[This Transcript is Unedited]
Hubert Humphrey Building
200 Independence Avenue
Washington, D.C.
TABLE OF CONTENTS
COMMITTEE MEMBERSHIP:
DR. COHN: Good morning. I want to call this meeting to order. This is the first day of two days of meetings of the National Committee on Vital and Health Statistics.
The national committee is the public advisory committee to the U.S. Department of Health and Human Services on health information policy.
I am Simon Cohn. I am associate executive director for health information policy for Kaiser Permanente, and chair of the committee.
I want to welcome committee members, HHS staff and others here in person. I also want to comment, at least for the moment, that we are not on the internet, but we will be I expect shortly, and I will let everybody know when we do get connected. As always, I do want to remind everyone to speak clearly and into the microphone.
Let's go ahead and have introductions around the table and around the room. For those on the national committee, I would ask, if you have any conflicts of interest related to any of the issues coming before us today, would you so please publicly indicate during your introduction.
I want to begin by observing that I have no conflicts of interest. I actually understand that we also have Harry Reynolds calling in for this session. Is that correct, Harry?
MR. REYNOLDS: Yes, sir.
DR. COHN: Okay, would you like to start by introducing yourself?
MR. REYNOLDS: [Via speakerphone.] Harry Reynolds, Blue Cross and Blue Shield, North Carolina, member of the committee and no conflicts.
DR. COHN: Will we see you tomorrow in person?
MR. REYNOLDS: You will see me at dinner tonight. I will call in now and then I will call in to the standards and security breakout and then I will leave from the airport.
DR. REYNOLDS: All right.
MS. GREENBERG: Good morning. I am Marjorie Greenberg from the National Center for Health Statistics, CDC, and executive secretary to the committee.
MR. ROTHSTEIN: Mark Rothstein, University of Louisville School of Medicine, member of the committee, no conflicts.
DR. WARREN: Judy Warren, University of Kansas School of Nursing, member of the committee, no conflicts.
DR. TANG: Paul Tang, Palo Alto Medical Foundation, member of the committee. I do chair AMIA, whose report is going to be presented later on this afternoon.
MR. HOUSTON: John Houston, University of Pittsburgh Medical Center, member of the committee, and I have no conflicts.
DR. CARR: Justine Carr, Beth Israel Deaconess Medical Center, member of the committee and no conflicts.
MR. LOCALIO: Russell Localio, University of Pennsylvania School of Medicine, member of the committee, no conflicts.
MS. TRUDEL: Karen Trudel, Centers for Medicare and Medicaid Services, liaison to the committee.
MS. MC ANDREW: Susan McAndrew, Office for Civil Rights, privacy liaison for the committee.
DR. W. SCANLON: Bill Scanlon, Health Policy R&D, member of the committee, no conflicts.
DR. STEUERLE: Gene Steuerle, member of the committee from the Urban Institute, no conflicts.
MS. MC CALL: Carol McCall, member of the committee. I am with Humana, no known conflicts.
MR. HUNGATE: Bob Hungate, Physician Patient Partnerships for Health, no conflicts.
DR. FITZMAURICE: Michael Fitzmaurice, Agency for Health Care Research and Quality, liaison to the full committee and staff to the Subcommittee on Standards and Security.
DR. HUFF: Stan Huff with Intermountain Health Care and the University of Utah in Salt Lake City. No conflicts.
DR. STEINWACHS: Don Steinwachs, Johns Hopkins School of Public Health, no conflicts.
DR. STEINDEL: Steve Steindel, Centers for Disease Control and Prevention, liaison to the committee.
MR. BLAIR: Jeff Blair, member of the committee, director of health informatics at Lovelace Clinic Foundation. I am not aware of any conflicts.
MR. J. SCANLON: Good morning. I am Jim Scanlon from the DHHS office of planning and evaluation and I am the executive staff director for the committee.
MR. SCHUPING: Jim Schuping(?), chief staff executive with WEDI.
MS. CHAPELL: Jody Chapell, American Optometric Association.
MS. JONES: Kathleen Jones, CDC, National Center for Health Statistics.
MS. PICKETT: Donna Pickett, National Center for Health Statistics, CDC, and staff to the Subcommittee on Standards and Security.
MS. BICKFORD: Carol Bickford, American Nurses Association.
MS. HORLICK: Gail Horlick, CDC, and staff to the Subcommittee on Privacy and Confidentiality.
MS. JACKSON: Debbie Jackson, NCVHS staff.
MR. BRUCKNELL: Mark Brucknell(?), Academy of Managed Care Pharmacy.
MR. KRUGE: Andrew Kruge, Academy of Managed Care Pharmacy.
MR. AFANO: Bill Afano(?), Blue Cross, Blue Shield Association.
MS. BEEBE: Susan Beebe, ASPE and staff to the Subcommittee on Standards and Security.
MR. BROWARD: Roger Broward, Rx Benefits Coalition.
MS. BUENNING: Denise Buenning, CMS, lead staff, Standards and Security Subcommittee.
Ms. GRANT: Good morning. Miriam Grant, Office of Minority Health, staff to the Committee on Populations.
MS. FRANKLIN: Angela Franklin, American College of Emergency Physicians.
MR. TOBIAS: I am Matt Tobias. I am a reporter with Modern Health Care.
MS. Nook. I am Marilyn Sigmond Nook(?) with American Health Insurance Plans.
MR. HUFF: Good morning. I am John Huff from the National Center for Health Statistics.
MS. BEALE: Allison Beale(?), American Health Information Management Association.
DR. COHN: I want to welcome everyone to this last meeting of the year, and obviously happy post-Thanksgiving. Before we move into the agenda with you, I have a couple of opening comments, as I normally do for these sessions.
There are a couple of different topics that I want to sort of bring up and discuss briefly. First, this meeting marks the beginning of a transition.
We have three members of the committee for whom this will be their last meeting as NCVHS members. I want to take a moment and acknowledge them for their participation and dedication to the activity, knowing that we will be having additional comments as the day goes on, and obviously dinner this evening.
Those three members are Russ Localio, Bob Hungate and Stan Huff. I actually just want to really thank you all for your dedication and hard work and participation on the committee.
You will be missed and I guess I am hoping that you will all join us for dinner tonight and be my guest at a dinner I think in honor of your retirement from the committee.
[Applause.]
I also want to announce that Don Steinwachs and John Paul Houston have been re-upped for another four years. Additionally, we have new members whose terms actually begin on December 1, which is on Friday.
We will see at least potentially one tomorrow visiting, but all of them will be participating for the next full meeting and probably some of them will be beginning to show up at subcommittee meetings that may be occurring either later on this month or into January.
Those new members include Garland Land, who is executive director of the National Association for Public Health Statistics and Information Systems, which is a large mouthful.
We also have Leslie Pickering Francis, Dr. Larry Green, and Dr. Mark Overidge(?). Those will be new members, as I said, starting on Friday.
Now, we will, obviously, at the February meeting, deal more extensively with introductions. We will be introducing them as well as asking them to talk a little bit about their background and interests, and we will be doing some orientation for them between now and the February meeting.
Next, I want to take a moment and thank the members of the ad hoc work group on the NHIN. As you know, the NCVHS was asked by ONC, to review and synthesize the results of the first ONC forum and the functional requirements identified by the NHIN prototype consortia contractors and, by the end of October, to find a minimum but inclusive set of functional requirements for the initial definition of the nationwide health information network.
In this work, we established an ad hoc work group. I chaired it. Jeff Blair and Harry Reynolds were vice chairs. Other members included John Paul Houston, Kevin Vigilante, Judy Warren, Stan Huff and Paul Tang.
