individual participants, as we will see a little bit more later.

I am a little uncomfortable with the idea of any one Medicaid perspective or voice. My work with NMEH has shown me that there is still a great deal of variation across Medicaid agencies both in policy administration and in the information management systems. For any state that has a high-functioning electronic transaction already in place, you will find probably just as many or others who simply do not ever use the transaction. They haven’t needed to yet. And there are probably some that cannot even offer the transaction. Those are the ones that it can be really hard to help as they have compliance fears and have a hard time sharing sometimes. While I respect the scope of this hearing and try to keep things as much as possible on the prospetive operating rules, the nature of my comments is a little bit generalized to themes that have emerged over my years with the NMEH.

When we think about the business needs of operating rules, the operating rules tend to address, I would say that the majority of our time in free conversation is spent trying to understand those business needs. We have a lot of angst for Medicaid plans trying to think through their responsibiilties to the process and how they are accountable or responsible to the business needs and operating rules intend to address.

I received a comment that I think sums up something that we do hear a lot about regarding prospective operating rules and the need to or their use in driving the industry forward and that is — this person said personally, I would like to see concern expressed with making operating rules just for the sake of making rules. This seems to be the way that we are going with the operating rules at this point. I woudl like CORE and HHS to take a more focused approach of identifying problems with the current usage of the transactions and use operating rules to address those problems. Essentially, the first question we should ask is what problems do we need to solve with the usage of this transaction. If we do not have specific answers to that question then I question why we would need any operating rules.

The efficiency improvement opportuities in the operating rules. Sometimes there is an unintended consequence there in that HIPAA administrative simplification, the operating rules, have been interpreted quite narrowly to the electronic transactions themselves. This has had the consequence in projects in terms of making the electronic processing a separate stream from the actual business process itself. That there are projects designed to create compliance with operating rules or standards for an electronic transaction that have never really gone back and jived with the actual business processes themselves.

The potential impact of operating rules and standards changes on Medicaid is huge. That is the largest paying point probably for state Medicaid agencies. That is largely because of the way that Medicaid aren’t typically in control of their own budgets. They are not 100 percent in control of their processes. They are dependent on an entirely different legislative layer in order to be able to do anything at all or to respond. Active participant in the work group says that there needs to be enough time between rule making and mandated use to allow for budgeting processes and the actual work when the budget is available. That is, I think, common to many payers.

However, I also got a little tutorial on how state Medicaids are financed, which unfortunately was too long to share here today. But it is a multi-year, multi-step process. All states have either one or two-year budgetary cycles. Those don’t necessarily jive with the requests for federal and financial participation in the Medicaid management information systems, which is also on a two-year cycle.

The person summed up some of these comments about the budgeting cycle. If you want a state to actually have a budget then you need to give them two years, ten months advanced notice on what to budget for. Now usually what happens of course is that they get something less than that and they have to go beg an interim finance committee to allocate funds in some manner.

This person goes on to say why this interim finance stinks. Here is why. If they have discretionary funds set aside, you have to beg for those funds and explain why you did not budget for them in the first place. If there are no discretionary funds then something else has to become unfunded in order to free up the funds that you need to complete your compliance project.

However, there is also the consequence that if a process is already in place that has worked well, the business need has been addressed in a slightly different way, then again you have to go back to a budget committee and explain why you need to change something that you already asked them to fund the change for in the first place.

The regulatory process relayed on this, which is also difficult to incorporate with a system development life cycle, causes a pain point, which was described in a comment as this. Waiting for final rules kills my project timelines. I have authorization to move ahead with regular upgrades, but I need to know what will be required from these rules before I can move ahead. I think that just really speaks to the siloed nature of compliance projects as opposed to being able to approach efficiency and administrative simplification as a core business practice.

There is a great deal of potential for operating rules and emerging practices that could be addressed. However, I think that government agencies feel most keenly all the different regulatory processes. Currently, the EHR incentive program, the Medicaid information technology architecture requirements, quality improvement initiatives, and a number of different kinds of electronic transaction improvements that state Medicaid agencies are trying to implement seek the same goals, but are on different tracks. Medicaid agencies confine themselves in a really reactive mode.

My final comments are about the potential impact to the health care related data and data infrastructure. Aligning infrastructure rules does promote more uniformity in the development of the operating rules. It may promote more uniform development of electronic transactions themselves. But it still won’t necessarily improve a uniformity or interoperability in the use of those transactions. A point of discussion recently from the upcoming rules is about the response time for the 278 transaction. Again, states here may face legislatively mandated processes for how prior authorizations are handled and will not be allowed to take out the electronic transactions and handle them separately in order to return them in a meaningful way within the allotted time. The standard approach or a proposed approach has been the most likely scenario in that case is that that will result in every 278 being pended and the electronic response just being appending and then that whole process being taken out and put into the state-mandated process of actually dealing with it and not actually being able to realize the efficiency benefits.

Also state Medicaid agencies have a Medicaid management information system, but it may not house all of the different systems or processes involved in member management from eligibility determinations to the final adjudication and payment of a claim. The impact of operating rules on different areas outside of the state Medicaid management information system may not have the greatest impact on aligning required data infrastructure particularly because the funding available to make changes in order to state Medicaid agencies to become in compliance are only available for the Medicaid management information systems and having to get other agencies and their systems up to a level that will help the Medicaid agency be compliant is an ongoing concern for state Medicaid agencies.

Again, because we are a plurality of voices and I do try to handle both the consensus where I can and highlight some dissents because people are at different levels of implementations. You do not whether a dissent is perhaps based more on an actual experience than for other reasons. I do not have final recommendations to make other than I really do appreciate the NMEH being invited to this forum and Walter being able to join our call as well was very helpful. I hope that we do get to collaborate more in the future to see what kinds of specific Medicaid perspectives there are out there. Thank you.

DR. SUAREZ: Thank you. Next is Peter.

MR. BASCH: Thank you. On behalf of the American College of Physicians and our 141,000 members, who are dedicated to the provision of high value care, I want to thank you for this opportunity to offer testimony today. My comments will focus primarily on the operating rules for prior authorization for referrals and health care services, as these are most pertinent to our membership and their patients.

Reducing administrative burden is critically important. In 2009, clinician groups spent over $200 billion with these dollars reflecting clinician and staff time diverted from patient care on conducting administrative tasks with half of these tasks considered by the IOM to be excessive. Further adoption and optimization of electronic health records, an endeavor the ACP supports, is in jeopardy because to date, the promise of EHRs leading to more efficient care by reducing practice burden has not been kept.

With all of this in mind, the college would like to offer unqualified support for the proposed operating rule, as it could potentially reduce costs, improve EHR usefulness, and free up time that would allow clinicians to focus on improving quality and outcomes. However, while we appreciate CAQH’s efforts, we do not believe that this work would lead to anything more than marginal improvements in efficiency for clinicians, as it neither addresses the most burdensome components of prior authorization, nor resolves the need for prior authorization, which is the lack of transparent and accurate information about cost and coverage. While we specifically note our concerns about clinician efficiency and cost, it is ultimately patients who pay for this price.

This rule only addresses the process of requests and responses for prior authorizations. As others have pointed out, it does not address the other requirements that are typically part of prior authorization, including content, which is often uniquely specified for each plan, as well as clinical attachments. Therefore, the college believes that this approach would result in a significant number of referrals or health care services requiring additional manual processes prior to approval. And while we appreciate that this first step of addressing requests and responses can be followed with operating rules for content and attachments, a more significant problem remains. Payers are completely unfettered in their ability to require unique content and content formats that are not readily evident to the clinician and that typically results in the need for additional information gathering and duplicative documentation. Without greater transparency and standardization, this issue would not be resolved even with establishing new operating rules.

Further, while most of what is required by payers to request referrals or other services exist in clinical documents, and thus could be readily extracted, payers have generally not accepted this approach, and in fact are increasingly requiring manual entry of any number of clinical data points, all of which exist in the EHR note into paper forms or proprietary systems.

The college believes that technology could reduce administrative burden through iterative operating rules for administrative simplification, but only where the standards and policy within those rules ensure transparent, logic, and predictable approaches across payers. This would allow for patients, clinicians, and payers to improve value without undue burden.

The college strongly believes that wherever possible, prior authorization should be avoided by using technology to bring transparent, accurate, and actionable information about cost and coverage to the point of care.

In conclusion, operating rules that support the continuance of unpredictable and nontransparent requirements are not necessarily useful. Operating rules are not useful if they are not designed to leverage existing interoperable health IT and rather require duplicative documentation.

Finally, to Mr. Hebert’s observation, transactional processes will only provide value with full multi-stakeholder adoption. We believe that to be true. But let me add another observation to that. We don’t need new regulations. We don’t need another set of incentives and penalties. What we need is a smarter solution that actually solves real problems. Thank you.

DR. SUAREZ: Thank you, Peter. I think we have next Heather.

MS. MCCOMAS: I am Heather McComas from the American Medical Association. Thank you so much for this opportunity to be here with you today. I am pleased and honored to be speaking on behalf of three provider organizations and their members today, the American Hospital Association, my employer, the American Medical Association, and the Medical Group Management Association.

I am going to start off as several others have done today and say that we do very much appreciate the work of the industry and CAQH CORE in particular on developing existing operating rules. We really feel that they have offered enhancements to the existing transactions and improved electronic communications in our health care industry. However, we do believe that there are significant challenges and opportunities that remain in our industry to reduce manual processes and improve efficiencies. We can further leverage these operating rules to help us in this arena.

I am going to go over our overview of recommendations. They fall into three big bucket areas essentially. First, I am going to discuss some recommendations regarding the frequency of operating rule updates, a general approach, and then look more specifically at the draft operating rules that we are focusing on today that suggest some data content requirements. And finally, I would really like to urge the subcommittee to take this chance to seize the day as we look at the 278 transaction as an opportunity to look at the status of automation of prior authorization as a whole and fix this problem, which is a huge headache for all of us.

First of all, regarding operating rule frequency. The state of how this has worked is that we have had a one and done approach. We have created operating rules for transactions and then moved on without any real opportunity to revisit or revise an existing operating rule to meet emerging needs from both payers and providers. This is problematic particularly given the fact that right now the timeframes that we are looking at for new versions of the standards that come out are ten plus years. Particularly in health care that is so quickly evolving and changes are happening so quickly, we need a better ability to agile responses to changes in our industry. We feel that operating rules can be really leveraged better to respond quickly to things as they emerge.

A perfect example of this would be the situation of grace period notification status for health insurance exchange patients. There are some recommendations and best practices out there for how health plans should communicate this information to providers in a standardized format. However, the operating rule for the eligibility transactions is already done so there is not an opportunity to really go back and put that in the operating rule for eligibility.

I am going to tag on a phrase that I think Rich used earlier, which was that we need a predictable maintenance cycle for our transactions and for our operating rules. To jump ahead to this afternoon a little bit and preview some suggestions for the review committee, we would recommend an annual review update process facilitated by the review committee looking at operating rules that would allow us to address changes in industry more agilely.

And then now moving on to the operating rules that we are looking at specifically today. As we have heard several times already, these draft operating rules are just addressing the infrastructure requirements of the transactions. They are not data content. We don’t want to miss the importance of all of these good things of infrastructure requirements. Connectivity, response times, and system availability. They are all important and we don’t want to give the impression that providers don’t think those things are important.

However, we think that data content is important. Gwen made a very good point. She said that if a system is down, it does not matter what the data content is. I would agree with that, but I would add a corollary that the speed of transaction is immaterial without good data content. If we do not have good content and transaction, you could have the fastest transaction in the west and it would not matter. You need the data content as well for the transaction to be meaningful.

We would point to other operating rules that have already been established for other transactions that have included data content. There has been a real value to those data content requirements. For example, in the eligibility transaction response. Requiring health plans to send back real-time information on patient copay, coinsurance, and remaining deductible. That is such important information for providers. We see how data content can really add value to these transactions.

Similarly, the rules for uniform use of CARCs and RARCs and the remittance advice transaction, again, demonstrates how operating rules can really add value and increase standardization in our communications in the industry.

To give some suggestions and proposals for what these data content additions could be to the operating rule, first look at the claim. I also make the point that these are meant to be comprehensive suggestions. These are just some ideas. We encourage everyone to think about this a little bit more closely and bring their own suggestions to the table.

We suggest that the operating rule for the 837 require support of all data elements in UB-04. We suggest that the operating rule require compliance with CPT coding guidelines. And that the operating rule also requires acceptance and processing of all submitted diagnosis codes in the claim transaction. This is particularly important when we talk about COB. If the primary payer does not accept and process those diagnostic codes and pass them on to the secondary payer, the secondary payer might need that information even at the first payer — that is why we think that is a really important element to include in the claim transaction operating rule.

We also some recommendations for data content for the services review transaction. These all stem from the fact that right now payers can respond with a general pended response or a contact payer response. That is not really meaningful information for a provider. We are suggesting that the rules require the 278 response to indicate if prior authorization is not needed. You just come back and say you don’t need a prior authorization.

If the initial 278 request had enough information in it for the payer to make a yes/no decision, the 278 response should be required to say yes/no right then and there and not append for any reason.

And then if additional supporting documentation is required to process the prior authorization that should be indicated in the 278 response.

And then kind of a broad recommendation that would apply to the 278 and the 837 and in fact, any of the other transactions is that we can look at the companion guides for ideas of other areas of data content to be standardized or other best practices. Look for areas of a lot of variation. Look at something that a plan is doing that seems like a really good best practice and that could be an idea for things that we can add in terms of data content requirements to the operating rules.

And then we also think that there is a good opportunity to go back and revisit some of the existing operating rules and their data content requirements. One of the suggestions would be to add the requirement that a procedure-specific eligibility request be met with a procedure-specific eligibility response from the payer. This would be very important for prior authorization that the provider would know right then and there that that procedure required prior authorization.

As I alluded to earlier, we feel that the grace period notification for the health insurance exchange is another area that we could really leverage operating rule requirements for the eligibility claim status and claimant payment advice transactions. Again, we feel that this demonstrates that it would be great for operating rules to be updated more frequently to allow us to respond more quickly to industry needs.

The remainder of my comments is going to focus on prior authorization. I know in my role at the AMA this is something I hear from our members about all the time. I think I can speak confidently on behalf of my colleagues at MGMA and AHA and say prior authorization is a huge issue for providers. I think of all the administrative simplification issues that I deal with. Providers are very vocal and passionate on this topic. I thought about it. What is it that brings us a little bit of passion? I am convinced it is because it delays patient care. It affects patients. It is very frustrating for physicians.

To put it simply, prior authorization can harm patients if they are not getting care in a timely fashion. As Dr. Basch alluded to as well, when we look beyond just the patient impact, this obviously could have major impact on provider workflow and time burdens in the practice. There is a very well referenced study from Larry Casalino from several years ago in Health Affairs that talked about how providers spend an average of over an hour a week in prior authorizations. Their nursing staff spent 13 hours a week in prior authorizations and clerical staff spend between five and six years a week on this task. Whether the physicians are doing it themselves or they are paying somebody to do it, this is a really burdening position practices. It is taking time away from patient care. Physicians should be spending time taking care of patients and not doing these administrative tasks.

And then we would also suggest that the processes are also very burdensome from a payer perspective. In the payer side, my understanding is that it is often a very manual process. Again, it is taking resources away from doing other more valuable functionality.

We would submit to everyone here today that any process that is impacting the quality of the health care in this country and that is taking resources away from all of our organizations really deserves our full attention and time. It is time to fix this process.

To turn this back to the operating rules that we are talking about today, the draft rule very correctly references the fact that the current prior authorization process is very manual and industry adoption is very low. That completely jives with everything I have heard. Conventional wisdom is not many folks are using the 278. That is the word on the street.

From a provider perspective, we know that because again prior authorization response would come back to say pended or content paper. They are driven to manual processes like using phone calls, going to a payer-specific portal to check to see if prior authorization is needed, what additional information they need to submit, and to get a final decision on their prior authorization request.

We are very concerned that again while the draft operating rule infrastructure requirements are very important, they are not sufficient to drive our industry towards adoption of this very important transaction. We need to address data content and any other deficiencies in this process that will get us to automation if we are really going to fix this. Again, as I said before, patients need us to fix this and need us to fix it now.

In terms of some specific ideas of what could be done with the 278 towards the operating rules, again, we offer some suggestions for more specific responses that should be required. But then we would also say that we certainly — as providers, we don’t feel like we have all the answers of what is needed. We all need to come together as stakeholders across the industry, talk about what we all need from those transactions to make it work. To Melissa’s point, you said use the operating rules to solve the problems. What are the problems with those transactions and then use that analysis to develop the operating rules. We are ready and willing to help on this effort as providers and we hope that you all join us with this.

Finally, to get to a point that I believe that Sid was making earlier is that this is a — prior authorization is an overall process and it requires an integrated workflow throughout. I would point to the fact and reference the pharmacy industry and the NCPDP EPA transactions. You see that it is a back and forth process. It is a suite of transactions because it is not just one back and forth. There is the provider saying do I need prior authorization. The payer says yes you do. The provider says I want prior authorization. And the payer then says we need this information. And then the provider sends the information and then the payer sends a decision back. That is a lot of back and forth. We need to make sure that all those pieces are in place or this process is just never going to get automated.

Specifically, we feel that again that eligibility response needs to be procedure specific so providers know if they need prior authorization in advance. And then has been referenced multiple times today, we need an attachment standard because most prior authorizations and referrals are going to require supporting clinical documentation. If you don’t have an attachment standard, again, you cannot automate this whole process.

Again, we really do appreciate the efforts of CAQH CORE to working on these operating rules. We think that the operating rules can be additionally leveraged to improve efficiency in the industry. We want operating rules to be updated more frequently. We definitely think it can be more robust and meaningful by the addition of data content requirements. We would again urge the subcommittee to take this opportunity to fix our dysfunctional prior authorization process. Thank you.

DR. SUAREZ: Thank you very much. That was very helpful. Thank you. I think we have Stacey next.

MS. BARBER: While the presentation is getting queued up, I am Stacey Barber. I am the newly elected chair of ASC X12N, the insurance subcommittee. I thank you for the opportunity to allow ASC X12 to present our viewpoints today.

A little bit about ASC X12. It is chartered by the American National Standards Institute for more than 30 years. We develop EDI and CICA standards in XML schemas, which drive business processes globally. ASC X12 memberships include technologists, business process experts, encompassing health care, insurance, transportation, finance, government, supply chains and other industries. Additional information can be obtained at X12.org.

One thing that we want to point out and I know that there has been a little bit of contention as far as the 278 transaction goes, but ASC X12 does believe that the data content needs are met within our technical reports. We are supporting at this time CORE’s decision not to include any data content within the proposed rules that are out for review, the draft rules that are out at this time.

