[This Transcript is Unedited]

DEPARTMENT OF HEALTH AND HUMAN SERVICES

NATIONAL COMMITTEE ON VITAL AND HEALTH STATISTICS

Subcommittee on Privacy and Confidentiality

February 24, 2005

Hubert H. Humphrey Building
200 Independence Avenue, SW
Washington, D.C. 20201

Proceedings By:
CASET Associates, Ltd.
10201 Lee Highway, Suite 160
Fairfax, Virginia 22030
(703) 352-0091

TABLE OF CONTENTS


P R O C E E D I N G S [9:09 a.m.]

Agenda Item: Introductions and Opening Remarks – Mark Rothstein, Chair

MR. ROTHSTEIN: Good morning. I want to welcome you all to the second day of our first round of hearings on the National Health Information Network. I especially appreciate your coming on a day of inclement weather here in Washington.

My name is Mark Rothstein. I'm the Director of the Institute for Bioethics Health Policy and Law at the University of Louisville School of Medicine and Chair of the Subcommittee on Privacy and Confidentiality of the National Committee on Vital and Health Statistics. The NCVHS is a Federal advisory committee consisting of private citizens that makes recommendations to the Secretary of HHS on health information policy.

We are being broadcast live over the Internet and I want to also welcome our Internet listeners.

We will have some schedule changes that I'll tell you all about as they become clearer.

We'll begin with introductions of the members of the Subcommittee, staff, witnesses and guests. I would invite Subcommittee members at this time to disclose any conflicts of interest they may have. I'll begin by noting that I have no conflicts of interest on this particular topic.

[Introductions; no conflicts of interest stated.]

MR. ROTHSTEIN: Welcome to all of you.

Witnesses have been asked to limit their initial remarks to 20 minutes. After all the witnesses on a panel have testified, we will have open questions and discussion. Witnesses may submit additional written testimony to Marietta Squire within two weeks of the hearing if they so desire.

I would request that witnesses and guests turn off their cell phones if they have them with them. Also, during the hearing, we all need to speak clearly into the microphones so that those listening on the Internet can hear what we have to say.

Before proceeding to the first panel of the day, I just want to take a few minutes to discuss some testimony that was not presented yesterday orally. We had asked, as part of our Panel No. 2 yesterday on Privacy in Health Care in Society – we wanted to get testimony on the implications of electronic health records and health care records in general on minority populations and we were not able to get anyone because of scheduling problems to actually appear.

I do have written testimony from Michelle Bratcher Goodwin and her testimony, which was submitted to us in writing, will be entered into the Record. But for the benefit of those who are listening on the Internet as well as those who are here, I would just like to take a few minutes and summarize some of the remarks that she made so that those are recorded in the Official Transcript of the hearings. So this will take maybe five minutes or so.

Summary of Written Testimony by MICHELE BRATCHER GOODWIN

"I'm Michele Bratcher Goodwin, a Professor of Law at DePaul University College of Law. I'm the Director of the Health Law Institute and the Center for the Study of Race and Bioethics. I teach courses on health care regulations, health care policy, legal ethics, and tort law.

"Today, I would like to draw your attention to issues you are familiar with but which deserve serious consideration as you forth with your deliberations on privacy and data collection. These issues include informed consent, patient/physician trust and treatment of vulnerable subjects.

"These issues stand alone, but also intersect, not only for vulnerable populations such as the low-income and of color but for all Americans. For the poor in the United States who lack economic power, social influence and political might, these issues are critically important. I thank you for giving me an opportunity to discuss some of these issues with you.

"Currently, there is no Federal statute or regulation that affords privacy protection to race data or race information. Collecting or disseminating data about race or ethnicity is not considered discriminatory per se. In fact, the dissemination of some race data can serve a positive social purpose. Collecting and disseminating data as a monitoring and tracking service for public health purposes to determine whether we have achieved social goals to eradicate racism and unequal treatment in health care in the United States are a positive governmental effort.

"However, using unfavorable medical data for discriminatory purposes is clearly a violation of trust and should be treated as a form of discrimination, which is punishable by law. Discrimination based on race is illegal in most U.S. settings such as housing, employment and education, and to engage in such conduct in public spheres brings penalties, and remedies are afforded to the victims.

"However, technology generally outpaces law, and to the extent that racially discriminatory practices occur in the realm of biotechnology, the law has been historically slow to answer.

"According to Peter Solovitz, about one-fifth of all Americans believe personal health information is used improperly. Privacy proponents are concerned about the disclosure, acquisition, use and dissemination of data that individually identifies health information. In other words, data that are traceable to an individual is of great concern to many Americans and particularly persons of color who have experienced health care discrimination both in the way of services offered and received and as uninformed research participants.

"The data sets of concern include demographic information collected from an individual by a health care provider, health plan, employer, or health clearinghouse that relates to past, present or future mental or physical condition. Personal health information includes race, gender, and Social Security number.

"It is important to determine the independent value of collecting portable data. What do we plan on such data resolving? Which classes of Americans are best served by the collection of such data? Who is disserved?

"The value of collecting the data must be weighed against the possibilities for abuse. In recent times, we have borne witness to the abuse of medical data and the awkward and untenable position in which physicians have found themselves in an effort to comply with local regulation.

"As biotechnology outpaces the law, it is important to harness the products derived from that technology and chart safe passageways. Absolute proscriptions on the dissemination of race-related medical data could have a detrimental effect, and this concerns me. However, I am mindful, and the case law provides evidence of abuse in the collection and dissemination of medical data based on race, as well as the difficulty with insuring consent for data release is truly informed and patients are aware of the full scope of exposure release of data could mean.

"I suggest that the Committee proceed cautiously, paying attention to a legacy of discrimination and violation of certain populations in the United States. Protection of the vulnerable should be at the heart of your deliberations. Indeed, those most vulnerable, particularly those who rely upon the state for medical services, are the canaries in the coal mine, the first to experience the harms that we would all wish to avoid.

"Thank you for the opportunity to share my concerns on culture and privacy."

MR. ROTHSTEIN: So with that, the full statement will be entered into the Record, but I wanted this to be on the Transcript as well.

So without further ado or delay, let me introduce the members of the first panel this morning and without objection from the panel members, we will proceed in the order in which your names appear on the Agenda, and that would mean that our first witness this morning is Dr. Lichtenfeld.

Agenda item: Presentation – Dr. Len Lichtenfeld

DR. LICHTENFELD: Thank you, Mr. Chairman, members of the Subcommittee, and guests. Good morning.

My name is Len Lichtenfeld, and I'm Deputy Chief Medical Officer for the American Cancer Society. Today it's my privilege to appear before you on behalf of the Society to discuss the Internet, its impact on our organization, our collaborators and those we serve.

My discussion will address several areas. First, I will review our Internet-based information strategy and some of our specific programs. And then I will discuss the National Cancer Database which is operated by the American College of Surgeons and supported by the American Cancer Society. And finally, I will present additional comments regarding electronic health records and related technologies. My goal is to share with you how privacy issues impact our activities, how we address privacy concerns, and some observations as to how privacy is viewed by those we serve.

Beginning in 1966, the American Cancer Society made a decision to reach out to its constituents nationwide –

TELEPHONE OPERATOR: Excuse me. Simon Cohn is joining.

DR. LICHTENFELD: May I continue?

MR. ROTHSTEIN: Good morning, Simon.

DR. COHN (on phone): Good morning, Mark. Sorry for running late.

MR. ROTHSTEIN: Okay, thank you.

DR. COHN: Early here.

MR. ROTHSTEIN: Dr. Lichtenfeld has just begun his testimony.

DR. LICHTENFELD: Thank you.

MR. ROTHSTEIN: Sorry for the interruption.

DR. COHN: My apologies.

DR. LICHTENFELD: Beginning in 1996, the American Cancer Society made a decision to reach out to its constituents nationwide with a broad-based information strategy. In 1977, we established a call center which is available any time to anyone who has any question about any aspect of cancer. In mid-1997, we initiated our efforts to strengthen Cancer.org, our Internet-based information service, where many of the same questions can be addressed.

We have been fortunate to experience incredible growth and acceptance of both of these services. I'm pleased to share with you that we now have approximately 1.5 million visitors to our website every month and almost 100,000 callers to our call center during the same time.

We take pride in this accomplishment and devote considerable organizational resources to these efforts. We have made a commitment that the information we provide is accurate and evidence-based as possible.

From the beginning, when it came to privacy, we realized that it was not sufficient to meet the letter of the law and the expectations of those who turn to us for help and information. We needed to exceed those expectations. I would point out to you that although this is a very wordy slide, you do have hand-outs in your material that have the same information.

The Society realized we had obligations that extended beyond HIPAA and we had to make our own commitment to protect the medical privacy of our constituents. To that end, we developed Health Information Confidentiality Principles which were finalized in September, 2000, and guide our privacy activities to this day.

In those principles, the American Cancer Society established strict guidelines for its staff and reassurance to the community that we took privacy concerns very seriously and had every intent of incorporating those principles into our operational objectives.

It is one thing to say what you're going to do, and another to actually do it. I would now like to take you on a brief tour of some of the products we offer through Cancer.org and share with you some observations regarding the information people will actually provide on line which may be a surprise to some of us in this room and on the Internet today.

Cancer.org is our flagship website and that provides considerable resources on various topics relevant to cancer. As I mentioned previously, we host over 1.5 million visitors to Cancer.org every month and the numbers continue to grow. We do have a privacy statement on the site, but the practical privacy policy is very simple: We collect no information and require no information about or from visitors to Cancer.org. Beyond using cookies to help direct people to areas of individual interest on the site, visitors enjoy free access.

Unless someone wishes to make a donation to the Society, there is no data request, no data accumulation, no demographic analysis, no entry into our customer relation management system.

As you might expect, we don't receive much feedback, or any feedback, for that matter, positive or negative, regarding privacy issues on Cancer.org. We do get some feedback from others within our organization who would like to have the information about visitors to our site, but the decision has been made to keep the site free of any obligations for those visitors.

Within Cancer.org, we do provide other services to our constituents that may require more information sharing, but only if they seek those services.

We have a calendar and reminder service. That has had limited usage. In comparison, we have had considerable success with our interactive Cancer Survivors Network. This online community, which requires 2-1/2 FTEs to maintain and operate, has developed into a very effective support mechanism for its members. Since its launch in July of 2000, CSN has had over 1.4 million visitors and has registered 54,000 active members of the community. New member registrations range from 1,200 to 4,500 monthly.

I wish that time permitted me to go into detail about this wonderful network and its accomplishments. Cancer Survivors Network offers support to its members in a variety of ways, including message boards, private and secure internal CSN email, and personal web pages to use in whatever way the members see fit. There are few rules and regulations, and we don't permit members to provide medical advice, but it's okay to say in your words what you are experiencing and feeling either during treatment or as a survivor, care giver, or both.

This network is built on trust and respect, and although monitored by the Society for violations of site terms and conditions, it is in its own way self-policing. If someone wants to see what the network has to offer, they are able to view unrestricted areas of the site through Cancer.org without a specific registration.

But if someone wants to be an active participant and view restricted areas of the site where the chat rooms, email and web pages are located, then they must register. Once again, registration information is limited to a screen name, a password, a valid email address, and a zip code. They could also provide personal profile information about themselves such as their disease and its status. This information actually lets patients find others similar to themselves by whatever criteria they choose for the sole purpose of sharing experiences.

It's important to note that the Society does not use identifiable information gathered on this site or Cancer.org for its internal activities. We do gather aggregate information for the purposes of tracking and trending. In the opinion of staff, it is this absolute commitment to protect the community participants that has led to the success of this venture.

What is interesting to those who work regularly with the network is the degree to which people make their information available through the network. CSN members can remain completely anonymous. However, we have found that names, addresses, personal interests are regularly provided openly by members of the network to other members of the community. Movement in the Information Age requires caution on everyone's part, especially since posting information on unrestricted areas is searchable, but anecdotally, at least, there have not been serious breaches as a result of this information freedom.

Our observation about the exchange of information on this network, as stated by one of our staff, is that "By and large" – in the quote – "people determine they are all in the same boat and they share a lot, a little, or as much as they want to say. It's like being in a relationship."

Two other programs on Cancer.org have significant requirements for disease specific information. One is our treatment profiler, in cooperation with NexCura, the other our clinical trials matching service in cooperating with EmergingMed. Both of these programs require specific data entry. The treatment profiler uses an opt-out strategy for further products or responses based on data entry. The matching services uses an opt-in approach.

The matching service privacy policy has been created in close collaboration between EmergingMed and the American Cancer Society while the treatment profiler privacy policy has been created by a company in cooperation with other well-recognized, not-for-profit voluntary health organizations.

As simple as opt-out versus opt-in may seem, there are significant differences in their implications, and what can be done with the information as a result of the approach utilized. Whether consumers truly appreciate the differences is uncertain, but we suspect they do not.

With the opt-out strategy, consumers give the organization – in this case, not the American Cancer Society – the opportunity to maintain a database and use that information to advise patients of various opportunities regarding medications, treatments or clinical trials. These messages are not infrequently commercially supported and go beyond the initial intent of entering data into the system, which is to determine the best treatment options for a specific type of cancer in a particular stage or circumstance.

Although one might suspect that such sharing of information with commercial entities resulting in emails or potentially other forms of contact would be a concern to patients with cancer, there is nothing in the Society's experience which would suggest that to be the case. In fact, if anything is the impression of our staff, the patients and families actually look to the information as a welcome, useful addition to their knowledge.

In comparison, the clinical trials matching service is an opt-in service where the data remains completely under the control of the patient or family member who provides it. This service has been designed from its inception to be certain that patients have control of their data, that it is used for no purpose other than linking them to clinical trials through matching algorithms.

In this program, the need to proactively protect privacy is paramount. Privacy was a crucial element of the negotiations between EmergingMed and the Society when the program was designed.

What we have discovered about providing personal health-related information on the Internet is once again surprising. Almost all patients who pursue information regarding clinical trials on our website are willing to provide detailed information about themselves and their disease.

We have also learned that there must be telephone backup to complete the process. As noted by an executive from EmergingMed, most people who seek us on the Web are email literate but not Internet literate. It's one thing to email a grandchild, another to order from Amazon.com.

Since cancer is primarily a disease of older persons with a median age of diagnosis of 67, this is a distinction worth noting. It also means that we must provide choices to meet the needs of our constituents effectively.

Another area of interest – the American Cancer Society works closely with the American College of Surgeons and their Commission on Cancer, or CoC, which operates the National Cancer Database, or NCDB. The experience of this database highlights an entirely different issue, which is, namely, the ability to effectively gather and utilize data to improve the quality of care for patients with cancer.

For many years, the CoC has accredited cancer programs in hospitals throughout the United States. Presently, there are 1,425 accredited cancer programs, all of whom submit data to the NCDB on a regular basis. Here we have an outstanding opportunity to obtain information about patients with cancer diagnosed nationwide, their treatment, the effectiveness of those treatments, and the survivals of those patients entered into this data system.

Although data is submitted to NCDB electronically, it is gathered pretty much the old-fashioned way, by having registrars going through charts, relaying on sources outside the hospital to provide periodic follow-up information.

From a research and reporting perspective, the delay in obtaining that information limits the usefulness of the data. With the clear trend to more diagnoses being made and treatments being offered outside of the traditional hospital setting, there are additional limits to the quality and value of the information obtained.

The Commission on Cancer and the American Cancer Society are well aware of these limitations and established goals to improve the ease, completeness and timeliness of data collection reporting and analysis. All data collected by the NCDB has been de-identified and is reported in aggregate and will always remain so.

But we need to have a better way to find that data wherever it may reside, whether in the hospital, independent laboratory, the doctor's office, or elsewhere. Working with Intel, a three-phase initiative has been proposed and funding is being sought to implement the plan to improve those data processes.

Will we ever be able to be as efficient as we need to be to accurately collect, collate and report the data? Will we ever be able to provide valuable feedback to hospitals and practitioners in something close to real time? As we speak, NCDB is engaged in a project to obtain real time information in cooperation with a national hospital system to impact the quality of care by providing rapid feedback to physicians.

We know we can develop the technology, but with new technology comes new challenges, and the NCDB experience serves as a reminder of those challenges. The NCDB systems are already HIPAA compliant. The creation of a health information network with the data element standards in place would be big step forward. Currently, to function properly, NCDB has negotiated separate privacy agreements with each of their cancer programs. They had to take into account the varying rules regarding privacy protection in all 50 states.

They are working to establish a link to the National Death Index to get information on whether a patient has died and determine the official causes of death. To date, this remains a work in progress. When Federal and state laws conflict on privacy protection, the state law is more strict and state law prevails.

As this discussion demonstrates, we may be able to develop the systems, but we also need to develop a nationwide commitment to make them operational and effective. We need to strike a balance between the various institutional, legislative, regulatory and legal frameworks that exist on a local, state and national basis to protect patient privacy and our need to have access to information necessary to improve the quality of care we provide our patients.

All of us will have to work together to address these broad legislative, regulatory, legal and ethical issues in order to achieve the important goals envisioned by many of us here today. We look forward to a system that can transmit information, accelerates our ability to understand what's happening to our patients, provides adequate protection for individual privacy.

We must constantly be mindful of addressing concerns about who will have access to an individual's medical information and must always act to avoid compromising an individual's privacy or allowing the information to be used for discriminatory purposes.

We need to advance clinical and laboratory science-based programs that improve our health while not compromising respect for the individual. We need clearly understood rules to avoid institutional paranoia that could inhibit valid research and quality improvement undertakings. We need guidance that permits us to share information across state borders.

Imagine what we could accomplish if we were successful. With access to better data, we would be able to remind people that they need to be screened for cancer at appropriate intervals. We could develop quality algorithms to monitor the diagnosis and treatment of cancer and access and assess patients' quality of life after they receive their treatment. We could learn to analyze medical records and inform patients if they are eligible for clinical trials. We could find a way to quickly determine which new cancer treatments work and which do not.

The American Cancer Society hopes that as we enter this new Information Age, policies will be developed that support our mission to educate the public, to collect data to improve the quality of cancer care, and allow the conduct of research using the Internet.

However, the Society does not believe we have to start at Square One to convince cancer patients, their families and their care givers of the importance of obtaining and using this information.

As one senior researcher said to me in preparing for this presentation today, and I quote, "Cancer patients are different. They really are willing to cooperate with people they trust. They view their participation as an opportunity for themselves and those who are helping them. They don't want to be protected to death."

Our experience at the American Cancer Society supports that viewpoint. We enjoy enormous trust around the nation and throughout the world. Our attention to privacy must mirror that trust, and it does.

In exploring the development of the National Health Information Network, we believe that patients, families and care givers of cancer patients are well aware of the value equations.

Perhaps cancer patients are different, and perhaps they do "get it" better than most. After all, they are dealing, in many cases, with a potentially life-threatening disease. To them, information is crucial, time is of the essence, and accuracy is critical.

They trust us to do the right thing, and we respect that trust. We are optimistic that through public and private partnerships creating effective information systems and data-gathering opportunities that we will be able to provide them with what they expect from us.

In closing, I would like to acknowledge the many people who assisted very willingly and extensively in the preparation of this testimony today.

Thank you again for this opportunity, and I look forward to answering your questions.

MR. ROTHSTEIN: Thank you very much, Dr. Lichtenfeld. We, I'm sure, will have questions for you at the end of the panel presentations.

And now I'd like to invite Dr. Levine to testify.

Agenda Item: Presentation – Dr Robert Levine

DR. LEVINE: Thank you. Mr. Chairman, thank you, Committee members, guests, listeners. Good morning. I am Dr. Robert Levine. I appreciate the opportunity to present comments to this important process as a long-time volunteer leader and a former international board member of the Juvenile Diabetes Research Foundation.

For those of you who aren't familiar with the JDRF, it was founded in 1970 by the parents of children with Type 1 diabetes who each made a promise to their loved one that they would do all they could to find a cure.

As a direct result of the passion and drive of its volunteer leaders and the skills of its professional staff, JDRF has grown to become the world's largest non-profit, non-governmental contributor to diabetes research, providing over $800 million since its founding and projecting to fund over a hundred million dollars this year alone.

I should note at the outset that I was asked by JDRF to offer testimony today because of my known special interest in the National Health Information Infrastructure and as an active member of the community of people personally affected by diabetes. My wife has had Type 1 for nearly 40 years.

As such, my testimony is my own and does not represent policy of the JDRF; rather hopefully, it fairly represents concerns of JDRF's key constituents.

Also relevant to my participation in these proceedings are my service as the Chairman of the Health Priorities Project for the Progressive Policy Institute, a policy think tank of the Center's DLC, my past board membership of the Foundation for Accountability, and my history of leadership involvement in a number of ad hoc stakeholder collaboratives whose purpose was to envision an Information Age health care system focused on helping every American achieve optimal health-related quality of life and function.

I want to start my remarks with the same sort of warning that Dr. Lawrence Summers gave for the Harvard faculty recently, but hopefully –

MR. ROTHSTEIN: Hopefully, you will get a better reception!

[Laughter.]

DR. LEVINE: Yes, I would say exactly my point. Hopefully, I'll fare better than when looking back on them.

That is, some of what I will say is meant to be provocative, but certainly never to be disrespectful, and to me it's not worth spending your valuable time to simply present conventional thinking or repeat what you've heard from others, and I hope most of you will judge my comments constructive. And I think I'm going to be considerably higher altitude than my fellows on this panel today.

This Subcommittee's charge is to address issues of privacy, confidentiality and the protection of patient information relating to the establishment and use of a national health information infrastructure. In confronting this challenge, I have no doubt that you're making substantial efforts to detail all the relevant risks, uncover leading edge methods of mitigation, and that many of your panels have already done a good job raising necessary questions and offering ideas for solutions.

But I have to ask in doing so: Are we collectively missing the forest for the trees? I say this because I believe strongly that notwithstanding all the legitimate concerns about privacy made more intense daily by the too frequent and frightening stories about accidental release and deliberate theft of sensitive information, it seems to me the greatest threat and the biggest risk to people with diabetes or heart disease or cancer or HIV/AIDS or any number of other chronic diseases or disabilities seems not to be from unauthorized sharing or use of their personal health information; rather, it's from the failure to share, or the inadequate use of that information, and sometimes even valuing protecting privacy over protecting an individual's life, their health, and the health of their families, friends and neighbors.

To make my point, please allow me to read, with some editorial license, directly from the abstract of a paper presented by the University Health System Consortium Diabetes Benchmarking Project team which was published in February, 2005 in Diabetes Care, and I must say, reading the details of this study, it's even more alarming. The title of the paper is "Quality of Diabetes Care in U.S. Academic Medical Centers: Low Rates of Medical Regimen Change." It's from the Grant-Buse group at General Med division at MGH in Harvard.

Their objective, they state, was to assess both the standard and novel diabetes quality measures in a national sample of U.S. academic medical centers. Their design was a retrospective cohort study conducted from January, 2000, to January, 2002, and involved 30 top U.S. academic medical centers which contributed data from 44 clinics – 27 primary care, 17 endocrinology diabetes specialty clinics – with 1,765 eligible adult patients with both Type 1 or Type 2 diabetes with at least two clinic visits in the 24 months before January, 2002, including one visit in the six months before January, 2002.

The study group assessed measurement and control of hemoglobin A1C, blood pressure, and cholesterol and corresponding medical regimen changes at the most clinic visit.

The results. In this ethnically and economically diverse cohort, annual testing rates were very high -- 97.4 percent for A1Cs, 96.6 percent for blood pressures, 87.6 percent for total cholesterol. The abstract is very safe. They say fewer patients were at hemoglobin A1c goal; that is to say, only 34 percent of the patients were at goal, of less than seven. Or blood pressure goal, only 33 percent were at blood pressure of less than 130 over 80. Or at lipid goal, 65 percent were at a total cholesterol of less than 200, but if you look at LDL, only 46 percent had LDL of less than 100.