Mary Jo Deering was the lead staff for this activity and I want to thank the many other staff members from the committee who participated in this work.
We also want to acknowledge Margaret A(?), the consultant on the project, and of course we want to thank John Muntz, who is not here for acknowledgement, but was the one who actually asked for the work to begin with, and we really appreciated his ongoing participation in the activity.
Now, this work has now been delivered to both the Secretary and the Office of the National Coordinator and has been posted to the internet, and I think you all know was approved during an open conference call at the end of the October.
With the passage of the report and its work done, I will be dissolving the ad hoc work group, which as you know has always been the intent, to create ad hoc work groups for specific topics and then dissolve them at the end.
In my tenure, we have not actually dissolved anything. This, I think, will be the first time. So, I thank you all for your service, and depending on what the work looks like going forward, we may need to have another group like that or similar, as I said, going forward.
Finally, given that this is our last meeting for 2006, I want to take a moment to reflect on the good work in progress this year.
First, the activities of the privacy subcommittee continue at a fast pace. I think we need to reflect on their very good work this year.
Certainly, their document that was approved at the June full committee meeting on privacy and the NHIN is a very excellent document.
I think we are seeing it increasingly used in the wider community on a primer on the issues as we move into the NHIN.
Obviously, their work continues. We have had hearings since and I think continue with the hearing at the conclusion of the meeting tomorrow extending into Thursday morning. Obviously, we look forward to more work and we obviously want to thank them for their work this year.
The populations subcommittee has had a number of conference calls over the summer and fall and had a hearing this fall on data linkages, and I believe is planning hearings on surge capacity, as I understand.
The population subcommittee today is coming forward with a letter on MMA Part D and data issues that we will be discussing later today.
The quality work group has been active and is forging a strong relationship with AHRQ. We will be talking later today about hopefully a breakout session or some way of handling the issues that are coming up for them during this meeting. It is not currently on the agenda, but I am sure we will be able to announce that by the end of the day.
The Subcommittee on Standards and Security has been very active this year, holding hearings on NPI implementation, e prescribing, and HIPAA lessons learned.
They are coming forward with three letters for action today, one on NPI, another on the last consolidated health informatics phase II recommendation, and then finally a letter responding to an FDA NPRM on structured product labels.
Of course, this is against a backdrop of significant congressional and department activity this year, which I will defer to Jim Scanlon a little later on to discuss more, since it has been sort of an interesting year, both from the congressional and department perspectives.
Obviously, as I comment on that, though, Secretary Leavitt continues to consider promotion of interoperable HIT to be one of his key priorities, and his involvement in leadership on this issue has bene, at least to my view, phenomenal.
Of course, in all of this, the NCVHS continues to play an important role, advising the Secretary and department directly on many of these issues, including advising and participating in AHIC work groups. So, I want to thank you all for that additional liaison activity.
With that, let's move on to the agenda review, and we have a pretty full agenda for the day. This morning we begin with department updates. Jim Scanlon will lead off, followed by Karen Trudel and Susan McAndrews.
Then we are pleased to have Rob Kolodner, the acting coordinator of the HHS Office of National Health Information Technology here.
Rob, as you know, has been the chief health informatics officer for the VA, and the visionary behind VA's Vista EHR system.
Following the morning break, we move into beginning our discussions about the letters being brought forward. I think we will handle the standards and security letters first.
After lunch we will continue with the discussion of the populations subcommittee letter being brought forward. Then, at that point, we will talk about the HIPAA report.
I will leave it up to the committee, given that many of you have not had a chance to see the HIPAA report previously and have not gone through subcommittee discussion about whether this is something that is being brought forward for action today or more discussion and coming forward in February for action, and that will be part of the discussions on that particular work item.
We also this afternoon going to be taking a few minutes and begin discussions related to current and planned work of the various subcommittees and work groups.
As you will remember, we decided as an outcome of our strategic planning session this past June, to expand discussions of the activities of the subcommittees and work groups, with the hope of providing greater cross fertilization, as well as providing committee guidance earlier as work plans are being developed, as well as early in work product development.
So, this will be a conversation in which we will ask the subcommittee chairs and work group chairs to sort of talk about what their plans are going forward, as well as reflect on any of their work products.
Finally, we are very pleased to have a presentation from the American Medical Informatics Association on the subject of secondary uses of health data.
I think this is an issue of great interest to us, one that we have written previous letters on, and I think that the AMIA work helps move that discussion forward. So, I want to thank them for being here and willing to participate and brief us on their document.
At about 3:30 we will adjourn the full committee and break into work group and subcommittee sessions for the remainder of the afternoon.
I will discuss, at the end of the day, additional meetings for tomorrow morning, depending on what we need to have happen.
The NCVHS dinner will be at 7:00 p.m. tonight, and we will be talking about that later on this morning or the beginning of the afternoon, as well as getting interest from the members about who will be attending.
With that, let's begin our department update. I do want to note to everyone that our clock, for whatever reason, no matter how long I talk, it still remains 8:00 o'clock, which is good. Time stands still at the NCVHS meeting.
I think my understanding it is about 9:20 in the morning. We will obviously stay on time. We are also intending to adjourn the full committee by 12:00 noon tomorrow. You can count on it, plus or minus about four minutes. With that, Jim, why don't I turn it over to you.
Agenda Item: Update from the Department.
MR. J. SCANLON: Thank you, Simon, and good morning, everyone. Since we met in September, we have had a number of developments occurring related to data policy and health IT issues.
Karen will update us on HIPAA issues, Sue on privacy issues, and Rob Kolodner will be coming by later today to update us on the work of the national coordinator and the AHIC.
Let me just update everyone on other data policy issues. On the legislative front, the 109th congress, as you all know, is winding down.
There was a fair amount of interest in health IT legislation in the 109th. It doesn't look like, though, that any of it will be enacted in the remaining days of this session.
By every indication, it looks like the 110th Congress, which will begin in January, has a lot of interest, a lot of members interested in health IT. So, we are very likely to see some number of bills introduced then.
Several of the bills, you will remember, would involve the NCVHS in some new responsibilities, particularly relating to a streamlined process for HIPAA updating of standards. So, we will look forward to January and see what that brings as well.
Similarly, on the budget side, here we are in fiscal year 2007, which began in October, and most federal agencies have a continuing resolution, not unusual. HHS does as well, while congressional deliberation occurs on the President's 2007 budget.
You will remember that, in the President's budget request for 2007, it included about $169 million for health IT. That was an increase of about $58 million over the 2006 level.
About $116 million of that would be for the Office of the National Coordinator for Health IT. AHRQ would get $50 million for continuing its grant programs, and my own office, ASPE, for evaluation and economic analysis and so forth, would get about $4 million.
Now, again, we don't know where the budget will end up for 2007, and the chances are we will have a continuing resolution until January or February.
In the 2007 budget, in terms of population health data, at least in the President's budget, it looked like most of the major HHS statistical systems were being funded at straight line levels which, as I said previously, is actually an accomplishment in a fairly tight budget year.
We are just beginning work on the fiscal year 2007 budget, so really not much to report there.
On the Data Council side, in terms of data planning, the council, in developing the fiscal year 2008 budget, as it does every year, looks at all of the data investments being proposed by agencies, and looks at opportunities for coordination and cross cuts and data estimates and so on.
In addition, as part of its activities, the Data Council was focusing on what are we currently doing and what is planned in the budget to address and support the top 10 priorities that I described at the last meeting of the committee, and I believe that you have a handout of what those 10 priorities are as well.
At our November Data Council meeting, we had a round table discussion. We got through about half the agencies in terms of what they are doing, their planning, directed at the priorities. At our December meeting, we will continue on with the other agencies.