The draft rules currently include requirements for the use of acknowledgments. Acknowledgment transactions have not been adopted as has been noted by others today. ASC X12 fully supports the use of acknowledgments in transaction processing and we recommend adherence with the ASC X12 acknowledgment reference model as the point. That is also known as the arm if you ever hear that said.

Based on input that we have received from ASC X12 membership, there have been few changes in the daily workflow of transaction processing as a result of adopted infrastructure rules. We are seeing that even though we have adopted infrastructure rules under Phase I, II, and III, there is still the daily process flow — really, there is no change to it. It is processing as it was before those requirements were adopted.

Another thing that has also been noted by some of the health plans and others is that implementation has been built by the clearinghouses and payers, but it is not widely being adopted by providers. Again, with the requirements being that the health plans and the payers must adopt the operating rules where it is optional with the providers.

Another thing of note is that — Heather pointed on this. With the already adopted operating rules, some may need to be re-addressed and looked at. We feel that the reactive process that is supplied to the CARC and RARC pairings should be applied to overall operating rules as a whole.

In addition, ASC X12 understands that technology changes in privacy and confidentiality is very important. However, we do not feel that new operating rules should exclude any user authentication methods that were implemented in previously adopted under other rules. This would be the limitation of the user authentication within the Phase IV rules, connectivity rules.

As far as potential impacts or improvement, at this point, since there is no data content requirements that have been identified, we do not see any impact in this area.

We do agree that security requirements for user authentication are covered within the rules. However, it is not consistent across all transactions as has been noted. And ASC X12 does not feel or believe that the privacy and confidentiality would be applicable within an operating rule as there are federal regulations and state regulations and rules that cover security and privacy. Thank you.

DR. SUAREZ: Thank you, Stacey. And then we have Margaret.

MS. WEIKER: I am Margaret Weiker. I am the Standards Development director at NCPDP or the National Council for Prescription Drug Programs. NCPDP is an ANSI-accredited SDO with over 1500 membersthat represent virtually every sectgor of the pharmacy services industry.

Our members do use some of the transactions that are being proposed in Phase IV, particularly the claim, the 837 as well as in the enrollment and premium payment, the 834 and the 820.

In regard to the questions, what business needs of the health care industry do the operating rules intend to address. Again, this is from a pharmacy services sector point of view. It is the standardization of the companion guides. We have a lot of diversity in regard to the enrollment guides that are out there, some I would say not even a companion guide. That is important. NCPDP does support the decision not to include data content rules into the latest set of the proposed operating rules. We believe transaction data content and its use is the responsibility of an SDO.

The second question about the efficiencies and improvements that these operating rules are addressing. It is not a current concern from a pharmacy point of view.

The impact in regard to workflow costs capability’s agility. Yes, there would be a cost of implementing any new companion guide template both from a resource, somebody to actually physically go do that as well as the notification that there was a new guide and distribution. However, we believe the benefit outweighs the cost of doing that.

Acknowledgments. NCPDP supports the voluntary use of the ASC X12 999 and the 277CA. NCPDP does not support the mandated use of a transaction that has not been adopted through the HIPAA process.

We recommend that the acknowledgement reference model be used to determine when an ASC X12 999 transaction is generated. In regard to the actual implementation of acknowledgements, that would be additional cost and capabilities to implement that that a lot of NCPDP members have not done to date.

And just as a little aside to the whole acknowledgment discussion, years ago the DSMO recommended that the acknowledgments, the 999, the 277CA, the TA1 be adopted as HIPAA-mandated transactions. In fact, this committee heard hearings about that and made a recommendation to the secretary to adopt those, which has never been done.

In regard to the emerging or evolving clinical, technical and/or business advances, from our point of view, what is being proposed now does not do that for the pharmacy services sector.

Improvements. In regard to the data content, since data content rules were not proposed, we don’t think there is any impact. However, if the 277CA, which is the claim acknowledgment transaction is mandated, payers, processors and phramacies will have to support a transaction and its data content and code sets that they don’t currently support today or have a business need for. Even though we do process a small amount of 837s primarily for Medicare Part B, a few Part D as well as professional pharmacy services, which HIPAA allows that to be built either via the NCPDP transaction or the ASC X12 837. Today, there is not a lot of volume for those from an 837 point of view. To build this would be very costly to the pharmacy services sector.

In regard to do they incorporate privacy, security and confidentiality, security requirements are covered in the proposed operating rules especially around user authentication. Supports the connectivity rule, the 470 rule. Supports the next set of the transactions and it requires the X.509 digital certificate to be supported by payers.

NCPDP believes that these rules need to be consistent across all phases. This is Phase IV. It differs than the others. We believe it needs to be consistent across all phases for all transactions. And then there will be an additional cost to implement the X.509 and if the payer processor creates it, will the providers use it? If I build it, will they come?

Privacy and confidentiality really are not covered in these rules. If you think about security is the how and privacy is the what, they really are not covered there. That concludes my comments.

DR. SUAREZ: Thank you very much and thanks everyone for your testimonies. Given that the time and what we are looking at with respect to the rest of the agenda, what we want to propose at this point is that we take the lunch break now until 1:15 so a 45-minute lunch break, and then come back to the second part of the operating rules discussion with our remaining five testifiers and then have the Q&A with the entire group. I think everybody will still be around.

And then in the back end with respect to the evaluation criteria review committee process, we will be sure to adjust the time as well. We will not cut short anyone. What we are doing is eliminating most of the time that we had put in there for the subcommittee to review and discuss. We have eliminated about an hour and a half of that. But we do want to have a chance to ask questions to you all here in this current panel as well as the remaining five testifiers and then finish up with this first round. Is that okay with everyone? Is anybody concerned about that? It looks like everyone is okay. Let’s take the lunch break. We will be back at 1:15. We will start at 1:15 sharp and we will go from there. Thank you again everyone and thanks to the panelists who have presented so far.

(Lunch Break)

 

A F T E R N O O N S E S S I O N

Agenda Item: Review of Proposed Operating Rule – Part 2

DR. SUAREZ: We are going to hear testimony from five additional testifiers. We will invite from this morning to join us at the table and have Q&A. Let’s just go ahead and start. I know the rest of the people will probably be joining us in a few minutes here. Laurie, why don’t we go to you?

MS. DARST: Thank you. Members of the Subcommittee, I am Laurie Darst. I am here today as chair-elect for the WEDI Board of Directors. I would like to thank you for the opportunity to testify today on behalf of WEDI regarding the proposed new operating rules.

As you know, WEDI represents a broad industry perspective of providers, clearinghouses, health plans, vendors and other organizations in the private and public sector and they partner together to collaborate on industry issues. WEDI is named as an advisor to the Secretary of Human Services under the HIPAA regulation and we take an objective approach to resolving issues.

There continues to be a greater need for adoption of the HIPAA transactions. WEDI feels that operating rules, as a supplement to the ASC X12 transactions, are an important tool that can help aid the industry in moving forward with health IT. WEDI has provided testimony previously on operating rules in 2010 and 2011. Many of the operating rules to date have provided benefit to the industry stakeholders. Our testimony today, however, will cover a couple of concerns with the current proposed operating rules with the understanding that these operating rules are still under development and have not been finalized.

I am actually going to talk about two of the questions that were proposed. What is the potential impact of operating rules to the health entities? The first thing I would like to talk about is consistent requirements. I think you have heard this before this morning. The need for the criticality of operating rules to be applied consistency across transactions and across CORE phases. Without that, we will not have the efficiencies that are really necessary for the industry to go forward.

WEDI acknowledges that the need to unify some of these approaches is necessary, but we also need to look at the value of allowing stakeholders some flexibility according to their needs and technical solutions. If the requirements vary significantly by transaction, additional effort and cost will be expended to support these differences.

The second comment I want to talk is industry overload. WEDI is concerned that the industry will have difficulty absorbing more restrictive requirements at a time when it is already overburdened by mandates. With a current number of compliance mandates such as meaningful use, ICD-10, and all of the new payment methodologies, it might be more beneficial to reinforce the value of implementing the existing operating rule requirements across all parties than to introduce more restrictive requirements.

Certification language. As we have expressed in prior testimonies, we feel that there may be confusion that may arise over the inclusion of the wording related to CORE certification. Acquiring CORE certification is a voluntary private decision. It would be helpful if references to the CORE certification were documented elsewhere and not included in the text of the rules adopted under federal regulation.

Batch versus real-time. The proposed Phase IV CORE rules contain verbiage around real-time and batch request and response processing modes. The current verbiage implies that real-time processing is required instead of clearly identifying that it is not. WEDI suggests that the rule include a clear statement that while HIPAA covered health plans and their agents must implement batch server requirements, the real-time requirements only apply to entities if they offer real-time capabilities for transactions.

Acknowledgements. And again, this is another theme you have heard this morning. WEDI strongly supports the voluntary adoption of acknowledgments between stakeholders. WEDI also strongly supports the adoption of the claim acknowledgements, the 999, the 277CA, through the federal rulemaking process to facilitate information exchange between stakeholders.

The second question we would like to address is what is the impact of operating rules on privacy, security, and confidentiality. WEDI supports continued focus on privacy, security and confidentiality safeguards and looks to balance the adoption of new requirements based on industry experience and cost-benefit analysis.

The proposed Phase IV CORE Connectivity Rule would require the X.509 Digital Certificate to be supported by HIPAA covered entities, specifically health plans. WEDI has concerns with this due to the following. Variances with privacy and security. Under Phase II Connectivity Rule 270, submitters were given the option to either use the X.509 Digital Certificate or username and password as authentication methods. Many stakeholders opted to implement username and password given that it was already supported in their systems and therefore did not require additional investments. However, the proposed Phase IV Connectivity Rule now requires HIPAA covered entities against specifically health plans and their agents to support the X.509 Digital Certificate for claims, authorization, premium payment and enrollment transactions.

This requirement would force these entities, these health plans, to support the Digital Certificate even though not all the trading partners would be required to use this authentication method. There is concern that HIPAA covered health plans would be required to incur cost and have no one use this in — their providers or other training partners use this.

In addition, there would be a disconnect between the authentication options across transactions and across CORE phases. There is also concern that health plans would force some of their trading partners into utilizing the Digital Certificate. And in some cases, regardless of whether or not there are a HIPAA covered entity such as employers or in those situations of the enrollment and premium payment. This might discourage some of the senders from utilizing electronic transactions due to the extra cost involved in purchasing certificates.

We would like to offer an alternative approach at least short term. Rather than imposing new requirements, the operating rules could instead apply Phase II Connectivity Rule for the current four transactions, thereby maintaining consistency across all HIPAA transactions. Further security safeguards could be accomplished by CORE providing requirements for enhancing the complexity of password security such as requiring both alpha and numeric characters. This would not force stakeholders to adopt new technology or HIPAA covered entities to incur additional cost with no benefit if none of their trading partners converts to the digital signature. In a future version of operating rules, a movement to digital certificates could be proposed for all transactions and all stakeholders.

In conclusion, although WEDI recognizes the value of common rules of the road and engagement for electronic transactions that CORE has been working on, we would urge the Subcommittee to strongly consider the items outlined in our testimony and also outlined by previous testifiers. Thank you for the opportunity to testify.

DR. SUAREZ: Thank you. Debra.

MS. STRICKLAND: Members of the Subcommittee, I am Debra Strickland. I am a Client Service Consultant at Xerox Government Services. I would like to thank you for the opportunity to present testimony today on behalf of employer groups, concerning the matter of Phase IV operating rules for claim, prior authorization, enrollment/disenrollment and the premium payment.

There is a little background on Xerox. We are not just a copier company. We do a lot more. Everybody remembers that commercial. It is not on anymore, but we do a lot more. We are an MMIS vendor. We are a commercial clearinghouse as well. We do data capture, call centers, and support centers as well. There is a wide girth of things that we do in our industry. I just wanted to point that out because not only am I testifying as an employer group because Xerox is an employer, but we also have other hats and other experiences.

The late arrival of the draft rules for enrollment and 820 somewhat prevented my ability to reach out to many employers. But I did interview some in order for me to get my opinions and my testimony today.

CAQH has as some of the benefits for the claim that it will take less staff time on phone calls and websites. It will increase the ability to conduct targeted follow up and it will allow more accurate and efficient claims processing.

Electronic claims, as we all know, have been used widely across the industry for two decades. Using industry standards and before that voluntary formats such as NSF and the MCDS of NEIC formats used before that. The majority of the benefits from the electronic claim have already been realized. Most payers interviewed, including our own partners, already are successfully using the EDI claims at 80 to 90 percent. We have heard that in the testimony today as well.

As we talk about business need, the law says that — it defines the operating rules as necessary business rules, the guidelines for electronic exchange of information not defined by the standard or the implementation specifications.

In our opinion, claims are not in need of additional operating rules. Payers, clearinghouses, providers have evolved their own claim infrastructure solutions across the industry voluntary without major issues being reported. We would argue that the benefits listed in the prior page are not what we will see as a result of implementing these rules for 837.

Implementation for the sake of consistency. While there is something to be said for keeping things consistent across all the transactions, there is also the concept of not fixing things that are not broken. This industry has been under a tremendous burden of regulations and mandates not the least of which is ICD-10. These come with significant cost and resource impact to the covered entities. Care should be given to ensure that there is true ROI and true business necessity as the law states.

In past operating rules Phase I, II and III, the industry was required to implement a number of transport and security standards among other items. In some cases, the requirement to support SOAP and MIME. This was a significant cost to some payers and other covered entities to support these with the thought of if we build it they will come. That has not truly been the case. Many of the payers that Xerox supports and that were interviewed when asked said no one has asked for these connectivity methods.

The real challenge here is there a real necessity of the rules and the application of critical criteria to assess the impacts to the industry before requiring the industry to adopt rules that have no value.

The claim, as mentioned, is well established. It may also be covered in other testimony today, but we actually process in our clearinghouse four million claims transactions per day. The communications that the industry has needed to employ over the last two decades have been established and are working. The industry has had to adhere to HIPAA Security and Privacy laws to secure our very valuable PHI.

When we look at prior authorization, it is not a heavily used transaction in the industry, not nearly enough to justify the entire industry applying all these rules to a transaction that does not have a large uptake in usage. The proposed operating rules do not provide enhancements that would also encourage stakeholders to implement.

The premium payment. This transaction also — this was a tricky set of operating rules I am sure for CAQH to tackle because of the complexity. Premium payment has had a great deal of focus of course througout the advent of the HIEs and the payers have had to implement different flavors of this transaction with companion guide guidance from entities such as CCIIOO, which is the Center for Consumer Information and Insurance Oversight. These are now up and running and functioning. It would seem that they are not having major problems. In our opinion, requiring further changes to these transactions that the payers just got all set is not necessary and would constitute a barrier to the success of other mandates that they have to adhere to.

The enrollment and disenrollment. The main users of this transaction are employer groups such as Xerox. However, employer groups are not covered entities and they have absolutely no motivation to change what they are doing today and have no regulations mandate compliance of this transaction. The adoption of these rules require payer compliance to accept these transactions in accordance to these rules, but will have a minimal effect in the us of these transactions.

In prioritizing the EDI rules, this transaction has the least likely adoption or benefit by employer groups and implementation of the rules will come at a cost to the payers, but very little ROI in return.

The potential impact to the industry regarding changes to operating rules. At this point, once these rules are set, it means there is not a means by which the industry and this was addressed by a number of folks — there is not a means by which the industry can change them or process developed to assess these sets of rules that have been developed to affect change as necessary.

What is the regulatory process for reassing these rules, the effectiveness? An example is the draft IV rules and the proposed requirement for the X.509 certification. What if at this point this isn’t the latest and greatest security? Technology can change tomorrow. Someone could come up with something better and now we are stuck because it is named in law. I think we need to be careful when we name a certain thing because we actually make ourselves stuck and we cannot move forward. As technology changes very rapidly, we could find ourselves in a less secure environment.

As far as the security and privacy, the question is what impact should CAQH have on the defining of privacy and security and the EDI data. This is, in our opinion, the job of the privacy and security rules, which have defined pretty rigorous security layers in order to ensure the security of the industry’s PHI.

As technology advances, putting specifics into operating rules with no way of change to the rules seems detrimental and does not help the industry to adapt in the most secure technology standards.

We believe, again — we have to remember the SOAP and MIME requirement. It was built but seldom used. It would be helpful to the industry to be able to follow rules from one governing body for all things security and privacy so the industry does not have to go and access different laws and different entities for rules as they define their security and privacy standards.

In conclusion, to wrap up this assessment, the current proposed draft IV operating rules, we are aware that the ACA law requires that a set of rules be created for these four named transactions and that was a tricky deal I am sure.

I would ask you to review the necessity of these rules as the law also states that they have to be necessary. It is our belief that these rules are not truly necessary and that there has to be balance across the requirements of mandates and real tangible return on investment before we ask an entire industry to make changes to transactions that have in the case of claim been functioning fine for decades and other transactions whose use is so minimal that true ROI would be impossible to recoup. If rules must be applied due to the ACA law, we would say the companion rule we would support as it is a do no harm approach.

Of course, I would be remiss if I did not mention that if these rules were to move forward as written to adhere to the ACA law, this set of rules also has to be implemented by 1/1/16. If these draft rules are finalized by 7/1/2015, it gives the industry five months to implement these rules for all these transactions. That also puts additional burden on the industry during the testing period of ICD-10. It would be impossible for Medicaid to even get funding during time period, never mind fully implemented.

I thank this committee for their continued diligence ot hear the testimony of the industry and I thank you for your time today.

DR. SUAREZ: Thanks so much, Debra. Debbi.

MS. MEISNER: Good afternoon. Members of the Subcommittee, my name is Debbie Meisner and I am the Regulatory Strategy Vice President for Emdeon. I thank you for this opportunity this afternoon. We are pleased to offer you the following comments regarding the HIPAA and ACA operating rules.

I am going to give you a little spiel now and later this afternoon when I am up here, I won’t repeat this. But just so that you understand if you don’t know Emdeon what our breadth in the industry is — Emdeon has over 30 years of experience in the EDI arena. We process more than 7.4 billion transactions every year. We are connected to over 700,000 physicians, 105,000 dentists, 60,000 pharmacies, 5000 hospitals, 600 vendors, 450 labs and 1200 government and commercial payers. In effect, we can act as a representative sample of the entire US commercial health care sector and a major portion of the US government sector, giving us a unique 360-degree view of the impact of these changes to the industry.

The committee asked us to focus on their questions. In an effort to help you make up some time if I have already heard it, I am not going to repeat it. I will just ditto for you.