Only 10.0% of the cohort met the recommended goals for all three risk factors. Now, that is a problem to start. But the worst problem, for me, is that at the most recent clinic visit as they state in their abstract and is further detailed in the study, only 40 percent of the patients with hemoglobin A1c concentrations above goal underwent adjustment of their corresponding regimens. Among untreated patients with high blood pressure, only 10 percent were initiated on therapy.

Of previously untreated patients with elevated LDL cholesterols, only 5.6 percent had therapy initiated at the time of their last visit.

As I said, the details of the study present a more profound commentary on the lack of use of critical information that demonstrated the lack of achievement of clinical goals. Patients with Type 2 diabetes were no less likely to be intensified than patients with Type 1.

So their conclusion was that high rates of risk factor testing do not necessarily translate to effective metabolic control. Low rates of medication adjustment among patients with levels above goal suggest a specific and novel target for quality improvement measurement.

I would put it another way, because I've been looking at these issues for more than just a few years.

At some point, it is going to become impossible for us to continue to explain away this poor performance with comments like "everyone is working hard against odds and difficult circumstances and doing the best they can." And we're going to start to walk right up to the threshold of what some people will, you know, reasonably construe, constitutes mass negligence.

These are the most prestigious academic medical centers in the country. They are collecting critical data at 90-plus percent rate efficiency. And yet, their interventions on a timely basis as the result of having that information available, they can't even get to 40 percent in some of the critical areas.

To add a further exclamation point, there's the following from Rich Lowry of the National Review, writing recently on dramatic reductions in incidence of HIV/AIDS in newborns in New York state in an article he titled "Civil Libertarians versus Public Health: A Dangerous Impulse."

I should note that I have edited some of Mr. Lowry's partisan invective but I believe I've remained true to his principal points. He says, and I quote, "Do we as a society prefer sick or healthy babies? Do we want babies to be infected with a potentially deadly virus or not? The answers seem obvious.

"But in a decade-long debate, a host of groups, in effect, came down on the wrong side.

"Fortunately in New York City, once the epicenter of the epidemic of babies born with HIV, these privacy concerns, the privacy obsessions, were rejected, and now the scourge of newborns infected with HIV has been all but eliminated."

Now, I must say, aside, I was the house staff officer at Mount Sinai Hospital at the time that grid was first identified. I know what the devastation was, not only professionally but personally. Many of my friends in the entertainment community lost their lives; my wife's agent died as a result of HIV/AIDS.

So I'm not discounting or ignoring the impact or concerns of that community in quoting Lowry on these issues. I just mean to make a point, when protecting privacy sometimes has the unintended consequence of doing harm.

Lowry continues:

"According to The New York Times in 1990, there were 321 newborns infected with HIV in New York City. In 2003, there were five.

"A decade ago, many pregnant mothers didn't know they were HIV positive." Again, this is Lowry, from Lowry's piece. "They weren't urged to get tested, and so they couldn't take drugs that would make it less likely their babies would be infected.

"Newborns were tested, but in blind tests, meaning the mothers wouldn't be informed of the results. The mother wouldn't know their treatment of her child or herself." He further states:

"According to NJM, a study in the ‘90s, two-thirds of children with pneumocystis carinii pneumonia weren't getting treatment because no one knew they had HIV.

"New York Assemblywoman Nettie Mayerson was appalled. When she learned of the situation, she resolved to pass a law mandating that all newborns be tested and their mothers informed. For this, Mayerson, a Democrat, liberal, seemingly bought the enmity of many of her past supporters. "Numerous activist groups as well as the ACLU," quoting from Lowry, "opposed her on privacy grounds and supposedly proposing to violate the reproductive rights of women. Her District office was picketed. Opponents argued that pregnant mothers just couldn't handle testing."

"Finally, just the opposite is happening," Lowry quotes Mayerson as saying. "After a three-year fight, her bill was passed in 1996. It revolutionized public health in New York, according to Assemblywoman Mayerson," he says.

"The way they used to do counseling, they told women if you get tested and test positive, you will lose your home and lose your job. After the law passed, they told women, ‘Your baby is going to get tested away, so if you get tested now, you can do something to keep your baby from being born HIV positive.'"

I've chosen to lead my comments with these references as a way to affirm what I believe I think we all agree needs to be the first order purpose of a national health information infrastructure – that is, to dynamically support the achievement of optimal health-related quality of life and function for all -- I know you've heard that from others – and to eliminate the atrogenic or even unintended policy-related harm.

It is in the context of this first order purpose and related purpose-driven design activities that privacy and confidentiality issues are best addressed, and I know I'm telling you something that you all think about all the time.

I want to acknowledge here the important and substantive work of the (?) Child Initiative, its collaborative participants and in particular my colleague and friend David Lansky.

But in reading through the collaborative response to the ONCHIT RFI, I was struck by a note which red-flagged for me, at least, what I believe is another first order principle for the NHII, one I don't believe has been widely addressed and does have implications for overall design and functionality as well as privacy protection policy and technical specs.

Reading from Line 429 on page 10 of the collaborative response having to do with the detailed design principles of the proposed health information environment, Item 8: "Designed to respect" – that is to say the health information environment is designed to respect "and serve patients in addition to the health system and the public."

They say the health information environment is "premised on a model of patient authorization and control. Patients must be able to choose whether or not to participate in sharing personally identifiable information, exercise their rights under HIPAA, control who has access to their records, whether in whole or in part, see who has access to their information, review, contribute and amend their records without unreasonable fees. Receive paper or electronic copies of their information and reliably and securely share all or portions of their records among institutions. One patient consent has been granted.

Once a patient consent has been granted for a certain type of information access, however, information should be able to be accessed freely in a trusted environment."
Well, as agreeable and thoughtful a consensus statement as this is, it suffers what seems to be, at least to me, flaws relevant to what I believe are fundamental principles of NHII design and privacy policy. For me, these flaws are exposed by the note that patients should be able to "review, contribute and amend their records without unreasonable fees."

It may not be obvious at all, but on reading and re-reading this Item 8, it occurred to me that nowhere in the collaborative response had there been a reference to the issue of ownership of health information and the quote "without unreasonable fees" forced me to conclude that the group was missing in action on the assertion of what I believe is a fundamental principle. That is, whereas third parties might be individual health record keepers and therefore have some proprietary rights in those records, the information resident in all such records is owned by the individual.

This principle is, I believe, critically important because with the rightful assignment ownership of personal health information to the individual, we tacitly acknowledge that the information has tangible value, which it most certainly does, and further, that users of that information, whether it's identified or de-identified, are doing so for the most part in the context of a voluntary exchange of value or definable direct benefit to the individual.

Put simply, every individual is owner of what is a form of digital representation of self, should be in essence – and I put this in quotes because the definition of paid is one of social benefit, personal benefit and also possibly financial benefit – they should be paid, individuals should be essentially paid for each use unless otherwise agreed, and the expectation is that that payment or direct benefit should be as immediate to the value exchanged.

I think in the questioning we can deal with the horror of this in terms of the technical issues associated with the concept of ownership. I'm talking about the high concept issue of who owns the information, how that drives our decision-making and design.

This principle is important in the context of developing privacy protections because it frames the relevant issues not from the perspective of fear of inappropriate use but from the perspective of assessable risk and definable, palpable and often immediate benefit to the individual. It is, in fact, a more real reflection of the calculus individuals use. And this was already said when, for instance, deciding to tell the airport bartender or the spring break fling the most extraordinary personal details about themselves, details that even the people closest to them do not know. That is, what is the risk this guy or gal knows anybody that I know, and what do I expect to gain by laying myself bare?

It also challenges us to find the means to close the loop on information sharing as it is related to the exchange of value. That is to say, the cheat from the diabetes care and academics center's revelation. If the hospital record shows sub-optimal achievement of therapeutal goals, who is the right and recipient of that information?

If we start with the assumption that the hospital owns the record, then we most certainly will face years and years of the same dismal outcomes result, doubtless continuing to show that even when the information is acquired and available to the provider, it is not reliably and proactively used to inform specific individual actions to improve outcomes, broadly written.

If alternatively we start from the assumption that the individual both owns personal health information no matter where it resides and has a right therefore to benefit from it as a part of the agreed exchange of value when he's subjected himself to the blood draw, paid for its analysis, and allowed the hospital to hold the information in its records for its purposes, including gaining further reimbursement or completing performance report cards required for their certification or doing research, then this information should be immediately transmitted to the patient, its owner, along with a statement of the benchmark goals for people like him and suggestions for therapeutic enhancement, self-care and follow-up.

To take this further, let's carry this concept of personal ownership of health information and the concept of value exchange or fair compensation for its use to the realm of outcomes of health delivery for epidemiologic research or whatever in which de-identified data is utilized. Without the framework established by this principle, most would allow that once permission is granted to use a de-identified data for research, there is no further obligation on the part of the researcher or intermediary.

But is this right? The individual is contributing value by giving access to his or her unique health information and there is no question in my mind, regardless of the consents involved or otherwise, and this I believe is true for clinical trials as well, disclaimers notwithstanding, especially regarding parents giving permission for participation by their minor children.

As the motivator behind such a contribution, particularly for people with chronic illness in their families, is the expectation or hope for direct personal benefit. In thinking then about privacy protection, the methods of de-identification and related system design, if we adopt this concept of individual ownership, we would need to be equally concerned with designing in methods of automatic – even if arm's length – (?) identification and timely patient notification, so if the research result and findings that could benefit the individual contributors of information, they would not have to wait the five or 10 or 15 years for that new evidence to unreliably and non-specifically make its way through the maze of publication, guideline development, clinical adoption, and optimal utilization.

Rather, the information owner as a contributor of value to these results would be notified immediately of the relevant findings and informed who they might call for further information and counsel and action. That is, the owner is provided their expected benefit from their contribution. And I should say as a sideline, we've put ourselves in this position because we have not been good stewards of the health information we have as professionals, because our patients are not getting the best care in a reliable fashion across the spectrum of people who can benefit.

You know, if we were better stewards and more capable of more consistently doing the best we could in terms of making the benchmark outcomes achievable for everyone – and I wouldn't be as animated about this as I am, but clearly we're not great stewards of the information so at least we should acknowledge that people own their own health information and should be able to have some awareness of it if not the animated and activated use of it for their benefit.

This concept of individual ownership can also inform our approach to pursued protection and punishment of violators. As I've suggested, an individual's health information constitutes a form of digital representation of self. And not only is it property; it is self.

I make this stretch, and I acknowledge it's a stretch, to emphasize the importance of crafting our judicial response to violations in a way that reflects what should be societal revulsion on an order of magnitude near our response to kidnapping.

Why? Because to fully benefit from an NHII, there really needs to be public confidence and a fairly extensive and open exchange of sensitive digital self information between trusted parties. Just like to fully benefit from a free society, people need to feel fairly secure that if they venture from their homes unprotected, they won't be snatched off the streets.

Well, I'm going to go over the top again with this analogy as a device to emphasize the sort of energy I think we must place behind our pursuit, prosecution and punishment of violators, using a quote from former New York Mayor Rudy Giuliani, and this is, again, this is high altitude, and he is in the context of discussion of the difference between the United States' success in limiting kidnapping and Mexico as the example of not. So the quote from Mr. Giuliani:

"Kidnapping should be a much bigger problem in the United States than it is in Mexico. We're richer. There are more people to kidnap from which you can get huge ransoms. Why is kidnapping a systemic problem in Mexico City and Mexico but not a systemic problem in the United States? Because the United States," Mr. Giuliani suggests, "dealt with kidnapping very early on."

He said, "The United States decided with the horrible Lindbergh kidnapping in 1932 that got so much attention that we would not negotiate with kidnappers, we would not pay ransom, and we would make it a horrible, horrific crime."

And when a kidnapping takes place since then in the United States, it's a major national event. The police all join together, the FBI joins with them, every resource is used to try and catch the kidnapper and to end the kidnapping in as successful a way as possible. And then when the people were caught, the people were punished in ways that horrified so the people won't do it in the future. So kidnapping has become in the United States a very, very high risk crime even though there'd be a high reward.

Again, I'm using these analogies to emphasize, you know, the point of the need if we're going to create a regime that is focused on helping people, we need this marketplace of information exchange. It needs to be relatively free. There can't be barriers at every door. But in order to feel secure in that, the way in which we deal with violators has to be obvious to the public and severe, at least in my view.

As I noted, I know this analogy may be over the top –

MR. ROTHSTEIN: Could you wrap this up, please, so we're running a little late?

DR. LEVINE: Yes, I will. I will.

MR. ROTHSTEIN: Thank you.

DR. LEVINE: And thank you. I'm sorry, Mr. Chairman. Let me just finish with a little analogy because I appreciate your patience.

Let me, to further benefit this argument, take the risk and share with you a personal health anecdote to explain my willingness to be so assertive.

Last year I underwent what was to be routine elective walk-in surgery at a famous New York City hospital. As is usually the case, my pre-admission screening was set for the week before this, and I arrived at the appointed time for administrative sign-in, labs and EKG. I was met by a lovely admissions clerk clearly doing her very best to get me through the process expeditiously.

And this was essentially the problem. She was gracious and thoughtful, but she had her checklist to get through, and that was her focus. And here's what the checklist included:

She handed me the HIPAA book and had me confirm by my signature that I'd received it and understood my HIPAA right – no discussion offered. It was clear at least to me that her training had focused on getting the necessary things done. She certainly didn't know a lot about HIPAA.

She had me sign a profoundly general consent for whatever was deemed necessary by unnamed providers and a waiver not for the surgery but simply in advance of getting my blood drawn and an EKG done.

I protested, suggesting it was so absurd as a proposed informed consent that it couldn't possibly stand up to real ethical legal scrutiny. She smiled and nodded and indicated she was just getting done what she had to get done. And I could certainly cross things out or write things up in the margins if I wanted.

She asked me to fill up the required New York State Advanced Directive detailing who my medical power was and what I wanted to do in case of this, that or whatever. You all know what these things say. They're not the sort of things that an otherwise healthy a person going in for elective surgery would expect to be confronted by, especially in the context of not having an opportunity to talk to a health professional about it, or their family.

She asked me to sign a general permission then for the hospital and all their minions and relationships to use whatever information gathered about me for whatever purpose they needed to use it for – to prepare for insurance reimbursement, whatever. Again, since I objected, I was allowed to write whatever I wanted on the paper before signing.

As I said, it's all done in an amiable fashion, thoughtful clerk, knew little if anything about health law, medical procedure, what HIPAA rights were, and certainly was in no position to gain informed consent for anything, or even to get a real acknowledgment of patient's awareness of their rights. You know, what she did was to complete a pre-admission checklist.

So I know this makes a point, but let me give you a capper. Unfortunately, my immediate surgical recovery was complicated by the need for emergency re-op due to uncontrolled and significant bleeding.

On the first day post-op, I got a call from my mother – I live in Manhattan; she works on Long Island, she's a mental health professional. She told me that she had an interesting call from a colleague of hers who was inquiring as to how I was doing. Well, my mom didn't tell anyone that I was in the hospital, so she asked her colleague, why was she asking?

Well, it seems that the daughter of a patient of one of this colleague of my mother had been scheduled for surgery in the same hospital on the same day as me, but she had to be bumped from the schedule because Dr. Robert Levine, Mary Tyler Moore's husband, had had a problem requiring emergency re-operation. So much – you know what I – I could stop there. The summation is just that, you know, I believe that our interests are best served by the value of personal health information and the value is best cured by a system that's designed and executed based on the acceptance of an agreed upon overarching first order purpose for the system that is to dynamically support the achievement of optimal health-related quality of life and function for all and to eliminate harm.

The acknowledgment that individuals are the owners of their health information and the reasonableness of the expectation that the individual should be, to the fullest and most immediate extent possible, the direct beneficiaries, of its collection and every use and recognition that in order to create a safe and trusted space in which all health stakeholders can confidently share sensitive information. Abusers of trust must be actively pursued and harshly – and further, the technical means to assist in evidence-gathering and prosecution must be designed into this.

Thank you.

MR. ROTHSTEIN: Thank you very much for that, as you said, animated testimony, and I'm sure we will have perhaps not as animated questions for you, but questions nonetheless.

Agenda Item: Presentation – Linda Rosenberg

And our third witness on this panel is Linda Rosenberg.

MS. ROSENBERG: Hi. Good morning. I'm very pleased to be here. I represent a segment of health care that is often under-involved in dialogues such as this one, and so it really is a great privilege to be here and to listen to such animated discussion.

In fact, Dr. Levine very eloquently pointed out something that is truly at the heart of the privacy issue in mental health, which is, you know, the discrimination against people with mental illness that continues to this day versus the importance of really an automated system in which we can raise the clinical floor, and we have a great, great divide in mental health between what we know is effective and what people get every day.

I really represent a trade association. The National Council for Community Behavioral Health is probably the nation's oldest trade association representing community-based providers of mental health and substance abuse services, many of whom also work with people with a developmental disability.

Our members include community mental health centers, hospitals, state associations of providers and local behavioral health authorities. Each year, our members serve – I forgot to use my slides; that's not good – each year, our members serve more than four and a half million people and employ more than a quarter of a million staff. And they serve people in a range of settings – schools, jails, clinics; our members are in every state across this country – rural areas, urban areas, and suburban areas. They provide clinical treatment and rehabilitation and housing services.

In 2003, the President had something called the New Freedom Commission and its report was issued in 2004, and it was really an examination of the mental health system in this country. And there were six goals that came out of that report, and the sixth goal really was around really the use of technology to access mental health care and information.

And there were two recommendations included in that goal – use of health care technology and tele-health to improve access and coordination of mental health care, especially for Americans in remote areas or in underserved populations, and the second recommendation was develop and implement integrated health record and personal information systems. And I'd like to take a few minutes today to address the importance and challenges of a national health information system for the field of mental health.

Specifically, I want to cover three topics – why an electronic health record is important for the field, the obstacles we have been facing, and what assistance is needed to leverage a national health information system to first and foremost improve the quality of mental health care and protect patients' safety, privacy and confidentiality.

The Federal Center for Mental Health Services estimates that in any given year, 21.4 percent of adults experience a mental health disorder and five to seven percent of the population suffers from a serious mental illness. Twenty percent of young people in a given year experience a diagnosable disorder, with five to nine percent of children and adolescents having a serious emotional disorder.

A substantial portion of individuals with serious mental illness or serious emotional disturbance who seek treatment are served by the public mental health system. They're served in the public mental health system either because they're uninsured, they have Medicaid or Medicare, or their private insurance has a limited health benefit. I don't have to tell all of you that till today, we still don't have parity between the treatment of mental health issues and physical health. And so in many ways, the public dollar, and often the Medicaid dollar, is underwriting really the work of private health insurers.

The care of these individuals generally follows two basic patterns that impact electronic health records.

Individuals with a low to moderate mental health complexity often require one or more brief episodes of care during the course of their illness, generally provided by a single provider in a clinic.

Individuals with chronic and persistent disorders often require long-term care that includes multiple levels of care, the involvement of teams of clinicians, and may include one or more episodes of a psychiatric crisis with the involvement of police, emergency rooms and/or psychiatric crisis workers.

In mental health, the basic clinical experience for both groups often includes an initial screening by phone or in person, followed up by a face-to-face assessment resulting in a written care plan that guides which services are provided by whom in what setting.

In the majority of mental health provider organizations, those clinical activities are supported by paper and pencil. This results in several problems that have a substantial, cumulative, economic impact.

One of our National Council consultants completed a study at a community mental health center in California, and I want to share with you some of the results of that study. He did it to really determine the cost savings and additional revenue that could be generated by the implementation of an electronic health record to support the basic mental health clinical flow.

And what the study found – and you can see on this chart – is that 3,000 to 10,000 hours of care were going undocumented, with an annual value of between $360,000 and $1 million to that agency. Twenty-five thousand to 42,000 of clinician time were lost due to inefficiencies in the manual paperwork completion process with an annual value of between $2.2 and $3.7 million.

Thirteen thousand to 20,000 hours of support staff time was spent on unnecessary medical records work, with an annual value of between $500,000 and $700,000.

With an annual budget of $26 million, the identified inefficiencies are between $3 million and $5.5 million represent 12 to 21 percent of that organization's resources.

The public mental health system, the community-based system, is an under-funded system, by all accounts. Losses such as this really mean that there are people who go unserved.

Communities with well-organized mental health crisis systems have many front doors. In fact, it's been the gold standard of a community that no door is the wrong door. And persons who experience a mental health crisis include, and often come to the attention of our crisis call center, mobile crisis teams, urgent walk-in clinics, and staff stationed in hospital emergency rooms.

In most cases when a crisis worker has a contact with a person experiencing a mental health crisis, even clients that have been in service for many years, little or no clinical information is available. And if the crisis worker doesn't have a personal history with the client, the worker flies blind. Far too often, the result is costly and unnecessary hospital admission, less than ideal handling of the crisis, and lost ground in the recovery of the individual.

In a small number of communities, this is starting to change. Providers in these communities are implementing electronic health records with crisis management components. And some of the emerging best practices include the development of online crisis plans with at risk clients before a crisis occurs, computerization of key portions of the clinical record including medication histories, information of prior episodes, information about allergies, client releases of information, because just as Dr. Levine very eloquently pointed out, very often the price becomes a barrier to effective treatment and involvement with family, and with someone with a serious psychiatric disorder, their family is their support network.

And all too often, families have come to me in the position I'm in now, in the position I held prior to this, to complain that they had no information about their loved one when truly they were the only resource that loved one had.

Electronic crisis episode tracking systems are being put in place and laptop computers for crisis workers with encrypted cellular modem cards that allow secure access to the relevant clinical records, crisis plans and crisis management software are occurring in some communities.

The difference in outcomes for individuals in crisis who live in communities with these technologies have not yet been studied, but the organizations using these systems are experiencing dramatic changes in their ability to know substantially more about a person's clinical history, the medications they're taking and whether the person is currently in care.

The President's New Freedom Commission noted in a transformed mental health system, consistent use of evidence-based, state-of-the-art medications, and psychotherapies will be standard practice throughout the mental health system.

One of the things we are learning as we try to narrow that gap between what is known through research, multiple research trials, and what is practice, is that there is not only that gap, but there is literally a lack of information and skill in the workforce. We really have a de-skilled workforce with psychiatric technicians, social workers right out of social work school providing care to the most ill, the most seriously psychiatrically ill adults and children.

In the process, one of the things we found in states as diverse as New York, South Carolina and Oregon is that the presence of an electronic health record positively impacts the ability to provide evidence-based care. There are three major reasons for this.

A number of electronic health record products allow for the entry of online assessment instruments that can take advantage of branching logic as the clinician and the client proceed through the assessment. If configured properly, this increases the likelihood that a proper diagnosis will be made and functional impairment identified, the first step in matching treatment to the needs of the client.

I cannot tell you how many times I have sat in treatment planning meetings where the same treatment has been applied year after year to someone when the original clinical formulation was wrong. It is the hope and really the prayer that the automated medical health information record will help correct some of these ongoing problems.

Many of the software packages also have the ability to add treatment plan libraries right into the software. A clinician can immediately connect to the treatment that has evidence for the diagnosis.

Also, it is very difficult to practice evidence-based care with paper and pencil because in effect you're a data-free environment. You have absolutely no tracking of outcomes either on the individual's level, an individual recipient's levels, on a program level or on a population level.