There are three projects -- I think I have told you about a couple of them previously -- that, under the auspices of the Data Council we started, pretty much at the end of last fiscal year, we are just getting rolling.
We have initiated a project with the National Center for Health Statistics and other statistical programs, to look at the potential uses of electronic health record data for health survey and statistical purposes.
So, this relates to the secondary uses discussion that the committee has had previously and we will hear later today, but actually the department has bene thinking about this for quite a while.
It actually started even before HIPAA where, for our health care surveys, the department has always looked at the role of administrative data that can be linked to those surveys. So, there is a long history.
We will now be looking, for the family of health care surveys at NCHS for other provider based and plan based surveys that we do, what is the potential role and what is the potential road map, and how do we do this in a smart way for the fruits that electronic health records will some day bring us, to the point where they can be used in surveys and research.
We will clearly involve members of the committee who have been involved in this as well. I think we are thinking of probably a little background paper and probably a workshop, that we would invite the relevant members of the NCVHS as well.
Secondly, I think I have mentioned this before, there was great interest last year in looking, for our data systems and our surveys, at how do we collect income data and asset data, and how does it compare among the various surveys, how does it compare to bench marks. How does it compare to other distributions of data.
Income data, you will remember, is one of the policy variables on most of the surveys, poverty level, general income levels and so on.
A survey that doesn't collect that is really very limited in terms of policy uses. So, we have started an evaluation and we will be looking at that.
We will be looking at probably 10 of the major federal surveys that already collect income, to some extent asset information.
We will be looking at how useful and what quality that information is, and what improvements might be identified moving forward.
A third, one additional one, that ASPE, under the Data Council auspices, just initiated last year during the summer, actually -- again, there has been great interest in this area. We just needed a little while to get it organized.
We will be looking at how can we improve the utility of our HHS data and statistical systems and products for the policy community, the health and human services policy community.
The focus here will be on how are the results of those surveys being used now, how useful are the data products and services, how do policy analysts and policy users use that data, and what could we do to make that more useful. Again, we will be involving the NCVHS members in that area as well. Let me stop there and leave enough time for other reports.
DR. COHN: First of all, let me announce that we apparently are on the internet now. I want to welcome those listening in.
We are just in the process of updates from the departments and Jim Scanlon has just presented. Are there any questions from the committee before we move on?
DR. CARR: Just a question. There are 10 goals? We have nine on our lists. Is there another one?
MR. J. SCANLON: I haven't updated the last one. The 10th one is international health diplomacy and it is actually in a formative stage.
At the moment, it includes some very specific activities that are really in the developmental stage. The 10th is international diplomacy and we don't quite have an update of that.
DR. W. SCANLON: Jim, can you talk about what I guess the sticking points were in terms of the IT legislation, why we don't have a bill?
MR. J. SCANLON: Yes. There were probably more than a dozen bills introduced at various times in the 109th congress.
The two that had legs were the House bill that was a combined bill that included the streamline process for HIPAA, would codify the Office of the National Coordinator.
It would have required the adoption and implementation of ICD-X and it would have included a streamline process for updating already adopted HIPAA standards. The committee would have been involved right in the middle of that process.
A senate bill had -- again, these were moving targets -- a senate bill had a number of grant programs and other financing assistance.
So, the discussion, I think, between the Senate and the House and the various staffs were, well, what exactly -- I think if there wasn't disagreement, there was some uncertainty about the adopting of ICD-X.
I think there was a fair amount of support for the streamline process for HIPAA, HIPAA updates. In terms of should the legislation include grant programs and other financial assistance, again, I think there was a disagreement and I think there were privacy issues as well.
I think that, in the time that was available, it just wasn't possible to work these out. I learned with HIPAA to never say that legislation won't occur, because it actually did when everyone around the table was predicting it wouldn't, there wasn't enough time.
If the health IT bill isn't enacted, and what exactly it will contain, it clearly will pick up the interest in January.
I think there were too many issues. There were cost issues. CBL had to score some things. It got more complicated and I think there just wasn't time to work it all out.
DR. STEINDEL: Jim, I think you should mention that, in addition to ICD-X, it was also focused on the introduction of 5010. So, there were two issues associated with it.
MR. J. SCANLON: The bill would have required the adoption and implementation of the ICD-X and there was some disagreement about the dates that that would occur.
Frankly, the health industry itself was divided. There were some folks who wanted to press forward as soon as possible.
There were others who raised significant cost and implementation issues and wanted more time. So, when there is not unanimity or consensus in the community itself, it just makes it harder to be worked out there.
As Steve said, there were also -- it would have required the bill, the adoption of the new version, the 5010 version, of the administrative data standards as well as, Steve, I think the NCPDP next version.
There was a time line that was included in the bill in which those would roll out, and then the other issues as well. There were too many issues to sort of work out. More time was needed.
MR. ROTHSTEIN: Just a brief comment. I wanted to follow up on Jim's point about the Data Council considering the use of information from health studies and the like in policy development.
Thursday morning the Subcommittee on Privacy and Confidentiality will be holding a hearing on how would you design a system to study the effects of the HIPAA privacy rule, and we are consulting with various experts to give us some insights on how we could do that if it were done, with a goal toward policy development.
DR. COHN: With that, Karen, why don't we move on to your presentation? Thank you for joining us.
Agenda Item: HIPAA: Data Standards.
MS TRUDEL: Thank you. I will start out by providing a short HIPAA update, and then move on to the standards of e prescribing. Then I would like to kind of get off the topic a little bit and speak about some of the activities that CMS is undertaking in terms of personal health records.
So, with respect to HIPAA enforcement -- and every time I say this Sue just kind of breaks up -- since October of 2003, we have a grand total of complaints related to transactions and code sets of 521, of which 96 remain open.
None of the open complaints affect payments to health care providers. Most of them pertain to issues that relate to the complexities around trading partner agreements.
With respect to security complaints, we have a grand total of complaints, since April 2005, of 162. Ninety-four of those remain open.
They are more difficult to investigate and more than 60 percent of the open complaints are also considered to be dual provision complaints, which means that we are investigating them in partnership with OCR.
In other words, there is an implication that there has been both a privacy and a security complaint engendered by one action.
Normally they have to do with the alleged unauthorized access of electronic PHI by a third party. So, we do look at them in concert with OCR.
We have not received any complaints related to the use of the employer identifier, but we are gearing up at this point to handle potential complaints related to the national provider identifier use, because that standard goes into effect on May 23 of next year.
So, we are re-tooling our system so that it can accept complaints related to the NPI. We are training investigators so that they can handle the complaints, they know what to do, developing new FAQs to help the industry comply. So, that is pretty much the status of enforcement.
With respect to regulations, we are working actively on assessing the very complex comments we received on the claims attachment proposed rule.
We are talking for the first time about using both HL7 and X12 and also using LOINC in one standard transaction.
As you can imagine, the technical comments that we received are pretty complicated and we are working with the appropriate groups to get through those, as well as looking through some of the policy issues in terms of, the six attachment types that we proposed, were they the right ones. Are there additional ones. Are there ones that we should take off the list. So, there are policy issues that we are addressing as well. I believe we are scheduled to publish that final rule at some point late next year.
With respect to the national provider identifier, at this point, 1.46 million NPIs have been assigned. As best we can estimate -- and it is a little difficult to estimate what the denominator is because we don't know how some organizations are going to enumerate their subparts, we don't know how many additional NPIs people are going to need.
We think it is about 63 percent of the total of individuals who are going to need NPIs by next May. With the monthly rate that we have been receiving requests and issuing NPIs, we think that everybody who needs one will have one in time.
There have been a lot of discussions -- and Simon, you alluded to that -- in terms of will the industry be completely ready to process NPIs only as of next May.