With regards to the business needs of the health care industry that the operating rules do intend to address, we feel that there could be some advantage to the consistency in the response times. However, we do want to echo what we have heard. The 278 transactions are very low in its implementation right now. Putting rules on top of that probably is not going to help. I do not believe they are going to address the problem that the industry is facing for the 278.

We also believe that the consistency in implementation guides would be beneficial. We have been a big supporter of having a standard companion guide to help the providers and implementers wade their way through long ago establish our own standard across transactions. We are very supportive of that.

As far as the efficiency opportunities, we do not see any in this set of rules at this time, but we do support the decision to stick away from the content rules as stated earlier today. I believe strongly that that belongs with the SDOs. It is very complicated implementing these transactions if you have to go to multiple places to get your directions in how to do things.

With the potential impact of the operating rules to the various health care entities question, we do not see any changes in the daily workflow of the transaction processing, the actual processing of the transactions. But there are, however, additional costs associated with the implementation of the infrastructure rule.

Our theme that we have been hearing is if we build it will they come. Well, Emdeon built that field of dreams in the safe harbor communication method out of tens of thousands of trading partners that I just talked to you about, we have had four implement the connectivity rules as they are in CORE and then only because they felt that they had to based on the operating rules, not because it was their method of choice.

Operating rules need to be more responsive to the industry needs. For example, changes in the eligibility in 5010 and 6020 have been incorporated. And the content rules need to make sure that they can adjust to those changes that have been done within the standards.

The response process that has been successful in the CARC and RARC rules should be used to keep all of the operating rules in sync with the standards as they are developed.

As I stated, the standardization of companion guides has been beneficial. However, the addition of the coordination of benefits was a bit puzzling to us as this is a HIPAA covered transaction. We are not quite sure why it needed to be called out specifically in the operating rules. Again, that is another type of transaction within the claim that has not been widely implemented. We are a little bit puzzled about that.

I am going to take a little minute here to do an advertisement. WEDI in the spring conference will be having a session on just this topic. Why aren’t we seeing the non-claim transactions implemented as Debra indicated. Ninety percent of the claims are coming in electronically. What is wrong with the rest of these transactions? What are the barriers? We are going to have an open session with some folks giving their statistics, giving their overview of what is going on and then opening it up to the floor to say what are your barriers. What are your challenges? What do we need to do to move the HIPAA transactions forward and then mention some of the non-HIPAA standards that have been developed and can we move forward and adopt them on a voluntary basis? Welcome folks to join that session. It is going to be quite entertaining at the very least.

You have heard a lot about this X.509 certification requirement. It is a very costly and high maintenance implementation. Again, we have one or two people that have asked us to implement certificates. But there is a lot of overhead in getting the certificates and then maintaining them going forward that for the number of connectivities that you saw in the first slide would be very expensive, very costly with no ROI cited.

No content. You have heard that so we won’t go there.

If applicable, do these incorporate privacy and security? I will emphasize what you have heard. Consistency, consistency, consistency. One of our fears is that if we have to go to certificates, it will not just impact these four. People who go to it may say if I am going to do this, I am going to bite the bullet and I am going to transfer all of my business over to certificates, which would be an absolute nightmare to migrate everybody all at the same time.

Again, I agree. The privacy and confidentiality are not addressed in this set of rules.

In closing, I do want to thank the members of the Subcommittee for your time and your attention. The operating rules being discussed today present a transformation of our industry and we appreciate all of your efforts to bring clarity and consensus to the process. We hope that the information that we have presented will be useful to you. Thank you.

DR. SUAREZ: Thank you very much. Sherry.

MS. WILSON: Thank you. Good afternoon. Members of the Subcommittee, I am Sherry Wilson, President of the Cooperative Exchange, the National Clearinghouse Association, and Executive Vice President and Chief Compliance Officer of Jopari Solutions. I would like to thank you today for the opportunity to present testimony on behalf of the Cooperative Exchange members concerning the proposed operating rules.

Before we get started, I would like to just give a brief introduction of who we are and the role our members play in the health care industry. The Cooperative Exchange represents over 25-member companies, including affiliates such as the AMA and X12. Our representation is over 80 percent of the clearinghouse industry. We have over 750,000 submitting provider organizations and most importantly, we are processing successfully over 4 billion claims and transactions annually. Our transaction value worth is over $1.1 trillion. We maintain over 7000 payer connections including Medicare and all the Medicaid plus additional maintenance of connections to over 1000 plus HIT vendors. We truly feel we represent this country’s EDI highway.

Again, we don’t want to be redundant and save time for this testimony. It is really four specific components of the operating rule we would like to address. The first one is the business needs, the operating rules intend to address. We would like to address this from our industry experience. We feel the operating rules need to be flexible to accommodate different levels of stakeholder EDI readiness from low tech to high tech in order to achieve the goal of interoperability and industry adoption.

Furthermore, from our experience, we find the CAQH CORE 837 business case has been realized, tested, and currently used in production today, resulting from either state mandates as early as 1995 as well as voluntary adoptions. The use of the 837 operating rule application here also includes acknowledgements.

With that said, where we are really concerned is the adoption of additional rules that can become a financial and resource burden on the industry in this time of competing priorities. We feel only those rules that have proven ROI and support a standard end-to-end workload process like acknowledgements should be adopted at this time.

We also have concern over the ability of the industry to implement the set of operating rules within the five months to meet the prescribed timeframe of January 1, 2016.

In regards to efficiency of the operating rules and strategies to measure impact, as I already previously stated, we strongly support the adoption of the X12 acknowledgement reference model. We feel it has shown proven workload efficiency as well as ROI. In our written testimony, we reference a clearinghouse five-year study on electronic billing. That provides stakeholder experience in the use of the 837 and the acknowledgement transactions.

The next point we would like to address in the operating rules is connectivity. On the connectivity rule, we strongly believe that these rules need to be flexible to accommodate different levels of stakeholder EDI readiness as well as to accommodate existing and new compliant solutions that are being used in the industry today.

We also see the connectivity rule as an opportunity to leverage existing security guidelines, best practices, and industry resources. We would like to encourage a closer collaboration with the National Institute of Standards and Technology, NIST, under HIPAA. This is the federal agency that is recognized as the health care information technology resource for security best practice standards. We feel this would help us significantly as we begin to look at the connectivity rule in the impact across stakeholders.

We would also request respectively clarification of the role of the operating rule body and defining industry connectivity specifications. Should the operating rules really include these requirements or they should be pointing to the NIST guidelines as applicable? We feel that these clarifications would help give us better guidance in the industry.

Very quickly, I would like to move into the applicability of the privacy, security and confidentiality. We have a little bit different perspective than what has been presented. As clearinghouses, we meet or exceed security and privacy rules. These rules are the foundation of our business model and sustainability.

One of the outcomes of the HIPAA standards and operating rules regulation is the increasing amount of client requirements for clearinghouses to pass several certifications and audits to prove they are compliant with HIPAA mandates by using numerous third-party accreditation entities and/or industry standard audits. Each of these accreditation audits come at a significant financial cost. And more troubling is the documentation requirement for the same or similar criteria that are requested in different formats, requiring a high percentage of manual completion and significant allocation of staff resources. We do not think this was the intent of these regulations.

We would ask to address this issue, the Cooperative Exchange recommends for a consideration to HHS the need for one industry security governance such as NIST and also exemptions for clearinghouses from the operating rules if they are certified by an improved entity such as EHNAC or a SOC audit to help mitigate this costly redundant certification process.

In conclusion, the Cooperative Exchange supports the operating rules and standards development. We applaud the efforts of the health care industry. This is a huge task we are all taking. Through this collaboration, we need some time to step back and acknowledge where we have come from.

In addition, we encourage NCVHS to consider the need for administrative consistency, mitigation of regulatory redundancy, and resource burden to comply with these regulations and to look at adopting rules based on proven ROI to facilitate EDI adoption. Lastly, if adoption is the idea is to move forward these rules then we request an extension of the effective date to be able to accommodate the industry and stakeholder needs.

I would like to thank you very much for the opportunity to testify today.

DR. SUAREZ: Thank you. Eric.

MR. CHRIST: Good afternoon. I am Eric Christ, board member of the Healthcare Administrative Technology Association, a long name, but we go by HATA, which the National Association of the Practice Management System Industry. I am also chief executive officer of PracticeAdmin, which is a practice management software vendor based in Atlanta. I would like to thank the Subcommittee for the opportunity to present testimony today on behalf of HATA, concerning the Phase IV proposed rules and their effects on the practice management system industry.

As a new organization, I will just take a moment to explain who HATA is and whom we represent. There are approximately 600 software vendors in the practice management space today, providing a variety of technology solutions to the full range of health care professionals. Those software solutions represent almost 100 percent of — as the source of claims submitted to payers today.

Administration simplification of claims processing is a key factor and affecting the cost of health care in the United States and HATA seeks to be a leader in helping advance that cause. We are non-profit trade association with membership from those practice management system vendors including such leading companies as AdvancedMD, HealthPac, MDSynergy, Medinformatix, NextGen, and Optum. And we represent collectively those groups of vendors, over 275,000 providers, using our software today. That is one piece, but we think a key piece in the $40 billion physician revenue cycle space that we have today.

In the interest of time, I will focus my comments on things that we have not heard today if I can find some. We have heard lots of good testimony. That is the drawback to going last from the industry perspective.

Regarding the business needs of the industry, HATA certainly believes that the operating rules need to be flexible, as we have heard testimony today from the Cooperative Exchange and others, specifically the connectivity. The 470 rule needs to accommodate existing methods. For the PMS vendor industry, any operating rule that helps creates consistency in transactions is desirable as long as it does not create an undue hardship or additional significant costs.

We certainly agree with other testimony that we have heard today that the 837 business case has been realized and is providing tremendous benefits for many years. We support the proposed 837 operating rules and we are concerned with the connectivity rule just assuring that current connection methods remain allowable under that.

In terms of timing, we have heard this as well, but due to the delay of the ICD-10 implementation to October from a vendor perspective, some of us have already turned it on. Others are turning it on now for their customers assuming this time it does not get delay again, but we are going to have a lot to do starting October 1 supporting our customer base using ICD-10 and we think trying to get this up and running by January 1, 2016 is asking a lot, not just us as vendors, but also of our customer base. We strongly recommend an implementation date of no sooner than January 1, 2017.

In terms of efficiency improvements, we find significant merit in the proposed infrastructure claim rule. Once again, as long as existing connections remain allowable, we also support the acknowledgement reference model.

In terms of prior authorization from an industry perspective as we heard today from provider representatives, we as well feel that there is significant benefit to prior authorization and we would like to see the health care environment start using those transactions as other folks have testified. We have not seen significant uptake in that. We are not sure if these proposed operating rules are a way to do that. That is back to perhaps before we build it, we need them to get them to come and then we build it for them.

We agree that the approach to not addressing data content in the Phase IV rules is appropriate so as to avoid possible duplication or contradiction with other existing content as produced SDOs.

In terms of the privacy, security and confidentiality as an industry, our software vendor members are committed to complying with the privacy and security regulations. We are at this point not sure of the need for security criteria to be contained in these operating rules. From a certification and industry compliance perspective, HATA, as an organization, is very active in the development of a new accreditation program for PMS vendors accredited through the EHNAC organization, the new practice management system accreditation program of which privacy, security and confidentiality are going to be a key criteria for that. We are pleased to report that several HATA members were early beta testers of that certification program and have passed the criteria and have been accredited. We see that as a great way for the industry to continue to support those needs.

In conclusion, we support the operating rules and standards and our recommendations focus on the need for administrative consistency, mitigation of regulatory redundancy, and the resource burden to comply with any additional regulations. We stress the importance of continued cross-industry stakeholder inclusion in the development of these standards and rules.

Thank you and we look forward to continue to work collaboratively with the Subcommittee to bring about the administrative simplification.

Agenda Item: Subcommittee Q&A

DR. SUAREZ: Thank you very much. Thanks everyone for participating in the second part of the hearing.

We would like to invite the rest of the participants from this morning to join us at the table. We are going to open up for some questions. We will have a chance to do some exchange. Unfortunately, we won’t have a lot of time to do it, but we do want to spend some time with some questions.

I think as we start, we certainly heard a number of consistent messages across the board with respect to the proposed operating rules, some things that we have already addressed or tried to address to improve the letter like acknowledgements and options of acknowledgements and implementation of those as part of rule making.

We heard also some differences across the testifiers on really ultimately the value and the benefits of adopting these operating rules. We certainly heard the real benefit I guess or the fact that the operating rules focus on infrastructure type of rules and not data. But still we heard some concerns certainly and some issues around those.

The first question I guess that I wanted to pose across the board is do you see, do you believe that there is ultimately with the rules as opposed and I know that they are a draft and they will continue to be finalized and refined. Do you see enough value to really proceed with the adoption of this type of operating rules from an infrastructure — purely the operating rules as proposed for infrastructure perspective? Some of them, parts of them? What is your sense with respect to the value?

We heard a number of statements about the importance of making sure that there is enough value versus the cost that will imply the implementation of this. I want to open it up and hear some perspectives about your views on the value proposition really for the implementation of these rules.

MR. BASCH: Thank you. I can only address 278 prior authorization and would say that only if there was a clear trajectory for where the rest of the development was going, in other words, for content and/or attachments in a clear trajectory of guiding principles for how the interactions were to be simplified would I be in favor and would the ACP be in favor. I think we are very concerned that layering of a process of data exchange on top of an unpredictable and ever-changing process that is controlled without rules will by definition just add burden. We would want to make sure that someone had their hands and thoughts around the process to try and actually — I think a lot of people have talked about solving a real problem before we just feel good about having data flowing back and forth and that by itself solves a problem.

MS. MOOREHEAD: I hope that my testimony made it clear that I think this is an area of some pretty high consensus on the NMEH in terms of it is difficult to realize business value at this point from moving ahead with more operating rules particularly for transactions that are not widely adopted. I had another comment that if it wasn’t broken don’t fix it variety. Especially considering when you are in the Medicaid realm, this is a publicly financed venture. I question the value of making, as I think I already said and we will talk a little bit more later, 57 different experiments in realizing valued operating rules that we have to pay for and then wonder if we are going to realize any value as a nation. Thank you very much.

MR. HEBERT: I may say things that are just slightly askew or contradictory. If I do, I apologize for that in advance. A couple of thoughts. For deployment of standards in any industry and there are many that have gone ahead of us, there is a component of infrastructure standardization that is absolutely mandatory if we are going to effectively deploy. Having said that, the greatest example of lack of broad adoption running counter to infrastructure standard adoption is the EFT rule from the last phase. Humana made a decision several years ago, about a dozen years ago actually, to build EFT capability as well as produce ERAs for every claim that we receive. We simply throw away the ones we do not use. We throw away a whole lot of ERAs.

What I find interesting is we are fully enabled on EFT capabilities and ERA capabilities, but it is one of our lagging adopted transactions. It benefits all stakeholders. It benefits them directly. It reduces their payment cycle times from three to five days down to literally one day. But the adoption is just very low. In our case, it is right around 50 percent. Our claims adoption rate is above 95 percent and we actually take all of our paper and convert it to electronic. In essence, we have 100 percent adoption on claims.

I find it interesting that we have the operating rules in place. We have a transaction of benefits of all stakeholders and the adoption rate is particularly low. Our conclusion is mandating participation is probably a missing component of what we do. But in order for us to continue to move forward and address the content issues that I am hearing from the 278 and for other transactions down the road, we have to have the infrastructure components. I would try to focus on not the cost because it is significant particularly this next phase, but on what is the right timing for adoption as we work on understanding the content requirements. If we can do that and bring those into some type of alignment for implementation, I think the industry will benefit.

MS. STRICKLAND: My opinion is that this next phase would not bring the return on investment that we would seek. I think that it would cost payers in particular a lot of money to make these changes. I don’t think that they would realize that benefit coming out of it. I understand that we want to make sure that systems are up and running and so forth. But believe me, everybody including Sid and everybody else who is doing 90 percent of their claim volumes, they know if their systems are up and running. There are already things that are built. When a transaction is up for decades, beyond decades in processing successfully that set its own track record.

While there are four transactions we are talking about, there is one that has been in effect and has been working properly. I hate to throw rules at something that is working. The other transactions. I would not apply rules to because there is not enough volume to do so yet. I am not saying they never will. But I am saying once they get to a point where they are adding value we got through some of the data content issues and we have a valid transaction exchange going on then perhaps operating rules would be appropriate at that time.

MS. LOHSE: As we think about who is at this table, you probably have a lot of the more sophisticated entities at the table. As we think about who is at the table, I think we see this with a lot of studies. When I was mentioning the study we did with the four billion claims, the ratio of adoption can range from anywhere with one transaction a variance of 10 percent up to 90. That is a pretty wide percentage change. We have a lot of folks at the table that maybe batch response time. They are way beyond what we are proposing for the rules, but we also have a lot in the market that aren’t.

One of the philosophical questions for us is to think about what are our expectations as an industry that everyone needs to meet and for the more sophisticated entities, some of these may be basic things they can already get to so the cost isn’t very high. There is that aspect.

I think we also want to think about — if we have basic things like the market exchange just came out, the health care insurance market exchange. They are already including acknowledgments and we have been talking about it for how long. We are saying there is no value, but everyone says there is a black hole with all these transactions. We really need to think about philosophically what our expectations are and why when a new thing like the insurance exchange can rule out acknowledgments. We cannot get it done. It is not up to us as the authoring entity, but who wants to adopt. We are taking the votes in and looking through that. But I do think a philosophical question about what our expectations are given where the people at the table driving this.

DR. SUAREZ: Debbi and then Peter.

MS. MEISNER: I just have four things I want to just bring up. From a clearinghouse perspective, wearing that hat, we have a service level agreement in place with almost every one of our payers that far exceeds the requirements that you are looking at. I would say that is pretty normal. Most of us have to have service-level agreements with our payers. Our system up time. Our system down time. We have to tell them when we are not going to be up and running and we have to answer for these SLAs. There are oftentimes penalties associated with them.

I think the point of this 90 percent of claim volume. As I indicated, we are doing a lot of transactions in this highway that we have going. Those SLAs are what keeps us with our customers. Otherwise, they are going to leave us. We have built that infrastructure.

I would suggest that we don’t want to put the cart before the horse. We need to find out what the issues are before we can resolve them, which was part of the impetus for doing this WEDI outreach program to say what is wrong. Why aren’t we doing the 278? What are the issues to prevent? I have heard some of them and they don’t have anything to do with infrastructure at all. Even if you say the response time has to be within a certain amount, which we think would be beneficial. If the content isn’t in that response, it is not going to do any good. If that response is only saying we have your request, give us a call. That does not do any good.