And all too often, mental health services really are anecdotal and data-free, and that has very little likelihood of changing until we have an automated system with built-in scales where we can really get that information. Hunches are sometimes right, but they're sometimes wrong.

Another obstacle to implementing the electronic record is really vendor mismatch. In 2003, 27 California counties developed a coalition to complete a search for software vendors to provide software. Over 140 vendors were contacted.

When it came time for requests for information to go out, they got 45 responses, a 33 percent response rate. Only 15 of those 45 submitted a proposal, and that was about 10 percent of those who had been contacted. Of the 15, only three were on the health care informatics list of the top 100 health care information technology companies and 10 were very small companies with less than 100 employees. And all but two were niche behavioral health software vendors.

These statistics, and the lack of interest in the software community, really hinder our ability to use and to benefit from technology.

In the early 1980s, the community-based mental health system was devolved from Federal oversight to state oversight, differently than community health centers. As a result of that, we have 50 state and 50 sets of rules. We had hoped that HIPAA really would help the standardization, but 16 months later, that is not the case. There are still states demanding very unique codes for treatment, diagnosis, assessment.

Mental health vendors who are contracted by mental health provider agencies have enormous difficulties around this variation. One example of this is in Oregon where a vendor started out in Oregon and is now in eight states and has over 7,000 data elements in their database.

So it's not an accident that major information technology vendors have shied away from working in mental health.

Throughout the history, there is dramatic difference between the availability of in-house information technology resources in hospitals and general medical clinics versus mental health centers. And there was a study in 2001 which really compared the banking and financial industries and what they spent versus what health care spent and at that time, banking and financial industries spent an average of 6.9 percent of revenues on IT in 2000, 6.5 in 2001, compared to 4.8 percent in 2000 and 4.2 percent in 2001 for health care.

As an under-funded subset of that, the statistics for mental health care are really very, very dramatic, as you can well imagine.

The other issue for us is the difficult transition in going from a pencil and paper system to an electronic system. Because of the complexity of the mental health environment and the volume of forms, a phased-in approach is an absolute must, and this means by definition two systems, and this significantly increased the cost and complexity of implementation and support.

Let me get to privacy concerns.

One of the things President Bush said was that Americans must understand and send this message: Mental disability is not a scandal; it is an illness. And like physical illness, it is treatable, especially when the treatment comes early.

Unfortunately, this is not yet the case. There is still enormous discrimination against people who have psychiatric disorders, both adults and children.

And so as we proceed, it becomes an even more complex issue in terms of safeguarding people's privacy. But for those of you – and I'm sure many of you know this, just as I do who have worked in hospital and clinic settings – paper medical records are everywhere.

There is no guarantee of privacy right now in a paper medical record. In fact, there is probably more built-in safeguards in an electronic health record than in a paper health record.

And so, again, you know, as Dr. Levine very eloquently pointed out, there is this balance, but we mustn't go too far in the balance and not get the benefits of what I think, and we all believe, electronic health records will bring us.

What assistance to we need as a special, really, and often under-attended to community?

First of all, the work begins at home, and I have to say that our own organization has been quite negligent. And we need to step up to the plate. So we need to work with our thousands of providers across the country to insure that we are at the table, just as we are today, and also that we stay on the radar screen of the major players in the health care information technology industry.

And if we don't step up our involvement, the specific needs of the mental health system will be missed.

Number two, we also need to work closely with our member organizations to develop an electronic health record strategic plan. And we have just started, really, to talk about that – bringing people together to say, this is what we're going to own and we're going to do.

Fourth, we ask that specific Federal funding and technical assistance be earmarked to support the efforts in mental health. A portion of the funding already in the pipeline for demonstration projects and loans should be made readily available to the behavioral health care system so we don't fall further behind.

And last, states as major mental health purchases, must place an increased value on information, electronic information, and reflect this commitment in their financing mechanisms and technical assistance structures.

California last November passed what may be the most sweeping mental health financing reform in the nation, Proposition 63. One percent of the income of everyone earning over $1 million. It will be dedicated to mental health services for adults and children.

And what they said in that Proposition, very smartly, is that they earmarked a portion of it for infrastructure development, including technology.

The efforts must be coordinated and organized so they are in sync with all of your efforts right here in this building because we very much want to help President Bush in his New Freedom Commission really make a reality of transforming the mental health care in America.

And I thank you very much for this opportunity.

Questions, Answers and Comments

MR. ROTHSTEIN: Thank you very much. And we now have an opportunity to engage our three panel members with questions. I'll recognize my colleagues in turn. Okay. Steve?

MR. STEINDEL: Oh, I get to go first. Well, thank you.

MR. ROTHSTEIN: That's because I've got three dozen questions of my own and if you don't get it in now – [laughs].

MR. STEINDEL: That's what I was wondering, Mark. You usually lead off and I was going to sit back and wait. Thank you.

This is somewhat in the area of comments and questions for all three panelists, and it revolves somewhat around the same thoughts. Dr. Lichtenfeld, in your talk, you gave a very good example of what we've observed many times in this Committee, and I'm going to put this in terms of CDC's interest, which is where we get to diabetes in another area.

Dr. Gerberding is reorganizing CDC to be much more effective in the area of prevention, and we find that we're going to have to start doing more and more in the area of prevention. Prevention is before the fact. Cancer is after the fact. And we have found that people are very willing to share information after the fact.

And what we have found is they're not very willing to share information before the fact, and this also has influence on diabetes and evidence-based care, et cetera, because we get all this information, we're doing all this evidence-based care on diabetes, we know what tests we should do, what to advise the patients, et cetera.

But in the area of diabetes, in the area of prevention of cancer before the fact, and as we've pointed out, sometimes in the area of mental health, the environment can offer many stimulants in that area.

How do we influence life style behavior in the area of – where we're dealing with, as Mark was talking about earlier, from groups that really want to protect the privacy of their life styles' behavior? We heard Dr. Levine talk very eloquently about what happened in New York City to prevent HIV transmission, which is a life style behavior.

Do you have any advice from the three panelists on how we can effect that change? That's the major change that we have to effect.

DR. LICHTENFELD: Every time I thought I knew what the question was that you were going to ask, you asked a different question, so –

[Laughter.]

DR. LICHTENFELD: -- that's why I'm a little hesitant here. And they're all obviously part and parcel of the same issue.

I would just like to add, for the benefit of the Committee, I also serve as the manager, the director, whatever, of our cancer control science department which sets our guidelines which many of you are familiar with in a variety of areas.

And also I'd like to emphasize that we have now formed a partnership with the American Diabetes Association and the American Heart Association coming together and the major message and the major mission is exactly that prevention and trying to get that message.

Not only that, and alluding to the comments from my colleague to my left, trying to figure out what exactly the elements of prevention are that we need to be emphasizing, which we really don't know.

So that's really complex, and if you'd like to come back another day, we can have a discussion. From our point of view, we do a lousy job of prevention in this country, we really do, you know, the life style change issues and then actually implementing them, but we do a lousy job on many, many levels.

We do a lousy job on the public health level by sending out the message and we do a lousy job on what I call – I shouldn't say "lousy" so much, but it's true – on the transactional level, that is, when a health care professional actually has somebody sitting in front of them and you're saying A, B, C, D, E, this is what you should be doing.

We also know by the same token that if a physician or another health care professional who's in primary care did everything they were supposed to do every day, it would take them literally – the study was about 7.4 hours a day out of their day and their professional practice to counsel their patients about prevention.

So we have got to find different systems. And that probably goes far beyond the concern of this Committee, but very briefly, we need systems that send the message. We need that consistent message at a very public level. The Legacy Foundation ads were very effective as long as the money was there – that's the smoking cessation ads – but the money's disappeared. Actually, there was an article in The Wall Street Journal just the other day to that point. We were hearing that a year and a half ago. They really had an impact and don't work.

And we need systems. We recognize that we need systems in practitioners' and providers' offices that remind them of what has to be done, and we need to make information available to patients.

Now, you know, sitting here in this room talking about health infrastructures networks and privacy and information, how do we get our colorectal cancer screening rate from 40 percent up to the 80 percent where it should be? How do we make sure that women who need mammography get it every year on schedule, which is a critically important part?

Other countries -- and we had this conversation before we started today – other countries have solved that problem. We do believe it's part and parcel of the electronic health record and probably at some level part of a national health infrastructure process as well.

So it's not just a "this is the answer or that's the answer or do this or do that." It's a combination. It's a combination at the public level, it's a combination at the personal level, a combination at the practitioner level to make that happen.

And we need to have systems in the broadest sense of the word at all levels that are going to make it work.

Now, the privacy thing – I mean, you know, we think that people do want to know about prevention, that when people are asked what makes them get, in this situation, colorectal cancer screening, the answer invariably is "my doctor told me to do it." That was the answer.

But, you know, if the doctor doesn't remember, or the health care professional or somebody in that office – it doesn't have to be a doctor, for gosh sakes – doesn't remember to do it, it doesn't get done.

Now, I looked at that and said, well, that's the record of the doctor's office. How far do we expand that beyond? It's something that, you know, we're going to have to figure out.

But we have to start someplace. We're not doing the job we should be doing.

I don't know if that's responsive to your question but –

MR. STEINDEL: Right. Thank you. Really, as you pointed out, there's not a good response to that question and --

DR. LICHTENFELD: Hope it's not my fault.

MR. STEINDEL: No.

[Laughter.]

MR. STEINDEL: And, you know, I wanted to raise the issue because it does have privacy implications about the type of information we collect. We can just look in the newspapers today about just gathering information on obesity in school children and the opposition to that.

MS. ROSENBERG: We have right now a raging debate in the public policy sector of mental health around early screening of children. One of the recommendations is screening the school-age children for emotional disorders and there is literally a campaign against that happening, strangely enough with Scientology often at the heart of it, very powerful, very well financed.

And so these are not simple issues because they're also politicized issues. It's very difficult.

MR. ROTHSTEIN: Okay. Mr. Reynolds?

MR. REYNOLDS: Yes. Thanks to all of you for your testimony.

DR. LEVINE: That's all right – I can answer it but it's –

MR. REYNOLDS: Oh, I'm sorry.

DR. LEVINE: No, no –

MR. ROTHSTEIN: You can work in your answer to the next question.

DR. LEVINE: Yes.

[Laughter.]

MR. REYNOLDS: Dr. Lichtenfeld, when you were talking about your website, you mentioned there were no serious breaches.

DR. LICHTENFELD: Yes, that's right.

MR. REYNOLDS: That would –

DR. LICHTENFELD: Well, interesting phrase there.

[Laughter.]

DR. LICHTENFELD: We're in Washington, so –

MR. REYNOLDS: People pick their words carefully!

DR. LICHTENFELD: I mean, the answer to that is people – that's why I referred to about information freedom has its consequences. People will put their name or their telephone number or something in a chat room or a question and the QA stuff is publicly visible. And there have been some people who have been called. Or they may say, within a protected environment of the community, behind the password protection, there are people who have been, shall we say, bothered by others who they didn't want to be bothered by, having exchanged some more personal information.

The key point is within that community, the password protected, people give out a tremendous amount of personal information willingly. For the information they give out, the number of problems that arise are limited, and matter of fact, what we have seen is the development of true community – that is, I mean, security issues, policing issues, whatever, and the community comes to respond.

The number of people who call and say, you know, so-and-so called me and said, you know, I didn't want them to bother me, and we had to take an action are really very few, as I said, on a practical basis.

MR. REYNOLDS: A question for all three of you. We've heard significant testimony yesterday about the trust and about the HIPAA privacy rule as it stands now, and each of you somewhat mentioned people cooperate with who they trust and Dr. Levine, you mentioned misuse of PHI should be considered a type of a more serious –

DR. LEVINE: Hangable.

[Laughter.]

MR. REYNOLDS: Yes, that's right; I didn't write down exactly what you called it.

[Laughter.]

MR. REYNOLDS: But your point was that it should be ratcheted up as a CH consideration. So we've heard discussion about the privacy rule as it's out there now, we've heard discussion about covered entities and other things. I'd love to hear just a brief comment from each of you on just how you would see this focus on privacy, some attempt to try to do that in a reasonable way.

DR. LEVINE: It's very difficult because my sense is that the more we take kind of a regulatory approach, a prescriptive approach, as opposed to a professional approach, the worse things get because the only response can be this sort of bureaucratization of the compliance checklist so that you get to a point, which is what I experienced not just in my own admission but also every time I've interacted now with family members with hospitals or with doctors or otherwise, it's always the same routine.

Here's the book, you understand your rights, sign here, we need to use the information; otherwise you're not getting the care that you need. There's little understanding at that moment on either the asker's side or the signer's side what really they're doing or what they're signing or why.

And yet, from the regulatory side, if someone, you know, JCAHO comes in or whoever comes in and sees all the checklists done and all the signatures on, then there's been compliance.

It perverts everything. My – you know, bless her, my wife's aunt, who was her second mother, just died yesterday. When she was ill in the hospital, her doctor would not talk to me. This lady, now passed, was my wife's only living close relative, was her durable power of medical attorney, and the clinician taking care of her wouldn't talk to me. And Mary wanted me to talk because I'm a clinician, I would understand what was going on with this lady who was having multiple strokes.

So right now, I don't think people understand HIPAA, and I don't think they know how to comply. So I think they're kind of like that old Skinner experiment of random reinforcement of the chicken with his arm underneath his wing and there's one leg up.

And we have to get back to the ethos, the culture of trust, between providers and patients and build a system that supports that trust rather than creates an adversarial relationship between providers and everybody.

DR. LICHTENFELD: Once again, a difficult question. I have colleagues primarily on the research end that wanted my entire talk to say "take away the regulations, make the data open, and let us have access to it. Yes, we recognize e-privacy but we want that information." So I've delivered the message and done my job and I can go home with a clear conscience. They felt very, very strongly about that, in all sincerity. We're sort of kidding around here a little bit, but that's what they felt.

Having talked to everybody that I've talked to to try to prepare for this, I tried to emphasize in the talk when we get here, we have a monumental task that you don't hear a lot of people addressing. You alluded to it very nicely. That is, we have many, many different layers of requirements to cross before we even get to the question of what data we're going to collect. We have inside – I mentioned institutional, and I mean institutional, institutions that change from day to day because perhaps they've over-interpreted a rule that it was well-intentioned. We have obviously state, we have some perhaps local, we have Federal requirements.

The plea would be to make it – and this is the impossibility and I know, and I'm here in Washington and I know some of the people in this room – make it clear, make it uniform, make it understandable, and let us be able to open up this information to access with the appropriate protections.

But I think it's that clarity. If we don't get past the state-by-state issue, and – I don't know; I don't want to get in the political mix here and I'm speaking individually – if we don't figure out a way so that we can make this work across the board, and I would include Federal health care institutions, they've not been mentioned here.

I will tell you that one of my collaborators in this talk pointed out that the toughest place for them to work with to get information were in the Federal organizations that provide health care, those when they had to get into, and I don't want to mention – I'll tell you afterwards – when they had to get in there to get the information for their various databases, that's been the toughest negotiation they had. We need it uniform, simple, clear, understandable, and we need to know something that people can apply reasonably and be able to talk to Dr. Levine.

You know, it's like that situation where the man – you know, we all read it, I guess – the man jumped out of the window because nobody was allowed to say by HIPAA that he was a seriously ill gentleman. You know, that's the kind of thing that just common sense suggests that we need to deal with, we figure how to deal with it. How we structure that, I leave that to others. It's beyond me. I mean, that's going to be a tough proposition.

DR. LEVINE: I would only add – I'm sorry – the health professionals, any professionals, react to the circumstances they're confronted with.

So in the case of my personal information being revealed, it was a clerk in the recovery room where the anesthesia was where they schedule a nurse, you know, who had a mother who was concerned about her daughter running after her saying, why have you cancelled my surgery? At that instant, that individual decided that her day would be made easier. The threat of $250,000 fines, five to 10 years in prison, whatever, was not real. What was real was that mother yelling at her. So she said, I have a piece of information that's going to get me out of this because I'm going to use a celebrity name and I'm going to tell her why – it's not my fault. It's his fault that your daughter was bumped.

So, I mean, that is what happens, that is what's always going to happen because of this –

MR. ROTHSTEIN: Let me make an observation and then proceed to a few of the questions I had intended to ask.

It's interesting that this part of our two-day hearing was earmarked to hear from disease and health advocacy groups on the issue of privacy. We're going to be hearing later on today from consumer advocacy groups and so forth.

I think in the public view and in many places the misconception is that sort of the big picture of privacy pits the patients against the providers and the researchers and the public health people and so forth where the patients are digging their heels in and don't want to share any information with these other groups. And so it's the public interest against the private interest of the individuals.

When taken as a whole, your testimony reinforces the notion that the patients have a very strong interest in research and a very strong interest in public health, and to say that patients are on one side of the equation would be, I think, misleading.

And so it's not that we don't have to balance the interest of the patient, of privacy, of patient information against research and clinical care and so forth. It's just that patients are on both sides of this balance.

I want to ask Ms. Rosenberg a question and it's something that you didn't address specifically but it was raised sort of implicitly by your call for more e-health use in the mental health setting. And that is whether you're concerned that individuals will refuse care if their records are not confidential. That is, mental health care.

One of the other task forces that I serve on is to deal with the largely under appreciated – I don't want to say epidemic, but substantial rate of physician suicide in the United States because they are afraid that if they seek professional care, their license will be pulled and so on and so forth. We see this with medical students, we see this with law students who don't get care because they think that they won't be able to get licensed. And that is in a largely paper-based system where it's reported to the licensing board and not as easily retrievable. So, what are your thoughts on that issue?

MS. ROSENBERG: As you said, I think it is really unconnected to the electronic issue. I think it is the issue of discrimination against people with mental illness.

And I think you're absolutely right. I know people who have literally paid out of pocket rather than had bills go to their insurance company which required a psychiatric diagnosis, people who were able to do that financially.

You know, I think we've come a long way. I think it is far more acceptable to talk today about depression, taking, you know, medication for depression, even electro-shock for people, you know, in middle age, my age, who were depressed.

But we have a very long way to go, and it is of course a great tragedy and you are right. The dangers, I think, appear more inherent because of electronic retrievability and it never goes away even when you want it to go away, but I think the overriding anxiety about having a mental illness – and I think part of it, too, is our limited technology in effective treatment that also adds to people's fear about being stigmatized. You almost don't want to deal with it yourself, much less have other people know about it.

I think that is the primary issue, and I don't know that people are really focused on it's going to be worse now that, you know, we're going to have an electronic health record. I've never heard that expressed.

MR. ROTHSTEIN: See, I think in the long run – I don't know what the long run is – we won't treat mental illness differently from physical illness –

MS. ROSENBERG: That's right.

MR. ROTHSTEIN: -- and we won't have this irrational discrimination –

MS. ROSENBERG: Right.

MR. ROTHSTEIN: -- and so forth, but I'm concerned that in the short run, if we're not somehow vigilant about some other things I'm going to raise later, things might get worse in terms of people foregoing treatment when it would be beneficial, and I think that's something that maybe the Committee needs to deal with.

I have a question for Dr. Levine. Your suggestion about patient ownership of the health record is very intriguing. I want to sort of flesh this out a little bit.

I think there's another way that we can get to where you want to go without using the ownership route. Calling it "ownership interest" I think is problematic. For example, Oregon in 1999 enacted a law that said that individuals had an ownership interest in their DNA and it basically caused the biotech industry and the pharmaceutical research industry in Oregon to grind to a

halt because they couldn't re-contact all the people who had submitted samples because some of them were dead and some were anonymous and they couldn't use it and they had to repeal the law.

So here's what I'm thinking, and this is a long question. What you're suggesting is very interesting. It seems to me to be a clinical application of a rule that we already have in research where IRBs don't approve research unless the issue of re-contact is considered, and if there's research where there would be clinical utility to re-contact the subjects, the subjects have to be given an option as to whether they want to be re-contacted and so forth.

But now, it seems to me that in the clinical setting, the duty to re-contact is not because something was done on the basis of their record but it's that we actually can do something that we've learned and using some sort of information technology, we recognize that you will benefit from this that exists. So it's not my record that you're borrowing my property; it's the fact that we're in a professional relationship. Now you know something that will help me that should be the sort of the ethical imperative to do that.

DR. LEVINE: Yes, I mean, I think that's basically the point I was making, although I will clarify for you.

I said the patient owns the information no matter in what record it exists and it is the keeper of those records that owns the record itself. And I expressed it that way for exactly the purposes that you've now outlined.

It's a design construct that suggests treat the information as if it were owned by the individual and then design the system in such a fashion as you would design that would respect that ownership interest which provides for what I'm loosely calling a right to be informed about that information no matter who was holding it and its relevance to promoting that individual's health on a timely basis, which does extend the IRB notion to the clinical circumstance.

And actually it suggests that where there are evidence-based standards of practice that are not being adhered to, there's some kind of a fail-safe that at least notices the primary physician and the patient in much the same way as the (?) program that FACCT developed does. It says, listen, you know, you should know that. Here's what the benchmark is for people like you, here's what's happening, here's what your results are that we're aware of. You know, you can choose to do something about it or not, but at least people are aware.

MR. ROTHSTEIN: And the electronic health record could be much more efficient in –

DR. LEVINE: Right.

MR. ROTHSTEIN: -- those prompts. Dr. Lichtenfeld, you wanted to comment?

DR. LICHTENFELD: Yes, thank you, Mr. Chairman. I just have to enter into here with a comment that I suddenly became aware of during my research. And when you were giving your testimony, I heard what you said and it immediately sent bells off, and I'm not going to say pro or con, but I'd like to put the concept out there of what we're talking about here.

What we're saying is, in the discussion with the national cancer database, we are really trying to figure out a way – many of us are, not only with NCDB but elsewhere throughout our process and systems – how to improve quality of care.

At a very elemental level, NCDB wants to be able to collect the information about what happens to a patient in a particular circumstance at a particular time and be able to feed it back. Right now, they're delayed by years; I mean, it doesn't happen.

Taking Dr. Levine's concept, they would collect the data, benchmark the data by hospital, benchmark the data by individual, and then theoretically – again, I'm just putting it on the table – then they would have to go back and tell that individual, you know, you're in this hospital and you didn't get this treatment.

Now, I asked the NCDB folks who are in the process of doing that in colorectal cancer trying to benchmark the institution at a macro level. I said, I personally find it very hard to believe without the protection of various laws, you know, in terms of doing quality improvement work within the states – we have no Federal statute – but doing quality improvement, I find it very hard to see that the institution would want to see that they're doing lousy, because that becomes discoverable.

And the response was – and this is the surprising thing; it didn't get into the testimony, and I think it needs to be made – the surprising response to me was that every institution participating in this program, that's all of them, all 1,425, those that they have talked to, and there are many they'd talked to, are thrilled and can't wait to get the information.

Now, either, with no protection, no protection whatsoever, take it to the individual level, and again, I just want to put it on the table, take it to the individual, I would raise the question: What would happen to true quality improvement and benchmarking data if there was a requirement that someone who's entering the data would have to then have the responsibility to notify an individual they didn't comply?

The good news is we can do it. Some people might have a very serious question. You know, I'm not the lawyer. That raises a very, very interesting question, and I don't think we have an answer, but I don't want it to go unnoticed.

MR. ROTHSTEIN: Thank you, Dr. Lichtenfeld. We'll ask the questions.

[Laughter.]

MR. ROTHSTEIN: Bob?

MR. HUNGATE: The subject is complex. I have been on the purchaser side of this game for a long time and have believed in quality improvement.

There's a recent article in The New Yorker by Dr. Gawande, the bell-shaped curve, which exposes some of the same content that we've articulated so that it reinforces the growing discomfort on the part of patients as to whether they are well served by the system.