We have partnered with WEDI and other industry organizations to craft some additional messages for health care providers, explaining why it is important for them to get their NPIs well ahead of time. Don't wait until the week before May 23 of next year.
Why it is important to convey those to their health plans and to begin to use them and test them in HIPAA transactions, again, well before May of next year to make sure that the claim flow and their reimbursement flows will not be interrupted, and to get the health plans time to build the cross walks between their legacy identifiers and the new NPIs.
That is not a trivial task and, if there is one message I can send to people, it is that. We are all very serious about this and we are really sending out the word every way we can to begin to do this now and not to wait.
We are continuing to do a lot of environmental scanning. CMS is looking at our own fee for service experience.
We will be talking with our Medicare advantage plans and our Part D plans. We are doing a lot of outreach with the Medicaid programs, and we are also partnering with others like WEDI and HIMS to do some environmental scanning and surveying, to looking at the preparedness of various efforts. So, we are very much on top of that as well.
Let me move on to e prescribing. We have completed our site visits to all five of the e prescribing pilot sites.
We are very excited about a lot of the work that is going on out there. They are getting a lot of very, very valuable information for us.
The evaluation contractor is now at work. They are doing their own site visits and data collection, and they will be providing us with their input on a flow basis through January, so that we can begin crafting the report to congress, which is due in April, as quickly as possible.
We will also be developing -- we believe that even the initial results of the pilot are telling us that there are some additional standards that are mature enough for us to move forward with.
There are others where we need to go back to the drawing board, collaborate with some of the standards developing organizations, share some of the lessons that we have learned, and work with them to maybe go for a round three.
We do believe that we will be able to propose some standards in an NPRM, a proposed rule, which again, we are targeted to get out the door in April.
In addition to that, though -- that is obviously not anywhere near the end of the process -- we need to develop -- and we are very close to developing -- a road map for CMS in how we move forward with e prescribing, to leverage what we have already done, to look at some additional partners and ways to promote e prescribing among the physician population, how can we work with our quality improvement organizations to do that, as we move into their ninth scope of work that is being contemplated now.
How do we work with AHRQ to develop a research agenda to continue to move additional standards. How do we work with the Office of the National Coordinator to see if we can leverage the standards experiences that we have learned CMS and inside the Part D program and expand them to potentially a national use case. Those are some of the things we are thinking about.
A slight departure to talk about personal health records, but over a year ago we published a request for information about what Medicare's role in personal health records should be.
A lot of the input we got said that Medicare shouldn't be in the business of building PHR products, that what we should be in the business of doing is enabling the sharing of Medicare data when there is appropriate authorization by the beneficiary to other existing PHR projects and products. Of course, we are also supporting the AHIC's consumer empowerment work group.
The first thing we did was develop a proof of concept project, where we took a very small view of what we could do, and have two contractors that are working on the not-so-simple process of taking Medicare claims data and seeing how it can be displayed and used in existing PHR products.
We contracted with two organizations that already had access to Medicare claims data, and they then partnered with organizations that already had existing PHR products.
We have had some demonstrations from them. The project ends in the middle of December, and they have given us a number of use cases that show exactly how Medicare claims data can translate into existing PHR products, the value that that data brings, although it is certainly by no means the universe of data that you could put into a PHR, but how it contributes to a PHR, and how you can translate, for instance, ICD-IX codes into clinical terminologies, clinical terms, that can be reader friendly.
The results of that will feed into some increasingly robust activities as we begin to look at the aspects of authorization and the authentication that would go into building up this kind of translation, and what requirements we might want to put against someone who had a PHR product that we would be willing to actually share our beneficiaries' data with.
We are also working with the Office of the National Coordinator to look at some of our Medicare advantage plans and to study some of the PHR products that they already have in place for Medicare beneficiaries, to look at that in kind of a more rigorous way and get some ides about usability. So, that is pretty much what we are doing in the PHR area. Thank you.
DR. COHN: Thank you. Michael Fitzmaurice and then Paul Tang and Justine.
DR. FITZMAURICE: Karen, three questions. First of all, with regard to the national provide identifier and the priority of sharing their NPIs with the health plans and the health plans being able to verify it, is the mater file available to the health plans so that they can verify the numbers that they receive from the providers? If not, what are the issues involved with getting that out?
MS. TRUDEL: The data dissemination notice -- thank you for bringing that up, it is an important issue -- the data dissemination issue that explains what data we will share from the NPI file has not yet been published. So, on, the master data bases are not publicly available at this time on a wide basis.
The issues -- I think I have mentioned this before -- are the need to balance the need of plans and other covered entities, to have this information so that they can incorporate NPIs appropriately in their processing systems, and the need to protect some of the information that relates to individual providers.
We do have already, ready to go, a number of different data dissemination mechanisms. Some of them are large files. Some of them are small files that, as soon as the notice is published, we can kind of have out the door and ready to roll.
DR. FITZMAURICE: The second question is, you said the five site visits are completed and you found some very valuable information.
Have there been discussions about extending these site visits maybe to further test additional standards or to get additional information about electronic prescribing, or is it when they are done, they are done?
MS. TRUDEL: These particular contracts were limited funding, limited time line. I think what we have been talking with John White at AHRQ about is how to proceed from there with another what we call research agenda.
We need to do another round and we recognize that, but the initial funding that we received won't take us there.
DR. FITZMAURICE: Very good. The last question is, you talked about Medicare shouldn't build a PHR product that allows sharing of the Medicare data with other products.
I can imagine a member of the public saying, well, if these are my data and the Medicare program is willing to share my data with me, can I access them only to a commercially sold product, or can I download them into my Excel spread sheet?
In other words, am I tied into one of the few commercially available products, or can I have just have a dump of the data into my spread sheet and then look at the variable names and definitions for Medicare and say, all right, now I can understand a little bit about it, maybe not as I could have with the commercial product, but it is cheaper.
MS. TRUDEL: When I talk about a PHR, I am meaning one with the full types of functionality that the consumer empowerment work group has been talking about.
The kind of spread sheet type access that you are talking about, I think that we already enable, through what we call the Medicare beneficiary portal, which is mymedicare.gov.
So, there is already access to claims type data and claims status data and reminders about preventive services that are available in mymedicare.gov.
What we don't feel that we will be in the business of any time soon will be building a fully functional personal health record.
DR. FITZMAURICE: Thank you, great answers.
DR. TANG: Thanks, Karen. My question has to do with the PHR, a follow up of Mike. You mentioned that there is a proof of concept evaluation going on.
It sounded like it involved looking at patient friendly terms of these medicare diagnoses and claims. Is there any work going on to examine the accuracy of claims data versus clinical diagnoses that you might find in a medical record?
MS. TRUDEL: That is a good question. This was a very limited proof of concept and it was done with medicare fee for service data, with no clinical data against which to measure it.
I think that that is one of the things that we need to talk about as we move forward into some of the other aspects of where we are going. I think it would be very interesting to talk to AHIC about what they are doing in that regard as well.
DR. CARR: Thanks, Karen. Back to e prescribing, I am wondering if, in the initial studies, there were any evaluations of the impact on physician or clinician time in writing a prescription electronically versus jotting it on paper, and whether there has been any analysis just in terms of time for the individual prescriber.
MR. TRUDEL: The pilot participants have been looking at not just the standards and how they work. They have been looking at impact to work flow.
They have been working on trying to quantify return on investment and cost benefit. So, yes, I think we will get some good data on that.
I haven't been to all the pilot sites myself, but I did go to the one in Ohio and they did say that, while in some cases the physicians themselves are not interacting personally with the e prescribing software, they are doing so in very close communication with their medical assistants, and that the practices are just happy as anything about how well it is going. I think there is a lot of savings there.