And then the vendors that — had us here at the table. I am glad to hear that. They are the ones that would have to implement this on the provider side. We can build it all we want at the clearinghouse and at the payer side at quite an expense. But if the providers aren’t going to use it coming out of their software that kind of connectivity and supporting certificates has to be in place at the vendor. They are not covered entities. We can write all the rules that we want, but they do not have to follow them. That has always been a problem that we have had with vendors not being covered entities in this industry.

I would dispute that acknowledgements are not being used. For every transaction we get in our door and you saw the volume, we return an acknowledgement. It may not be the X12. It may be a proprietary one that the provider can actually read. We reconfigure. If we get a 999 in the door, we may reconfigure that into a printed report or a human readable report. The vendors that we send them to may render it in some way that a human can read it and do something with it. They cannot really react to a 277 or a 999 or a 997 in its raw form.

We do acknowledgments for every transaction we get. Our payers give us an acknowledgement when they get it. As far as the status of the transaction once it gets into their system, it varies across all the payers as to what level they can provide. But pretty much in the claim world that is working. If it isn’t, it might be the problem with the vendor’s software on their end that they cannot render or whatever the problem is.

I, again, would firmly recommend if there were going to be operating rules with acknowledgments, it should be the X12 arm. A lot of time was spent in making sure that the transaction response mirrors the transaction that came in the door. I would suggest that rather than reinventing the wheel to Sherry’s point we have security people out there. We probably have 15 different types of certifications as clearinghouses that we need to get for various stages. It would be wonderful to have one set of security rules. And all of us have to do NIST if we are doing any kind of federal transactions.

DR. SUAREZ: Peter.

MR. BASCH: I am sorry to make a second comment. The comment about mandates is something I just have to respond to. Providers now are living with, surviving through a mandate already EHR adoption and are looking at another mandate ICD-10. We are certainly struggling as a community to find good from both of these and will continue to do so.

Let me be less obtuse about my prior comment. If there was a signal from this group that the adoption of infrastructure would be followed by leveraging what has already been mandated and what will be mandated. For example, if we have this infrastructure, you guys already have a lot of coded information and you have a — it is probably more than anyone would ever need a structured continuity of care document architecture where anyone could extract probably more than they would need for prior authorization. My comments are just on the 278. And from what I have heard of ICD-10 although I have had my doubts in the outpatient world that it has much value. But if I were to hear today — if people agreed to a mandate on the infrastructure and then we could leverage the EHR C-CDA and ICD-10 coming, there is nothing else. That is it. It is solved. You would find me up here shaking your hand and say I will convince the ACP to sign onto a mandate, but I am not hearing that. What I am hearing is mandate to a duplicative process that would be on top of everything else. That is something we cannot do.

DR. SUAREZ: Thank you. Gwen and then Heather.

MS. LOHSE: One other comment. As we think about the providers, we do get a lot of providers because we provide the implementation tools, the CACQ CORE and the voluntary certification coming to us to say I want to get certified or I want my vendor to get certified. We go through a process of what is the vendor and which is the product and which version of the product do you have because each of these certifications is on the version of product because the provider signs a certain version of a product. We have, unfortunately, seen providers send us their contracts, their terms. We obviously return them and don’t look at them. But it might be another value thing. We look at companion guides and a variance on the companion guides and thus — operating rules to look at the contract terms with these variances that the providers get for the versions and the products because we are seeing a lot of variation with both the companion guides and those contracts and really say is there variation. We have absolutely seen it and it is something that is a challenge to some of the providers for the adoption. I think on both sides that documentation can be improved and it is maybe something that you all as a committee could look at.

DR. SUAREZ: Thank you. We are going to go to Heather and we will finish this part.

MS. MCCOMAS: Thanks. I would just join in and agree on something that Peter said earlier about the timing in all of this. I agree if there is not a clear trajectory to working on the data content issue that moving forward with the infrastructure requirements would be premature. But I am worried that the Subcommittee is getting the overall message like we don’t want operating rules on the 278. That is not it. But we want it to be complete, something that actually makes this works. We are saying let’s step back and pause. Continue this momentum. I am worried the message is stop, just don’t do this. It is do it right. That is the message I would convey to the Subcommittee on this, not to stop the work, but to go back, revisit it, and do the whole complete look at these transactions.

DR. SUAREZ: I think we need to really move on. Go ahead, Sherry.

MS. WILSON: I would recommend to you — collectively we focused more just not on the individual transaction, but we really look at the end-to-end workflow. Where are we improving workflow, efficiency, and enabling automation. That is the goal that we are all here for. We have to be looking at interoperability. I think we can make big strides because then at the granular level, ROI can really begin to be realized for people that have to implement.

DR. SUAREZ: Thank you so much. I think the group is going to — during lunch, we agreed. What is going to be the main question we wanted to ask you all? We really appreciate your time. Thank you so much for your testimony. We are certainly going to be doing a number of follow ups. Given the fact that these are draft rules and there is going to be some time before they get completed, we are expected to receive as a national committee the final one that would then be considered for recommendation. This is really ultimately a first step. We are very pleased that we were able to listen to all this testimony. I think there is going to be a lot of opportunity to continue this discussion over the next several months. Thank you so much again.

We are going to take a five-minute break. I do want to ask if there are any public comments. We want to open it up before we move to the next session and while we are doing some adjustments in the slides. If anybody from the public wants to provide any comments and if there is anybody on the phone that wants to provide any comments, we will take them now while we are doing the transition to the next part of our hearing. Any public comments?

Agenda Item: Public Comment

MS. BURKHART: Laurie Burkhart with WPS. I was representing WEDI on the CAQH CORE calls. One of the messages maybe is that with this set of rules is — and I don’t know if the message is clear so I thought I would find a different way to say it. To take rule 270 that applied to the previous rule and apply it to these transactions so that what time and effort was spent continues with these set of transactions and then we come back and look at 470 in the future to apply it to all the transactions. That would be my recommendation.

And the other thing is to make sure the 820 and 834 — unless the employers are included in those, the transactions, there is concern there too.

DR. SUAREZ: Thank you. We appreciate that. Anyone on the phone?

Afternoon Session: Review Committee Evaluation Criteria and Process

Agenda Item: Review Committee Overview

DR. SUAREZ: We are going to move on to our next session. Our next session of the hearing is focusing on the review committee evaluation criteria. We have a number of testifiers. We are going to modify a little bit the order just to accommodate for some needs. We are going to start with Chuck Jaffe from HL7 and then we will hear from Gwen. We also have Steve Posnack from ONC who is on the phone. He will be joining us on the phone. We will go in that order and then follow the rest of the schedule.

Very briefly, before we start just to make a notation. As I mentioned at the very beginning this morning, the Review Committee is a new function assigned to the National Committee. Under the Affordable Care Act, there was a provision that called for the secretary to establish or designate a new committee called the Review Committee to provide review and input back to the secretary regarding the status of implementation of transactions, the transaction standards, identifiers, operating rules, the whole gamut of those things that have been adopted and have been in place. The secretary designated the National Committee to be the review committee.

We created a charter and a process, which we put on the NCVHS website. We are planning to hold a hearing this coming June. At this point, the schedule I think is June 16 and 17 I believe is the dates that we have identified. June 16 and 17. At that time, we will invite testimony from the industry across the board regarding the eight or nine, depending on how you count, eight or nine transactions that have been adopted under HIPAA for which standards, operating rules identifiers have been adopted and as for feedback about them. At that point, we will hear more about things like why aren’t we implementing prior authorization as much as we thought we were going to and those kinds of things.

Today’s hearing is about the evaluation criteria. Conceptually, what kind of metrics and what kind of elements we want to make sure to address during the two-day review committee hearing in June including things like of course the volume, for example. A lot of people talk about volume with respect how much transactions are being used as a metric, as a measure of really adoption. The value of the transaction itself and what is the ultimate value of adopting these standards and operating rules. That is the purpose of this afternoon’s hearing. We are going to start with —

By the way, we also — in the NCVHS website, we have a presentation from December of the National Committee that talked about background of the Review Committee describing the charter and all that as well as some guiding principles and some general guidelines of the type of criteria that we are looking for when evaluating these transactions. Certainly including things like how much the transactions and standards and identifiers and operating rules are, meeting the business needs and how much are they ultimately achieving some of the goals for which way they originally were created. Efficiency, improving health, improving care, improving basically the efficiencies, reducing the cost, the triple aim, those kinds of things. That is some background. We are going to be looking at criteria that really ultimately helps us follow those guiding principles that we laid out.

Without any further ado, I am going to turn it to Chuck, who is on the phone I believe. Chuck, are you on the phone?

Agenda Item: Review Committee Evaluation Criteria and Process

MR. JAFFE: Yes, I am. I thought you were going to take a break. I am glad to start.

DR. SUAREZ: The floor is yours, Chuck.

MR. JAFFE: My name is Chuck Jaffe. I am the CEO of HL7 International. HL7 is the global authority for health care information and for interoperability with affiliates in more than 30 countries. HL7 is a nonprofit organization, ANSI-accredited standards development organization dedicated to providing a comprehensive framework for the exchange, integration, sharing, and retrieval of electronic health information.

We support clinical practice and management, delivery and evaluation of health services for more than 2500 members representing more than 500 corporate members. These include more than 90 percent of the health information system vendors worldwide. We collaborate with other standards development organizations to provide support for the payer community, providers, philanthropic and government agencies in order to create an environment that is comprehensive and reliable and successfully interoperates with other systems. Its efforts are sponsored in part by the support of our benefactors.

On behalf of HL7, I would like to thank the community for this opportunity to offer comments. We support wholeheartedly the role of NCVHS as the ACA Review Committee and the Subcommittee on Standards Review chartering its guiding principles and work plan as described in the announcement in December.

HL7’s perspective will certainly be address in future Review Committee discussions and hearings. Our recommendations for adoption of HL7 standards focuses on the exchange of clinical information and includes electronic health records, attachments, clinical quality information, as well as transition of care and other information sources.

The new Review Committee will address standards to fulfill the business needs and identify whether changes are needed. Certainly, innovation in our industry brings the anticipated adoption of clinical standards and the need for their review and evaluation.

There are significant responses to the questions that you posed. I have tried to identify specific responses where appropriate. Firstly, we support the establishment of a set of principles and criteria that assist in the evaluation process. Although I am not able to provide an exhaustive list, we believe that the review process should include the following attributes. One, support for the ONC strategic roadmap for clinical data exchange and interoperability. Two, promote the exchange of health care information between providers, payers, as well as consumers and patients. Three, develop solutions that meet the needs of all stakeholders for outcomes that have been proposed. Enable all interested parties for the opportunity to participate in and to provide input into the proposed solutions. And support data standards that have been implemented and tested before those standards become normative. Finally, to provide adequate environmental opportunities for harmonization of multiple standards and their respective solutions.

To the second question, should the RC evaluation criteria be used to evaluate new or proposed standards and operating rules, we believe they should at a minimum for the constituency in the evaluation process as well as for its consistency. This will enable a more mature process and lead to effective and efficient outcomes for all stakeholders.

Do you have evaluation criteria that can be used to evaluate standards and operating rules? HL7 supports the maturity criteria that have been adopted by the HIT Standards Committee. We believe that these criteria are sufficient and adequate for this process.

The next question. What evaluation criteria have you seen that are effective? HL7 standards and their implementation guides are subject to the ANSI process. This is contingent on the review and approval before publication and the majority process that requires experience for implementation.

The next question. What processes should be used to evaluate standards and operating rules? There are a number of recommendations around those processes. These include, one, as processes are developed to evaluate the standards and operating rules, the inclusion of all stakeholders are required to ensure their perspective is considered and is critically evaluated. Secondly, NCVHS public testimony should be heard and written comments provided. Third, through the HL7 balloting process, as well as the adjudication of all negative ballots, analysis, comments, and suggestions are always forthcoming. Lastly, authoritative review of all designated standards maintenance organizations is recommended.

In conclusion, HL7 supports the ACA Review Committee and recognizes the need for the industry to develop a more timely and more predictable maintenance cycles.

As the committee begins to evolve, we believe that the evaluation criteria will continue to develop and evolve before moving into a second review cycle. In particular, we anticipate that the review of clinical standards should be included in this process.

That concludes my remarks. Thank you very much.

DR. SUAREZ: Thank you so much, Chuck. Thank you. We really appreciate your comments.

We are going to go next to Gwen.

MS. LOHSE: A quick overview of who we are. You already heard that this morning. And talking about the framework and the process and then some potential criteria and examples as well. We do track a lot of data at CAQH CORE. I think that that is going to be important as to what focus you, as a committee, is going to have on qualitative information versus quantitative information. It is great that you are the assigned committee because it is the appropriate place for this to happen given you can connect all the initiatives. We have ended up in the right place so now the real work begins I guess.

We are making these comments as both the author for the operating rules, but also as you all know, we do push adoption through providing implementation tools as well as a voluntary certification process that applies to health plans, vendors, and providers.

As we think about the framework, you had asked some questions. Up at the top we had said what is the process to be used and the evaluation criteria. Before we even apply a process, we would hope that you all would consider what is the life cycle of the transactions in the industry because not all of the stages of the life cycle are the same and therefore they likely don’t need the same type of criteria.

What level of adoption does exist for each of the transactions? I think you heard a lot of discussion about that this morning. What is the industry goal for that transaction both on an average and is there a variance between Medicaid plans and commercial plans? What are those goals so we can work towards them? How long has it been on the market? Are you expecting things to change very quickly or a longer period of time?

Are there fundamental changes? We have seen with some of the transactions — this is where the operating rules have pinpointed. Some entities have 80 percent adoption. Other entities have 20. How do we take those things that are most important and push them through as national best practices so everyone is at the same level and the whole boat rises?

What levers are there beyond the actual requirements? We tend to sometimes get technical at these discussions. There are a lot of other levers driving this like incentives, in penalties, in certifications. What levers are those having an impact on here? And then what is your vision?

We would recommend that you would — the whole Review Committee and the industry is greatly going to value from NCVHS setting some goals for these areas, each of the transactions and what is reviewed and defining the life cycle within the goals within the life cycle or the life cycle within the goals so they are directly related.

Also, the criteria should be directed at the life cycle and the goals. And then there is work that occurs within the standards-setting bodies and the operating rule authors and that should not be repeated. There is that next level down that you don’t want repetition.

I want to show you some things just as you think about what your goals are for this effort and what you are going to really set as the fundamental context. CAQH has the efficiency index. It annually tracks and reports progress of the health care industry and the ongoing transition from manual to electronic. It uses agreed upon data collection tools and the data is collected from both health plan and providers. And given how our data exchange model works with all these transactions, it has to be retrospective. There is no one hub or single hub that all the data is flowing through. It is flowing through 600 to 1000 different vendors. Capturing that data is not very easy.

The data collection and analysis is supported by CAQH staff plus we get external parties. The last two years have been Milliman that has helped with this and then there is an advisory council that runs this. We have a full-time staff member that is devoted to it.

They deliver a report. That has been posted on our website. We have not made it public yet. We would ask you that you don’t share it broadly, but we did share it with you all. We have a user-friendly website where every health plan and provider could go in and they could calculate their cost savings if they went from manual to electronic.

And then each of the contributors actually gets a benchmark between how they are doing versus what the average is.

Right now, the 2014 index report, which was just published — it has 45 percent of the commercially insured in that data set. There are over 4 billion transactions. I think that is a pretty good data set to make some assumptions from.

The data is broken down into a number of different ways. One of the ways is by fully electronic so totally HIPAA mandated. That is electronic for both the provider and the health plan. Then fully manual and partially electronic. The partially electronic is obviously more cost. It is a greater cost to the providers. Three different ways.

For the six transactions that are studied and those on the right, there is variation between the participants and the data from over 90 percent to less than 10 percent. These are pretty wide percentages. How do you all as you think about this review committee and you think about your goals and how the goals are going to influence the criteria — where do we want that median to be for lack of a better word? Is an appropriate range in the market at this point? And again, the life cycle based on how long some of these transactions have actually been mandated.

If you see the transactions on the right, the ones that are without the stars, those have been studied for the last two years. Now we have a baseline for a two-year process. And then the ones on the bottom, claim attachment and prior auth are new. There is very minimal electronic usage. We have done a number of studies that we actually testified earlier in the year and this has validated that. We will likely be adding enrollment, disenrollment, and premium payment to this piece.

You will see that this is an example of the efficiency index and the ranges that we are talking about. We have data for all of the transactions based on this data set. We are hopeful that as you all think through the review committee, you will be wanting more data like this and we would like to contribute more of the discussion. There is quite a lot of data in it. We can have our director of research come in and present the whole report.

With that said, as the operating rule author to date, you asked what suggestions there are for evaluation criteria and have you seen that are effective. We think qualitative and quantitative are both applied and they are used for the operating rules. We do need more quantitative data. There is just not enough out there. We are spending a lot of resources to gather more, but there needs to be additional work done in that area.

Then the criteria we have have been categorized by type. Guiding principles, which are pretty much always used. We have to meet those. Then business pieces, which some of those have to be meeting. And then technical. Technical may vary. I will show some examples.

We apply the criteria at different stages. I will give the example of the draft Phase IV connectivity rule. That subgroup had over 40 criteria because it was very technical. It had the business criteria and also the guiding principles. They took those criteria. They overlaid it with the rule options and then picked the rule options based on what was the highest — which of the options met the highest criteria, and then focused on those areas to write the rules. You will see that they used a scale of one to four, strongly meets to not meets. And then based upon the output, depending on which of the different rule opportunities fit in, they focused on the items that have the higher percentage.

A sample evaluation criteria. We did provide some sample evaluation criteria. These are all things that are used in the CORE rules. I wanted to highlight a few things. Obviously, you have to meet the basic guiding principles outside in the legislation and the regulation. They are somewhat limiting as we talked about this morning, but there is certain of them that have to be met like openness, transparency, non-conflict between the operating rules and standards.

There is a big effort to not meet the lowest common denominator. We are not trying to just pick the lowest piece. We all need to focus on that. And then supporting the principles of HHS and overall health information exchange. We feel like that is essential and that is really a theme throughout.

And then under the business criteria, sufficient efficiencies and ROIs. Reduces provider bad debt is a good example. Are we actually helping the provider save money since they are spending a lot of money on these transactions? Achievable in a reasonable timeframe. If it needed to be pilot tested, was it pilot tested? We have noted in a few places. If it is a best practice and there is a lot of people using it, not focusing our scarce resources on pilot testing things that market leaders may already be using. And then technical criteria.