The kind of evidence of variation in diabetes management I've heard for years – you know, it's not new news in an intellectual sense. But the disappointing thing is there is no apparent response.

Now, I'm trying to get at what's the cause for no response, and I think it's another piece of the privacy

issue which is the provider side of it which is tied to the malpractice threat. At least that's a conclusion that I'm kind of putting out there and wondering if it isn't a piece of this, and whether we don't have to deal with the issues of patient safety and medical error in some professional protective way in order to get a better measure of result.

Now, I give an example. I'm head of the quality work group. We're trying to improve the measurement system. The purchasers have pushed hard for lab values in order to get hemoglobin A1c measurement to be an accountable measurement. Tremendous push-back from the provider community.

The basis of the push-back, as I understand it, is that we cannot dictate patient behavior, that there are two people in this game. There's the one who says, here's what we need to do, and then there's the patient who decides what they're going to do, and I retain the right to do that.

But someplace in here there's the valid information that makes me behave better, and I think you were getting at that, Dr. Levine. But I don't know what are the stumbling blocks in this structure that we have that stop us from making the next step. I have the feeling it's the threat of suit, and I wonder what your reaction is.

MS. ROSENBERG: I just wanted to quickly say because there are people far more knowledgeable than I am, in mental health it truly is not the threat of suit. Suit is very rare in mental health, and I have sometimes myself thought that some lawsuits might do some good, actually; they very often have been very helpful in moving an entire state's mental health system. The right to treatment, you know, lawsuits have kept the system in Alabama, a decent mental health system, for 30 years.

So, you know, I don't think in mental health it is the fear of suit. And I think there is a lot of effort in trying to narrow that gap. At every level in the system, it is not necessarily from lack of trying. There is always the initial, "well, we do do evidence-based practice." Well, of course, when you begin to ask, that is not what the case is. But once you get over that, once you get over people arguing that the data was wrong -- you put it together wrong; that's why I look bad – once you get beyond that, people are struggling with this.

I think we have a complex health system in this country. We cannot do what they did in Great Britain around mental health about four or five years ago. They actually did a major reform with clear standards around evidence-based practices in the treatment of psychiatric illness. But they have a single payer system. They were able to drive that route in a very clear and specific way.

We can drive nothing in a clear and specific way here. We have very little line responsibility. We have lots of different layers, different payers, different purchasers, and I think that does add – I'm sure it is not the whole story – but I think it does add to the complexity of improving our system.

DR. LEVINE: And I would just say it's about episodes of care versus continuity of care, and, you know, view of a very elemental level of health care is really about action taken at the intersection of two information flows. You have the expert and you have the personal.

So decisions about what actions to take are in the context of a relationship, right, and that relationship is informed by an ever-growing knowledge base that is contributed to by that particular interaction but also on a growing knowledge base.

So outcomes depend on access to and immersion in those changing information flows and the frequency of sampling and the quality of interpretation and the quality of communication of dependent relationships.

So, you can get better outcomes with patients with diabetes, certainly patients with Type 1 diabetes, based on kind of an immersive relationship with the patient and their family and continuous observation because health

decision making generally in chronic illness is not definitive, it's iterative. Well, iteration doesn't work if it's Q-six months or Q-year with a family practitioner who's a non-expert in a particular complex problem. It just doesn't work.

MR. ROTHSTEIN: Dr. Harding?

DR. HARDING: Just quickly – I was thinking about the same thing Dr. Levine was talking about, that the failure to use data equaled – maybe my word – negligence.

DR. LEVINE: Could be construed as equaling negligence.

DR. HARDING: Okay. And since it is a two-way street, that was kind of where I was coming from and had some problems, and I don't know if there's more to talk about on that.

DR. LICHTENFELD: I can make a brief comment. I have colleagues of mine, many of whom are non-physician colleagues, who have said, well, the way to solve the screening problem in this country is to go ahead and start suing doctors who don't do it. And that's not the way it's going to get solved. It's exactly the wrong thing. And we do have to develop an environment.

So I don't think the threat of litigation should be the means of improving the public health. I think we have to find better partnerships to make that happen.

DR. LEVINE: Well, in fact, it's part of the problem. I mean, I grew up – maybe I'm old now; I graduated medical school in '79 – when doctors thought of themselves as collaborators, partners, you know, with the patient, and the patients thought of their doctors as trusted agents of their well-being. And that partnership, that collaboration was paramount, and the system revolved around it.

And I'm not suggesting we go back to Marcus Welby. All I'm suggesting is that we should look, from the standpoint of system planning, at how do we bring doctors and patients closer together so they could reestablish ties and make those collaborative decisions that are necessary and productive, as opposed to finding ways to separate them by the right of suit or otherwise? That doesn't make any sense at all.

MR. ROTHSTEIN: Richard?

DR. HARDING: Ms. Rosenberg, a couple things that you said that I had thoughts about. One was that you mentioned the decrease in the skill of the workforce. I agree with you. I worry, though; were you implying that an EMR, an electronic medical record, would replace some of that skill?

MS. ROSENBERG: I don't think it would replace some of that skill, but I think it would make apparent the

lack of skill, for starters, which now I think is quite hidden. It is not a transparent system at all. It takes place behind closed doors.

I think there are even problems in terms of engagement of people and keeping people in treatment because of the lack of engagement skills. So that is a major issue.

But I do think for someone who is basically skilled, you know, the electronic health record with built-in decision prompts and help is a terrific boon.

DR. HARDING: The other issue that was raised yesterday, it was the issue of in effect entering information into the electronic medical record.

I have a colleague at a VA – you didn't want to mention any Federal things, but he spends three and a half hours a day in front of his computer and interviews patients like this, inputting. That's the only way he can do it. He'd be there till 10 o'clock every night putting data in.

Now that, in psychiatry, that's a problem because you're sitting there looking at the computer while you're asking somebody about sensitive issues. I don't know what to do with that, so to speak. The VA electronic medical record is a wonderful thing as far as treatment in the long term, but those kinds of issues are going to be very hard to resolve.

DR. LEVINE: I think Don Berwick's group, the Institute for Health Care Improvement, has looked at this issue and has talked a lot about using abbreviated versions, kind of the 80 percent rule – you know, if you get these six variables into these circumstances, you're covering 60 or 70 percent of the landscape, and that's huge. Don't try to push to the nth degree, you know, and there are fields to fill.

DR. HARDING: Yes, I know those, and there are fields, yes.

[Laughter.]

DR. LICHTENFELD: I just wanted to say a concept I've written down here; you just touched right on it. Electronic health records are enterprise efficient, not physician efficient, and maybe we have to figure out a different way of doing it, but until we get there, we won't get there. You talk to docs who use the VA record, my colleagues, they love the VA record, they love the fact – but they say, I can't get to the core of what's going on with the patient, so we have to work on the physician piece in order to make this work. That's what we're really looking for.

MR. ROTHSTEIN: Okay. Last question? Dr. Fitzmaurice.

DR. FITZMAURICE: Yes. Yesterday, we heard from Tom McLellan, the Executive Director of the Treatment Research Institute, and his spot on the line was that mental health and substance abuse data should be integrated into the electronic health record. Why? Well, for patient safety reasons, for patient care reasons, and for knowledge development, or for research.

Steve asked a prevention question – sure, he comes from CDC –

[Laughter.]

DR. FITZMAURICE: I'll ask a research question, and I come from the Agency for Healthcare Research and Quality.

As I hear you talk, I think all of you want protected health information to be well-protected, may be used only for the patient's benefit. But the blinders are open; someone say, can it be used when the benefits to society exceed the cost to society, including the patient's benefits? But the patient is probably more paramount in that calculation because it's the patient who would suffer the embarrassment, the job discrimination, the insurance discrimination.

So I think I heard certainly Linda Rosenberg and perhaps all of you say there's got to be greater use for the electronic health records for behavioral health.

Does this translate – and I didn't hear you say it – to greater use of electronic health data for research to get more unbiased and more scientific research about what work and what doesn't seem to work in this area?

I didn't hear you say we should have uniform patient identifiers probably because that there's this great personal harm. But do you believe that there should be greater use of electronic health record data for research and do you think that current research protections of the privacy rule are sufficient for research? Do they go too far, too little? I'll leave it at that.

I'm not looking for a long answer, just a sensitive – what we should be concerned with.

DR. LEVINE: Yes, the short answer is I've written often about the systematic assessment of everyday practices is a major contributor to the development of what I call real time best practice. And that infers that every interaction, every clinical interaction, should be part of a big clinical trial in a sense, idealized sense, because what emerges from that is you aggregate enough patient exposure and enough patients with various attributes and complex chronic illnesses, you'll start to have emerge from that compilation, as you know, new hints as to how to identify problems earlier, how to detect trends earlier and so forth. And in drug screening and drug post-marketing assessment and so forth, the same thing goes.

But you need to have that big iron kind of an approach of capture every bit of data you possibly can with the circumstances of clinical engagement and try and, you know, have the basis of the kind of little interrogating elements that can go in there and drag things out.

Yes, I support that, and are the protections adequate? I use the value proposition, value exchange, notion because I think it's, like anything else, it's a balance, and that's why we all have said that patients with chronic illness want to talk about their problem. They want to learn from peers, they want to learn from their doctors, they want to learn from research, because they see a real exchange of value there for them that's immediate.

So I think the protections are as adequate as the value that you're putting back.

DR. LICHTENFELD: I think that unless we get to some sort of a potable, standardized set of datasets, data formatting, that we'll never get the answers to the questions that we have to have, and that is, are our treatments working? Are treatments working, and if they're working, what are the problems people are seeing five, 10, 15, 20 years out, because we don't know the answer to those questions.

Interestingly, NCDB has done a survey on the impact of HIPAA on clinical research, and I've got to tell you that I have sat in rooms perhaps with some of you here in this room, I have sat in conferences where physicians have gone ballistic, researchers have gone ballistic about the impact of HIPAA.

And I'm afraid to say this publicly, but this is what the data shows: Out of the several hundred institutions queried by NCDB that responded, a decided minority felt that HIPAA had adversely impacted their ability to do research. And yet the perception is that it has.

So we cannot undervalue the sentinel effect of HIPAA on the research equation and it's a very real thing. So, have there been violations? You know, I don't know. But it's viewed as being onerous and that's why it has to be made reasonable and consistent and understandable. But we have to get there if we're going to have some really decent answers to some very important questions.

MR. ROTHSTEIN: Thank you all for your testimony and your thoughtful answers to our questions. I allowed this to run over because of the importance of the issue and also because our Subcommittee discussion period from 11 to 11:45, we're not going to need all that time for our discussions. But we will now take a 10-minute break and reconvene with the Subcommittee discussion before lunch.

[Break from 11:12 A.M. to 11:29 A.M.]

Agenda Item: Subcommittee Discussion

MR. ROTHSTEIN: Are we all ready? We are back with our hearing of the Subcommittee on Privacy and Confidentiality of the National Committee on Vital and Health Statistics.

This period on Subcommittee discussion I would like to focus on discussing hearing number three in our series, so after today, our next hearing is scheduled March 30 and 31st in Chicago, and at that time we'll be hearing from provider individuals and groups, so that was the purpose of going to Chicago, of course, so we can hear from the AMA, the AHA, the ANA and so forth. And we're going to be talking to them about their interests and issues and concerns in the new national health information network.

And the third hearing, as I've envisioned it, we would be moving to a more concrete level of discussion and hearing from plans that have already adopted electronic health records, what their privacy concerns and practices are, hearing from designers of electronic health records, getting a sense of what's realistic, what's possible, in terms of how we might protect privacy in future systems.

So the timing is that we've got our March 30th and 31st hearing, and now the question is when do you think it would be appropriate to schedule the next round of hearings?

Let me just go over a couple of dates for you. Of course, next week, March 3rd and 4th, we will be having the full Committee meeting, and the next meeting of the NCVHS, the full Committee meeting in June, is scheduled for the 29th and 30th. So I'd like to have it sometime, our third hearing, probably in Washington, unless someone can make a compelling case that we ought to go elsewhere, and before the June meeting of the full Committee.

That doesn't mean that we're going to have a report for the full Committee in June. It's much more likely that it would be in the September meeting of the Committee when we'll have something to share. So does anyone have any suggestions? We could do it, you know, sort of any time before, I think probably would be better, but maybe not, before the last week in June. Kathleen?

MS. FYFFE: Clarification question. This third round of hearings, could you say again what we would like to focus on?

MR. ROTHSTEIN: Sure, and this is just a suggestion, and the Subcommittee members may want to amend this. We will have had, by the end of the second round of hearings, input from experts on privacy and bioethics, which we heard yesterday; we will have heard from disease advocacy groups, consumer advocacy groups. We will have heard in our second round of hearings from providers and provider groups about their concerns.

And as I envisioned it, the third round of hearings would be going from a more general level to a more specific level, so we would be hearing from perhaps someone from the VA system, perhaps some people who were familiar with the electronic health records systems in the U.K. or Sweden or Iceland or some other country that has a lot of experience. We would hear from experts in electronic health records system design who could answer questions that we might have concerning the retrieval restrictions or exclusion criteria or some of the other concepts that we talked about.

So that was the thinking on the third hearing, although I'm certainly willing to entertain suggestions for a different kind of third hearing or whether we've omitted something and maybe we need a fourth hearing or a fifth hearing or any other suggestions. Bob?

MR. HUNGATE: I don't know whether it's a suggestion or a question. The developers of electronic health records are hard at work as we speak, you know, trying to tap a market that they see coming in front of them.

I'm wondering whether we can pose a set of questions for those people that are drawn from the testimony we've got so far. You know, people have made

suggestions about what ought to be in the content relating to privacy. Call it a straw man, call it what you will. Is there a way to composite those inputs into a "what if" statement of what the structure of privacy might need to be to meet what has been asked?

MR. ROTHSTEIN: I think that's a terrific suggestion, but maybe what I would like to suggest is that we do that after the next round of hearings once we hear the concerns of the providers and then perhaps at our Subcommittee discussion time in Chicago begin the process of formulating those questions and then if necessary circulate drafts of emails or even have a conference call and then supply not necessarily things that every witness would have to address but the kinds of things that are on our mind and maybe they could sort of tailor their testimony to that.

MR. HUNGATE: The premise that I'm kind of working from is that we're going to be dealing with a chaotic situation and that the simpler questions that we can get posed that would work at a patient level are what has to then drive the information structure downstream. So, trying to respond to our first speakers' yesterday admonition to make it a simple set.

MR. ROTHSTEIN: Right.

MR. HUNGATE: I'm trying to think about could we come up with that simple set at that time as a test?

MR. ROTHSTEIN: Yes. I think that needs discussion –

MR. HUNGATE: I'm sure it does.

MR. ROTHSTEIN: -- whether we would want to go in that direction, whether we think that that's in fact our responsibility. We may recommend that a simple set be developed with an admonition that we want to have a simple set but it may be much more complicated and require much more input and we may recommend something that Alan Westin suggested yesterday, that there be some other body that is given the responsibility of coming up with those sets, or something.

So I'm not sure we need to do that now, although I do like your idea a great deal about trying to give as much guidance to the third round of testifiers as possible so that we can really have them address things that are on our mind.

The first two rounds, we want to hear what's on their mind. But maybe in the third round, we want the experts to help guide us and deal with some of the things that we've distilled from the first two rounds. Harry?

MR. REYNOLDS: Yes. To play off Bob's comment, even if we went as basic as to say I think we've heard really that some of the testimony has recommended that the medical record be segmented and that it'd be owned by the patient in some way and some kind of consent go on, which I think – I mean, I've been a developer; if you're putting something together, those basic premise, not actually how it would happen or what we would want it to look like, but the basic premise, because having reviewed a number of medical records recently, I believe most of them are designed to be owned by the provider.

And they are systems that are delivered to the provider, not necessarily where if a patient said I don't want this to happen that they could easily parse that out and do things.

And so I think – you know, we're hearing some basic premise from the first couple hearings – ownership by the patient, some kind of control over where it goes, and so on. And so consequently, just exactly what that would be would be what we may want to even just paint that basic picture.

MR. ROTHSTEIN: And I don't even know what assumptions the developers are using now. I mean, they obviously recognize that privacy is something that they're going to have to deal with, and what are those assumptions?

And of course we've got the statements of Dr. Brailer and others who, you know, indicate that privacy is important and some level of patient control is important.

And, well, what are they doing on the basis of those sort of broad admonitions and how does that square with what we heard?

So those are the kinds of things that I'm very anxious to hear from this third group of hearings. Mary Jo?

DR. DEERING: I just wanted to make a refinement of what I think I heard from both of you, which is that – and frame it in a way that could be posed to the developers. You say, what are they doing now? And my understanding of what they're doing now is they are working at the level of the entire record.

And what we have heard over the last two days is that it is more useful to perhaps set aside the record as the unit at which policy is directed and instead direct policy and practice toward the content and to deconstruct the record, in which case the question both to providers on the 30th and to vendors and those practitioners of EHRs who are building them in June, is that concept more palatable, less palatable, does it make privacy easier from a practice point of view, from the requirements of your institutions? Is that something that would simplify things, complicate things, for you from a design point of view? Is that easy or hard to do?

Because I think that that is the direction that a lot of the thinking is trying to move.

MR. ROTHSTEIN: Right, exactly. And I think the March hearings in Chicago are going to be very interesting because I think the providers, not to speak for such a diverse group, are going to have some issues – [laughs] – with the concept of them not having access to everything even for treatment purposes. In other words, I think providers have some qualms about patients filtering what they get.

And so we're going to have to discuss the parameters of that and what the implications are and all the different contexts. But that's certainly a theme that emerged from yesterday's discussions and even discussions before that. Richard, and then Bob?

DR. HARDING: It is – I mean, Harry is right. It's going to be very complicated because I think medical records are being developed for doctors, for insurance companies, that meet the needs of those individuals as opposed to patients. And as Dr. Lichtenfeld mentioned, that until it's easy, the input, and it saves time and it's efficient and it makes better outcomes, you know, providers are going to be really reluctant to get into it.

But in doing that, I think it's going to decrease patient control. And so it seemed like there's some kind of a thing going on here that somebody's going to have to come up with a real Gordian knot cutting to get through that in some way, just trying to think of how to go from here.

MR. ROTHSTEIN: Well, everything that I hear suggests to me that there are going to be incredible transition problems. I hear things – you know, short-term, long-term, we're not going to be able to afford to take, you know, every extant paper record and immediately translate them. I don't think anybody's contemplating this, into electronic.

So we're talking about a prospective system and, you know, a legacy system at the same time, and then, as was indicated from Ms. Rosenberg or in our colloquy, we may have, I think, some problems in the short run in terms of people being deterred from obtaining treatment unless we figure out some ways of working that out.

So, I mean, any way you want to slice it, on a timeline, by disease state, by individual, by you name it, there are issues. It's sort of seven-dimensional, and we're just going to have to try to figure out what it is that we can recommend that's feasible, that's palatable, that achieves the goals that I think we all share.

So in terms of the timing, having not heard any sort of major objections to that timetable, what I'm going to ask Marietta to do is to circulate to all the

Subcommittee members a calendar running from, say, April, May and June, and then we'll try to identify the time for a two-day hearing at some juncture between April and the end of June when we can have our next round, our third round, of hearings, and then after that we'll decide whether we need more hearings or whether we want to invite people to submit testimony or ask questions of various people.

Are there other questions related to the hearing sequence that we need to discuss now?

Are there questions related to the witnesses that we've got identified? Kathleen, I think, how would you describe – or Mary Jo – the state of our witness list for the Chicago hearing?

MS. DEERING: As you know, the NHII workgroup staff, Michelle Williamson and I are working with Kathleen and your staff, and we have approximately, I would say, six. I think Michelle is working on AHIP, Tom Wilder. We're trying to identify – you're working on AMA and AHA.

MS. FYFFE: Are the nurses – what about the nurses?

MS. WILLIAMSON: We didn't discuss nurses for the privacy, but I'd be happy to do that if you'd like for us to include them.

MR. ROTHSTEIN: I think for sure we ought to hear from nurses and the American Nursing Association?

MS. DEERING: How about AHIMA? Has anyone – you wanted health care provider organizations –

MR. ROTHSTEIN: Right.

MS. DEERING: -- so we were not looking at –

MR. ROTHSTEIN: Yes. I would think that if we wanted to hear from AHIMA, they would be on the third group.

MS. DEERING: I was just thinking they're based in Chicago.

MS. FYFFE: There are two other testifiers. One is Jim Pyles, who represents – is it the American Psychoanalytical Association? And also I made the suggestion to Mark earlier that we also invite the Health Care Leadership Council because they have a confidentiality coalition that is very broad-based and they might be able to provide helpful information to the Subcommittee.

MS. DEERING: We're also looking at three of the professional colleges. I know we have the AFP. We're looking at the College of Emergency Physicians. And the third one I keep blanking out. I think it's the American College of Physicians, but there was a third of those organizations that we have also identified. And I have actually a proposed name for all of those.

MR. ROTHSTEIN: Okay. And we discussed this morning – I can't remember who I was talking with – I think

ACOG would be a good group to talk with because they deal with sensitive information. The American Academy of Pediatrics might be a good group to deal with. I guess it was Beverly I mentioned this to. And possibly the infectious disease docs who also deal with sensitive information.

MS. DOZIER-PEEPLES: And you also mentioned reproductive health?

MR. ROTHSTEIN: Well, we're going to have ACOG.

MS. DOZIER-PEEPLES: Okay.

MR. ROTHSTEIN: We could hear from the Society for Reproductive Medicine, but I think ACOG would probably have a broader range of things and their witness probably would be competent to answer questions like, you know, assisted reproduction and things like that.

So if you have any additional suggestions on speakers for the second round of hearings, the Chicago hearings, please let us know and as well the third round when we settle on a time.

MS. FYFFE: I had to step out of the room; I'm sorry. Have we talked about the timing of the draft recommendation letter to the full Committee and whether it's going to be coming after each of these hearings or we're going to wait till after the third hearing, et cetera?

MR. ROTHSTEIN: Well, my tentative plan is to have something for the September NCVHS meeting and not do anything, not have any recommendation after Hearing 1 or Hearing 2 or Hearing 3. It's going to be the composite recommendation that we'll have the summer to deal with and the September meeting – I'm checking my calendar – is on September 8th and 9th. So we should have plenty of time unless we decide we need more hearings or more deliberation.

MS. DEERING: Mark, one of the things that I'm observing – I know this has always plagued the NHII work group – is that the world is moving faster than it is, and to the extent that the Office of the National Coordinator is going to be preparing its response to the input and start putting out guidance, literally every week counts in terms of policies that may be fact locked in.

And so perhaps – I know that this is NCVHS. The NHII work group always tries to stay about a year ahead because it can't possibly keep it, and this is a challenge, because you're working on one of the core issues for the NHIN and they will in fact be making decisions probably beginning over the course – I don't know.

MR. ROTHSTEIN: Well, let me ask Kathleen. Is that proposed timetable not responsive to your needs?

MS. FYFFE: I have mixed ideas about that because on the one hand it would be helpful to provide feedback sooner, i.e., the beginning or mid-summer, but on the other hand, your recommendations might be better because you will have received input all the way around and deliver all those in a very, you know, thoughtful, coherent manner in September. So I'm actually conflicted about which way to go.

MR. ROTHSTEIN: Michael?

DR. FITZMAURICE: I think I would agree with the second half of Kathleen's answer in that –

MR. ROTHSTEIN: That she's conflicted?

[Laughter.]

DR. FITZMAURICE: No, no!

MS. FYFFE: You know, if you know me, you usually know I'm not conflicted. [Laughs.] But in this case, I am conflicted.