DR. COHN: Paul, do you want to join us for standards and security later? We can talk about it. Karen, will you be at the subcommittee meeting this afternoon? Okay, good. We will continue the conversation this afternoon. I am trying to keep things relatively on schedule. Sue McAndrews, our last presentation, and thank you.
Agenda Item: HIPAA: Private Rule Compliance Update.
MS. MC ANDREWS: Since the complaint system went on line in April 2003 through the end of October 2006, we have received some 23,270 complaints. We have closed approximately 76 percent of those claims.
I am taking the opportunity of the subcommittee hearing on Thursday morning to present a more detailed look into what these closure cases are like, as a way of what kind of data may be available from the complaint system in terms of measuring the HIPAA compliance activity.
I will say that by and large, of the closed complaints, somewhere in the area of a third to maybe 40 percent of those closed cases warranted an investigation. The others were closed for administrative, jurisdictional reasons.
Of the cases that we did investigate, close to 70 percent of those were closed after achieving some corrective action on the part of the covered entity.
So, there has been a lot of effort continuing to go into our compliance efforts. We also had late summer, early fall, some media attention in the area of dumpster cases, where pharmacies were taken to task for having protected health information as well as meds thrown out in dumpsters that were unprotected and accessible to the passers by.
That investigative reporter has subsequently gone back and done a follow up report, not only in Indianapolis where this all started, but has gone dumpster diving across the country behind pharmacies and has found substantial protected health information as well as medical waste disposed of in an improper and unsafe manner.
So, we are giving some attention and will continue to give some attention to these dumpster cases, as well as trying to pay some attention, in the coming months, to getting some wider spread corrective action and attention focused on record abandonment and improper disposal of large masses of protected health information.
Curiously, one of our very first complaints that we got back in April of 2003 was a dumpster case, and they just have continue to crop up from time and time, and we think this is something that is relatively easy to solve, and we are hoping to get people to focus a little bit of attention on these kinds of activities. There just is no reason for it.
Other than that, I thought I would just use the time to review some of the collaborations that we have been involved in and continue to be involved in recently.
Certainly we have spend a good deal of time coordinating with ONC and the AHIC on their various HIT initiatives, including working with the consumer empowerment work group on personal health records, as well as the confidentiality, privacy and confidentiality work group.
We have paid a good deal of attention over the summer, and it is likely to continue well into next year, working with disaster planners in preparing for responses to pandemics and other natural disasters.
We have a tool up on our web site to help emergency responders and emergency response planners, understand how to properly access information that is protected by the privacy rule.
We continue to evolve and expand that tool in response to continuing questions from the emergency response community.
So, we expect that collaboration will continue, and response, as well as it being a high departmental initiative.
We are wrapping up our work with the White House task force on identity theft. They I believe now will be making recommendations to the White House in February of next year.
The report had been due in November, but they gave themselves an extension in order to solicit input from some of the private stakeholders that may be impacted by some of the recommendations.
Finally, we have been working on a number of fronts and collaborations with the research community. We have joined a task force that is department wide that is looking at harmonization of the HIPAA privacy rule, the common rule, and the FDA research regulations, to make sure that we are not working at cross purposes, and that we can create a superhighway, or at least one road, many access but one road for researchers traveling down this path.
We also did some collaboration this last quarter with the office on human research protections, who were looking into guidance on the definition of research, and trying to untangle the mess you get into as research creeps into quality improvement activities and other kinds of operational studies as well as FDA surveillance and just public health activities as opposed to public health research, and trying to shore up those lines.
I will say that those were -- when you think of the definition of research, what an esoteric term. There was lively debate.
So, we are continuing to work on several fronts with the research community. We have no particular time line that I know of in terms of those products, but we are hopeful of making the world safer for research. I think I will stop there.
DR. COHN: We will take a couple of questions here. Jeff and John Paul and Mark.
MR. BLAIR: Susan, applause for all the initiatives. So, I want to dig deeper. One of them is with the 23,000 complaints that you have had a chance to process.
Has there been any breakdown of that to determine what portion of those complaints is from protected health information that was in paper or audible versus electronic?
MS. MC ANDREWS: At least since April of this year, if it has involved an electronic system, those would show up largely in the complaints that we are forwarding either to Karen to handle under the security rule, or that we will be handling jointly if it also raises a privacy rule concern as well, beyond just the safeguarding of the electronic information. No, we don't -- we haven't gone back and tried to break out the data, new or old, into those categories.
MR. BLAIR: The reason that I ask, the reason that I am interested, is that the original intent of the HIPAA privacy law, one of the major intents -- I won't say the original one -- was to help the public have greater confidence in having protected health information in electronic form.
I think it would be very helpful is that data could be analyzed to determine the degree of violations or abuses of privacy information, health care privacy information, to determine whether most of the abuses are when it is in electronic form or whether it is coming from violations when it is in paper or audible. Maybe you could consider having someone do a breakdown of that. That might be helpful.
MS. MC ANDREWS: We can consider that. I think it would require the cases to be manually reviewed, because it is not an element that we capture through the data input screens.
The only other caution I would say is that it may well also simply be reflective of the proportion of usage of electronic systems today as opposed to any true measure of the relative safety of paper versus electronic systems.
MR. BLAIR: I acknowledge that.
DR. COHN: Before we move to the next question, Bob, I just want to do a time check with you because we are running a couple of minutes late. Are you okay for an extra 10 or 15 minutes? Okay, great. John Paul?
MR. HOUSTON: Thanks, I just wanted to make a comment more than anything else. I think it is good that there is some collaboration going on with the research community, because I think that is an issue that we all identified as being something that needed to be addressed.
I am hopeful that what we end up with is, in fact, harmony in that regard. I think there, for the longest time, seemed to be sort of denial that there was really an issue there.
So, I am assuming that the intent at the end of the day really is to have a harmonized understanding of how research is to be conducted under the common rule as well as HIPAA and other OHRP related documents and guidance; correct?
MS. MC ANDREWS : I am not sure of the actual vehicle that the guidance will come out in, but it is to identify areas in either -- in the three rule making areas that the department has control over, to identify where there might be inconsistencies or problem areas, and how best to smooth them out.
MR. HOUSTON: The intent is to resolve that?
MS. MC ANDREWS: Where there are conflicts.
MR. ROTHSTEIN: Very briefly, I wanted to remind some of the newer members of the NCVHS that, since 2002, we have sent at least three, possibly four, letters to the Secretary in which we have recommended specifically what is taking place now between OCR and OHRP. I want to praise you for that initiative, and we wish you much success and speed in your work.
One brief request -- and I think this should be easy to do -- is that, when you compile the data on number of complaints and administrative closures, et cetera, if you could do a run by month instead of just the aggregate totals, that would help, at least in my view, in analyzing the data over time. I think that would be valuable and I think it could be done rather easily.
MS. MC ANDREWS: We have done it by year. I am trying to remember whether it was calendar year or fiscal year. It is probably relatively easy to break that down further into quarterly --
MR. ROTHSTEIN: Quarterly would be find. It doesn't need to be daily.
MS. MC ANDREWS: Monthly, it seems to me, would have a little bit --
MR. ROTHSTEIN: Just to follow it over time. You could develop a variety of hypotheses in terms of administrative closure should do what over time based on people's misunderstanding of the jurisdiction and so forth.
DR. TANG: Thanks, Sue. As you know, there has been increasing media attention about the whole enforcement of the privacy rule.
Their contention is that there has been I think several hundred that get referred on to the Department of Justice, and there haven't been any prosecutions.
What kinds of reasons would you give for that, and how do you typically address those concerns, recognizing that, as we go more and more into the HIN world, we need to have some kind of way of assuring the public that we are prosecuting these violations.