Another example of a qualitative study and I am just about to wrap up is beyond the index that we track, which is 4 billion transactions. We have done individual studies and gone in and actually said for particular rules, what is the benefit and what is the outcome and track those actual health plans, actual providers, and actual vendors. This really is an example of in the life cycle. The transactions already adopted the standards out there. What was going to move the needle? We track this for the eligibility. It was more data content. Were infrastructure requirements going to move the needle? The contributors used data collection tools, standard data definitions. We had an independent party conduct this. This was IBM. And then we had strong resource commitment.

You will see that there is credible metrics to demonstrate there is value. There was a large volume of transaction involved, 33 million. And then we tracked the health plan results and the provider results. There is the index. It is a much better view of the whole picture and then what are these individual case studies. I am sure others have case studies that they are going to show as well.

Just to wrap up. This review committee is going to be essential. We are obviously committed to maintenance. We have rules — I don’t know if you remember this. But when the ACA came out, you thought that the industry might be interested in more eligibility rules. We originally had a tiger team. We have a whole other set of rules that are already on the shelf ready to be issued.

As we think about the life cycle, what do you all believe the life cycle is? I think it would really help the industry. Are we at new standards, new versions, establish standards, without operating rules, establish standards with operating rules that would benefit from greater adoption or applying updated operating rules? There is a whole life cycle. And then what are the goals for those different life cycles?

Once a review methodology is developed, there is going to be quite a lot of questions. I know we re-rated within CORE. We kept re-rating the criteria because people shared ideas and thoughts. One thing would pop up to the top and then it would move to the bottom. How many times are we going to re-rate things and who is going to be involved in that process? There is going to be a lot of questions about the process. After you create the goals, which we are hopeful that you all will be focused there, then how are we going to comment on the process before it is actually applied. Because applying it without that ability to comment is going to be difficult. Thank you and I hope this was useful.

DR. SUAREZ: Yes, indeed. Thank you very much. Really helpful. Thanks for sharing the latest report. I was just glancing through it and it is an amazing amount of information.

MS. LOHSE: It is for every single one of those, the eight transactions. There is data on the cost of the transaction for the health plan and the cost of the transaction for the provider. We are breaking out the cost of the transaction for the provider that they do not view the non-HIPAA mandated so the IVR or the web base isn’t totally manual for them. There are considerations like that. And then there is breakout of what is the difference between a national plan and a regional plan both on the adoption levels and the cost levels. We are already starting the 2015 report with data contributors so anyone that is interested. We maintained all the contributors to date and we have started to increase the contributors. We are out there recruiting more contributors. Even though it is a large dataset, I think it can get bigger.

DR. SUAREZ: Thank you. Thanks so much again. We are going to go to Steve. Are you on the phone, Steve?

MR. POSNACK: I am here.

DR. SUAREZ: Could you take over?

MR. POSNACK: I will go ahead. Thank you very much for having me. It is always a pleasure to talk to NCVHS. A bit of a homecoming because before I went — committees, NCVHS was one of the places that I got to hang out.

Here today to talk to the review criteria on answering the questions posed in terms of what perspective the Office of the National — has for health information technology. My current role now — I serve as the director of the Office of Standards and Technology. Previously working a lot discretely on our regulatory activities. I have a bit of a different perspective on how all these things go.

In terms of advice or general constructs in which to think about your work and perhaps starting philosophically, the question I would ask myself is the criteria toward what end. Including things in regulation, which I can wax poetically about all of the different challenges there. Mandating compliance by a certain period of time. If you need criteria to determine here is date certain or if you are setting a baseline or a ceiling. All those I think could lend themselves to having a different set of criteria that would be best tailored to the purposes. The purpose for the adoption of the criteria in general is a place to start.

And then looking at in past experience. We have been through rounds of this type of work with the consolidated health informatics initiative that was — many federal agencies in the early 2000s. And then for many of you that have experience with the health information technology standard panel, there was criteria used roughly there in terms of the inclusion of multiple standards and harmonizing away as part of a broad package. Suitability there for the inclusion and a set of standards or specifications to meet a particular use case. That is another area of consideration.

In terms of factors and I don’t know if this has been shared with you all yet. The Standards Committee, I think — mentioned, had gone through about two years ago a detailed review led by — Baker and there is a subsequent paper published in — that I won’t read word for word, but it is fairly brief and it is succinct and very concrete and lays out the process that the agency standards committee came up with relative to reviewing standards and specifications from a technical perspective across maturity and adoptability dimensions. Within the maturity section, there is the maturity of the specification, the maturity of the underlying technology components, the market adoption so how widely the specification or standard has been adopted and then to the adoptability section, there is the ease of implementation and deployment, the ease of operation, and they also added intellectual property in terms of how open or accessible a specification is.

I know that many of us are aware of the different models that different standards development organizations have in terms of how they have the resources to operate and continue to develop great standards and iterate on them as they get feedback.

Other factors that I think we keep in our heads as well are both backwards and forwards compatibility issues. Many of you on the NCVHS — probably familiar with electronic prescribing standards. I am pretty sure that goes through your committee still in terms of the NCPDP strict standard transactions. As that is connected to the Part B prescribing rules. That may be an area — referenced that before that you could look through how you all have evaluated that standard for its use and recommendation to CMS for Part B prescribing.

Other factors involved include whether there are technical tools or technical resources for both pre and post — whether or not the standard specification is an incremental evolution due to its implementation and its use or if it is really a substantial shift moving from one industry behavior to another that is kind of a factor. Some of that — qualitative construct here.

And stepping back and looking at the questions that got sent and trying to figure out the different experiences that we have had in this arena. I think I am going to break this down, which shouldn’t be a strange model to anyone. There is kind of a technical review of are the standards and specifications in play reasonably ready to be applied for the use that is envisioned. And then there is a policy review, which is why do we need the standard to begin with and is it necessary toward meeting a particular outcome. There is a tension often that at least I would say — because sometimes you may find that on the technical review, the standards may not be exactly where you want them to be, but there is a significant, strong policy outcome that needs to be achieved or desired. The tradeoffs are way between those two components.

When you are looking at what I like to call the standards policy issues, which is where we get into the construct of this other dimension. What are the tradeoffs that are involved? What is the corresponding — near term change — juxtapose that the potential for the provision of long-term benefits? What is the compliance timeline? Many of you are acutely aware of ICD-10, which may be a bad example. But the department put out rules for 2009, which gave a long lead time, maybe not long enough for that standard adoption. Obviously, the 510 transaction and the like on the administrative transaction side. Similarly, as we have experienced through the regulations that ONC has put out for standards and certification, there is often this kind of lead time in terms of when standards to be required to be used, when they need to be built into the products and be ready to be certified.

I didn’t want to ramble on too long. I hope this is beneficial context. I am happy to answer any questions at the appropriate time that you have for me.

DR. SUAREZ: Thank you, Steve. That was very helpful. We do have copies of the criteria available by the Standards Committee as well. That is going to be very valuable for us to consider. We appreciate the comments.

We are going to go next to Durwin. Now, we are going to begin to follow the agenda.

MR. DAY: Good afternoon. I am Durwin Day, chair of the Designated Standards Maintenance Organization. On behalf of the DSMO, I want to thank the committee for inviting us to be part of this hearing today. Talk about the evaluation criteria in the past. Previously, DSMO had testified in support of the Standards Committee, taking on this role. We are very pleased that that is the case.

What suggestions there are. We have three in total. Be comprehensive. What that means is as previous stated by others. Keep in mind the ONC roadmap and ensure that there are no conflicts. Of course, the return on investment. Do the benefits justify the cost of the implementation? One other one would be that keeping a view of what is on everybody’s plate for the industry. Can the resources for the implementation process handle all that? One way of doing that is to review the mandates, not just from the federal perspective, but from the state perspective as well.

Another one would be to determine the scope of the changes. For example, check on the interdependencies of the transactions. Sid talked about that earlier this morning about how some of those transactions could be dependent upon each other.

Consider the number of changes applied and the industry benefits. Some examples of that would be an element in transaction is being questioned by several in the industry. Is this really something that is a critical change or is it just something that needs some clarification?

Another one would be are there requests, something that can be handled in the current version with a workaround or is it something that has to wait until the next version.

This was earlier this morning. Has the transactions been widely implemented by the stakeholders? The example was the ASC X12 278 transaction. I won’t go into that. We talked about that earlier.

Another one was consensus among stakeholders. Was the process open and inclusive of all stakeholders? Are there no conflicts? Make sure there are no conflicts between operating rules and the standards.

Secondly, should the evaluation criteria be applied to the newly proposed standards and operating rules? We say yes. In addition, in the new standards and operating rules, we suggest that they be pilot tested to help determine the cost benefit summaries, an assessment of the timeline for the system changes, where the vendor community needs are, where they are at, and are there any benefits from phased implementation approach or is it better to do all in.

Do you have evaluation criteria that can be used to evaluate standards and operating rules? The DSMO process itself reviews the approved changes request and they ensure that they have been incorporated into the next version of the standards. We provide that in a report to the committee on an annual basis.

Evaluation criteria. What evaluation criteria have you seen? We took a look at this and looked for some tools to help do the evaluation. Some of those that we came up with are the return on investment analysis, justification and comments for things like public hearings. We do white papers, policy advisory groups, those types of things.

You should also compare whether the impact or benefits of implementing versus the impact of not implementing. One other tool was the — I will use the new name, National Standards Group Checklist, previously the OESS 5010 checklist. The ASC X12 business analyst report and of course the DSMO change request results.

What processes should be used to evaluate the standards and operating rules? Definitely NCVHS hearings and public testimony and written comments. In addition to that, the DSMO recommendations on change requests because we include the public comments and analysis of the comments and public review.

Any multiple levels of approvals should include all the stakeholders. There should be governance operating procedures that are readily available and understood by all participants as to not disenfranchise them.

In conclusion, we suggest that we continue to conduct the hearings and public testimony and widely publicize the hearings to reach all interested parties. Be inclusive of all stakeholders so that any interested party should be provided the opportunity to be engaged and participate in the solution.

There should be hopefully consensus among SDOs, CORE, and DSMO in the evaluation of the standards and operating rules. You can see that in their white papers and advisory groups and in the roadmaps. That is all I have.

DR. SUAREZ: Thank you. Stacey.

MS. BARBER: Stacey Barber, ASX X12 chair for the insurance subcommittee. Again, thank you for the opportunity to allow us to provide input on the evaluation criteria.

Some of the suggestions that we have for evaluating evaluation criteria is we have several. One is and Durwin has mentioned this and I think we will have another theme going throughout the afternoon here as we did in the morning with the operating rules is we need to ensure that compliance with any federal or state mandates are considered and are included in the evaluation of any standards.

Again, return on investment needs to be evaluated. What is the impact to the financials compared to what value you are going to get by adopting a new standard? And, again, evaluating what the needs are and what has changed. Is it business requirements that are needed within the industry in order for it to make it function more efficiently? And any impact assessments that have been conducted as far as the use of the new standards through the pilot testing or areas in that area.

Also, what are the needs of the stakeholders? What is the impact to them and the need within their organizations and their business processing in evaluating any new standards?

That goes along the lines of what value does it bring from a business perspective as well as from a technology perspective. Have there been advances in technology in the transaction flows that may create a more efficient processing.

And also to evaluate the dependencies and interdependencies with other transactions. If you are looking at, for example, the claim transaction, you cannot look at the claims transaction in a silo. You have to consider downstream transactions that are impacted by that. What is the impact with the 835 and the RA and the claims status and when implemented, attachments potentially?

As mentioned before, what other industry initiatives are going on concurrently? Because a lot of times it is your same resource that are deployed, that are doing all of these same implementation and then you have resources used and people getting stretched to all limits.

And then we also need to be able to evaluate what kind of impact it has on any already adopted operating rules. Any coordination that may need to take place to modify any existing operating rules are transactions based on the change.

And also looking at what the urgency of the change is. Do we have a new federal mandate that is pushing the need for the adoption?

Also, to look at what the impact of delaying implementation will be. If it is delayed, does that put a bigger burden on the industry later on in an overall adoption?

And the next question is should the review criteria committee use the same criteria in evaluating new or proposed standards. ASC X12 definitely feels that the same process should be followed and the same criteria in evaluating. And some questions to consider and look at in there is how do the new proposed standards enhance administrative benefits of other adopted standards. How do new proposed standards impact current mandates and adopted operating rules? How does new proposed operating rules impact associated standards? And how does new proposed operating rules impact already adopted operating rules? I think we have an example of that this morning from the connectivity rules with 370 and 470 and the differences between those.

Some consideration. The 278 took some bashing this morning and apparently is going to take some more bashing this afternoon. I have — from the ASC X12 perspective. There are other 278 transactions that are not adopted under HIPAA that may improve the overall prior authorization functioning should those transactions be adopted. We do have to look at and other people have mentioned this earlier this morning as well as this afternoon is that there are — the overall transaction processing flow that has to be considered in looking at the transactions and the implementations.

The next question is is there any evaluation criteria that are applied. ASC X12 does have criteria that we apply in developing our new standards and creating our technical reports and we have a change request system that is used along with using our established ASC X12 policies and procedures.

One of the primary things is that we do achieve consensus on the change request. It is a process that goes through where the business requirements are developed, in vetted and agreed upon and works through and then the technical solutions are developed to meet those business requirements, again, vetted through and evaluated by the business work groups to ensure that the consensus is reached. That is just in the development process on its own.

Once the guides are developed and ready for public comment, it goes out to public comment and multi-stakeholders are involved within the review of those requirements of the transactions. Once they are completed, it does come back and the comments are adjudicated and responded to and for open informational forums are held to address any comments and to answer them publicly. We make sure that we assess that any deficiencies have been corrected, any gaps, and any ambiguities have been addressed and if any new processes or needs that need to be supported have been addressed within the transactions.

Again, we allow for multi-stakeholders and we do have federal state participations that participate in work in ensuring that their federal and state requirements are met.

Again, here, I am going to say that if there are deficiencies within any of the transactions, 278, if there are, then we do have a change request system in which people can submit their business reason for a change request to the transaction. It will be evaluated and determined if it needs to go through the change request process and have a change in a future version.

And then what criteria have we seen that has been effective? Durwin did mention the checklist that was used by OESS and the evaluation of previous adopted standards, now, NSG.

And then we do have the ASC X12 Business Analysis Report that we have used within there. It is referred to as the BAR. What the report does is it breaks down the individual changes that were made to the technical reports. Was it in front matter? Was it into the technical implementation of the transaction? Was it because of — for example, ICD-10 mandates coming across that we had to make changes to the TR3s to support ICD-10. It is in a gridded format that breaks it out so that you can see it at a high level what has changed.

And then of course ROI analysis that have been done in the past that shows any investment, return on investments.

And the final question was what processes should be used to evaluate standards and operating rules. We do believe that any recommendations from the DSMO need to be considered by the Subcommittee on determining any changes. We have the BAR again as an example.

And then we do have results from public review and comments, the adjudication of those results and the public informational forums that are held and evaluating the comments that were made to the transactions.

Need to ensure that business processes, reviews, and verifications were done, received multi-level stakeholder approvals, and a consensus was driven, and that technical reviews were done, and again, ROI analysis.

Thank you again for the opportunity.

DR. SUAREZ: Thank you. We are going next to Margaret.

MS. WEIKER: I am Margaret Weiker, director of Standards Development at NCPDP. When you look at suggestions for evaluation criteria and you look at it from what exists today, what is your current, one of the things you can look at is volume. However, that can be very deceiving. For example, the telecommunication standard, which is used to submit claims in the pharmacy world is very widely implemented. I would say 99.8 percent of all pharmacy claims transactions are submitted using that standard.

Another HIPAA adopted standard is the Medicaid subrogation standard. If you looked at the statistics for that, you may see that only 50 percent of all Medicaids have implemented that standard. You may go oh my gosh, what is wrong with that. Nothing is wrong with that because not every Medicaid subrogates. Some pay — some subrogate. That is when I said when you look at a number, you cannot just take it on face value. You have to look a little bit deeper especially that number is perceived to be low with why is it low. 834s, 820s, when you look at those types of transactions. Employers are not a HIPAA-covered entity. You look at the volume there and it may appear to be very low, but why? That is because one of the exchange partners is not a covered entity. You have to look at the benefit of them doing one over the other. When I say look at volume, you just cannot say oh wow look at this. It is not widely implemented.

You need to look to see are covered entities and other stakeholders support what is there.

What are the numbers of change requests that have been submitted for that version?

What workarounds had to be done? You may say we will put this in the next version of the standard, but yet there is a need to implement it now. How are you going to implement it now? Why you work toward this new version? What is the workaround? What is the cost of that workaround? That needs to be considered.

Number of questions. You may have thought that guide was written as clearly as this water. However, when implementers start using it, they are like I have no clue what they are trying to say. You see a theme especially when they first come out of questions. You can say we understand. We need to write this clear and maybe that is in the next version. But there may be questions about how to do something that really is not a workaround. It does not need a change request. It just needs to be made clearer so it is implemented consistently. I think those type of things need to be considered.

NCPDP does have a process for anybody to ask a question on any of our standards, not just those that are HIPAA adopted or MMA adopted. And X12 also has a process as well.

Federal and state mandates. Those need to be looked at as well. Medicare Part D hit the pharmacy world pretty hard with the implementation and the changes incorporated for that. To date, we still are having some of those things. Version D0 was implemented many years ago. As we all know, there is nothing as constant as change. Every year when they come out with new rules, there needs to be changes for Medicare Part D.

One of the things we did though when we went to version D0 is we got a little bit smarter in regard to allowing some flexibility. We took all of the internal code sets, values that are used in fields when I say internal code sets and made them external within NCPDP owning them. That way we could add a code to support a change perhaps and for a workaround and then down the road in the next version implement a field or something like that. We implemented some flexibility around that.

We also implemented a process. It is called an external code list. We also implemented a process to where it is not in the mandate, but most stakeholders adhere to it to say on this day I am going to implement this version of the external code list. It is not like Debbi is on one version, Sherry is on one version, Melissa is on another because that is what was happening. The PBM processors were driving that. The poor provider had to go look up what version of the ECL Debbie was one because it might be different than Sherry’s. As an industry, we said let’s come up with an implementation. It is not a mandate. It is a recommendation to where everybody can somewhat be on that same version. We did that as well.

Support for new and emerging business needs and technology. Cost-benefit. ROI. It has been said.

New criteria. What is the current problem? What are we trying to solve? What happens if we don’t implement that? That also needs to be looked at. What is the financial impact as well as what is the impact on patient care?

Can this change to the industry? Is it addressed by a new standard, a new operating rule, a new version of a standard? What is the urgency of those changes? Again, the analysis of new regulatory requirements. They always seem to be coming down at both the federal and state levels and those have to be accommodated.