DR. FITZMAURICE: In that the value of NCVHS is to be able to obtain public opinion from a lot of different areas, some of it is self-selected by us; we reach out to these areas, so we can reach out and get a broad dispersion of opinion than the self-selected people who write in in response to an RFI.

I'm not sure which one is better; I think both are very good. I think that what NCVHS does is of such value that having a letter in September won't detract from the message that it carries.

DR. COHN (on phone): Mark, this is Simon. Maybe I can comment also.

MR. ROTHSTEIN: Please.

DR. COHN: Can you hear me?

MR. ROTHSTEIN: Here.

DR. COHN: Okay. People are sort of dropping in and out and others may have said this.

I'm sort of listening to this question of like when will there be a letter, and I oftentimes tend to think that the work sort of helps dictate when letters are ready, and I certainly am not hearing anything so far that makes me feel like there's a letter ready now.

And I think as we begin to have the second and hopefully the third hearing, either we will find low-hanging fruit that are pretty obvious that we can begin to report on or we will say, gee, this is very complex and we really need to vent it extensively through the industry. And it'll probably be some sort of a combination of A and B.

So it's probably a little early for us to be too certain exactly when something will come forward to the full Committee, though certainly I think September and/or June – I mean, and September sounds like a very good time – but there may be some early findings that we might want to communicate in June.

MS. GREENBERG: Exactly what I was going to say.

MR. ROTHSTEIN: And Marjorie, it was your suggestion years ago when we had our first HIPAA hearing when we found stuff that was troubling to the Committee that we write an interim letter to the Secretary.

MS. GREENBERG: Yes. I started remembering after the Boston –

MR. ROTHSTEIN: Boston.

MS. GREENBERG: Whatever, Right. So I would suggest – again, I was going to suggest that same approach.

MR. ROTHSTEIN: Yes, if we find – that's fine. And I certainly would support that.

My view is that we need to get all the evidence in front of us. I mean, the people who are designing and the NHIN, they're experts, it's their full-time job, they're thinking about the same issues we are. We're not any smarter than they are.

And what contribution we have to make in this process is maybe we're going to be hearing from people that they haven't had the time to hear from and so we're going to go out and get the views of as many people as we think are relevant and we're going to distill them and debate them and try to take the big picture view.

And until we have that information, even though we may all have strong ideas, everybody's got strong ideas, and it doesn't have the weight until we have the evidence behind it. And the evidence may be, you know, subjective, but at least it is the viewpoint, represent the multiple viewpoints of all these diverse groups that we're hearing from.

So that's why I'm a little reluctant to sort of get to my keyboard and crank out something, not to mention the fact that I have no idea what I would crank out. Bob?

MR. HUNGATE: Understanding that, I still keep making my tentative list of what are the things that might come out of this sometime, and I have no sense of whether my list is at all like anybody else's list.

One of the things that I heard, I think from Alan Westin, was the perhaps suggestion that there needed to be a DSMO around privacy, and it sounded like there isn't one now, that that doesn't exist.

Given that those things take time, I wonder did anybody else hear that, or am I just leaping to a conclusion that is invalid?

MR. ROTHSTEIN: I heard him say that.

MS. BERNSTEIN: Excuse me; what is a DSMO?

MS. FYFFE: Yes, DSMO – Data Standards Maintenance Organization.

PARTICIPANT: Designated.

MS. FYFFE: Designated? Oh, sorry.

MS. GREENBERG: What did you hear him say?

MR. HUNGATE: He basically said there needs to be a standard-setting activity in the area of privacy. At least that's what I –

MR. REYNOLDS: Or was it standards monitoring?

MR. HUNGATE: Well, I don't know.

MR. ROTHSTEIN: He didn't use DSMO as such.

MR. HUNGATE: Yes, he did.

MR. REYNOLDS: He didn't go there.

MR. ROTHSTEIN: He, I think, clearly suggested that privacy is an integral part and should have a much higher profile in the deliberative process, that it be funded or even external funding should be made available a la the LC program of the genome project and so on.

And I think those are very interesting ideas for us to debate, but I'm not sure that I would be willing to support a sort of a Marjorie interim recommendation along those lines yet.

MR. HUNGATE: No, I agree.

MR. ROTHSTEIN: Okay.

MR. HUNGATE: But I just wasn't sure whether that was even something that was on the table --

MR. ROTHSTEIN: Oh, absolutely. I mean –

MR. HUNGATE: -- for discussion, you know. I just don't know if –

MR. ROTHSTEIN: Oh, everything's on the table for discussion and that is certainly one of them because I think he made some wonderful concrete suggestions that we definitely should have on the agenda and I think everybody's taken notes and maybe at some point we –

MR. HUNGATE: Well, the problem I have relates to my experience with the quality work group, with having inherited an agenda which I had no knowledge of the content that went into it, and maybe it's my advancing age but my ability to remember diminishes. And so it seems to me that some kind of, you know, summary of what we pick away from this first set is an input to the later set. And that's where I --

MR. ROTHSTEIN: Well, maybe what we need to do is circulate a draft Minutes or summary and then let everyone add to that so that we have a composite, even though we don't necessarily have to have agreement on it –

MR. HUNGATE: Right.

MR. ROTHSTEIN: -- a composite document.

MR. HUNGATE: Right.

MR. ROTHSTEIN: And is there someone who's got a – all right; I'll do it.

[Laughter.]

MS. GREENBERG: Well, there will be Minutes eventually from the meeting.

MR. ROTHSTEIN: Well, is there someone who would like to prepare a draft outline that summarizes what we heard from the various witnesses of things for us to consider? I mean, you don't have to make their arguments. What in the testimony that we heard, like the Alan Westin points, should we put on our agenda to discuss? Is that what you're saying, Bob?

MR. HUNGATE: I'd be happy to put an input into that. I'm not sure that I –

DR. FITZMAURICE: I would be happy to share my notes with someone who would prepare it.

MS. FYFFE: Okay.

MR. ROTHSTEIN: Michael takes exquisite notes.

MS. FYFFE: Yes, he does. I would be willing, with the help of a couple of other people who I hope will volunteer to put together a summary. I would be most appreciative of all input. Send those emails as soon as you can.

MR. ROTHSTEIN: Okay, thank you. Harry?

MR. REYNOLDS: As you think of it, when you talk about moving the letter, as you talk about moving forward, you know right now we're balancing hearing stuff about public good, patient good, provider good, research good, and then there's one we haven't heard about, so we come to some agreement on what all those are and how they might work together and what they might be, the real capability to make it work, you know, as far as changing all these environments to make it work.

So I guess as we continue, I would like to at some point have the Committee have that kind of discussion, and I will give my picture on industry on that, because I think in the end, you know, we're hearing from everyone but there's no real negotiation going on as to – you know – you got the public and the personal ownership.

How do we adjudicate that in our mind, even come up with something that we could even recommend as to under what jurisdiction it would be overlaid or where – you know. We talked about the HIPAA privacy rule, we talked about lot of other things, and so how that all really in the end gets adjudicated – I'm not very comfortable with all – everybody that has testified I think has very clearly testified in their bubble.

MR. ROTHSTEIN: Right.

MR. REYNOLDS: But to move between the bubbles and the connection of the bubbles and the reality of a health care environment that truly delivers the real worth of what every one of these testifiers is – because every one of them, I hand it them, people have been passionate but not hysterical, and I think they've tried to move a little outside the bubble but it might expand the bubble. Nothing's broken; nobody's moved over to help anybody else right now.

And so that's the trouble I have right now. That's the trouble I have with thinking about a letter or thinking about exactly what to do in it because we haven't really had anybody come and tell us how to tie it together or if tying it together is even feasible, and as I know what Dr. Brailer and others are doing, they're trying to implement a reality that could occur and that's what I hope our next two or three hearings help us get closer to, is what that morality might be and how we might be able to help them structure some idea.

MR. ROTHSTEIN: Well, the theory was to go from the most general to the most specific and I'm hoping we're going to get there and we're going to need sort of increasing reality checks along the way, and that's why I hope to hear from like the VA system or maybe Kaiser or Mayo or somebody about "well, we tried that and here's the problem with that" before we go off and recommend that something be done.

MR. REYNOLDS: I also want to make sure that we invite more than closed systems, closed environments.

MS. FYFFE: Implying that the VA is a closed –

MR. REYNOLDS: That would be correct. You know, you have a captive audience. Some of the HMO models. Because, again, a lot of this, the issue in those environments is that it philosophically could be viewed as owned by the provider and the patient comes in there.

But when you start dispersing people all over society and they go to another doctor that isn't in there, they change this or they do that is where that electronic medical record and its longevity goes with you wherever you might be and that's where I think where it's going to get a little more complicated. And those are great findings as to how it actually works, but then can we extrapolate those and make recommendations to the Secretary and others and Dr. Brailer and others about how that would extrapolate is what I hope we get to.

MR. ROTHSTEIN: Okay. Marjorie?

MS. GREENBERG: Yes. Bob and I were sort of making eye contact here because what Harry was saying about these different viewpoints, all of which have validity and come from good ethical positions, is exactly it seemed to me what we heard with the quality work group. And of course it's not unrelated because what you're talking about is balancing the public good but also sort of the improvement of the health care system with privacy concerns and whether it be the privacy of the clinician or the privacy of the patient, what have you, and sort of, you know, how you get those working together is clearly challenging.

And I don't have an answer at this point. I mean, I doubt I will or I would probably be in a different position if I actually have the answer.

I wasn't able to be here yesterday and I'm sorry I was in another meeting, but what really came through to me today is something that came through to me when we did that round of hearings that you were recalling – Boston, Salt Lake City and –

MR. ROTHSTEIN: Baltimore.

MS. GREENBERG: -- Baltimore, right. I knew it was somewhere south of Washington; didn't get as far south as we had hoped, as I recall.

MR. ROTHSTEIN: No, we were supposed to go to South Carolina –

MS. GREENBERG: Yes.

MR. ROTHSTEIN: -- and then we went to Baltimore.

MS. GREENBERG: Yes. But in any event – and I think did get into one of the Committee's letters, but was the need for a lot of public education, and it might be around – I mean, it's not irrelevant to the quality issue, either. It's easier said than done and it's not easy to identify whose responsibility that is and how it might be taken. But I certainly heard today, and I think continue to hear, that, you know, there's a lot of confusion and also a lot of misinterpretation and not good communication of public good and not clear understanding of rights and responsibilities and other related issues.

And I'm not saying that to criticize anybody. I mean, this is really complicated stuff. And it might be that until the public really gets engaged and pushes for certain things or, you know – and of course you're always going to have people feeling different; it's not like you're going to get one common view in the public. But until you really engage, you know, people, on these issues that we're not going to be able to break through those diametrical different views of responsible professionals.

So I just come back to that because I think it's – and I guess we're going to hear from consumer advocacy groups. And it's hard to know who the groups are whose responsibility it is to tie to, you know, public education or public dialogues with public building communities, you know. I'm getting too philosophical here.

But, I mean, this goes back to years ago. I remember the Committee considering – maybe right around when we started talking about the NHII – you know, how we could – we even dabbled briefly with this idea of like having some kind of a contract. Remember? Were you around then?

MS. FYFFE: I'm sorry – contract for what?

MS. GREENBERG: Sort of like a marketing, kind of like public service marketing or something, on the whole issue of what are the benefits of, you know, going to this electronic society and, you know, what are the risks and engaging people on these issues. And we decided it was beyond our resources, maybe even our mission.

But, I mean, it keeps coming back, and I just put that on the table as something that struck me.

MR. ROTHSTEIN: Mary Jo, and then Michael.

MS. DEERING: Two things. First, the Markle Foundation Connecting for Health is going to make public education one of its major pushes, and they're putting the weight of their collaborative behind.

MR. ROTHSTEIN: You mean public education?

MS. DEERING: Yes. Exactly that kind of an effort.

The other thing that I wanted to raise about the tenor of things here that Harry and Marjorie said and even Mark, you talk about the diametrically opposed interests et cetera. But, Mark, you made a statement in your response to the comments that there had also been the conventional wisdom that it was the public and the patients against research, the public and the patients against this, and what you were hearing, and I think correctly, is that is not the case.

I would say that it would be very important as we engage providers not to presume adversarial interests in this and perhaps in our list of questions to put to them to help them look for points of agreement and where their interests do overlap, because the goal of all of this is to strengthen the clinical – well, one of the goals is to strengthen the clinical relationship.

And the questions that you pose to people, you know, dictate the answers that you get, and I think that it would be very useful to find out the extent to which they would – you know, some of these things, again, could serve their purposes.

For example, we talked about the whole record and who owns it, and one of the things that came out of the recent NHII hearings from the providers who were talking to us was that many of them felt that the medical record doesn't exist to serve the providers; the medical record exists to serve the administrative, financial and legal interests of the institution, not the health care provider.

So that before we get too wrapped up in thinking again about the medical record as the unit of attention and presuming that the health care providers would share that, I think we might want to at least explore whether there are opportunities to get the providers also to agree that "the whole record" is as we construe it legally, financially and as a record of care is perhaps not what they would necessarily want or need to provide of quality of care.

So just to make sure that we don't have any assumptions going in to our questions.

MR. ROTHSTEIN: Oh, those are two or three good things that we should put on our list, our fact sheet, our FAQs, to send to the witnesses for the second round. Michael?

DR. FITZMAURICE: Just a couple of quick thoughts. What is it that we produce? We produce recommendations to the Secretary. We produce a reading of the pulse of the people who testify, and we infer from that that the pulse of the nation, the pulse of the people out there.

The lever that we have in front of us – the biggest lever we have I think is the HIPAA privacy rule. And the testimony I heard, I didn't hear anybody saying that the privacy rule wasn't doing the job of protecting the data. I did hear some comment about burden, particularly burden on research, but I didn't hear anybody say the privacy rule wasn't enough, the privacy rule was too much; it's become accepted in the three years that it's been in force. They might want to increase the scope beyond just covered entities to cover more people; there are proposals – not proposals; there are thoughts flying around about how people would want to change the privacy rule.

But when I think of what recommendations do we want to make for whom to do what, it's basically here's what we're hearing. Take it into account as you move into the national health information infrastructure. Here are some considerations about the privacy rule, some burdens, some about scope, which I didn't hear, that you might want to take into consideration. I didn't hear any driving need to I think change, otherwise something bad is going to happen. I heard that the system has adopted the privacy rule and we're working our way through it.

Some people would like to have a stronger privacy protection, others would like to have less burden. So we're not pleasing everybody, but it's remarkably successful at this point.

MR. ROTHSTEIN: Harry?

MR. REYNOLDS: I'm not sure I can go quite that far yet. I think we've heard testimony in Standards and Security and with e-prescribing and I think we've heard it here is that the whole idea of the covered entity and the fact that there are a lot of people who would be touching this medical record along with everything else that's going on are not directly affected by the law. They're in some relationships affected by the law.

But as you think of an electronic medical record, it's never owned by a singular provider because since the PPO world has won so far in the United States, people go to many, many doctors for many, many things, so there's no single holder. So nobody knows exactly where their data's going and how it's happening.

So I'm not sure I could completely agree because the covered entity thing still has significant holes when you draw the diagrams of how data flows network to network, person to person, group to group. And some of those groups that handle it and have it and touch it and see it aren't necessarily covered under that. That does, I think, leave a significant opening in a comfort level that somebody may have. We've heard that.

DR. FITZMAURICE: I would add to what Harry's saying. As more and more people want to get copies of their own records, then you can't point the finger at a hospital, at a provider, and say, "You let my information out," because it might be on your desk that somebody else who visited your house had seen. So it creates a larger burden of who's responsible for the release of that information once it's out beyond the hands of the covered entity and in the hands of the person you're trying to protect.

MR. ROTHSTEIN: Okay. I'm going to have to put an end to our Subcommittee discussion period. We have two action items that are going to go forward. First, Kathleen is going to take the lead in summarizing the testimony from the first – Kathleen and Maya – from the first round of hearings and then that will be circulated and Subcommittee members can add things that they want to the summary.

The second thing is we will be circulating a poll for the third set of privacy hearings which will be either April, May or June.

And then finally on our schedule, let me tell you what our tentative plan for the schedule is. We're going to break in just a minute for lunch, which will conclude at 1 o'clock, and we will start Panel IV at 1 o'clock.

We only have two witnesses instead of the four who were scheduled, so instead of an hour and a half, we are going to allocate one hour for Panel Number IV and that will go from 1 to 2. And then we will skip the break and then move to what's called Panel V where we only have two witnesses, and then we will go from 2 to 3 and adjourn at 3 o'clock. Adjourn at 3 this afternoon.

MS. GREENBERG: Who is not coming in Panel V?

MS. FYFFE: Phil Marshall. Also with respect to Panel V, instead of David Harrington, the representative from MedAlert will be Dr. Janet Martino, that's MD, Janet Martino, MD.

MR. ROTHSTEIN: Okay. So thank you all very much and those in the Internet, we'll be back on at 1 o'clock with Panel Number IV.

[Lunch break from 12:18 P.M. to l:07 P.M.]

MR. ROTHSTEIN: Good afternoon. We are back with Panel Number IV, on consumer advocacy groups. And to just inform the Internet listeners who are just tuning in and did not hear the earlier announcement, Panel 4 will run from 1 to 2; there will be no break, and then we'll continue from 2 to 3 with Panel V and then adjourn for the day and try to go to wherever it is we're going. Well –

So I want to welcome our first witness, Joyce Dubow, and invite her to present her story now.

Agenda Item: Presentation – Joyce Dubow

MS. DUBOW: Thank you. I appreciate the opportunity to be here.

I couldn't help but be engaged as an interested listener to your discussion a little ago. I was actually taking notes about things that I hope you'll ask me about.

Otherwise, I want to volunteer some comments, particularly around the consumer and public education initiative around the notion about the adversarial, or the purported adversarial, relationship among the various stakeholders with respect to this whole issue.

And then, somebody said something about the privacy rule and consumer – I have a note here that says "consumer awareness" and I don't think most consumers are particularly aware of that and I think that the GAO report that reviewed the complaints that have been filed with respect to HIPAA sort of addresses this issue that most people don't really have a very good knowledge about HIPAA, to wit, half of the complaints that they received were tossed out because they were totally not applicable, and they just demonstrated a lack of understanding of HIPAA generally. And I think that most consumer organizations are aware of that.

But to the subject at hand. I think you have copies of my testimony, and I'm really going to summarize because I do think this is an opportunity to have a discussion rather than to go verbatim what I have here. Let me just say that the AARP Public Policy Institute is charged at AARP with doing policy research and analysis that informs our work. We produce commission research that tries to stimulate public debate about issues that are of importance to midlife and older people.

AARP, for those of you who don't know, now has over 35 million members. It's not exactly a 50-50 split but we have members who are under 65 as well. About half the membership is under 65, half are over 65, which means that we span commercial insurance and the Medicare program, and so our policy interests are very diverse.

Clearly, with 35 million members, our membership is diverse as well, and I would not suggest in any way that there is any common view of PHRs or HIT or privacy among our members. We are very diverse. We have well-heeled members, we have many, many who live – you know, who rely on Social Security for their income. We have well-educated people, people who have less schooling. It's a very, very diverse population and it's very difficult to generalize.

But we believe that there are some core values that all consumers have and we try to represent the interest of midlife and older Americans.

I want to just say that our interest in HIT is grounded in our conviction that there are quality problems in the United States. We have carefully studied the works – several works – from the IOM on medical error; the Quality Chasm Report, it talks about the imperative to have system change to improve quality care, the quality of health care in the United States. We see this as a pressing problem and we see the opportunities that health information technology present to hasten improvement. We see HIT as a means to the end, which is the improvement of quality and not an end in itself.

I know that some people are jazzed by all the techie stuff but our interest is to improve health care quality, and we see the value that electronic records bring to decision support for physicians to accelerate knowledge, to disseminate knowledge, to insure that appropriate care is provided, to reduce error. We see the value in patients having access to information about their own health care to enable them to become more activated patients.

Particularly for people with chronic illness, we are familiar with the research that sees that people who are more engaged in their health care feel better with their chronic illnesses. You know, we're familiar with the Wagner model of chronic care in terms of self-management. We see that IT presents enormous opportunities for both patients and providers.

We also think that having access to the information helps patients be on a more even playing field with their providers and it will enhance patient communication. We recognize the value that HIT brings to the patient/physician experience.

I think that we should recognize up front the definitions are an issue here. You had previous testimony. You had an interesting discussion with David Lansky at one of your January meetings about the lack of a commonly accepted definition of PHR. I think that's very important. Even when we talk here, I'm not sure that we're all talking about the same thing. Clearly, consumers, if they know anything about a PHR at all, they certainly don't have a common understanding of it. We know from the research that most people have the greatest interest in the transactional opportunities that a PHR brings in terms of opportunities for e-consultation, getting lab and X-ray results on line, communicating with their doctor, that sort of stuff; that seems to be very salient. People can understand that.

But the research that has been produced by the Markle Foundation, the qualitative stuff that Harris Interactive has provided, really does indicate that we need a whole lot more research to better understand consumer perspectives on this issue. I think we don't really understand it.

AARP itself has done no explicit work in terms of understanding what our members think about EHRs. We have the tiniest bit of qualitative feedback that we received from an evaluation that we did in connection with a navigation pilot project that we launched last summer that is intended to provide good information to people to help them sort out the good and the bad on the Web and we asked them about the kind of information they would like to see and some actually volunteered that they would like to be able to have access to some kind of an electronic tool that would help them manage their own personal health information. That was an open-ended question, so I think it's interesting that we had an unsolicited – there were a few who actually volunteered that this was an opportunity to gain better control about their information. But that's all we have; we haven't done anything more.

In the public policy arena, we are beginning to look at this quietly. We are going to commission a study that looks internationally to compare among a few countries, see how they're using PHRs, to see if we can we can inform our own understanding of what's going on here, if there are lessons learned for the United States.

But we're just in the beginning now. I think Consumers are really just at the threshold and we're very pleased that Dr. Brailer and others are reaching out to consumers to see if we can stimulate more interest among consumers, and there's a lot of work to be done in that area and I'll come back to that in a minute.

I think that the issue of privacy and confidentiality cannot be underestimated. It's very, very important to consumers. And again, you know, there are surveys that indicate – I think Pew did work that indicates that a very substantial proportion of the population would not trust to have their private information on the Web. They don't trust it.

I think also that it's very interesting that, you know, some people who are knowledgeable about the value of HIT assure consumers that that information is much better protected if it is in an electronic format, that paper is un-private, you know, that electronic information is carefully protected and you can't access it if they're not properly authorized.

Consumers, however, see it in a completely different light, I think. They see that the single keystroke is enough to get their information scattered hither and yon and worry that somebody could make a mistake. Everybody's had the unfortunate experience of sending an email to the wrong people at the wrong time and consumers are worried about that and so they're not so sure about this "better protection" of their information just because it's electronic. They see the opportunity for mistakes and that there are consequences that they don't want to confront.

So I think that there is a lot of room here for clarifying people's assessment and perceptions of how safe it actually is. I think there's reason for some disagreement.

I want to tell you just a little bit about AARP's policy on privacy and confidentiality because I think that it's relevant to this conversation.

I was chatting with Mary Jo before and I mentioned to her that our policy was formulated in the days when the HIPAA rules were being promulgated and you'll see that a lot of it reflects some of that discussion. But I just would point you to the section in my statement that enumerates the policies – it's towards the end – that enumerates AARP's policy positions on privacy and confidentiality.

They do reflect what I said earlier, that we want to be able to see compatible procedures that allow health care delivery to take place, for research to take place, but clearly we have concerns about patients being able to control and to know about who has access to their privacy information. It's on Page 10 of the testimony, 10 and 11.