MS. MC ANDREWS: As of the end of October we have made close to 350 referrals to the Department of Justice. There have been three cases to date of criminal prosecutions.
I don't believe any of those three arose out of a referral from OCR, but from an independent source developed by the Department of Justice.
What accounts for that, there can be a variety of reasons. I will say the Department of Justice, it is not that they don't investigate these cases.
Certainly they don't investigate all of the referrals, but the FBI offices across the country have taken up a number of these investigations, and we simply are not privy to how that all works out.
So, I do think many of the referrals, however, are not -- are more technical in nature, given the language in the statute and what comes within the DOJ jurisdiction, and really wouldn't register on many radar screens as a truly egregious criminal act.
Nonetheless, to the extent DOJ does not take up a referral case, we do take that case back and look at it in terms of whether there are aspects of that case that are within our civil jurisdiction, and we do try to investigate those cases, so that it is not something that simply falls through the cracks.
The other thing that we have been trying to emphasize in response to some of the media requests, is that we do think, to the extent that they are largely based on the fact that we have not brought a civil monetary penalty to date, that that is not, from our perspective, a measure of the vigor with which we investigate cases or achieve enforcement activities, that many of the actions that we have achieved through voluntary compliance, we consider to be active enforcement of the rule and we are quite proud of our record in terms of getting things fixed for individuals as well as others, system wide.
MR. HOUSTON: Is this to say, when DOJ does decide not to pursue, they will tell you that they are closing a case? So, you do grossly know whether something is an open case or a closed case that you have referred?
MS. MC ANDREWS: Yes.
DR. FITZMAURICE: Sue, are there any proposed changes to the privacy rule expected to be announced in the next 12 months and, if so, could you briefly describe what they involve?
MS. MC ANDREWS: How to put this. I mean, there are discussions ongoing in terms of how to improve the rule and, based on reports internal or external, in terms of what we figure is not working, or not working as we intended.
However, I am not at liberty at this point to identify any particular areas that may come out as a rule making in the next year.
DR. COHN: Sue, thank you very much. Mike, thank you very much for that last very good question. Not answerable, but a very good questions. Sue, thank you and Karen, thank you.
With this, we want to move to our final presentation and discussion. Rob, I want to welcome you and obviously congratulate you on your new role as acting coordination for health information technology.
We are obviously very pleased to have you here. I introduced you a little bit and everyone pretty well knows you, but I do want to reflect, obviously, on your role previously as chief health informatics officer for the VA, and realize it is the division behind the VISTA EHR system.
I am looking to see whether I am making you blush or not, but we think you have done a greta job with that, and obviously we are very pleased with you in your new role. So, welcome, and thank you for joining us.
Agenda Item: Report from the Office of the National Coordinator.
DR. KOLODNER: Thank you very much, Simon. It really is a pleasure to be here, especially seeing so many friends around the table and colleagues I have worked with for so many years. I look forward to helping to advance the agenda that many of us have been working on for a long time.
It really is an exciting time right now in health IT, and it is an exciting time for me personally, obviously. I have been very fortunate to have this opportunity to take on the challenging role, and look forward to hopefully making some contribution during the time that I am in it.
I also wanted to take the opportunity to thank the NCVHS and the members for the work that you have been doing, starting with the work on the initial functional requirements for the nationwide health information network.
Also -- and we really do appreciate the opportunity to work together with the office of the national coordinator and our FACA committee, the AHIC, and I think that it is the beginning of what I hope is a long and very productive collaboration where we are able to each bring to the health IT agenda the strengths that the different committees bring and the abilities to advance the agenda, and for you to advise HHS in ways that also move us forward.
The goal really is to create these opportunities to work early on and collaborate together, so that, as we identify things that we are moving forward on in the AHIC that we want you to participate on, and as you identify activities and areas of focus that may be of interest to us, that we can keep engaged.
I know Jim Scanlon and I have been working out how to improve that collaboration and move it up to the next level, and it is really building bridges and having more cooperative involvement from the very beginning. I look forward to that.
I mentioned the NHIN functional requirements also. We have worked together on two NHIN fora that you have been active participants in.
Those have really been excellent opportunities to inform the constituents about significant progress in many areas, especially the requirements and security aspects of the NHIN and what those need to be.
We have got the upcoming participation by Simon and Jeff at the AHIC meeting in December to present those initial requirements. Hopefully that will proceed.
That will be occurring while the Secretary is in China, and he plans to participate at a distance, but to participate and not miss that meeting.
I also wanted to use the opportunity just to highlight a number of the requirements that we have been able to make in the national health HIT agenda, and the activities that AHRQ has been responsible for coordinating.
I use that word coordination as very important, because I see this as something where the role of the office is to leverage all the talent and good work that is out there and to hopefully synergize those activities in a very positive way.
So, we have achieved one of the milestones, almost finishing the turn of the crank that the Secretary talks about with the standards, and that is that coordination body for standards did deliver the first set of interoperability standards for the first three use cases, and they did that in October, end of September, October, of this year.
That includes 30 standards and almost 800 pages of interoperability guidelines. You know, that last part I think speaks to what is different now from what we have done before where, oftentimes, as we all know around the table, we identify standards, but the problem is that there has been enough variation, enough wobble in how those have been implemented, that it really hasn't achieved that interoperability.
I think that the interoperability guidelines are something that I am glad there are people who are obsessive enough to get down to that level of detail, and thank you, for all of those who have been a part of it.
It really is taking that so that we can really have, as I say, have a programmer go off in one corner in one institution and program to their standards, and another in another corner, and that when they bring it together, they don't have to go through testing and everything else because they know it really will operate because the standards have been specified specifically. That is no mean feat.
So, on another part of that turn of the crank, that is, the certification of the CCHIT, the certification commission, continues to expand the electronic health record certification.
It now has 35 certified ambulatory EHRs, and we expect one more round of certification to go through testing in this first year cycle, which began mid-year, around May, June.
We are also finalizing the first inpatient certification criteria to use in testing in patient systems.
Finally, we are working with the CCHIT to begin their foray into the specialty EHRs, and we will be beginning to explore that area as well very shortly.
We also had an EHR adoption report that was published by the Robert Wood Johnson Foundation where, after many different numbers floating around, we now have a methodology and a criteria set by which we have determined a baseline, that about 10 percent of doctors in an ambulatory care setting, are using electronic health records with four specific functions that we consider to be important, that are derived from the IOM EHR report.
That is, computerized prescribing, computerized test ordering, the electronic receipt of test results and electronic physician notes. Certainly the last one is the one that I think is the bar that is one that will be a little higher than many other systems.
So, that combination of four functions, when you use that, you get to the figure of 10 percent of doctors using the notes.
That is one that we believe is sufficiently specified that, in fact, CDC will be putting it into their inventory in the first surveys on a regular basis, that we will be able to actually track that number.
It is lower than some of the other numbers that were used, the 24 or 25 percent being doctors who have something electronic, but it is not well defined whether they are using it, much less what function.
Seventeen percent that have something clinical, again, because it doesn't have specificity, it could vary from year to year. That is why we are using 10 percent as the baseline.
There was a final report that HEMA issued with the critical how to workbook for state health information exchange activities. That also is pushed on the web and we plan to provide some ongoing support, so that they can address some barriers and solutions and health information exchange cost models and some Medicaid involvement analysis.
So, there is continued work. To emphasize that focus now of coordinating with the states, we recently issued a contract with the National Governors Association for a state alliance for e health.
That is starting the collaborative process to address the cross state issues. That is one that they will lead and facilitate and our role is to coordinate and foster that advance, because a lot of the activities have been, and will continue to occur, at the state.