Then also, you have to look at what I call industry-specific needs. I put pharmacy versus medical, but it is not like we are in a battle. But it goes to pharmacy — is primarily a real-time environment. Most of our transactions are done in a real-time environment. All of a sudden if there is some mandate that all claims must be batched, though there is a batch standard, to say most or all or anything like that would set the pharmacy industry back years. I think industry-specific needs have to be considered as well.

What are the other competing industry initiatives? Many people have already said this. We have ICD-10. We have the UDI. We have meaningful use. What are all the other competing industry initiatives? As Stacey mentioned, the transactions had to change to support ICD-10. Those kinds of things have to be considered. I am not going to pick on state Medicaids, but as you said, state Medicaid funding. That has to be considered. Their budget cycles have to be considered when you go to adopt a new standard, a new version, or an operating rule.

Then there is the alignment of all of that, sort of a roadmap, not only with just legislation, but what are the regulations, policies, guidelines, that type of thing. It is end-to-end, not just single this transaction, this standard, but it is an end-to-end process that needs to be looked at.

Also, your infrastructure, databases, programs. All of a sudden if you are adding a bunch of new fields that may be used in coordination of benefit. There goes your database, your expanding field links database. All these kind of things have to be looked at.

Also, does it augment the other administrative transactions and the benefits? Is it a standard or an operating rule that is somewhat of a de facto standard in use today? That also needs to be considered.

When you — evaluate standards and operating. NCPDP is a consensus building organization. We evaluate each change request that comes in. There is a form that anybody can use to submit any change request to any one of the transactions that we have.

We also look at any potential impact that it may cause to other transactions. For example, if we add a field that must be returned in a response, will it also need to be on the ASC X12 835 transaction because the pharmacy industry uses the remittance advice, the X12 835. If we put it on the response and somebody says but it would really be beneficial to have that on the 835, well then we need to look and say can it be accommodated already. Do we need a new value? Are we going to need a new field? There is the common between the two organizations. We also work with HL7 with those types of things.

We have multiple work group voting. Typically, changes are assigned to a work group that owns a transaction. That is where the industry experts sit. They review it. If it has a government factor to it like a Part D, it goes to that work group so they can evaluate it. And then at the end of that cycle, there is a group called the maintenance and control work group that looks at it from a broader perspective as well.

And then of course we have ballots. Any stakeholder can comment on a ballot, submit a ballot. It is open to all.

Effective multiple stakeholder review, commenting and voting. Cost benefit. Regulatory timeframes, I think, is criteria that are effective in regard to roadmaps and planning. And then of course the consensus building organizations that evaluate each change request. What is the change? Why is it needed? What is the impact of the change? What is the impact of not making that change?

What processes should be used to evaluate standards and operating rules? We broke operating rules into existing and new because existing operating rules focus on transactions that have already been adopted. What is the existing? Public review and comment, voting by all members, open participation and commenting are open to any stakeholder, pilot projects, testing. We believe it needs to go through a DSMO process, then through NCVHS, HHS regulator process.

For a new operating rule, are they needed? What problem are we trying to solve? We believe they need to use the same processes that the SDOs have to follow. It kinds of goes back to your point, Alex, of what is a standard.

If an operating rule needs to be created for a standard or a transaction that has been adopted or going to be adopted, then the owning standard organization ought to write that rule in conjunction with CORE.

Then you look at these. What process should be used to evaluate the standards? The SDO members determine the business need to move forward to a new version or to create a new standard.

I know at our last NCPDP meeting, we had a discussion about is it time to take forward, more forward to the next version that we would want to have adopted under HIPAA. We had that discussion. We put together some information so members could evaluate what are the changes that have been made. What do we need to consider? We put together an initial draft project schedule for that. The members said yes. We do need to move forward. It is time.

There has been a volume of changes. The workarounds continually to pile up. There is only so much message space in a transaction that you can put stuff in before payers and processes are going to have to start prioritizing, which one goes in because something is going to be left behind. We found instances where software vendors are displaying message fields. It is the time. We did have that discussion.

One of the things that we think needs to be done, but I do think it needs a bigger dialogue is pilot testing, pilot projects. What does that mean? I bet if we went around this table, we might get some consensus around the definition, but I bet we would start out with everybody having a little bit different take home what that means.

I know when I was putting together the project schedule that was like a blank slate on mine. I put it in there as a task, but I had no idea the duration to put it in, who was responsible for doing it, who is funding it, how is it going to get done, what do you mean, what results do you want to see. I am going to reiterate. I think we need a dialogue sooner than later.

And then the DSMO process and going through the NCVHS and HHS regulatory process.

That is all I have on this topic for right now.

DR. SUAREZ: Thank you, Margaret. We will ask everyone that has not yet provided us with slides to send it to us. Some of them are electronic already.

We are going to take a ten-minute break and then come back and finish up with the remaining of the testifiers. We will be back. I have 3:28. At 3:38, we will come back. Thank you.

(Break)

DR. SUAREZ: We are going to get started again. We are going to invite our last group of presenters. We are going to switch one person up and we are going to hear first from Debbi Meisner and then we are going to go back to the original plan unless anybody else had some emergencies.

MS. MEISNER: I am Debbi Meisner with Emdeon. Still the same person. Still the same number. I am not going to repeat all of those.

With regards to a review committee, we looked at this internally and came up with some thoughts that aren’t too much different from what you have already heard. Emdeon strongly recommends that the Review Committee require the standards organizations and the operating rule entities to provide a detailed change log that clearly defines the proposed changes along with the business reason for the change, the impact of the stakeholders and if possible, the cost for time to implement to help you gauge what the changes are.

With regards to new standards and operating rules, we strongly recommend that the committee have a clear understanding from the SDOs and the operating rule entities on the business need for the proposal and again that return on investment and complexity to implement. Is it hard? Is it something that can be done fairly quickly?

Some other considerations should include the interoperability of the changes. Is the proposed change upward and downward compatible to allow the industry migration time. If you don’t have that, we get a bottleneck at the end that will cause a tremendous strain to the industry.

Again, as you have heard, consider what other regulatory demands are being placed on the industry that could impact the ability to implement on time. Consider the time and the resources and consider what other policy regulatory things that are happening that could have an impact on the changes.

Some changes that have been incorporated into new versions of the standards and potentially operating rules are there to address policy changes. This can lead to some confusion when moving to production and rejections occur based on the policy that people have not implemented that they were supposed to implement four years ago.

And then what happens is that it becomes an issue for the “standard”. We experienced this in 5010 when the transactions aligned itself with the HIPAA regulations in order to enforce what the HIPAA rules mandated and then all of a sudden we started having rejections. It is the P.O. Box issue that we all faced in January of last year.

When possible, revisions should be limited to updates to the standard and policy changes should be done in separate releases. We also experience that with the CMS implementing their enrollment process or their registration process at the same time that the new standards came in. It was very confusing to figure out what was causing the problems that we were facing.

Is there a reason to move a set of transactions forward? I think Stacey spoke to this. Are there some dependencies between them? Oftentimes there are changes that go across all of the transactions and implementing one without the other will cause a problem. We do need to consider the dependencies between these transactions even across the SDOs as Margaret had indicated.

When new versions of existing standards are brought forward, it should be determined whether there is an impact to coordinating operating rules. When the next version of the eligibility transaction comes forward, we certainly will have to have new operating rules to align with that so that there is no conflict between the operating rules and the standards.

Another consideration is the certification of product vendors to ensure that the correct versions of the software being deployed. Translated products are not all created equal. I know that is hard for you to believe, but they are not. We experience this quite significantly with 5010 as we discovered different approaches to the rejections.

Oftentimes the trading partners are not aware of the edits that have been built into the translator and many of them do not have access to the code or the knowledge on how to change that code to meet what their business requirements are. Not only did we see the rejections, but the payers that were on the back end for us specifically around the claims were quite surprised with the rejections that they were returning to us because it was built into their translators.

This delays implementation as adjustments are being made. Medicare, as a health plan, was supposed to have consistency across all the MACs, but each MAC was allowed to pick their own translator and so we did see differences even though there was the perception that they were all going to be the same.

POTIS and HIS vendors do not deploy to all of their providers at the same time. This leads to inconsistent implementations. Many of your small providers choose not to upgrade due to the costs. So certification of the products, which WEDI and EHNAC are working on, will certainly help reduce this problem if we can get software out there that is compliant with the next version coming forward or ICD-10 or whatever we are getting ready to move forward with. It would really help since they are not covered entities.

You asked the question of should the Review Committee evaluate criteria for new and proposed standards of the operating rule consistently. We said yes. Once you have established your criteria, it should be used to evaluate any proposed standards and/or operating rules regardless of whether they are new or revised.

The committee should use the criteria to determine if these are benefits to the industry in moving forward and ensure that there are no unintended consequences. The outreach to the industry that the committee does today will provide invaluable insight into the various stakeholders’ concerns, benefits, cost and impediments to implementation. We strongly encourage you to continue to seek that input.

The evaluation criteria that could be used to evaluate the standards and the operating rules. Emdeon performs evaluations of the new and/or proposed revised standards and operating rules throughout the development process. We participate in many of the working group development groups and we evaluate throughout as to the impact to our systems and our customers. And we use our extensive data to perform analysis to the changes.

We perform extensive mapping to make sure that it can go from the old version to the new version and the new version to the old version.

We run volume tests to identify issues and challenges. We meet with our trading partners to discuss the impacts and identify recommended solutions and seek their input. We have monthly calls with our software vendors and with our payers on a frequent basis to let them know what is going on, what the proposed changes are and what do they perceive the impacts. We share that throughout the development process with the standards organizations that we participate in.

What criteria have you seen that has been effective? With regard to new and revised standard testing with vendors prior to the implementation, it helps reduce the overhead of testing. We do a lot of what we call lab testing with the software vendors. They send us test files. We run them through. See what rejects.

In some instances, for example, ICD-10, NPI. This testing is not enough to show that the providers are ready. It shows that the software can do it, but it does not show you what the pattern of the providers will be once they start doing the data entry.

Provider testing is the best way to identify these issues, but a lot of the software does not allow for this. As we are finding with ICD-10, this testing capability at the desk top for the smaller providers.

Payer testing with clearinghouses can reduce the number of testing partners that are needed, thus, reducing the cost and shortening the testing window. However, costs to support testing should be acknowledged and the alignment of testing approach and expectation should be established.

End-to-end testing in particular incurs significant costs for all parties involved and has proven to be very manual and requires significant collaboration, communication, and coordination between all of the stakeholders.

We feel that sharing outcomes of early testing through webinars, industry outreach, through WEDI and CMS can help bring awareness to the industry and help reduce repeated errors from occurring. When we are learning, one of the things that we have found with ICD-10 is there is not a lot of sharing of the test results. We have people testing, but we are not seeing here is the set of codes that we think are really going to be impacted. Here is the outcome of what we are seeing. We need to do better at sharing early testing, early results so that later implementers can learn from the early adopters.

What process should be used to evaluate these? We believe that the best way to evaluate standards and operating rules is through pilot testing prior to being adopted. This goes to Margaret’s point. Where does it fit in the timeline? Who is going to pay for this? Emdeon did the pilot testing for 6020. We had the contract with CMS. We felt and CMS felt that it was a very successful pilot. We used our extensive data to be able to do evaluations because you cannot always tell what providers are going to be doing on the front end without looking at that data and seeing what is actually going to happen. We got rid of a code. How many people were actually using it? What is going to happen if they start sending it in going to a newer version? They are sending it in the old version and going to the newer version. What are you going to do with that? We can tell how many people that is going to impact. We can start early education. We can do outreach. We can target the providers who are using data that may be going away or letting them know that new data is coming in, but it is not without cost.

I think one of the things that you should consider because that is going to be the best way for you to get what you need to evaluate the new standards coming forward is good results coming out of a good pilot test that uses good analytical tools to make sure that you are getting the correct information that you need.

In closing, I want to thank you for your time and for accommodating me so that I can get to the airport. If you have questions, please feel free.

DR. SUAREZ: Thank you so much. Okay. Sherry, do you want to go next?

MS. WILSON: Good afternoon, members of the Subcommittee. I am Sherry Wilson, president of the Cooperative Exchange, the National Clearinghouse Association, and executive vice president and chief compliance officer of Jopari Solutions. I would like to thank you for the opportunity today to present testimony on behalf of the Cooperative Exchange members concerning the Review Committee evaluation criteria and process.

We first would like to address the issue of suggestions for evaluation criteria. We feel first of all I think we kind of echo what has been said this afternoon. The need to review and prioritize existing, competing and emerging priorities. Again, I would like to use the key word priorities. We really need to look at that.

Also, we look at the evaluation criteria. It considers examining opportunities based on the impact of end-to-end workflow, again, not in isolation, especially with the convergence of administrative and clinical workflows that we are seeing. Echo again the need for ROI impact analysis. In our written testimony, we have specifically ten key points based again on our industry experience and implementing operating rules and standards. At the top of our list is the first one. Is there a business need?

In addition, we believe in the need for the evaluation criteria to include post-implementation evaluation as applicable. And then we also look at the evaluation criteria. What processes do we have in place to be able to make changes and correction in a timely manner to mitigate potential negative industry impact?

This last one we feel is extremely important that the evaluation criteria looks at creating standard benchmarking matrix to be able to measure outcomes, improve business processes, and identify ROI results. I want to go back to the word standard benchmarking. This will enable us to have much more meaningful dialogue we could have had today because then we begin to use the same language and the same measurements. We feel very strongly on that recommendation.

Quickly, you see the other questions. Should the Review Committee evaluation criteria be used to evaluate new and proposed standards and operating rules? You see a big yes. Again, I think that echoes throughout this afternoon the consensus. We feel obviously evaluating both existing and new proposed standards and operating rules, but we also think there is a need for consideration as to what the changes encompass and the adjustment to the criteria as applicable.

What is the evaluation criterion that the Cooperative Exchange has? We really do not have a formal evaluation process, but our individual members have their own internal evaluation criteria. We think the Cooperative Exchange brings a tremendous value to the NCVHS and the Review Committee as an industry resource. Our members have strong representation across the national standards and professional organizations. This enables us to have a diverse view of the industry perspectives and potential impact of standards and operating rules. And more importantly, it is the strength of our membership. There are stakeholder relationships that serve as an effective vehicle to help gain industry insight at the granular level where people are actually having to implement these rules and standards. We think, again, looking at the impact end-to-end, we can bring a valuable resource to this committee.

As far as proposed the question, what are the processes that should be used to evaluate standards and operating rules? The first thing we would like to recommend is that the NCVHS and the Review Committee host a follow up forum to collaborate with industry experts that have been here today to help identify best practice evaluations and criteria as applicable so we continue the dialogue in a timely manner.

We also look at the recommendation to examine actually utilization of these transactions, the code sets and the operating rules. If they are not being used, ask why and what do we need to do as an industry to make those changes. I think we need to also look at the process to evaluate. Rules that were mandated five or six years ago. Are they still applicable today? And that we take a look at that as well.

We also recommend the increase of frequency of industry collaboration and communication outreach to broaden stakeholder engagement. And also the educational forums. I think we talked about. Sid, you definitely talked about this earlier. We need to start focusing on end-to-end workflow automation discussions and not again transactions and isolation. We really need the industry at this time in processing how this is all going to work with administrative and clinical and attachment processing.

Margaret and everyone have hit on the pilot testing. We definitely need that with clear criteria evaluation and return on investment and again the barrier, which funds it, where does this fit into the scope of the Review Committee, NCVHS, and the implementation timeline.

Two last important points I do want to make is that we need to publish. Once you have created those benchmarks then let’s publish the standard industry benchmarks so we can measure that outcome, improve processes and determine ROI in a common language. As you publish the clear ROI, what we really feel is that we begin to see stakeholder adoption because it makes good business sense, not because it is mandated.

In our conclusion, we feel the Review Committee evaluation criteria and process should be the same criteria used to evaluate both existing and new and proposed standards and operating rules to ensure consistency and alignment across industry stakeholder’s business needs as well as regulatory mandates.

With that, we would like to thank you for the opportunity to testify this afternoon. Thank you.

DR. SUAREZ: Thanks so much. We will go next to Jean.

MS. NARCISI: Thank you very much. I am Jean Narcisi. I am chair of the WEDI Board of Directors and also the Director of Dental Informatics at the American Dental Association. We really appreciate the opportunity to testify. As Laurie mentioned today, WEDI represents a broad industry perspective. As you all know, WEDI was named as an advisory to the secretary and the HIPAA law.

WEDI does not have an evaluation process. However, we looked right here, Centers of Disease Control, at CDC’s Program Performance and Evaluation Office. They set standards and expectations for agency-wide evaluation. These are adopted from the Joint Committee on Standards for Education Evaluation. While the focus for their evaluation is on public health programs, the approach can be generalized to any evaluation effort. WEDI suggested, however, some new evaluation steps and criteria to be used, but the format is similar. We have written testimony too. There is a template, but we broke it up so we could put it on slides.

We believe that there are a number of elements that need to be considered, a lot of them were discussed today. That evaluation of both existing and new and proposed standards in operating rules needs to be evaluated. We have identified three categories. The first is industry business assessment. It meets the current industry need. Is there a tangible need? It does not preclude or inhibit business growth or operation. Will this constrain current or future advances in the industry? No existing standard or operating rule that would overlap with one another. Harmonization is required because multiple standards, operating rules exist or are they conflicting. Is the rule necessary to supersede or eliminate current conflicts?

The next category is the practical solution. Fiscally responsible. Will this save the industry money? Cost effective implementation. Will this be of good use of industry resources? Can it be implemented in a timely manner? How long will it take to apply? Clarity of purpose to meet the needs. Does this rule clearly meet the industry needs? Is it achievable? Can a goal be reached? Is it free or fee-based? Is there a price associated to procure the standard or the rule or is it free to the industry? There needs to flexibility. Will the rule be useful for technology advancements or does it only apply to current technology? Are there consequences to the industry? Is it worth all the cost and effort to the industry? Is there vendor participation? Will vendors be willing and able to adopt?

The last category to consider would be the credible resource and evidence. All interested stakeholders participated in the creation of the solution. Was the entire industry involved? They are only a selected part of the organizations or selected organizations. No conflicting or competing interests. Will the organizations proposing this rule benefit from the implementation? Accurate and unbiased. Does the data supporting this rule or regulation provide a complete picture of reasons and effects? And then the quality of information. Is the rule based on comprehensive and accurate data?

Of course, as everybody has mentioned previously that WEDI recommends if the Review Committee conduct hearings and surveys. For the evaluation criteria that I mentioned previously, we put together a score key and it is a one to five scale, from poor to excellent. Standards and operating rules that would score 0 to 28 do not meet current industry business needs and therefore there is no need to adopt a different standard or operating rule.