MS. FYFFE: We have single-spaced –

MS. DUBOW: Towards the end. I'm reading from a double-spaced page.

PARTICIPANT: Page 4.

MS. FYFFE: Okay.

MS. DUBOW: Okay? Do you see it? I mean, I can reiterate it, but I don't want to take the time.

MS. FYFFE: We've got it. You might – for purposes –

MS. DUBOW: Of the record? Do you want me to just –

MS. FYFFE: People on the Internet --

MS. DUBOW: Okay. Well, let me just say then that in broadest terms, we believe that individuals should have the right to examine and copy the contents of their health records and know the identities of people who have examined their records.

We believe that individuals have the right to determine who may have access to personally identifiable health information and for what purpose.

We oppose the disclosure of an individual's medical information except as authorized by the patient for public health reporting as required by law; for enforcement of the financial integrity of publicly funded health programs, provided that personal identifiers have been removed whenever possible; and for research and quality assessment and improvement, again provided that the personal identifiers have been removed whenever possible.

We support actions that make individually identifiable health information less vulnerable to inappropriate disclosure and misuse, and although HIPAA standards constitute a step forward for health privacy, some provisions concern AARP.

Written consent should be required before information is shared for treatment, payment and health care operations. Mere notification to patients of a provider's own privacy policies is inadequate because it denies consumers the opportunity to exercise the right to privacy. In spite of the way the regs came out, we still hold that we don't think the notice itself is adequate.

We think that covered entities should be required, on request, to account for the information disclosures that they make when treatment, payment and health care operations occur. And patients should be able to learn who has obtained access to their individually identifiable health information.

I think that gives a flavor for it. I don't want to go on.

So just to summarize, AARP believes that the relationship between health care quality and IT are very, very closely linked. We see privacy and confidentiality crossing all of the issues that pertain to this.

We appreciate your interest in bringing the consumer view to the table. We think that's very, very important. I think that that's an important model that we hope more will follow as we engage in this dialogue that we're now, for consumers anyway, starting. Consumers are not fully involved or engaged in this discussion yet.

AARP does intend to participate in the discussion and we do want to be part of this dialogue. And again, we appreciate your giving us this opportunity to be here.

So if we could have a conversation, that would be great.

MR. ROTHSTEIN: We certainly will, but we're just going to defer it for just a few minutes. And Ms. Golodner, I apologize for the scheduling snafu. Sometimes our ambitions don't pan out in terms of what we hope to accomplish, but I thank you for joining us, and if you're ready, we're anxious to hear your testimony.

Agenda Item: Presentation –Linda Golodner

MS. GOLODNER: Having been on some committees, I understand the problems with scheduling and making sure that you can keep on schedule, especially on a day like today.

The National Consumers League appreciates being invited today to present our views on consumers on this very important privacy concern. I'm here today to provide the patient-oriented perspective of the issue of privacy in the context of health information technology.

I will begin my comments telling you a little bit about the National Consumers League and then transition to discussion of key privacy principles that should be used to govern the development of the national health information network.

Some of the principles that I will be talking about are similar to those consumer groups worked with the Markle Foundation on, but some are those that the National Consumers League has worked on.

The National Consumers League is a non-profit private group and we have been around since 1899, working on a number of different issues. We're the nation's oldest consumer organization and we get involved in issues such as child labor, privacy, food safety, health care, financial services and fraud.

And we've been involved in examining and commenting and testifying on the issue of privacy for a number of years. In fact, we held a privacy conference and some of the same people are still involved. Alan Westin was a speaker at that conference. And we did focus on privacy in health care which was probably pretty early, 15 years ago, to think of those issues, but they were important and we recognized with the advent of technology that there would be changes in people's ability to collect and manipulate information.

The natural extension of our work in health care is the recent initiation of a coalition called SOS Rx and there we focus on medication safety initially among seniors. And one of the coalition's efforts is directed at improving medication safety through encouraging broader use of electronic prescribing systems.

And really they just represent sort of the tip of the iceberg. Our recent exploration of the topic has stimulated a broader consideration of how to retain consumer-focused privacy principles as we move forward just in that one area.

For both patient safety and health care system efficiency reasons, NCL believes it's critical that we build and drive a movement toward rapid development of a national health information network. We must not, however, in a rush to deliver something, abandon the very principles of privacy that enabled patients and providers to forge a relationship of trust.

Dr. Brailer last week mentioned that the patient issue is on the forefront, and it was on the forefront of the nearly 500 RFI responses his office received last month with regard to information networks.

In developing an NHIN, NCL urges policy makers within HHS to integrate these following principles:

One is, information access and control. At a minimum, the structure and rules must facilitate the ability of people to exercise their personal health information rights under HIPAA.

People must have the ability to control and to access and to give permission for others to access their information.

If people fear inappropriate disclosure and do not trust the network, they may become less willing to seek care or to provide consent or to share information, for instance, about various health professionals that they're going to or conditions that they might have.

People should have the ability to review accesses made to their personal health information by others.

No personal health information should be available to a provider or health professional that is also not available to the person it describes.

Unreasonable and unaffordable fees should not impair the ability of each person to review and contribute to their personal health record.

People must be able to, at their liberty, add comments or annotations to their personal health record.

And people must be able to request amendment or correction to their records.

It must provide a sound method for allowing secure access and authenticating individual patient users that does not require physician or institutional mediation.

People must have the ability to designate the health care professionals who they want to access their information.

There must be disclosure and accountability for the provider. They should fully understand the policies in place before they give information.

Information elements central to network functioning such as identifiers, authorizations and permissions, accessing history, must be presented in easily understood terms and formats that patients and consumers and others who may be the care givers, for instance, would understand and be able to review.

People should be informed of all the possible ways their information may be used and may be able to choose whether to make their personal health data available to various systems. It must permit for a distinction between data storage and data use. For logical reasons, maintaining all patient information in the network may prove necessary; however, all stakeholders need to understand that just because the data is physically available, this does not necessarily mean that they can be accessed for use.

Communications with people about policies and uses of their information in the exchange must be conducted in a simple and easily understood language and languages that consumers do understand if they don't have English as their first language.

States should adopt common operating standards for the security and patient privacy protection.

People must be able to receive complete paper copies of any of their information available across the national network.

It must also provide the capability for people to reliably and securely move all portions of their personal record from one health care entity to another and it should permit the aggregation of non-identifiable data in support of quality measurement, provider and institutional performance assessment.

Implementation of NHIN must be accompanied by a significant public education program so the people in fact understand what it is and that they aren't afraid and are not intimidated by the fact that their information will be available in an electronic form.

NHIN must permit patients to transmit information to their health care providers as well as receive information from them.

The governance of a system should include patient advocates and consumer advocates. They must have significant representation not only in the governance but also in the standards setting and in the operational entity itself.

And it must be public, transparent and accountable.

In considering these principles, we suggest that you view them in their totality and not just take just some pieces and say, okay, we'll take this one and not another one because it's important that all of them work together so that there be an understanding of consumers that their privacy will be protected and it will build a trust in the network.

We strongly urge HHS to leverage the interests of consumer advocacy groups in this arena. We look forward to working with you on this.

I just want to mention there is one organization that I've been part of, I'm on the board. It's called the Patient Safety Institute, which in fact is interoperable and it's, A, an electronic record and it's been working in some pilot projects and has a lot of the components that those talk about networks have discussed, and I would hope that when you do have further hearings, you might have either Jack Lewin, who is the Executive Vice President of the California Medical Association, who is the Chair of that group, or Johnnie Walker, who is the Executive Director, to present information about our experiences in that network.

And just on a personal note, I was at George Washington University recently just having a colonoscopy and I'm there in my hospital gown, you know, laid out, and I'm handed a clipboard to fill out my history and, you know, what medications are you taking, like, you know – [laughs] – you're in a very vulnerable position then.

But it's so unfair to consumers that there isn't an electronic way to have this information there at a major health care institution like George Washington University, that you're filling out these forms and trying to remember when you had your last tonsillectomy or something. It's just very bad.

Questions, Answers and Comments

MR. ROTHSTEIN: Thank you very much for that testimony, and we have questions, I'm sure, from our panel members.

While my colleagues are formulating theirs, I will ask one of both of you in an attempt to sort of compare and contrast your two policies, and I thank you for giving us some specifics which in many cases we have not gotten before.

Let me pose this situation. There's a 55-year-old person who decides that now is the time to purchase long-term care insurance and people who need skilled nursing care cost at least twice as much as people who don't need skilled nursing care in long-term care facilities. And to make that determination, for example, risk of Alzheimer's disease and so forth, the long-term care insurance company wants access to the complete medical records of the applicant for the policy.

Now, as I read the AARP policy, nothing would prohibit the long-term care insurer from making as a

condition of applying for the policy the signing of an authorization. As I read 1B under the National Consumers League policy, that would somehow be impermissible because the decision to share should be made without coercion and pressure and that would be considered coercive.

Am I correct in my reading of that? Ms. Dubow, do you want to –

MS. DUBOW: Well, let me just say that AARP was – we subscribe to those principles as well. We were at that meeting as part of the consumer thinking when Markle helped us think through some of those issues. We were a party to that.

And it's interesting that you raised this issue because we actually had a conversation at that meeting about this issue and there was some discussion around the reality of what kind of information you have to provide if you want to buy insurance, that the consumer is not in a very good position in that situation to be able to control the information. Nobody's coercing the consumer into buying the insurance policy; if the insurer is going to be underwriting the policy, then that's the information that they're going to provide.

So we had a discussion and a debate amongst ourselves about to what extent consumers could realistically control their information with respect to purchase of insurance.

I think a flip side, though, is that, you know, there are instances where insurers, after somebody already has bought coverage, could see what sites you look at on the Web to make determinations about changing premiums, for example, where there would be certainly an invasion of one's privacy and the concern that people don't want insurers to be able to access that kind of information.

Our policy is not that explicit to take into account every situation. But I think that we recognize that insurers are in a position to be inquiring and obtaining information so that the consumer is not always in the position to control this.

MR. ROTHSTEIN: Well, before I get your answer, your recognition of that is not the same thing as a recommendation to do something about it. I mean, are you sort of resigned to that's the way things are going to be?

MS. DUBOW: Aside from the policies that you have around privacy and confidentiality, we have extensive policy on insurance coverage, and we try to balance the need to insure coverage for people and other issues, and to be perfectly candid, we've waffled over the years on issues of community rating because of our interest in seeing opportunities for more people to gain insurance.

So I think that it's very difficult to give you a black and white answer. It's a very complicated area and we try to balance our interest in a variety of policy areas. And I think what we have is compromise.

MR. ROTHSTEIN: Okay. Ms. Golodner?

MS. GOLODNER: I think consumers will have to compromise probably when dealing with getting insurance coverage. Sort of like when you get a mortgage and you give up all your tax information. And I think consumers I guess get used to the invasion of privacy in order to get that mortgage or to get an insurance policy.

I still think that you should look closely at scenarios that you just posed and see if there can be ways to balance the need for information that the insurance company might have or that the long-term care facility might have and the invasion of privacy of the individual consumer.

MR. ROTHSTEIN: Well, one thing that we talked about yesterday was control of the nature of the information that would be disclosed, so, in other words, matters that were deemed by somebody to be irrelevant to the use for which it was put would perhaps under some system not be sent whereas, as the sort of the current paper-based system, you practically get everything when you ask for any of this.

I think an important point that I'm trying to make with this question is that sometimes what is presented as an issue of privacy, or health privacy, is really not a privacy issue; it's more a substantive issue as to who has the right of access to health insurance, for example, or on the basis of what information may medical underwriting take place, or so on and so forth. And if we wanted to take on those issues, it would be like our jurisdiction would be unlimited.

And so there really is a limit to what you can do in regulating privacy per se in terms of dealing with all these other access issues where third parties have the economic leverage over individuals.

Well, perhaps I've gotten a rise out of you. I'll just go this way – Kathleen, then Harry, then –

MS. FYFFE: Thank you very much. I have a specific question for each of you. Linda, you mentioned the Patient Safety Institute?

MS. GOLODNER: Yes.

MS. FYFFE: Is that discussed in your written testimony?

MS. GOLODNER: No, it isn't. I was here a little earlier and I heard your conversation of the Committee and it just seemed like it would be good information to give you about the Patient Safety Institute because it sounded like you were going to be going into having further hearing with institutions and you talked about the Kaiser or a closed system –

MS. FYFFE: Yes.

MS. GOLODNER: -- and this would be a more of an open system that I thought would be interesting –

MS. FYFFE: Right.

MS. GOLODNER: -- for you to –

MS. FYFFE: We appreciate that, and I do have information about the Patient Safety Institute.

My next question is – so you're not really endorsing, or you're not a member of what the Patient Safety Institute is doing over in Delaware, for example?

MS. GOLODNER: Oh, I am on the Board of Directors.

MS. FYFFE: You are?

MS. GOLODNER: Yes.

MS. FYFFE: Oh, fabulous. Okay.

MS. GOLODNER: And the Board of Directors is a balance of – there are three consumers, three medical or health professionals, and three institutions, and it's a combination that has the dynamics I think that a governance would be. It has the dynamics of providing the balance of the questions that institutions have about privacy, that health professionals have about accessing, and that consumers, the concerns that consumers have.

MS. FYFFE: If I recall correctly, there is a component of their model that has to do with the trusted third party who holds information?

MS. GOLODNER: Yes.

MS. FYFFE: I don't want to get into too much detail, but we've got that recorded, thank you.

MS. GOLODNER: You might, you know, just want to look at that –

MS. FYFFE: Okay.

MS. GOLODNER: -- system as a model for governance and also in interoperability.

MS. FYFFE: Okay, thank you.

Joyce, did I hear you mention during your oral remarks something about an international study, and is that mentioned in your written remarks?

MS. DUBOW: No, it was just an aside. And it's a study that we are about to commission. It's just an opportunity for us. AARP has a global aging program –

MS. FYFFE: Okay.

MS. DUBOW: -- and we are interested in seeing whether there are lessons from abroad to inform our understanding about PHRs.

MS. FYFFE: Okay.

MS. DUBOW: So it's something we are going to do.

MS. FYFFE: Right. Can you just give us a general idea of the time frame and, you know, it could be that the Subcommittee would be very interested, or NCVHS would be very interested in the outcome obviously of any study.

MS. DUBOW: Yes, I think we should probably have a study by the end of the year.

MS. FYFFE: Okay.

MS. DUBOW: This year. But this is a sort of a broad brush overview, again, to provide us with information that could give us lessons learned.

MS. FYFFE: Fabulous, okay.

MS. DUBOW: So – I think we have to be careful about how we define PHR to be sure that we understand what we're getting, but that's probably by the end of the year.

MS. FYFFE: Super, super. Thank you.

MR. ROTHSTEIN: Mr. Reynolds?

MR. REYNOLDS: Thank you. You both have very clearly spelled out both your requests and issues.

The question that I have is as we talk about quality, and both of you noted in your testimony that from a quality standpoint you wanted to make sure that personal identifiers are removed as much as possible. And as we have other committees at NCVHS looking at populations and looking at other things, de-identified for the HIPAA definition really says that passes as a record. De-identification from a quality basis, when you're trying to look across populations, may not go as far.

Have you thought which of those definitions you truly are dealing with because de-identified is a term of art right now? Devoid of personal identifiers is open to the eyes of the beholder. So where were you planning to go with that, and how do you see that playing out?

MS. DUBOW: We both know what you're talking about.

MS. GOLODNER: Yes.

[Laughter.]

MS. DUBOW: Shall I go first?

MS. GOLODNER: Yes, go ahead.

MS. DUBOW: Well, I mean, I think it's a fair point, and I think we need to give the issue more consider as we move deeper into this HIT arena. I think that our policy is developed by our volunteers. We have a national legislative council of volunteers who propose public policy positions to our Board of Directors. And staff brings to the attention of these volunteers issues that are emerging that need to be considered.

And I think that this is an area where we need raise the issue. They may decide to leave it alone, to give us as much opportunity to maneuver as possible, but I think that our policy positions will evolve as we become more knowledgeable about the specifics with respect to this.

We absolutely understand the point that you're making. We want to see de-identified information used as much as possible, but we do recognize that at some point in order to really address quality concerns that there may be a need to have more specific information, and we just haven't grappled with that yet.

MS. GOLODNER: I think we support the de-identified information very strongly. However, it also is a matter of consumer choice, and if a consumer wants to be identified or wants to be within a class that might be reviewed or there might be a clinical trial that they want to be informed about or want others to have their information, I should think that must be the consumer's choice.

MR. REYNOLDS: An example. I know in North Carolina Medicare asked a number of the hospitals for X-amount of quality data to really take a look across the providers as to what the quality was. In AARP's testimony, you mentioned that the patient would need to authorize that for public health reporting, so, you know, you have some of these situations where as we move into quality, trying to understand which providers are doing what, how they're doing it, what it means, and then on each one of those situations having the patient consent to that quality – and one thing, if you were here earlier, I mentioned how does it really work, because if you go through both of these lists and look at the requests of all the places that the patient would do something, and understand, I'm not pushing for or against, I'm asking the question, that process of doing that seems almost dramatically more burdensome than even now.

And so how do we get a balance, and how do you see that occurring, based on what you've looked at?

MS. GOLODNER: This is a personal opinion. [Laughs.] And just having, you know, participated in the health care system and watched people who don't really understand even why HIPAA's there and are annoyed with it, perhaps there should be some way that consumers can say, I don't want to be asked this question anymore; I don't care about my privacy, and have a blanket permission to use their information. I've just seen it sort of in the health care marketplace where people get very annoyed with dealing with HIPAA.

MS. DUBOW: You know, I would hate to see that we make a decision about this, or respond to this question, because of inertia or because people are just so exhausted with the bombardment of inquiries that they get.

I think that thinking about it from a quality perspective, we're not going to get a good handle if we have inadequate information, which would suggest, on the one hand, that we need to be able to delve adequately into information on performance at the provider level, for example, which would suggest that we may need some de-identified information.

On the other hand, I think that the vast majority of patients are utterly and completely uninformed about what the quality information is used for, why it's necessary. I think they are uninformed about how the privacy and confidentiality of their information is preserved or not preserved.

I think until we have a better understanding of how consumers view this and a better public education campaign that helps explain to people why we need to do things in a certain way – if there is a right way of doing it – that we're not going to arrive at a good solution to your inquiry.

I think there are very good arguments. Health care quality, after all, is the consumer objective, you know, and we're not doing this because we're badgering providers to give us information; we're doing it because only 55 percent of the population gets recommended care. It's in consumers' interest to see the quality improve.

So to characterize this as an issue that violates consumer rights on the one hand and protect them on the other hand is not correct. This information is supposed to inform our ability to improve care, which advances consumer interest.

So I think that we need to engage in more education and provide more information to people so that they have a better understanding, number one, that there is a quality problem, and. number two, how we have to go about solving the problem.

MR. REYNOLDS: Yes, I'd just to reiterate I wasn't pushing for you to decide that. I was making sure that we have a discussion, so –

MS. DUBOW: Okay.

MR. ROTHSTEIN: Marjorie?

MS. GREENBERG: Actually, Harry alluded to this, but I just wanted to seek clarifications from Joyce. And hearing in your policies, you say AARP opposes "the use or disclosure of an individual's medical information except as authorized by the patient for public health reporting as required by law." And my understanding is that HIPAA right now allows public health reporting, certainly public health reporting that is required by law without patient authorization.

So are you advocating that there should need to be patient authorization?

MS. DUBOW: You have to understand the policies don't necessarily reflect what the law.

MS. GREENBERG: No, I realize that.

MS. DUBOW: At some point, we throw up our hands and we say, okay, we know it's the law. But sometimes, the policies reflect the views that describe the way we think things ought to be.

MS. GREENBERG: Well, I just wanted to make sure that in fact if you feel that your position is that information is to be provided for public health reporting only if authorized by the patient. I mean, that's fine, if that's your position. I just wanted to make sure.

MS. DUBOW: That is a fair representation of our policies right now.

MR. ROTHSTEIN: Richard?

DR. HARDING: Thank you both. I kind of like your idea of getting out of HIPAA free pass as you were saying, you know –

[Laughter.]

DR. HARDING: Get a card, and I'm out of HIPAA, you know! That's it.

MR. ROTHSTEIN: I think there'd be a long line of covered entities waiting for that card, too.

[Laughter.]

MS. GOLODNER: Misused in the marketplace.

DR. HARDING: It was a nice thought, I agree.

What I was wanting to ask, and Joyce just kind of brushed up against it in your last comments, was the educational task that we have about HIPAA. And what I'd like to do is ask you all – we've had difficulty as a government and committee and so forth really educating people about HIPAA, and wondered if you had resources, ideas and so forth that would help in shaping education, attitudes, capacity of people.

You know, we're talking about the older population who have so many complex medical problems that they're all carrying and their children are trying to carry for them and so forth. Is that something that you all could help with? Should there be articles in your journal about the good news about HIPAA, or what HIPAA has done, what it hasn't done, what you should know about it? I mean, I've seen some of those, but it just seems like there's a lot more we could do.

MS. GOLODNER: Certainly, there is a lot more we can do. But it isn't just the public, it isn't just the patient, the consumer; it's the institution that has to make sure that they communicate what this paper is that they hand to people and say, just sign here.

It is not simple, it is not clear, and it should be. And those people, usually a clerk, who hands it to you to fill out, that's where the whole – it falls apart.

I think that there has to be an understanding on both sides what it's about and why it's there. It isn't just the consumer and patient.

On the other hand, we certainly can inform consumers about privacy issues and inform them about HIPAA, but it's a two-way street. It just can't be, you know, accepted, and these are long forms, and you're not going to read it. I mean, you're there; you want your procedure done or you want to get past that. But there's a miscommunication between the health professional and the consumer.

MS. DUBOW: May I say something? I think I would answer that question in a couple of ways.

It happens that we have two papers that will be published soon that look at HIPAA with respect to how it's been used in health care quality and research. And, frankly, the motivation for this paper was the fact that there was so much misinformation about HIPAA in relation to these areas – that it's used as an excuse all the time not to do things that are well within the purview of the entity.

So, you know, the Public Policy Institute, as I said before, tries to stimulate and inform the debate and we have objective research that is peer reviewed and we thought that this area required some clarity, and so we are publishing – and there's another one that we have coming out that's related in terms of medical records, a smaller paper, but it has to do with the patient's access to medical records.

In terms of whether AARP wearing its hat of advocacy, its advocacy activities, would engage in a campaign on HIPAA per se, it's not on the agenda at the moment.

I think, though, health care quality certainly is, and certainly it's important as we discuss health care quality and health information technology that people need to understand the implications that HIPAA brings, and so I could see that we would address that issue not directly, as you suggest, but to incorporate that into how we go about doing it.

There's nothing on the table now that anticipates, as far as I know, a broad campaign that would bring AARP resources to this. We're a little preoccupied with Social Security and the prescription drug bill that you might have heard of.

DR. HARDING: Yes. But on the other hand, I think when you're looking at priorities, I'll bet you that the issue of access to medical care of elderly and what their families can see and be told in those kinds of things –

MS. DUBOW: Absolutely.

DR. HARDING: -- because of HIPAA is a big deal to a lot of the population.

MS. DUBOW: Absolutely. There's no question about it. As I say, I think that if the question was would we explicitly direct our attention to HIPAA, my inclination is that we would not. Would it implicitly be incorporated into how we address these issues? Absolutely, for the reasons that you addressed.

DR. HARDING: Thank you.

MR. ROTHSTEIN: Time for a couple quick questions and quick answers.