The key there is to not have the tower of Babel but, in fact, be able to bring about a coalescence as we move forward in a variety of policies and other approaches.
Some upcoming activities that we have in 2007, I mentioned the AHIC meeting on December 12. There are also some meetings, an AHIC meeting in January, and a forum meeting related to the NHIN.
At the AHIC meeting on January 23, we will actually be doing the NHIN prototype architecture demonstrations and some presentations on the business models. So, we are beginning to move that forward.
We will also have the first state alliance for e health meeting in Washington on January 26, and that will be an open meeting. So, people are encouraged to come and attend and participate.
The state alliance is also going to be fostering a number of meetings and sponsoring a number of meetings. There will be some state learning forums that will be scheduled throughout 2007.
They have three task forces and the meetings will begin in February. One task force is on privacy and security, and that is really following on the work of the ISPIC, and another having to do with the practice of medicine task force and some of the licensing issues there.
Finally, the state role regarding the health information exchange and really beginning to take on some of the issues raised by the HEMA report.
So, those are some of the things that are coming just in this next quarter. Really, there is obviously a lot more to come.
We have got a very large and challenging health IT agenda ahead of us that certainly you have bene working on for years and now has become something that is really moving forward, and Secretary Leavitt is very committed to that.
There are some significant opportunities, I think, for collaboration, not only among the committees but with a variety of entities, parts of HHS and other departments, as well as the private sector, and it is really that public private collaboration moving forward.
So, hopefully we can use these opportunities to work together toward transforming health care, because that is what it is all about. It is not about the technology.
It is about transforming health care and making it higher quality at lower cost, and I look forward to seeing that. At this point, I can stop and take any questions you might have.
DR. COHN: Bob, thank you very much. I actually just had a qualification myself, and I think I see a number of hands going around the table.
It actually had to do with the new state alliance, and I think you maybe have answered the question. Is this the vehicle for moving forward the recommendations from the security and privacy collaborative work?
DR. KOLODNER: Actually, it does provide part of that. Jody Daniel will be here tomorrow and can provide more details, since she is the lead director of that. You can talk with her some more tomorrow when she is here.
MS. TRUDEL: What plans do you have over the next year to identify and prioritize new use cases?
DR. KOLODNER: Well, we already started that process. There was discussion at the last AHIC. In fact, one of the concerns was that, with the various work groups, that we could very easily go down a stove pipe, so that you have the EHR in one place and the consumer empowerment in another.
What we did is, we brought together their top priorities as well as some visioning that the early work groups had done.
We created a matrix where what we wanted to do was to identify priorities that cut across the work groups. What we will be doing on December 12 is presenting what we call some proto use cases for EBAC from the AHIC members.
The intention is to have another set of activities which then can be used to generate these cases and, from those, additional standards. We have got a lot of work to move forward, not to create standards, but to create the standards that we can get that next round of instrumentation guidelines on.
So, we expect to turn that crank another time this next year is the intention, so as to do one more time, and hopefully gain a momentum by doing that.
So, the specific details I can't give you at this point, but we certainly plan to move forward and move the use cases to the implementation and certification.
DR. FITZMAURICE: Two questions. First of all, it is extremely good for the country that you are in the position that you are in right now, but it has a time limit on it.
I am wondering, has there been any discussion about extending your interim stay as director of ONC, or is it expected to be over finally in February?
DR. KOLODNER: There have not been discussions at this point, but they will be occurring shortly and that would be up to the Secretaries as to whether or not my detail will or won't be extended.
DR. FITZMAURICE: So, you do not plan to run for President, but you are not ruling it out.
DR. KOLODNER: I have learned never to say never.
DR. FITZMAURICE: The second question is that interoperability requirements include use cases, high level architectures, message standards and data element specifications, and harmonization across SDOs.
Interoperability requires all of these, but the most important of them, in my opinion, putting privacy aside, which I don't mean to put it aside, is data element harmonization, reduce the wobble in standards that prevents interoperability.
Will there be a stronger focus in ONC in the coming year on resolving differences across SDOs and their data element names, definitions and how those variables are represented?
DR. KOLODNER: As you know, Mike, ONC doesn't do that, but what we have is a contract. The whole approach has been to set up a mechanism and a methodology that we can begin to mature, and one that is trusted and works.
The HITSBE really is that mechanism. So, what we need to do is to work with HITSBE to see, is that something worth their time. Is that something that is the band width, or do we allow a mapping to occur between some of the different names.
I think the key is whether the boundary on those data elements is the same. It is when you don't align those elements, and that you may even use the same name, but they really mean different things, that you really get into the most problem.
We will be working with HITSBE and certainly, as an active member of that, you get to have your two cents with that process.
It is one that I think we have developed a relationship where we certainly can say, these are the things we want you to work on, but there is a certain amount of independence because we want that process not to be controlled by the government,b ut fostered and stimulated so that it becomes a process that everybody trusts.
I think that one of the things that is continuing and will continue to clarify is when the recommendation comes from HITSBE to the AHIC, does the AHIC get to override that.
I think they would, if the HITSBE was simply a subset and a part of the government, but in fact, it is an independent entity. So, we get to say whether we accept or not, the AHIC, and then the Secretary gets to decide whether to accept the recommendations or not, but it is really an independent process.
MR. ROTHSTEIN: I have got a brief statement disguised as a question. The question is, how, if at all, is the NCVHS' June report and letter to the Secretary on privacy and confidentiality and NHIN being implemented, in terms of its effect on the architecture development or the NHIN or other elements of the system being developed.
DR. KOLODNER: I can't give you a definitive answer about that. Obviously that was a statement as to paying attention to that.
What I would suggest that you might do is talk with Jody about it tomorrow, since she is our lead for privacy and security.
I think at this point in time I don't know of a direct link between the recommendations and what we have done so far, but the question is what we will do in the future.
MR. HOUSTON: A quick comment in that regard, being on the AHIC CPS work group, I guess. I know I have made the recommendation on a number of occasions that that letter be considered in some of the outstanding issues, as well as some of the recommendations be considered as part of that work group, to make sure that, as they are setting their agenda, that they are also considering all the work that we did.
I think a lot of those outstanding questions really do need to be resolved, everything from opt in opt out to some of the other recommendations that we made. So, I know it is on the table and I think it would be helpful to continue to push that, because I think it is a valuable letter to use.
DR. KOLODNER: Mark, the answer is, you have a mole.
DR. WARREN: The question I have is, I guess it is one of coordination. We have talked today about NCVHS has a privacy subcommittee, AHIC is certainly looking at that.
We have the contract out for the HISPIC to look at privacy and security. Now we are having a state governors alliance for privacy and security.
What efforts are out there to kind of have these various groups collaborate or coordinate their work? I am hearing pieces in a lot of different meetings I go to that are all the same thing, but everybody is working at it from a different perspective.
DR. KOLODNER: I think it is a good question. Certainly in terms of the linkage across the NCVHS and the AHIC activities, we are working at the staff level to define how we complement one another rather than how we compete with one another.
With the contract this year with the state, the intention with the state alliance is to leverage and build on the activities that we had accomplished with the HISPIC, and to have that extend into some of the states because they have obviously some of the issues across the states that need to be addressed.
Again, because Jody is the lead on that, and I am still coming up to speed within the office, I would suggest that that might be a question that you repeat again for Jody, and I think you will be pleased with the answers.
DR. WARREN: I will be sure. Jody will have a lot of questions tomorrow.
DR. KOLODNER: She is expecting them. I will give her warning.
DR. STEINDEL: Rob, thank you, and I am encouraged to hear that there may be hope for a future in your response to Mike's question.