Standards and operating rules that score 29 to 57 do not meet current industry business needs and therefore there is a need to move to a new version of the standard or operating rule.

And then standards and operating rules that score 58 to 85 meet or continue to meet current industry business needs and therefore no change is necessary.

In the industry lessons learned from the ASC X12 5010 implementation letter that WEDI sent to the secretary, it suggested that the secretary pilot proposed standards or operating rules as was mentioned previously throughout the whole day actually. WEDI believes that it would be prudent for the secretary of HHS to consider pilot testing all standards and operating rules prior to their adoption.

Of course, the testing would reveal material weaknesses in the standards in operating rules prior to the implementation and would also provide an opportunity for NCVHS to evaluate the ROI value and cost associated with such changes prior to recommending their adoption.

Of course, we understand that one of the biggest challenges is the cost factor. Therefore, it is suggested that HHS set aside a budget for such a purpose.

In conclusion, should the review criteria be used to evaluate new and proposed standards and operating rules? WEDI believes that yes, the evaluation criteria should be used to evaluate both existing and new and proposed standards and operating rules. All standards and operating rules should be evaluated by the same criteria so they all meet the same principles.

The Review Committee evaluation criteria and process should be clear and concise so that existing and new and proposed standards and operating rules are held to the same goals and principles that align to meet industry business needs as well as government laws and regulations.

I would like to thank you for the opportunity to testify on behalf of WEDI. I personally would like to thank you for all the hard work that you have put in over the years. A lot of these faces I have seen in a number of these organizations for over 25 years. It has been an interesting journey. Thank you.

DR. SUAREZ: Thank you. Thanks so much for that testimony. Rob, you are next.

MR. TENNANT: Thank you again for the opportunity to present testimony today. I am Robert Tennant, director of HIT Policy for the Medical Group Management Association. I am very pleased to present this testimony on behalf of four organizations: MGMA, the ADA, the AHA, and the AMA. Again, you will see that there is a lot of overlap between our testimony and what folks on the panel have already said. In fact, there is such an amazing level of industry harmonization. It is just a shame the next panel wasn’t on ICD-10.

What I wanted to do today is really talk about some areas of concern. I think the Review Committee couldn’t have come along at a better time. It is long overdue. A huge opportunity I think for the industry to achieve savings, but we haven’t yet achieved them. I think what we want to do is talk about the oversight of the standards development process itself, gaps in the current standards and operating rules, talk about the lack of agility in the industry, the evaluation of nonstandard transactions, and talk about industry compliance, which we have not really talked about today.

It is interesting. Gwen brought up the issue of the US efficiency index or the CAQH efficiency index now. We are happy to be a part of that. When you look at those numbers, it is absolutely fascinating because you look on one side and they talk about the level of adoption of the transactions. But what is also maybe even more interesting is the cost of those transactions to the industry: manual versus automated. You ask yourself there is clear ROI. Why haven’t the industry adopted it? That is the question we have to address, I think.

We have talked about pilots a lot here. I will say from the MGMA perspective, when we ask ourselves why has there been such pushback from the physician community in regards to ICD-10, it is exactly that. No pilot was done. No ROI was established. I think a pilot of a new standard is critical because it not only identifies potential pitfalls and problems that the industry will need to overcome, but it can actually establish ROI and relieve some of the concerns of the industry. I think the fact that we don’t know what the impact is going to be has led a lot of folks to push back on it.

I want to start off and talk a little bit about oversight of the standards development process. We are all immersed in it. There are a lot of positives, a lot of incredibly hard work that goes into these, but it is a little bit dysfunctional like many of our families. I think what we are looking at is issues about whether or not a change request should be going through the DSMO, through the SDO. I think the Review Committee could play a very important role here, sort of oversight of that process and perhaps be an arbiter of issues and concerns and complaints, things like that.

I think there are some questions as well, about whether or not something should go to a DSMO. Should it go to an SDO? It could lead to conflict. I think a huge opportunity for the Review Committee to step into that area as well.

Again, when we are thinking about these change requests, again, we have some examples here. The addition of new data elements for eligibility transactions, development of a new transaction, change in usage. For example, moving something from situational to require. Those are all, again, opportunities I think to improve the process.

As well, the Review Committee could certainly look at how changes go from 0 to 60. I think there has been a lot of concern, complaints, worries about the level of participation from certain stakeholder groups such as providers in the process. I think the Review Committee could oversee that and say it looks like you are pushing forward on something that really hasn’t been thoroughly vetted with the end users of the transaction, the providers. Obtaining broader industry input, assisting and achieving a more balanced representation of stakeholders. That is a challenge that is very difficult.

But one opportunity there and it is maybe something we have not done before, but we always talk about providers don’t come to the standards world. Well, maybe we need to go to the provider world. For example, holding a field hearing at a provider annual meeting and going to an MGMA or an AMA or the hospitals and say could we have a few hours of your time with some of your members to talk about what is happening in the real world of medicine. I think that is certainly an opportunity for the committee.

Dispute resolution. I alluded to this earlier. Clearly, we have disputes in the standards world. Again, allowing that process to work more effectively. Requiring greater coordination between SDOs I think is a huge opportunity as well.

Gap analysis. We all know this from the security world. We need to find out from industry where gaps are in current standards and operating rules. As we have heard from the panel, it is not good enough just to create a new standard. You have to do one that actually fills a gap, a need in the industry that has been field tested, pilot tested, and we understand what the ramifications are going to be for provider workflow, for payer and clearinghouse costs. Again, this gap analysis, I think, needs to be followed by increased flexibility. That has, I think, been one of the stumbling blocks for the industry over the years.

I think when we are looking at standards development timeline that rivals the FDA approval of new medications, I think we have some issues. By streamlining some of the processes, I think it is only going to benefit the industry.

An example of this agility that we talked about earlier and we all know about the grace period and the fact that folks that are getting into the health insurance exchanges may get into a grace period and if they don’t pay their premium, then the provider is on the hook. There is an example of something changing in terms of policy and the standards not being able to keep up with those changes. I think there is an opportunity perhaps for the Review Committee to step up and say we have had a change in federal policy. We need to quickly be agile and make a change to the standard. I think that would be something that could benefit all the industry. Again, it is something actionable.

This committee has looked at over the years a number of nonstandard transactions. I have picked one here. The virtual credit card one, which we have had hearings here on. It is going to be obviously almost impossible to really oversee these in an enforcement way. The Review Committee could go a little bit beyond simply getting an environmental scan. It could go to the point of really providing guidance to HHS, for example, for the types of issues that need to be addressed through FAQs. We have been promised FAQs on virtual credit cards for months and have not seen them. Again, the Review Committee could perhaps expedite those. But also recommend best practices to industry. I think that is where the hearings could play an important role.

In terms of compliance oversight. The old saying of if they build it, will they come. They build it maybe, some do and some don’t. We move ahead with new standards without really looking at the old ones and what is happening out there in the industry with these standards. We have heard that there are a number of complaints at CMS regarding the eligibility transaction or lack of compliance there. The fact that the plans potentially are able to go months and years without complying with the standard with no ramifications I think is challenging.

But I also think it is an opportunity for the Review Committee to be proactive to say it looks like there may be an issue with the 272 and 271. Let’s perhaps do some audits, some random audits and find out what is happening in there. If you were looking for a good model there, I would recommend the RAC audit process that we so much enjoy in the provider world.

In summary again huge challenges facing the development of standards, but a huge opportunity I think for the NCVHS. We need to achieve true administrative simplification. We think the Review Committee could play a major role there.

I will say a couple of things off script on the vendors because they are the elephant in the room. They are not covered entities, but they are the absolutely critical conduit between the provider and the clearinghouse and the health plans. We don’t really get them to the table. It is great to see that HATA has now been created.

But I would echo what Eric said on the last panel about the new practice management system accreditation program that is now in place. That has an enormous opportunity to use the private sector lever to get providers the technology that they need to actually take advantage of the standards. If there were any way that the Review Committee could push the vendor community, could promote the EHNAC and WEDI accreditation program, I would encourage that.

Again, I appreciate the opportunity to speak here and any questions, please address them all to George.

DR. SUAREZ: Thank you. We are going next to Gail.

MS. KOCHER: Good afternoon. My name is Gail Kocher. I am the director of National Programs and Blue Cross Blue Shield Association. I think Rich covered this morning who we are and who we represented. On behalf of the association and our Member Plans, I would again like to thank you for the opportunity to respond to your questions and provide our perspective on the Review Committee Evaluation Criteria and Process. We fully support NCVHS’s role in this new Review Committee to review the status of the existing adopted standards, operating rules, identifiers, and code sets.

We believe that the approach and work plan that the Subcommittee laid out in December of last year really sets the foundation for a successful effort. Your focus identified reviewing how current standards continue to fulfill business needs, whether they cause conflicting or unanticipated negative impacts, whether changes are needed, or whether there are limitations in meeting emerging business needs. We think these are all appropriate in order to meet the scope of this new committee.

We would urge you, however, to consider more actively in the work plan interactions between health care administrative transactions and other federal and state mandates. I think we have heard that in other testifiers here today. We would include, but not limit that to standards for EHR technology because this will impact not only our plans, but our providers’ IT systems and resources for many years to come.

We along with our plans in terms of evaluation criteria, we support the establishment of a set of principles that include things like reducing administrative burden, promoting greater usage by providers, considering the needs of all stakeholders and of course fostering innovation.

We think one way to achieve this is to establish metrics by which criteria can be evaluated and transaction volume is of course one metric that can be used. This, however, along with industry feedback, public and private, and routine and ongoing dialogue with the industry is essential to clearly understand industry needs and issues that these existing standards if they are updated would be addressing.

Another key consideration is whether the changes can be implemented successfully and by doing so meet the identified outcomes of those changes and create the return on investment.

Specific points that we might consider include whether there are quantifiable benefits for a patient, whether the proposed solution considered broad stakeholder input throughout the development process, whether other methods of solving the business need were considered before pursuing a technical change. Could it have been addressed through education or communication solutions, for example? And whether the proposed solution includes an implementation plan and approach. There are a few more in the testimony, but I am trying to be respectful of our time this afternoon.

We are very pleased that your work plan included coordinating recommendations with the standards adopted by ONC that support the certified EHR technology. We still, however, urge you to take a broader perspective in evaluating HIPAA requirements. First of all, HIPAA requirements do far more than impact the IT infrastructures: standards and operating rules and code sets will force health plans and providers as well as other stakeholders in the information exchange stream to evaluate and change many of our business processes. ICD-10, for example, which Rob did not fail to mention, will affect virtually all core business functions, ranging from claims adjudication, to provider contracting, fraud and abuse detections, medical policy and reporting.

Other federal and state mandates will be impacting the same IT infrastructures and the same business processes.

And the ONC recently released nationwide interoperability roadmap, which goes beyond the standards to support certified EHR technology, calls the intersection of clinical and administrative electronic health information a critical consideration, but HIPAA was out of scope for the roadmap at this particular time.

Therefore, it is vital that any review of standards, operating rules, identifiers or code sets is done in the context of the larger overall strategic roadmap for federal and state mandates. Prioritization of not just administrative simplification provisions, but of all HIT initiatives is critical to any successful implementation. We urge NCVHS to help HHS articulate how HIPAA integrates into the national health agenda for interoperability. This work should ensure that the resulting interoperability and HIPAA requirements focus on outcomes, not technologies themselves, allowing for active interoperability between and among systems and supports the innovation within health care.

You asked whether the review criteria should be used to evaluate new and proposed standards. We think there are aspects of potential new standards and operating rules, which are different and may require slightly different evaluation from updating existing standards and operating rules. But overall, there is absolutely value in aligning the criteria and principles for new with those used to evaluate the existing.

Proposals of new standards and operating rules still require reviewing use cases for the new, previously unmet business needs, the potential benefits and a review of industry impacts. Implementing new standards and operating rules solely for the sake of implementation really is opposite to achieving administrative simplification. Ensuring that a new standard or operating rule addresses a previously unmet business need and was developed with broad industry stakeholder involvement during the development process is key. The ability of the industry to work more closely together throughout the process will enable a more mature process and lead to effective and efficient outcomes for all stakeholders.

In terms of any existing evaluation criteria, we would refer to the principles that we outlined in our response to the first question and really focusing on whether or not those principles are addressing the business value that needs to be achieved in order to move forward. Ultimately if revised versions are adopted, they must be implemented, identifying the value on the front end we see as critical to support the adoption of updated versions.

Existing criteria that may be effective. I think we have already talked today about the US Healthcare Efficiency Index. We think that is one valuable measure, but we don’t see that as the only measure we think additional criteria that we have outlined will be helpful as well.

And then in terms of what process. As the process is developed, the inclusion of all stakeholders to ensure their perspective is considered absolutely critical. Evaluating comparisons of current transactions, before and after, for things like volume of usage, and cost of each transaction will be helpful. Other areas to consider are experiences of implementation and post-implementation. We also see it important to consider what actual results were as compared to the anticipated results used to justify the changes to the standards, code sets and operating rules on the front end.

We suggest that the NCVHS seek additional industry feedback to ascertain stakeholders’ input on whether pilot testing of standards and operating rules would have improved the end product. When NCVHS evaluates current standards and operating rules, an additional criterion should be whether a transaction performs consistent with the previous pilot. When NCVHS, acting as the Review Committee decides to consider providing recommendations for updating and improving already adopted standards and operating rules, it should default to including pilot testing in the recommendation. This would be consistent with previous NCVHS letters to the secretary where you have recommended pilot testing before.

Ideally, any processes developed will incorporate the principles that we identified earlier. Processes should also accommodate, weigh the relative size of entities and normalize costs as part of the analysis. We suggest that the processes ensure prioritization and consideration of other initiatives, such as including industry-level roadmap.

As we mentioned earlier, we do support the adoption of standards and operating rules. We recognize their value in achieving the overall goal of quality and affordable health care. Affordability and quality necessitates the exchange of patient information. We recognize and promote the value of standards, operating rules, identifiers and code sets, but we recognize the need for the industry to develop timelier and more predictable maintenance cycles.

As the Review Committee is beginning its first iteration, we encourage review and evaluation after the first cycle of the processes and criteria that were used before moving into a second review cycle. Looking to actual experience for feedback we believe will make the process and criteria stronger moving forward. We appreciate the opportunity to provide our initial thoughts as this new committee’s process and procedures are developed.

We would again just reiterate aligning and evaluating an overall industry roadmap with all of the initiatives in front of us collectively. We appreciate the opportunity to testify this afternoon and I would be happy to answer any questions.

DR. SUAREZ: Thank you. I think, Sid, you are next.

MR. HEBERT: Thanks. On behalf of AHIP, I thank the Subcommittee for including this in testimony today. I am not going to cover the things that have not changed. For instance, my name is still Sid Hebert. I still work for Humana and I am still representing AHIP.

Beyond that, I am going to stay pretty much off script because we have three specific recommendations and after listening to the testimony today, there are some thoughts I would like to include.

First of all, in terms of review and evaluation criteria, I have a team of folks that focus exclusively on adoption of EDI transactions and operating rules in our company. We work directly with providers in the field and with our network operation in order to coax people over to this more automated approach.

We also support our self-service tools, our portals, not only of ourselves, but also of our clearinghouse vendor that supports us.

Having said that, we do measure and publish on a monthly basis the metrics we use to drive the cost benefit for the company. What we have found over a long period of time is that adoption rate correlates with the key benefits that we measure. Those would be call volumes or improvement of call volumes are tied to directly to adoption rates. Manual contacts fall directly with adoption rate. Paper and mail cost calibrate directly to adoption rate. Auto adjudication and pen rates. Adjudication improves. Pen rates drop with adoption. Self-service rate also correlates very closely with adoption rate. Those are key measures that we use to drive our representation of what is the value to our company. We see them all correlating with adoption rate.

The first recommendations we make is we recommend that the committee focus on measuring adoption of transactions and operating rules across all stakeholders because we believe that is where the value really resides.

More than likely, there are other value propositions depending upon which stakeholder you are. I do not believe that providers will be measuring their paper and mail cost as a direct result of adopting standards, but at least as a basis, we can see that there is a strong correlation.

We also have spoken to throughout the day incentives or disincentives for adoption. And the reason we believe that that is important is if we look at the things that work well around the transaction set and the standards, things like adoption of the 837 claim transaction. It is very high for us. It is very high across the major payers for sure. There is an embedded incentive in that it is tied directly to payment. That adoption has been unprovoked for the most part once we worked within our market offices and established the justification, the turnaround time improvement. We saw electronic claims transactions spike and continue to grow on a constant basis.

Another is EFT. I mentioned it earlier and I don’t want to belabor the point. Here is a transaction set that is also an operating rule that benefits everyone in the industry, but seems to have reluctant implementations.

The people that have been or the payers that I am aware of that have been the most successful of adoption of electronic fund transfer and ERA typically have worked through their contracting process to drive adoption. There is an incentive built in or maybe a disincentive depending upon how you want to look at it. I will let Rob determine which one it is. But there are incentives and disincentives involved in the contracting process. However, that is a very expensive process both on behalf of the provider as well as the payer to use that as a mechanism.

In terms of the impact of operating rules on changes in behavior, we really do not see any of that. If I look at the data and say has Phase I or Phase II really changed the slope of that adoption curve, it really has not. I think that at least from my personal perspective, in order to — the reason we would drive operating rules into place is for consistency and to build the infrastructure foundation to build on top of. Because the real value comes from both payers and providers from the content that rides on top of the operating rules as well as the transaction set, which brings me to my third point and that is around interoperability of the transactions.

A transaction as it stands today, the claim nor the authorization nor the EFT none of these in isolation carry a multiplicative benefit. But when you start bringing them together is where we will see real administrative simplification throughout the industry. And the example that I have in my written testimony deals with a medical necessity situation where through an eligibility transaction that clearly articulates to the provider what is needed for authorization as well as what should be included as an attachment to the transaction in order to facilitate adjudication. That level of content enrichment will drive real value. We will also see immediate adjudication of the response should the claim include the attachment with the medical record information and allow us to process that with very little delay from any type of human intervention. Those are the kinds of cross transaction and interoperability opportunities that I think are ahead of us.

The last thing I would like to point out is there are things we can do in the industry that could drive significantly more performance improvement in the provider’s office or in their environment. One thing that comes to mind is real time adjudication. Humana has been a real-time adjudication proponent. We maybe have the largest population that actually does real-time adjudication. In that situation followed by an eligibility check, we immediately process and adjudicate the claim and return back what the payment is to the provider. We cannot give that transaction away because it is poorly understood in the industry. The adoption rate is virtually zero.