DR. FITZMAURICE: Right. I wanted to revisit a little bit what Harry was asking about in terms of identifiable data. It would seem to me that researchers' mouths would start salivating at the prospect of even the de-identified 100 percent of a population, because then when you look at 100 percent, you get all the rare events that you might miss when you're getting every other one or so forth. And the issues of bias become much smaller because the rare events and the lack of bias, even with the de-identified, research would really be happy with it. And it helps the consumers and general public to be more fully informed about the whole picture.

But for some things like for following up particular kinds of treatments or quality patient safety events, you would want to have some identification – not that you need to know who the patient is but just to link the data. And if you link the data over time, then you can get readmissions to the hospital. So you can do it with a smaller sample, but you have to make sure that it's unbiased.

So is there a question in all of this? IRBs look over what researchers do, and the privacy rule requires that for privacy, the common rule requires that universities pledge that all the research will undergo the privacy rule or undergo the common rule or if they receive Federal funds.

Today, should consumers trust IRBs to represent the consumer's interest in health services research, the records kinds of research? And then, secondly, has the privacy rule been a net plus for consumers? Are we consumers better off it than without it?

MS. GOLODNER: I think we could trust the IRBs as long as there's consumer representation on them so that you get the consumer interest represented. And what was the second?

DR. FITZMAURICE: The second one – has the HIPAA privacy rule for consumers, has it been a net plus or a net minus? Has the burden been greater than the protection?

MS. GOLODNER: Net plus because it lets consumers think about privacy and they think about: What are they doing with my information? That's one of the pluses.

And I think it also puts the institution or the health professional on guard that they have to be a little more sensitive to the privacy of an individual.

MS. DUBOW: This isn't AARP policy. I think that the IRBs are – I mean, you want IRBs, you want IRB. I think that there needs to be – I mean, I know there are certifying bodies now that are actually looking at IRBs in terms of their organizations and their practices and I don't believe that every IRB is as good as others. I think there's a lot of variation, so, you know, for what that's worth, I'm skeptical.

I think that with respect to HIPAA on balance, I think it's certainly important that we have this piece of legislation. I think there are areas where it could be improved. I allude to a few places in the statement that I provided. But I think I agree with Linda. I think the awareness both on the consumer side as well as on those who are handling the data, and I think that's a very important achievement. We can improve, but I think that's an important achievement.

MR. ROTHSTEIN: I have one quick final question.

One of the purported benefits of an electronic health record system is that consumers would have the ability to access their own records electronically and do all sorts of things.

Older people are the least connected and the least electronic savvy and so forth. Are you concerned that if we create – well, as we create such a system that we'll have an effect of sort of a two-tiered health information system where the older population is sort of stuck where we are from their access perspective, no gain, whereas younger and more computer savvy people will be able to do all these things? And if so, what sort of things are you doing or might we recommend doing so that the older population gets the benefits of an electronic health records system?

MS. DUBOW: There's clearly a divide. I mean, we saw that in the very recent Kaiser Family Foundation study that looked at Internet and computer use among people 50 and older and you can see clear differences between the population 50 to 64 and those who are over 65.

Everybody always says that this is going to be a short-lived problem because those of us who are approaching 65 are savvy and do use computers and feel more comfortable in that environment.

I'm hesitant to draw any conclusions because I think that when people age, they also bring other attributes, if you will. So I'm not a hundred percent persuaded that a savvy techie, you know, who is under 65, at 85 is going to necessarily feel confident.

Well, you know, it's hard. I think the screens are hard to use; I think people have less confidence in their decision-making abilities just in terms of visual impairment. I think that this is something that is researchable. We can't do it yet, but I think that we ought to be examining this to have a full understanding of what happens when the generation that is now comfortable begins to age in and we'll see what happens.

Nevertheless, I think that this is an area of improvement, if you will, that is happening. I think that there will always be a need to target communication and interventions to meet the specific needs of the population we're dealing with. There will undoubtedly be some people even, you know, the old-old, who are comfortable. My Aunt Sarah is 90 years old and she uses a computer. If I'm lucky, I'll have inherited that side of the family's genes.

But, you know, I can also name a lot of people who are not able to do it. We have to have targeted approaches, and we can't rely on knowing that there's one size to fit all.

MR. ROTHSTEIN: Ms. Golodner?

MS. GOLODNER: It has to be available in paper also if someone asks for it, so, I mean, that's one answer.

Also, by the time that techie is 85, I think the technology will have changed so rapidly that it will be something – you'll probably have a little chip in your –

MS. DUBOW: Right.

MR. ROTHSTEIN: Well, I was also thinking that –

MS. GOLODNER: -- elbow.

MR. ROTHSTEIN: -- maybe it would allow them to become computer savvy.

MS. DUBOW: But they may not want that burden. There's an information burden that they may not be willing to assume, so –

MR. ROTHSTEIN: Right.

MS. DUBOW: -- I think we need to be very careful about drawing conclusions one way or the other. There will be some who feel that way, and there are going to be others who want their doctors to be making the decisions for them and controlling their information.

MR. ROTHSTEIN: Yes. I thank both of you for your testimony.

And without any interruption, we're ready for Panel Number V, and so I want to welcome both of you and thank you, Dr. Martino, for pinch-hitting for us, and we're anxious to hear your comments.

Agenda Item: Presentation – Dr. Janet Martino

DR. MARTINO: Okay. Sorry to jump the gun on the light show, but I knew you wanted to move along. I just want to send David Harrington's apologies. He had some business out in California with his board that had to be attended to, so I'll be standing in for him.

This is of course the second time MedicAlert has briefed the NCVHS, not in this particular Committee, so I'll try to keep it brief about the background.

MedicAlert sees itself as being in the business of protecting and saving lives. We try to enhance patient safety and improve quality care by providing secure data, collection and storage and accurate and easy transfer of the medical information to health and safety professionals 24 hours a day anywhere in the world.

So with that behind us, our basis, one of the newer areas of services that MedicAlert is developing and probably will offer later on this year will be personal electronic health records in collaboration with Wendy's group, CapMed. MedicAlert has had an EHR for managing medical information for our members.

This EHR is designed to be compatible with health care industry standards, and we anticipate that the data will be coming in from many new sources beyond the patient-entered data. The CapMed personal health record product will allow our members to maintain their own information and their own records with bi-directional updates to and from the MedicAlert EHR, and of course this would all be at the direction of the patients. These records can then be made accessible from the MedicAlert website, from the personal health record carried on a USB key which Wendy will discuss after me, or by calling the 24-hour call center.

Other services that MedicAlert offers would be the document repository services. Here, we're really talking about written advance directives and pre-hospital DNR orders. MedicAlert is officially recognized as a provider of pre-hospital DNR orders in 10 states which allows a responding paramedic team to call up to MedicAlert or look at the bracelet or emblem and accept the DNR before providing extraordinary care in the field. Once they hit the hospital, another document would need to take over.

I've had experiences where friends have had where that would have been very nice to have to prevent episodes that were just not necessary.

We do some professional education and training. This is mostly addressed to emergency responders. Through our links into the PHR application and the websites, we are trying to enhance patient education by linking them to medical information and allowing them to use sites, websites, that are specifically disease specific.

And, of course, we do family notification services in the case of emergency.

Today, our privacy and confidentiality policies are that all medical data is directly provided by our members. When they register for MedicAlert, they give us prior written approval for all storage and transfers. There's essentially a standing order with respect to emergency care which is the primary service that MedicAlert offers.

Our emergency response team, which handles all incoming calls and requests for patient information, has a 10-step protocol to authorize that the person calling is who they say they are and is authorized to receive the information.

The website and the technology piece of this is pretty standard – things like member number/password, allowing patient-specified additional information: What was your pet's name and where did you go to elementary school? That kind of thing.

And, of course, we use secure encrypted transfer of information.

Now, MedicAlert, as it expands its business model, has recognized that we need to be much more broadly interoperable. Our EHR needs to be able to not only accept

data but also send data to various other organizations. Our next generation enterprise architecture will include the standards that would be necessary, such as the HL7 reference information model and the functional outline. And, of course, we're looking and working with the OMG HL7 services specification, which is the technology to enable this interoperability.

Why we need this is we want to expand our scope of information sources for our patients and members, try to get information more directly from provider ERHs, payers, labs. One of the things I noticed as I used the PHR, it took a long time to enter the data, especially the first time, and even for data quality issues, it would be much better to have these things come in electronically more directly.

We also intend to expand the scope of drug utilization reviews, working and interoperating with chain drug stores, pharmacies and pharmacy benefits providers.

Now, we're talking about the management. All of this requires the management of patient-directed authorizations for release of information. As you heard from the earlier panelists – I'm actually sorry they're not in the room because I want to pick up on some of the things they said – these needs are going to really drive a lot of the requirements of how we do this interoperability. Now it's not a simple matter of MedicAlert having an authorization standing and allowing us to give data. The minute we want to start collecting data, every one of those external partners are going to also need authorizations to send us the data, and it becomes a lot more complex.

In order to proceed down the line we're heading, we're trying to enhance all of our security measures and these are in various stages of deployment. This is a couple of slides for the technically minded here. We're offering multi-tiered data access authorization, internal network domains with firewalls, internal hacking and intrusion detection as well as external because that's a very common way of privacy being invaded is by the internal workers of an organization.

We're obviously using audit trails, one of the policies that they insisted on – they want to know who, what, when, why that record was accessed. Much of that can't be done on paper, so if the patients really want that, they have to allow electronic records to give them that level of control and information.

We're also using password guesser algorithms to test the quality of the passwords that people are using. We can now pretend hack – pretend hackers, to see that the passwords are holding.

Encryption of course is going to be critical. Externally, access hardware in a DMZ.

I started to ask the question like, what does that really entail? And immediately got drawn into the networking weeds, so I'm going to leave it at it's the preferred method of external access to secure networks. And if you need any more detail than that, we'll just have to bring somebody who knows a lot more about it than I do.

Another interesting addition is the data source notations so that we know who is putting the data in and where it came from. I know physicians, as they use the data, and other health care providers, need to know where it came from and how hard core it is and how valuable it is, you know? We don't trust anything.

And this is the requisite techie slide. Basically, it's just showing at the bottom the logical movement of data – see if this works, I believe – from something like, for instance, the CapMed key through their hub over the Internet, hitting a firewall, going through an authorization protocol, and then Web services and components that are internal to MedicAlert to manage some of the policies before data is actually entered into the database.

The concerns here are a security layer, an identity and access management layer, and then the management services, the technology services, that are being provided with our business logic.

The top is just a list of products that we happen to choose to do this. We're not advocating for any of those in particular, but just to show what we're doing.

Upcoming issues. Three major issues that I think we're going to have to face, and I'll go into each one a little bit more detail, authorization management for the release of information, since much of our potential business with external partners falls outside of that umbrella of direct medical care and treatment.

We would like to improve the authorization of emergency responders for release of information. And one thing that I really wanted to challenge our consumer organizations was taking part in member education and consumer education with respect to the implications of the decisions they make to either release or withhold.

As an internist, I want it all. I need to have all of it to make sure that I'm actually making correct decisions for my patients, so I'm a little bit – and this is personal – I'm a little bit nervous about patients withholding data because they're not trained to understand what's relevant and what isn't. And I'll get into that more. It's a little bit my own hobby horse.

Authorization management. We understand, and we've heard here very, very clearly that the patients want to be in control of who sees what and for what purpose. As I mentioned earlier, as we expand to our provider health pure electronic records, our payers, employers, pharmacy benefits managers, laboratories, on and on and on, we want to be able to collect data directly from these organizations.

As I was sitting here listening to this discussion earlier, I'm thinking – I tend to make an analogy between a PHR and Quicken. I'm an inveterate Quicken user, being again a very precision-oriented internist. I followed a male group where fairly technically savvy people who already self-selected as people who liked keeping their checkbooks on their computer – you know – having all sorts of problems and going on and on as they attempt to make direct connections with their banks and financial brokerage houses or whatever to download their financial data. It can be done, but it requires a lot of fiddling and know how on the part of the users of that software.

So for broad acceptability, I don't see that in the future that patients who have their medical Quicken, their PHR software, being able to effectively keep their records up to date by downloading information from all the various sources out there – their labs, their doctors' notes, their hospitalizations and whatever. It's a large burden technically to expect people to learn to do this.

So I think MedicAlert, as posed as the sort of the information bank and facilitator for this, would like to envision an environment where this information can be drawn into the MedicAlert EHR and repository and then through our secure connections it could be used to upload much of the data to the PHR key.

This is a future vision. Clearly, we would have to have all sorts of authorizations in place for this, and managing those authorizations I think is going to be a huge technical issue. I think we need to start thinking about how we would implement such a service.

Right now, absolutely you shouldn't be on a table ready for colonoscopy with the draft coming in the back trying to think about signing a HIPAA form. That should be there; it should be online, available to whatever providers need it.

With respect to authorization of release of information out to callers for information, clearly role-based access privileging as a technology will be critical to us. The current paradigm, as you see in the last bullet, is authorizing emergency responders who are calling in – "Hi, I'm Dr. So-and-So from Such-and-Such Hospital. We have Patient X. Can you give us their MedicAlert data?" We have to be able to manually, if you will, authorize who those people are.

And it's adequate to today, but I don't think it will be adequate for the future to just try to ask them a series of questions. So I'm thinking about: What else can we do to enhance their ability to authorize themselves to our responders?

I'm wondering about potentially the use of the provider and facility identifiers. I know if I walk into a local pharmacy and hand them a prescription that I've written, they want to know who I am. They ask my DEA number to try to validate that I'm authorized to do that. And potentially we could use some of these facility identifiers in that manner.

I'm very active in the services specification project which is a very new project that's been stood up. It's a joint, very synergistic activity between HL7 and the object management group health care domain task force.

We right now have defined sort of a long list of services, common services, that need to be addressed, and we're going to be shortening that list to probably the top three for the next year.

But this will address primarily technical requirements for interoperability. And over the years that I've been working in computer-based patient records as they used to be known, the one place that I really found difficulty, the people tend to not think about the functional requirements required for the levels of security and privacy and access that we've been talking about today.

So an organization like this, especially in terms of the recommends to the NHII, and Dr. Brailer's group, on what can the government do to enable and enhance and foster and incentivize work that would help us get the job done, there are some areas I thought might be of use.

The first is a standard list of common roles. I remember some years ago finding out, I think through HIPAA, a standard list of sub-specialists and specialists' names, okay? And everyone would say, okay, this is the list of types of docs and types of physical therapists and types of whatever, a group to really think through.

Okay, what are the kinds of roles we're imagining here and what a role it would be on your primary care physician, the ER doc, the consultant who comes in to see you in ER or a hospital. Those need to be defined.

And the situations, the common situations and contexts. When one looks at role-based access privileging, it's more than who you are, what your role is, but also the context, so that I may be able as internist be able to be authorized to see more about a patient who is my primary patient than potentially I would when I'm consulting for some other physician on a specific problem. So outlining what those are would be useful.

And clearly, guidelines for policies. What should our policies be? Who should be allowed to see what?

I know a lot of that's been left to the individual institutions to sort out between themselves. But I think the Federal government can really help by initiative a panel to start having these discussions with consumer groups, with health care groups, everybody concerned, all of the stakeholders.

We need to start hammering this stuff out because I believe that technically we'll be able to do it – I mean, I know products out there that can handle role-based security and access privileging at this level, okay?

What's missing is the content of those decision engines, the contents that say, who do we think should see what? And as far as I'm concerned, that's the hard part, okay? So that's a plea from those of us who are trying to develop systems.

And the last area of concern, which my computer will hopefully show to you, is the consumer education and counseling, okay? It's not enough for us to tell our patients: You are in charge. You can tell us what we get and what we don't get. They are not the people with the medical education to understand what's relevant.

Now again, as a global thinker and an internist, I had a hard time thinking of a good example of where it would be okay for a patient to withhold information from me. Like I say, I want to know it all. But, for instance, if you break your leg during a softball game and you end up in the ER, the ER probably doesn't need to know that you had an abortion three years ago.

On the other hand, when you look at MedicAlert, from a MedicAlert point of view, should a patient allow his HIV status to be released when he's in an emergency room, in an emergency situation? Many patients may say – oh, no, that's – I'm not telling anybody, I mean – and these are subtle things, you know? I would really like to see health care counselors assigned to discuss situations with patients.

I was a little bit upset that AARP said oh, no, we're not going to deal with HIPAA right now because we're dealing with Social Security. When I read all of these journals from AARP, other health care – consumer organizations, when I read Newsweek or Time or the business section or whatever, every week I see multiple articles on: How do I handle my retirement finances? How do I do asset allocation? What's the difference between stocks and bonds? And this and that and spiders and cubes and whatever. I have an excellent information source on financial matters and it's out there every single week in many of these journals.

And what I don't see are the same level of articles discussing these kinds of issues, okay? Consumers don't need to be educated about HIPAA. They need to be educated about what they should be doing with their information and where it's critical and where it's not.

So this is a little bit of a personal hobby horse. You got me all wound up with that –

[Laughter.]

DR. MARTINO: -- previous discussion.

MR. ROTHSTEIN: You should have been here this morning!

[Laughter.]

DR. MARTINO: Ah – yeah! Then I never would have shut up! [Laughs.]

But anyway, those are the issues that we see coming down the pike that are going to impact how MedicAlert does its business. We see ourselves as part of a broad community including government as well as consumers and health care organizations, and I'd like to thank you very much for this opportunity to vent.

MR. ROTHSTEIN: Thank you for your venting, and we will have some questions for you after the next presentation. Ms. Angst, as soon as you're set up, take it away.

Agenda Item: Presentation – Wendy Angst

MS. ANGST: Okay. Well, I do have a little voice, so if anyone can't hear me, please let me know. My name is Wendy Angst, and I am the General Manager of CapMed, and we're an organization that is focused on personal health records, so the discussion that was starting to go on I found very interesting because sort of the default for a personal health record is people assume that it gives the patient a view into a physician's electronic system or that it provides an online vehicle for patients to self-enter information and they do this on an online website.

That is not CapMed's model; we're a little bit of a different bird, but we consider ourselves very consumer- centric and very flexible as far as finding the best way to engage consumers in doing a better job in partnering on their health care.

So our model again is consumer-centric, and as Janet had indicated with the Quicken model, we use that analogy quite a bit because like with Quicken when it initially began as a software program, people could use it to self-track their financial information. And as banks increasingly began offering that information electronically, you could exchange information with your different brokers, with your different financial institutions, and you as a consumer could aggregate that financial data into your own financial management tool.

So that's a similar model that we're approaching with health care for a variety of reasons, least of which is that there's not a lot of electronic data available today. So we'll touch on that as we go.

So we view our model, our personal health record model, as an untethered personal health record. It does have the ability to aggregate information from electronic health records that are going to export data. Most recently at HIMSS last week, we were a part of the interoperability showcase where we demonstrated how we could take information out into E's(?) medical record and NextGen's medical record and a variety of different EMR vendors and enable the patient to bring that down into one system.

We also have the ability to interface with home monitoring devices, so blood pressure monitors, glucose meters, electronic scales, things that a consumer is doing in their home to monitor and manage their own health.

And thirdly, the ability for consumers to self-enter information. So we do that through pick-lists and through wizards and we think that that is always going to be a critical piece of any electronic record because you always need some level of information that's input by the patient.

So bundling all of that together to create a true patient-centric record that can provide a lot of value to the different entities that provide health care today.

We have 400,000 health records distributed, with another 100,000 set to be distributed through a hospital in March. And patent pending on our personal health key. And I did bring along a couple of samples for anyone who's interested just to get the visual of the concept, but it literally is a CD-rom, so it's tangible, it can help consumers, you know, understand, feel that they own and control this, and I wanted to touch on this because some research that I'll point to – earlier, when we were talking about age of users, the CapMed users that we interviewed about the product and how they're using it and what they're doing it, our largest age group was age 51 to 60, followed by people 61 to 70.

And I think a big part of that is because we're not mandating that people have to go to www.anything to become active in managing this information.

Our products are Internet-enabled so they can be stored on the desktop and directly link patients to electronically exchange information.

And the other product, too, is the portable health key, so it's the same health record, just in a different form factor that's completely contained on a portable device.

CapMed was acquired by a publicly traded company in November of last year, so we now have the ability to be present at a lot of shows and do a lot of good things, which is great. But our roots do go back to the early ‘90s. We began as an extension of an electronic medical record and have been focused on patient health records since 1996.

So again, with our consumer-centric connectivity, we're putting the patient in the middle of helping to connect all of these pieces and helping to make sure that their information is getting to the right place at the right time.

We have four levels of CapMed PHR users – those who want complete control and store their information on their desktop, and again, that has been the model that we've started with and the bulk of our personal health records that are out there have been in CD-rom where people literally are managing their information on their own PC.

If they're choosing to exchange information then with a provider, they're either printing it out and hand-carrying a report with them and then more recently they can transport it again with a portable device and then most recently, which Janet had alluded to, we have begun offering a hub service for the exchange of information electronically.

Secondly, those who want information portable, and the term that we use for that is the individual's the "chauffeur" of their own health record. And again, using the portable health key device, the consumer can take their information with them wherever they go.

Thirdly, where the consumers serve as a gatekeeper, so they control the access of who has information to it, and we think that both the hub and the health key fit in with that.

And then storing health information in a trusted bank which also is, we think, a phenomenal service, as with our partnership with MedicAlert, an extremely, you know, high brand, trusted brand, for consumers, so they have a great deal of credibility to be that third party mutual source to help consumers store and make that information available when needed.

So the way that our health record works.

And I'm going to share with you some research that we've recently been involved with is that we give consumers the ability to deposit information into their own personal health record. So this is just looking actually what we did for HIMSS, so I could download information for a participating EMR vendor, I could download information that may be transferred at the point of care with my portable device, download information from my devices at home or self-enter my own information.

Additionally, I can also transfer/withdraw information out of my health record, and when I choose to do that, I have the ability of taking a provider-entered report which we've been following on the continuity of care standard that's emerging, but take that standard and without manipulating it at all as a consumer, transfer it from Physician A to Physician B and just sort of be a mechanism for that transport.

Secondarily, we also give consumers the ability to aggregate all of that data from different EMR vendors, bundle it up with some of their own information if they choose, and export that back, and that does follow the appropriate data codifications so that that can be exchanged and imported directly into a physician's system.

And third, from any report within our health record from family history to graphing lab values to medical images can be put into a report and transferred out of the patient's record.

So the way that we are viewing the information exchange currently is if you have your patient at home, which the majority of patients these days do have a PC, they have a personal health record which could be a CD-rom,

it could be online access, it could be the portable device, and through the secure hub, they're able to send information out, and for those providers that have electronic records, a notification is sent to those providers that information is available on the hub from the patient and the physician can go out and view that information and choose to print that or bring that into their EMR.

But realistically speaking – I mean, as I'm sure everyone in this room is well aware – you have 15 percent of providers with EMR, you really have a lot more of the guys at the bottom with the paper chart. So part of our belief in promoting the portable health key model is that even if a physician does not have EMRs -- the majority of them do not – 99 percent of physicians do at least have a computer in their office.

So, practically speaking today, there are solutions and ways that consumers can be involved to help with the private and secure transmission of their information to make sure it gets to providers at the point of care, because realistically there's not many other ways to do it with the way the system exists.

So the benefits of using a PHR and I know a lot of people have been quoting the Connecting for Health Study – I was involved with that research as well and think it was phenomenal – but just the overview of patients have better care and it's more reliable, more efficient. They have greater satisfaction.

So I wanted to just highlight these benefits that we're all aware of of why it's important for consumers to use the personal health record to set the stage for some of the research I'm going to introduce you to next, which is really looking at from the standpoint of a study that addresses why consumers are and are not using personal health records.

Before I do that, research on our personal health record users that was conducted in 2002 by the Smith School of Business is that 95 percent of those surveyed do think it's valuable to keep their information in one place. Close to 80 percent would rather keep it on their PC than the Web. Most managing a chronic condition believe it'll decrease the chance of errors – actually believe it improves their physical health, by 39 percent. And less than four percent thinks that their physicians want them to use a PHR, which I think is a pretty interesting statistic.

But focusing on the privacy aspects, that 80 percent would rather keep their information on a PC than the Web, and I agree – I mean, a lot of that is education; people don't necessarily trust the Web today. But I would ask each of you to consider how many use financial programs today where you store all of your financial information on the Web. There's a lot of parallels that can be made between financial information and health information.

And then the other PHR research, again with FACCT, that 91 percent of the respondents in their survey reported being very concerned about the privacy and security of that information. And with Harris Interactive, of the 13 percent who did keep electronic records, only one in 13 kept them online.

And again, this is not saying that that's not the right model. It's just that it's not the only model, and there's, you know, a lot of different needs we need to address.

So research that we conducted in conjunction with the new Center for Health Information Decision Systems at the Robert H. Smith School of Business looked at how familiar people were with personal health records, how involved they are in currently managing their own health.

It went through the process of defining, for those who didn't know, what a medical record was, both from the standpoint of what a physician would do with one as well as what a patient should do with one.

We provided photos and examples of five different models of a personal health record from keeping a paper-based diary to using an online tool like a CapMed PHR or like a Quicken program to track their information to using a system that you would manage all of your information on line to where you managed it with a portable device and then a hybrid. So we describe each of those scenarios, provided pictures, and then used that as the basis of what people's understanding was of these types of examples and how they'd like to use them.

So what would cause their desire? Do they travel? Do they have an illness? Are they a care giver? And what primary features would they use? And then, what would encourage versus prohibit?

So I'm not going to present all of this research because this research is currently in an active paper, but if you look across the bottom, we have physicians, hospitals, employers, pharmacists, pharmaceutical companies, a special interest group, and an insurance company. So those were the categories that we used to break down who should be a sponsor or an encourager of a patient to use a personal health record, because all of these groups right now are playing in this space in some way, shape or form and there's good reason for even a company like CapMed to want to say, okay, employer, we'll customize this health record for you and you can distribute it because you have the resources to get it into the appropriate hands.

What we found to be very interesting, though, was the fact that you had people who were very uncomfortable with an employer and a pharmaceutical company providing a personal health record.

I'm sure that's not surprising for many of you, but if you look at models – even I was interested that WebMD was going to be here with the WellMed product – it is a model that a lot of people are promoting because an employer does care if you, the employee, are healthy, so it would make sense for them to provide you, the patient, with the tool to manage your health.

And alternatively at the end, if you look at the 40.1 percent would like to get their health record from a physician, which makes sense; it's the most trusted source.

I was a little surprised by the special interest group. We did give the example of a special interest group as AARP, who unfortunately has since left, and people weren't that trusting, so I was surprised by that because I would assume that that would be a group that they would trust to provide the health record.

So employer and pharmaceutical being the worst and physician and hospital being the two highest rated sources for trust.

So if you aggregate the ratings because it was looking at "I'm uncomfortable," "I'm moderately uncomfortable," "I'm very uncomfortable" versus "neutral comfortable," "moderately comfortable" and "very comfortable," I aggregated those together and if you look at from the standpoint of, again, special interest group and pharmaceutical and employer were the three groups that had the highest rating of not being comfortable in aggregate with different varying levels of being uncomfortable.

Similarly, you had your hospital, your PCP, your pharmacist and your insurance company as all being rated as fair with your doc and PCP obviously being the most trusted source to encourage a patient to use a personal health record.

Just looking at this a little bit of a different way, we asked the statement: What are concerns that keep you from using or endorsing a personal health record? And the highest one was cost, which is a little bit surprising, but we address in the study: If you as a consumer were going to buy your own personal health record, what would you pay, and would you pay for someone to help you maintain it and to get access to that data?

So people are concerned about the cost. I mean, they like the idea, but they don't want to pay for it.

But secondly, the biggest concern was the privacy of their information. We did delve into that a little bit

about what that means because as I think Mark had alluded to earlier, I mean, there's a lot of different things of what privacy means. Is it access, is it sharing the information? I mean, privacy has a lot of different connotations to it.

So we, again, addressed that a little bit in the study, and those results will be presented at TEPR in May.

And finally, the value statement of privacy and security concerns that would keep me from using any PHR that is either stored or transferred on the Internet. We had the bulk of folks strongly agree that privacy and security concerns would indeed prohibit them from storing or transferring their health information over the Internet.

And which type of personal health record would you choose if it were provided by – and it's the same group across the bottom there, your physician, your hospital, your employer, your pharmacist – but what I thought was interesting is that a group would most likely choose "none" if the health record came from a pharmaceutical company or from an employer; they would rather use nothing.

However, if you look at what they would use, they chose the hybrid Internet USB product which again was described as a combination between having sort of an online ability to exchange information and access information but your ability to also have it in your hand and to know that this information is going with you and you're designating who has access to it.

So we thought that was interesting obviously it supports our model which, you know, we sort of wanted to do, but the fact that it was unbiased research. But getting this hybrid personal health record from the physician again and the hospital are the two most trusted locations.

So in summary, the value of the PHR use is undisputed. I mean, everybody recognizes the fact that patients who are more involved in their own health care do have better outcomes, and everybody wants that. The privacy is a variable that you have to look at, not only the access but also the sharing of that information and who has ownership of that information. And that's something that will be as variable as -- happy to hear AARP say that their members don't have one standard position on that; it's something that is flexible and it's as flexible I'm sure everyone in this room might have their own idea of how they'd like to control, manage and access their own health information.

So it's really not about having a personal health record available but providing the right solution for consumers that will work for them.

Questions, Answers and Comments

MR. ROTHSTEIN: Thank you very much. Let me just start by asking a simple question, I think. What right or ability does the individual have to edit the information?

MS. ANGST: Well, our model is really designed that you as a patient could completely use your personal health record without having to input any information electronically from your physician. It's really designed as a patient-centric tool.

So, again, with the analogy of Quicken. You could walk into a store, you could buy Quicken and go home and begin tracking your information. It's the same thing with our product.

When you look at the interfaces that we do electronically with EMRs – NextGen, for example, we have a relationship with them where they promote our PHRs as an extension of their EMR product. The way that that is designed is you would be able to receive a record from the NextGen EMR product into the patient system and that would provide an audit trail within the patient's record so they could see that a report came in and then attachment of that report is there that the patient can't change.

MR. ROTHSTEIN: You've gone way beyond my question. Let me just ask you this –

MS. ANGST: Sure.

MR. ROTHSTEIN: -- okay? You're my doc, all right? And I've got your system.

MS. ANGST: Right.

MR. ROTHSTEIN: And I want to download my electronic health record from your system to me.

MS. ANGST: Right.

MR. ROTHSTEIN: Okay. I can do that, correct?

MS. ANGST: Yes.

MR. ROTHSTEIN: Okay, now I go to Dr. Martino, and I want to be her patient, and I'm going to transfer to her my electronic health record, and why is she going to trust that it's complete? That's something you alluded to in your remarks if now I have the ability, as I think I understand you saying, to, you know, delete stuff that I want to delete – am I essentially correct in describing that?

MS. ANGST: Well, what I was mentioning with the audit trail, if you received in your record from the physician electronically –

MR. ROTHSTEIN: Right.

MS. ANGST: -- it would say "record came in from Dr. Smith." And an actual snapshot that you as a patient cannot change is attached in the audit trail as the file. So there's a snapshot of what you received that is unchangeable by you, the patient.

MR. ROTHSTEIN: So that's my question.

MS. ANGST: Yes. Then you can also take that information, though, and build it into your own personal record.

MR. ROTHSTEIN: So when I go take or transfer my records to Dr. Martino, there is some element that I can't disturb?

MS. ANGST: Absolutely, right. But the bulk of the patient record, though, will have some semblance of information that maybe came from that physician report but it will also have information that came from you, the patient, and it's sourced what came from you, the patient, versus what came from the physician.

So what I'm trying to get across is there's really two ways. There's one, that audit trail that will have the report attached within your personal record. And then there's also within your aggregate of all of your data, it's sourced. It may not mean that you as a patient have selected to input everything that came from that EMR. If you chose not to include the fact that that physician diagnosed you with HIV, you could choose as a patient to not build that into your own personal record that you're carrying with you.

MR. ROTHSTEIN: Right, but that would get to –

MS. ANGST: It would, yes.

MS. FYFFE: Let me help.

MS. ANGST: Okay.

MR. ROTHSTEIN: Hurry up. Help would be much appreciated.

MS. FYFFE: Yes, okay. Let's say I had, as Dr. Martino pointed out as an example, I had an abortion three years ago and the record that I downloaded from you as the physician has that in there –

MS. ANGST: Right.

MS. FYFFE: -- the only way for me not to include that information when I go to Dr. Martino is to completely exclude that record and not have it be part of this personal health rate that I'm porting over to Dr. Martino, because otherwise – okay, and so then the fact that I've had allergies and all this other benign stuff which would be helpful to her she wouldn't have because I've decided, you know, it's all or nothing.

MS. ANGST: Right, right. But I guess what I'm to get across is the personal health record by design enables the patient to aggregate health information, so I can aggregate that report that I took from Dr. Smith and I can also input my own information.

MS. FYFFE: Sure.

MS. ANGST: But I could choose, as I'm aggregating all of that together, to not include everything that came from Dr. Smith because as a patient health record, I have the right of what is going to be in my own personal health record.

MS. GREENBERG: You can delete it from your personal health record but you can't delete it from the record –

MS. ANGST: You can't delete the report, right, right. Does that answer your question? I guess it's sort of a different –

DR. MARTINO: The patient has a choice of what is sent out from the PHR as well.

MS. ANGST: They do.

DR. MARTINO: They can say "I don't want this information passed on," but I can pass on the – it's not all or none. The only thing that's all or none is the actual scan of the document that the physician gave.

MS. FYFFE: Okay. Let's say I've been to a psychiatrist, okay? Or a cancer specialist, an oncologist. And that stuff has come in, and there's an audit trail of it.

If I don't want my next doctor to know about that, I simply don't have that whole chunk, right?

DR. MARTINO: I believe you can have it in your own record –

MS. FYFFE: But I'm not talking about the consumer personal health record. I'm talking about the actual legal medical record that one doctor has put into my thing, my USB port. There's no flexibility for the consumer to pick and choose what information is going to be included if it's come from a doctor's office.

MS. ANGST: That is absolutely correct, right. So, yes, and if you follow the continuity of care record standard, the physician is the author of what information they're choosing to disclose.

What we give the patient the ability of as a personal health record owner is the ability of what they're choosing to accept and build into their own living record. They can't change the audit trail, but I can change what's in my own living record and I can update, which is sources being updated by me, a patient, and it's also sources that comes from a physician.

DR. MARTINO: From my point of view of seeing the patient, it weakens my acceptance of that particular data because I can't see the full note, if you will, or the full record that came from the physician. I know that whatever the patient is giving me is being filtered through what they choose to send me. But no different than it is today!

MR. ROTHSTEIN: But you can supplement that by asking additional questions –

DR. MARTINO: Sure.

MR. ROTHSTEIN: -- you think that are missed. So one way of describing our continuing struggle I think is really represented by this.

On the one hand, there are certain patient groups, individuals, what have you, that want to control what is their health record for purposes of others, and others could be physicians, it could be employers, insurers. So that's one set of interests.

And then there's another set of interests that I hope aren't automatically incompatible of the health care providers where they want enough information so that they can do their jobs and then there are probably the interest of other third party users as well in terms of what's relevant to a life insurer and so forth.

So your system – and this is not meant to denigrate it – doesn't forward or advance the privacy interest of the patient as some would have it to edit what goes out because the physician is going to get all the physician records. You can edit what you keep on your desktop for your own purposes, but she's going to get everything.

MS. ANGST: If Physician Smith is sending information directly to Dr. Martino, they would likely do that without first sending it to me as a patient and to my patient record.

MR. ROTHSTEIN: Right.

MS. ANGST: What we're really providing is a tool to just get the patient involved. They're not necessarily going to edit the information that Dr. Smith is sending to Dr. Martino.

MR. ROTHSTEIN: Right. Okay. That's – okay. Now I'm up to some level that I don't want to characterize what it is.

MS. ANGST: It's a very complex thing to explain when we talk on the patient record side because there's a lot of different pieces, a lot of different rules. And we always promote, you know, especially with – when we're talking with NextGen, you have different physician groups that really want to limit some of the patient control, and those are capabilities that we have.

But, you know, everything comes with a tradeoff, and to get consumer use, you need to keep the consumer's issues at the forefront of your mind. And obviously to get physician adoption, you need to make sure that it's not going to get them into trouble, either.

MS. FYFFE: So – excuse me – if I had a three-ring binder, if I'm chronically ill and I have this three-ring binder, and I've got all kinds of stuff in there, I can just pull out a few pages that I wouldn't want Dr. Martino to know about. So it's similar – I mean, I've already figured out how to do it, how to exclude things from your record.

MR. ROTHSTEIN: Dr. Fitzmaurice?

DR. FITZMAURICE: When the Chairman asked the question about he wanted to take it from here and he wanted to give it to there, I thought he was going in a different direction than he turned out to go, and I want to go in that direction that I was thinking of, and that is the interoperability. How do you make this medical information interoperable?

I'm really excited about what you're talking about because you're getting down to the level that can benefit me and my family. I keep a lot of this stuff on a spreadsheet; it takes a lot of time. And that's just keeping track of the visit, not the lab values or anything.

So, if I go to you and I get the information on a portable USB port and I come over and plug it into Janet's product and then I leave Janet and I come back and plug it into your product, how do we make that stuff interoperate so that she can see the pictures that you in – maybe it's a PDF file – so that she can pull the same variables that you put in and put it in the right places into her record? Do you use like HL7 for the message framework? Can you export CCR, how that's –

MS. ANGST: That's a question I can answer; I like that one.

DR. FITZMAURICE: And do you have other content than the CCR that you can export? And then, what vocabulary do you use? Do you map these variables to the concept of SNOMED CT or do you use some other vocabulary?

MS. ANGST: We began down the path of looking at the medicine nomenclature. We've since – for example, with NextGen, and I'm just using that one because that's the largest CMR partner we have that we're actively, you know, exchanging data with. They have a certain level of most frequently used terms, and so we basically mapped the pick list within our product to NextGen's pick list because, again, the CCR standard is not done.

We have designed our product to create a patient-generated CCR, so everything is codified appropriately that it can be exchanged. And that's the same way that we're able to map and populate the patient's record at the field level, is by having the appropriate codes and terminology built into the product.

Incidentally, it also maps everything in a problem-oriented format and has the ability then to link patients to education and automatic reminders.

But within the application itself, everything is self-contained on the device, so you can be anywhere in the world and have everything you need to view, manage and update your health record within the personal health view.

So that's part of the beauty of that as a technology of why it makes so much sense for our medical partners because, you know, it's hand in glove with their membership model of having immediate access to emergency data.

DR. FITZMAURICE: Dr. Martino, what do you use your information from like hers to hers? Can yours put out the CCR content and do you have the vocabulary use to represent the –

DR. MARTINO: We are in the midst of addressing just those issues. I should give you a little bit of my background. I was the Deputy PM for GCPR some years ago –

PARTICIPANT: What is the acronym?

DR. MARTINO: I'm sorry. Government Computer-Based Patient Record, which is carrying on with a new acronym that I won't even attempt to get into, but basically the philosophy was creating a framework for interoperability that would allow cross-mappings to common information models and common terminology models.

No one has actually done this, but it needs to be done – and I hope to get it done before I die. [Laughs.]

But that's the direction that we're heading, is to start identifying common information models that would allow to map different data structures to each other. I mean, if you know anything about XML, everyone thinks that's the answer to all interoperability because every field is tagged – you know, this is a first name, this is a last name, so on and so forth.

Well, that's fine, except your tagging may not match his tagging. So you need the common data structure model, information structure, to know that when you say "first name" here it means the same thing as "F Name" there. So that's the information structure.

And then the terminology, likewise, which is the content of all those fields needs also to be mapped to a common standard. SNOMED obviously is coming forth as one of the strongest.

DR. FITZMAURICE: Let me say that the reason for my question is not so much techie; it's a matter of patient safety. If I take it from her and I plug it into your machine, I want the variables to mean the same thing in the two different doctors' minds. And there's communicating by computer, so the computers have to understand it where the doctors can communicate that way.

DR. MARTINO: And again, these things like the CCR or the HL7 CDA will help us with that because, again, we're using the common models.

I think that from a patient safety point of view, I don't think we'll ever go beyond what currently exists today with respect to believing the patient rather than any external data. Right now, if I order a lab on somebody and that lab doesn't make sense to what I in my clinical judgment know about that patient, I've got to question that lab and I don't care where it came from or how authorized it is. I have to question it.

And I think we need to still leave human beings in their judgment calls in the loop for many of these things.

There's a difference between –

[Fire Alarm Sounds about Fire Reported in Building]

MR. ROTHSTEIN: We are in adjournment.

[Hearing was adjourned at 3:05 P.M.]

[The Chairman resumed the meeting several minutes later, the emergency having passed. Two to three minutes of the hearing were not recorded.]

MR. HUNGATE: -- one was in identification of the individual either seeking the information or providing the information. Is my conclusion correct?

MS. ANGST: From CapMed's perspective, no. So I would have to say that that would then reflect to MedicAlert. We do have authentication for the patient to be able to log on to the hub and to access information. They have to authenticate their identity, as well as for information to be sent from the hub to a different provider, same thing, uses 12 AS bit encryption to authenticate and to communicate that information.

So that obviously applies then to MedicAlert through our hub because that's part of our exchange.

MR. HUNGATE: The impression I have is that people often lump privacy into security and that being able to say that those are cold is an important part of giving privacy assurance.

The second case of it relates to – and maybe my understanding isn't fully correct here – but I think physicians in general do not treat themselves, that that's an admonition within the profession. Patients do treat themselves and assume a doctorial role in that sense.

Now, if we're trying for accurate information, in the business world when you want things to be done right, you make sure there are always two people involved so that you know things work in an accurate way. I don't think we've thought about how that fits in health care in the patient/physician relationship and the verification of data.

You mentioned I don't want to give this data to that physician. When I go to the doctor's office and they ask me how much I weigh, I may be five or 10 pounds below what the scale will say and that difference may be important.

Now, how do we get the right information into that record when the patient feels like they need to control it and the physician needs to control it? You've said that if the patient just brought their information that you were going to suspect it in effect, knowing that there's stuff that's withheld. How do we grapple with that in the context of quality improvement, knowing that we do need good information in order to make clinical judgments downstream?

DR. MARTINO: Well, I think the first answer to that is going to be the relationship between the provider and the patient, because if you don't have that relationship, I don't care what kind of electronic records you have.

Even today, you know, we sort of jokingly say, oh, patients lie to us all the time. They come in, you ask the question, you may get ten pounds less. So, you know, that kind of discussion is important and that kind of relationship is important.

I'd like to also bring up again the idea of a broader public discussion about implications of what you tell and what you withhold. We're giving people, the consumers, the power to withhold in a very big way, but we're not giving them the information they need to responsibly wield this power. You know, in the same way that an electronic record gives us great power to protect and audit the records, it also gives the consumers great power to control the access, much more than they have with paper.

I'm not sure that's answering your question –

MR. HUNGATE: I have the feeling that what I'd like to be able to say as a consumer is that I want every element of my personal risk that affects the judgment by some other physician to get communicated to that physician, and I feel like I need my PCPs partnership in identifying those characteristics of me that are important so that I might want to put my information in, but I think I'd want my primary care physician to look at it and say, yes, I agree; that's an accurate representation of Bob as a medical entity.

So that's just a consumer input, I guess.

DR. MARTINO: I'm still remembering the last time I was here at a hearing. There was a woman sitting back there who was a consumer and I don't know if she represented any particular group, but she was pretty adamant about having control over her record.

And the scenario that she laid out was her dad having an illness, cancer, I think, and they didn't trust what they were hearing from this set of doctors, so she wanted to try and get a second opinion. She specifically did not want the second set of physicians to know what the first set had done or said so that she had a truly unbiased view. And it was a very aggressive "I need to be able to do this."

So people have many reasons.

MR. ROTHSTEIN: We have Mary Jo and then Richard.

MS. DEERING: This is as much a request to Janet as it is a question, and it gets to the issue of the operationalization of consent and the communication of consent, and it's important not only in PHRs but fundamentally across the NHIN.

The model that we can glean from the RFI that went out and what we know about RHIOs is that certainly among the provider organizations there will be business transactions that are codified about who has access to what information so that we know that from the institutional point of view there will be deep and robust policy examination of exactly what those permissions are, et cetera.

From the point of view of the hearings in the last two days when we're interested in patient authorizations and consent, it appears to me that maybe two things are needed. The first is an equally robust and comprehensive delineation of the entire menu of potential patient consumer authorizations and consents.

And related to that, even more important, is the plain language communication of those consents and their implications, so that at some point in time you could have like a drop-down box so that your first level permissions were just a drop-down box but they were hot-linked for further information if you needed it, and you can check one or many.

And the reason that it seems to me this could be a great service is that we have heard that with explanation and understanding, you are likely to get more consents and authorizations rather than less.

So how can we build something like that into the system?

DR. MARTINO: Well, I'm firmly in favor of reducing free-floating anxiety, and I think a lot of the "I'm going to hold my data and not show it to anybody" is because of free-floating anxiety. They don't know who's going to see what when.

And I think the more control you give to people, the less the anxiety becomes free-floating and more specific and targeted so they know exactly what they're worried about, rather than this great big unknown.

So, absolutely. I like the idea of the various forms and pick lists and especially for every form in legalese, there should come up almost automatically a large print, common language discussion of what that particular form is saying.

And I think as technologists we need to give some thought as to how we would implement such a thing as a service that a RHIO, a physician's office, a PBM, a lab can use to access electronically so that many of these things can be handled electronically. Part of the problem right now is they're lying on the table and having to sign something. It'd be really good if there were an electronic form of that that the appropriate person could access.

One of my concerns is organizations like PBMs or commercial labs, you know, they also have a CYA mentality; they're not going to want to release data unless they have all sorts of coverage in the form of authorizations from the patients.

So if you want high volume work, like a PBM does thousands of transactions an hour, if you want to get that data, we really do need to have at least a semi-automated way so that there could be standing authorization for certain types of data sharing.

If I'm a PHR user, I could sign an authorization that says "I allow this lab and that pharmacy to send data to my MedicAlert account so I can bring it down to my PHR." That can be a standing order, you know. It's not quite signing out of HIPAA or opting out of HIPAA, but it's just giving people the chance to say it once and have it stand without having to say it every single time they go to a new situation.

MR. ROTHSTEIN: Thank you very much.

This brings a close two very interesting and stimulating days of hearings that we've had, the first of our set of hearings of three that are planned, next one being in Chicago March 30th and 31st.

I want to thank all of our witnesses and the Subcommittee members and staff. I especially want to thank Kathleen Fyffe and Mary Jo Deering for taking the lead role in lining up all the wonderful witnesses that we've had. And our logistics folks, Marietta and Jeannine, appreciate that, and also Donald and Pat for their usual fine work.

And so, thank you all and we are adjourned.

[The hearing adjourned at 3:18 P.M.]