But here is an example of something that could really benefit to a provider if they could actually see what is going to be paid and deal with whatever member contribution is required right at the moment and actually have the funds transferred into their accounts. I think there is tremendous opportunity with this Subcommittee focusing on operating standards to not only establish the infrastructure components we need for the stability of long-term use of the transaction set, but also to provide a focus or a locus of information about how we can expand and enhance content to drive a much better outcome to an interoperability model.

I appreciate your time and look forward to your questions.

DR. SUAREZ: Thank you very much. We are going to hear next from Melissa.

MS. MOOREHEAD: Thanks. I, again, appreciate the opportunity to consider how Medicaid will be affected by the development of a Review Committee. I do think it will be an area of ongoing challenges. I have mentioned state Medicaid agencies and project teams for HIPAA compliance projects feel that they have little time or ability to participate up and downstream in the regulatory process and also they might have little expertise in evaluation activities.

However, some suggestions that we had for evaluation criteria have been pretty well covered. I almost can stay here for the rest of it. Gail actually filled in some of the gaps for me. But one of the things that we would like you to consider is that the evaluation criteria may change by stakeholder type and not just the classic stakeholder types of provider, payer, et cetera, but of course again the different kinds of payers and where they are in the stream.

There is a process criteria as well to consider, which is how standard is the implementation. The results of an evaluation will be skewed if the actual implementation varies across stakeholder type or in different implementations.

I do have a here, here, except maybe with the should the evaluation criteria be used to evaluate the new standards as well as existing. I will tell why in just a moment that I think that separate evaluation streams may work a bit better, but that the Review Committee could play a leading role in helping to estimate impact of the adoption of new operating rules and standards as a couple of people have pointed out already through a virtuous learning cycle between reviewing the existing implementations and then evaluating the proposed standards. And that is because in a different life I participated in the Health Information Management System Society Interoperability and Standards Committee Evaluation Standards Taskforce. In 2013, we did produce a white paper, Evaluating HIT Standards: Key Principles to Advance Healthcare IT Interoperability in the United States. I did provide some copies of that as well as this link for the Review Committee to consider.

The year after that — this was a large committee effort. In the following year, we had subcommittees looking at certain standards and operating rules that were already adopted. My group was one that did that. We were specifically looking at operating rules for — I think it was electronic funds transfer. And the standards that we had just — the principles that we had just spent a year working on were a little difficult to apply after the fact even though as we were discussing it, we thought that they were still sound in terms of how to evaluate a proposed standard. And in that process, we discovered ways that we thought we could enhance the principles in order to make them more robust. There is definitely a virtuous cycle there that I think the Review Committee will be able to help move the industry forward.

We have already talked about some of the standard metrics that seemed to use well the call center volume, for example. There is some sophisticated CRM tools out there that you can track what kind of issue calls are coming in. We would like to see them go down. That should be compared against a volume of calls regarding any changes or confusion about the new processes, but I really appreciated Sid’s evidence bases for the volume being a good metric. Thank you very much for that.

Finally, the processes used to evaluate standards. Again, I think everyone here is pretty much in agreement. Baselines are important to know what we are evaluating against. Trying to collect all kinds of stakeholder input. It is wonderful that you have started out on that path. I am looking forward to it continuing. The caveat there is I would say that there is a difference of course between being open to broad stakeholder input and actually receiving it. There are a number of reasons why that is sometimes a challenge that does not quite get met.

And then we have heard also that funding the data collection will probably be important, particularly for Medicaid agencies. Walter started out the day this way so I guess I will end it up. Lowering the stakes a little bit for participants. States obviously won’t welcome additional work in this regard. It will be difficult to get transparent data when people are afraid of what the evaluation might reveal and even what their questions might reveal about their readiness and compliance.

Thank you very much.

DR. SUAREZ: Thank you very much. I don’t think we are going to have John Evangelist from CMS. We have the testimony written out. I think that is the end of testimony. We are now going to open it up for some questions from the Subcommittee members.

I do want to say first of all that I really appreciate the work that you all have done in putting together this testimony. I think it has been terrific to see all the input and the suggestions. We were not sure exactly how much or what kind of feedback we would be getting, but this has been amazing. This truly has been amazing and very much appreciated.

After the discussion and before we close and open it up for public comments, we will talk a little bit about the next steps that the Subcommittee is going to be looking at taking over the next several months.

I don’t know if there are any questions.

Agenda Item: Subcommittee Q&A

MR. SOONTHORNSIMA: Actually, I do have a comment. I think there are a lot of common themes for sure across the testimonies. One question I have is I am not sure I heard overwhelmingly if there are in fact established metrics other than the specific ones that you presented, Sid, which is very operationally focused. But from the standards perspective, are there any concrete? I am not sure I heard that loud and clear. I heard that a lot of change process criteria for making changes, which consistently across — any nodes or shaking of heads. All I see are shaking of heads.

With that said, the comment is I know you are asking for a baseline of setting some expectations. I heard people ask about that. I think that would be very difficult to do. I don’t want us to set too high of an expectation of the Review Committee either initially. This is an evolving thing for all of us including this Subcommittee and the Review Committee. I think it is going to be a collaborative effort. It is going to be a lot of learning from all parties here. That is really my general comment. I think it is going to take some work.

MR. TENNANT: I think you have raised a critical point. One of the things the Review Committee might do though is lay out some of the metrics that you would like to see and then see if the industry can produce them. For example, the US Efficiency Index has great data. If you said it would be wonderful if you could track A, B, and C as well, then that gives direction to the industry. There may be some proprietary databases that payers or providers potentially could share with you as well. But I think you need to decide what you want and need and then push that out.

MR. SOONTHORNSIMA: Another theme to your point, Rob, is before you pick certain metrics so measures is to what end, to what goal. I think you all consistently said the business value, what is the ROI. I also heard it is not just for this particular transaction. It is end-to-end. Call that out a little bit.

I think we need to take this back and try to figure out at what level, at what altitude do we look at this.

MS. NARCISI: I just wanted to offer that WEDI has done an awful lot of outreach and surveys. If you did identify some metrics, it could probably be run through the — we would offer to help you in any way we could.

MS. GOSS: One of the things that I am interested in better understanding is how we, as a committee, can maybe organize these hearings and these events. It is clear you guys have all talked whether it is informally or formally. Part of it is we are all in similar places.

But I am thinking about how we drank from a fire hose on really good input today and to Ob’s point, we do need to pull this together and step back. The fact that you do have a lot of common themes and objectives are going to be very helpful to us.

But there is also the theme of ongoing, strong stakeholder collaboration. We are all in this together. What can we do to be better partners with you in having these hearings? Clearly, five minutes is not enough. Any suggestions from your part on how we are better stewards in the process?

MS. NARCISI: I would like to just say that perhaps we could be brought into the process even to help you plan them because I was on several calls and Terry was so helpful. When we first got the invitation, we really were not sure what you really were looking for. Terry really helped clear that up in a couple of calls. Maybe if you could reach out to us even before and say we are looking at this. What do you think? Let’s have some input from you before you actually do the formal invites for the testimony.

MR. TENNANT: WEDI is probably the best vehicle to do that because it has multi-stakeholder participation.

MS. GOSS: We can maybe do something different. I know we will have to be very mindful of our FACA rules because we never want to go up against any of those or violate them.

Other thoughts about these hearings? If we get a set of questions and we do a little collaboration up front if we are allowed and then how we structure these.

DR. SUAREZ: If I may because I want to give you a couple of examples of ideas. It would be great to get some reactions. This is the first hearing we are going to have and we are expected to really look at all the transactions. We have eight or nine transactions depending on how we count even including coordination of benefits, but then all the other ones. Not only do we have all of those, we also are looking at the implementation of the health information exchanges of enrollment and premium payments. Those are a separate set. We also have insurance exchanges — information — I was thinking of HIXs, not HIEs.

And then we also have differing groups of implementers, health plans, and providers, but also within providers, we have long-term care and behavioral health and other groups that we haven’t necessarily engaged very significantly. We started thinking. One way to organize. We have two days. We are even thinking about probably extending it for another half day. We can take transaction by transaction and talk about the claims. And then we will hear testimony from various stakeholders. That is one way. We have eight or nine sessions.

Another way is to think of stakeholder groups. We get providers and then they each have a chance to talk about each of the transactions, but we would need to really hear and cover the transactions. On top of the complexity about each transaction, we would want to hear the standard so the 837 and also the identifiers. And the operating rules for those where already have operating rules in place. Those are two ways.

There is a third way where we are talking about, which is a more functional way and looking at the EDI cycle, which almost replicates the transaction by transaction, but also process cycles within transactions within an organization. Those are some ideas and we are beginning to look at how it would be best to organize them and we wanted to probably get some reactions from you all.

MR. TENNANT: I think one of the challenges is you are limited in terms of the number of hearings you can hold in a year. There are so many transactions. I will get a sharp elbow in the side from Jean. But I think WEDI, again, might be available to — if you identified the questions much like the questions here and then look to WEDI perhaps to convene a group either virtually or build it on to an existing conference, they could do outreach to long-term care facilities. Get the tentacles out to the broader groups. Come back to you with white paper or something like that for you to deliberate. That might accelerate the process.

MS. GOSS: That is a way to get at the provider comment that you made. There has always been that tension there and how do we do it. A lot of goes back to the funding that we have and also the funding that — not OESS, but NSG. It is a challenge.

MS. KOCHER: Actually, Rob just reminded me. I forget. Was it ICD-10 or attachments? WEDI did these hearings years ago. NPI. I hadn’t even thought of that.

The other thing that I was thinking of — because I think all of your options are going to have pros and cons to them. You guys take in an awful lot of information in a day. The thing I was thinking of and I don’t know if you can manage this between FACA rules and cost, but could you before the face-to-face June hearing do a virtual kind of pilot hearing whether you decide you want to do stakeholder group and functionality or a transaction and maybe do something virtually with one transaction to try your format out and see if that worked for you and then adjust as necessary for the in person. I don’t know if that is possible given resources.

MS. DEUTSCH: I have a question. Many of you talked about the need for testing and piloting. Many of you also identified the fact that there is a funding and how do you identify what your end should be and how do you ensure that you have good representation among all the stakeholders. My question is what suggestions do you have about who would underwrite or could these be underwritten and where would these be identified knowing that the federal government is not going to be able to handle and to sponsor all of these, but getting the industry to provide some of that may be a mechanism. It may be something you have to think about and get back to us.

We appreciate the need for piloting and testing. It is just how do you do —

MR. HEBERT: If you look at ICD-10, it is sort of an informal example of how it might be handled if we could just structurally get it in place. What is occurring is — it is a little one-sided. Payers are reaching out to providers to do end-to-end testing. When I say end-to-end testing, I mean true end-to-end testing where you are actually simulating the real-world situation.

Now what is not consistent is the structure and the method. We all have slightly different methods. But it is in the payer’s best interest to ensure that whatever we are going to launch works. I think ICD-10 has demonstrated or — will be in about six months — has demonstrated that there is value in the end-to-end testing, collaboration between payers and providers.

What we are struggling with now in the ICD-10 front is how do we get a composite view of test results that we can make sense out of. That is the closing the barn door after the cattle have scampered. If we had done that in the beginning and be a little more structured about it, we would all be driving towards the same set of content. I think if you would take that into consideration that you could actually push the burden for execution to the stakeholder community. If formulated properly, I think the stakeholders would embrace it. At least they have for ICD-10 in an informal fashion.

The other comment — a question about are there any metrics out there. What came to mind for me was athenahealth has their payer view summary that they put out annually. Actually, they put it out monthly. But they have key measures that are important to their provider community. They measure all payers against those. Now, I may be exposing myself.

But as a starting point, you might just take a look at things like DAR and things like that. But they are key measures that they found to be important to the provider community. We, as a payer, have found it to be very important to us to make sure operationally that we are performing as efficiently as possible. It has been a good collaboration. I would certainly start there.

MS. WEIKER: I do think the federal government is going to have to pony up some money. When we talk about the standards, in the past, when we looked at adoption and these were NPRM headed to final. What we found were software vendors were not going to make any changes whatsoever until they saw the final rule. Software changes are very expensive. Roll out is very expensive. Getting the providers to upgrade. Getting the payers to upgrade. Getting the clearinghouses to upgrade. All of that is very expensive.

That is an impediment that we need to think about because this is supposed to be the pilot before you would actually take it if you look at a flow to an NPRM because you want to be able to go back and “fix” what is wrong. What incentive? You have to think about from a software vendor, a payer, a clearinghouse provider is to implement something that may not be adopted. And some of that can be very expensive especially when you start looking at translators, building in the edits that would go in there.

Debbie has left, but I know when Emdeon did their pilot, they had some issues with that. Getting somebody to go in and code and test 6020 when it was very obvious 6020 was not going to be named as a HIPAA version.

Maybe the funding comes in with the structure and the how and the why to get some industry buy in and get some players that may be able to fund some of this. But I think a lot of those entities would have trouble stepping up to it without knowing what they are stepping up to.

MS. GOSS: To that point, Margaret, leveraging some of your background in Medicaid and also to Stacy and knowing your background in Medicaid and knowing that Medicare and Medicaid drive a tremendous amount of the change across our nation and that they play in the health care continuum with multiple hats. And knowing that we heard from Melissa a lot of the dynamics with state’s readiness, getting into the cues as kind of the things that come, even some of the implications we have with the federal health IT strategic plan for 2015 and 2020 and then linking to the larger nationwide plan for interoperability. I am starting to wonder if there is something here that we need to have the feds look at from their own health and well being of their own architecture and that we put it into heaven help me, but like a bid process or something that the Medicaid states could do or the Medicare contractors could go after and that they could then get their partners. It might be viable. But then I trip up against this it takes too long and we are not flexible and agile. Any thoughts about that?

MS. BARBER: I think that a competitive bid process may be the way to go with the pilots because you would have multiple organizations submitting bid processes. I agree with Margaret that there is going to have to be some federal funding regardless if it is done just within the Medicare and Medicaid industry, but across the board. Across the industry, there is probably going to need to be some federal funding going.

I agree with comments that Margaret made. I understand the whole ICD-10. The thing with ICD-10 is there is a rule out there that has to be implemented and people are worried about their bottom line and their payment. You do get more participation from the providers in a situation like that. Providers are dependent upon the software vendors in getting their software updated. Again, this was touched on earlier today. Software vendors are not covered entities. I know a lot of times they do not have any initiative to step up and do something until they are forced to do it.

MS. GOSS: Building on my question about Medicare and Medicaid, there seems to be also that there are substantial leaders within the provider community, the vendor community, et cetera and we have also had the theme we are all in this ship together. Is there maybe some role that the AMA, the ADA, MGMA, AHA, sort of some of the larger more voices for the provider community, the people that are in the health care continuum — is there a role for them along with thinking about the Medicaid and Medicare role?

MR. TENNANT: Let me just start to say that Margo is 100 percent right. There has to be some federal dollars invested here. But I disagree a little bit that a rule will lead to something. It doesn’t. I think ICD-10 is a fine example. Even with a rule, people do not do anything for various reasons. I think we have to start on the other end. We have to prove the value. Even when we prove the value, there is no guarantee, but at least there is a better guarantee. Without any covered entity status, again, I believe the only lever that we have with the vendor is the general market pressure, which gets to the biggest associations coordinating education and saying here is what you need to be asking your vendors, which is what we do. But we need to have a coordinated message coming also from CMS.

Finally, I hate to keep banging the drum, but I believe certification or accreditation is going to be a game changer here. It is going to force the vendors if they want to continue to have a market share because we are going to be telling our guys only by accredited products. I would argue that the CCHIT certification led to meaningful use. I don’t think we would have had that unless CCHIT in 2006 had stepped up and created a baseline set of requirements for EHRs.

MS. GOSS: How do you measure ROI as the right thing to do to invest in the future and the changes that we know we need downstream like population health and public health and improving evidence-based medicine around individual treatment?

MR. TENNANT: I would just say unfortunately has been a lot of bad faith and ill will in the provider community. We have been promised things from 4010 to NPI to meaningful use to ICD-10. Nothing has proven to be of value to patient care. I think now comes oh yes but this next standard is going to change your world. We have sold a ’64 Nova with rust on it. It is a tough sell. You say providers don’t want technology. You go into a provider office. They have all kinds of technology, diagnostic technology. Why? Because there is an absolute value, not just to them, but to their patients. But if you don’t have that value point, it is going to be a tougher sell than ever.

DR. ROSS: When you say prove the value, you are saying more than make the case, but actually measure the case and have fairly hard results to go around and show.

MR. TENNANT: Even if you do that, there is still no guarantee.

DR. ROSS: I understand. Bring the measured results before you even say let’s think about it.

MS. NARCISI: I just wanted to put my ADA hat on here and say something along the lines that Rob was getting at. If you look at a typical dental office, most of them are just single or small group providers. They have no clue what a standard is. They do not know how their claim gets from their office to the insurance company a lot of times, to the payer. They depend on their practice management system on their vendors. Somehow, you have to loop them in and the certification thing is some way to do that. Just with ADA products, you see the seal in everything. That is recognition for patients to say that is the kind of thing I want to do. That is evidence-based testing.

DR. SUAREZ: I don’t know if Steve is on the call still. Maybe he left already. He probably left already. ONC has tremendous experience with certification and with criteria.

I know it is already over 5 p.m. We are going to end the hearing now. We want to ask first of all if there is any public comments, any comments from the public about the topic that we covered either here in person or on the phone.

MR. SOONTHORNSIMA: While waiting for public comment, I just do want to thank our staff, especially folks — and you, Terry. This would not have taken place without the hard work and thanks to all of you for being here in spite of the weather and for sticking through the adjusted agenda. Terry — thank you so much.

DR. SUAREZ: It sounds like we do not have any public comments and any other comments.

Agenda Item: Subcommittee Discussion and Next Steps

Just a final point. The next steps of the Subcommittee. We have an incredible amount of information of both hearings that we are going to be processing. We are planning to schedule a series of conference calls between now and June. We are going to be planning that.

We are going to take some of the comments that you have suggested in terms of process and really try to be way in advance prepared for this important hearing in June. Definitely want to get feedback on the structure itself of the hearing as well as the content.

Certainly, given that we are going to have to wait until the final operating rules are actually completed and presented back to the National Committee, we do not expect that there will be a formal letter from the National Committee making formal recommendations of adoption at this point because it is just simply too early to find that. But we are going to be in communication certainly with CAQH regarding the feedback that we have heard and received and look forward in working with them in preparing the final operating rules that they will be recommending.

I think that is the main process that we have. Any final comments from any of the members of the Subcommittee? Safe travels everyone and thanks again. Look forward to continuing our dialogue.

(Whereupon, at 5:10 p.m., the meeting adjourned.)