What I would like to comment on and question on is, as I think many people are aware, I wear many hats and some of them are directly involved in what your office is doing.
I am involved with HITSBE. I am also one of the people that is directly involved with CCHIT. I am on their interoperability work group this year and on the ambulatory functionality last year. With my position at NCVHS, I am also involved with e prescribing, et cetera.
What we have come up with, and what I encourage you to try to expand is somewhat related to Judy's question and what has been mentioned.
One of the most exciting things that I have seen recently being presented in front of AHIC has been your matrix that you brought forward at the last meeting in initial format, with the intent of trying to create this cross coordination effort between all of the issues that are facing us.
I really encourage you to try to flesh that out and really create a true mechanism for discussion. As a big example that we are facing right now in trying to adjudicate, in CCHIT, and with HITSPE, involves the certification of interoperability in two areas, laboratory and e prescribing.
One issue that we have run across with e prescribing doesn't involve the HITSBE specifications or anything like that. It involves what is going on with the Medicare Part D pilots, and how far along they are.
I am just pointing that out, not as an obstacle or anything, but just as an area to bring into your matrix and have discussion in front of AHIC, and make people aware that there are many aspects of this problem that confront the interoperability issue.
It is not really, in my mind, the HITSBE standards that are the ultimate judge that we hand to the IT developers or whoever, and say, okay, build against these standards.
It is really against whatever criteria is being tested against for interoperability by whoever. It is probably going to be CCHIT at least for the initial stages, but there will be other interoperability testing being done, especially as we get down to specialty levels. Those issues are different.
We need to consider all of this in the mix. What we are try to do is actually test where the rubber meets the road. Can we exchange this information between two people and post it into an electronic health record so that a clinician can use it. Think about that when you are putting your matrix together.
DR. KOLODNER: Thanks for your comments, Steve, and it is clear that you are the glue that is tying together all of this.
DR. STEINDEL: No, I am not.
DR. COHN: Any other questions? Well, Rob, I want to thank you very much for joining us. Obviously, we look forward to increased collaboration and synergies between all the various groups as we move forward.
Obviously, we look forward to having you, and we will be obviously having ongoing conversations but also hopefully seeing you on a regular basis at the full meetings. So, thank you. I also want to thank Sue and Karen and Jim for help on this session.
We are running a couple of minutes late, so we will adjourn until 11:00 o'clock, and then reconvene on the letters.
[Brief recess.]
DR. COHN: Now, our next set of items are letters. We will be starting on those in just a second. However, I just want to take this occasion, we have a new member who arrived during the break, and I just want to introduce him briefly.
I think I mentioned him during our beginning introductions, but Garland Land has joined. He, as I said, will become a member starting on Friday. December 1 his term begins, but he is sitting in with us for today and will you be here tomorrow also? He can't vote until Friday.
Just very briefly, Garland is the executive director of the National Association for Public Health Statistics and Information Systems.
He previously held a number of senior positions at the Missouri Department of Health. Garland was telling me that he actually still lives in Missouri and I guess commutes here twice a month.
Hopefully he will now be coming three or four times a month to join our committee. Anyway, thank you for joining us.
With that, we are going to be jumping into three letters.
Agenda Item: Subcommittee on Standards and Security Letters.
DR. COHN: We are asking Denise to assist us with the initial reading of them. I think part of the question will be what letters need to go for committee discussion this afternoon, get past with word smithing, et cetera, as we sort of go through them. Now, Denise, what order were you planning on taking these?
DR. BUENNING: I believe that the agenda calls for the NPI letter first. Then the CHI disability letter, and then finally the national drug code letter.
DR. COHN: Okay, so we will have an initial reading. I do want to tell people that the NPI letter will go to committee this afternoon for further discussion, even though I think the letter is well written at this point.
MR. HOUSTON: Simon, I have a question. I had a real problem with the NPI letter. I wasn't sure what the purpose of the letter even was, and I question whether this committee needs to consider sending it.
It sounds like the letter sort of said that they needed to do more work. I think this is the one that was the case. Maybe I have my letters mixed up. I am just wondering why we are sending this letter.
DR. COHN: Yes, Jeff?
MR. BLAIR: Sure. John, your observation, I think, is correct, that this is not in the character of most of our recommendation letters, where we are recommending a specific standard or a specific action.
This is a situation -- you are talking about the letter with respect to the national provider identifier; correct?
MR. HOUSTON: That is correct.
MR. BLAIR: This is kind of, I might say, a little bit of a positional letter. The testimony that was occurring during our subcommittee meetings, we debated whether or not to actually write a letter.
We decided it was important to write this letter even though we haven't completely finished hearing all of the status from the industry on the NPI.
There are a number of things that are problematical on this and we felt we couldn't wait until virtually February, since this is the last time the full committee meets until February.
By then, it is going to be very close to May 23. So, a number of our concerns are in this letter and it is kind of a positional letter, I would phrase it as, to say, these are important issues. We are going to continue to gather information, but we do encourage Health and Human Services to closely monitor the status of people getting enumerations for the national provider identifier.
So, if action can be taken beforehand, that is fine. If not, then we will be coming back to HHS. Does that answer your question?
DR. COHN: John Paul, without going deeply into this conversation, this letter may actually get a little more content by the end of the day. So, I would have you hold your view about whether or not the letter is worthy of going forward.
MR. HOUSTON: That is fine.
DR. COHN: Is that reasonable? What I am hearing from you is not so much objection to the letter. You are just sort of wondering whether or not it says anything.
MR. HOUSTON: When I read the letter, one of the last paragraphs says, and we are going to do more things in January.
I am thinking, okay, if you are going to do more things in January, why are we even -- I just didn't think the content was there to say, we will send this letter out.
MR. BLAIR: The answer to that specific question was that getting a letter out in February is very close to May. So, it is a timing issue.
DR. COHN: Denise, would you like to read it over, just a first reading?
MS. BUENNING: Addressed to the Honorable Michael O. Leavitt. Dear Secretary Leavitt:
The National Committee on Vital and Health Statistics, NCVHS, is responsible for monitoring the implementation of standard transactions, code sets and identifiers adopted pursuant to the Health Insurance Portability and Accountability Act of 1996, HIPAA.
The committee has been tracking the implementation of the national provider identifier, NPI, and wishes to convey to you our preliminary observations on the industry's progress toward meeting the compliance date, which is May 23, 2007, for most covered entities.
The committee has heard testimony on several occasions regarding the readiness of providers, plans, clearinghouses and the software vendors that support them to use the NPI in HIPAA transactions.
We have concluded that, while significant progress is being made toward compliance, some key activities may not be completed by the compliance date.
Providers must obtain an NPI and use it for HIPAA transactions by the compliance date. To date, over 1.2 million NPIs have been issued, which the Centers for Medicare and Medicaid Services, CMS, estimates represents the NPI by approximately 50 percent of the total provider universe.
However, few of the providers who have obtained NPIs have communicated their NPIs to their health plans. Few providers have communicated their NPIs to the facilities where they practice, and few are sending NPIs in HIPAA transactions.
Many health plans and clearinghouses report that they are now able to accept transactions with either legacy identifiers or NPIs.
However, most are still developing cross walk logic to enable them to associate a provider's NPI with the legacy identifier already assigned to them in the plan's processing systems.
This is critical to assure accurate adjudication and payment, as well as to connect the provider with his or her historical data.
The plan's abilities to complete their cross walks depend on having the NPIs of their provider populations. Plans need time to populate cross walks with NPIs and to test the cross walks prior to May 23, 2007, to prepare to accurately process claims and other HIPAA transactions on or after that date.
Therefore, providers who wait until close to the compliance date to obtain and use NPIs, or if software vendors wait until close to the compliance date to make changes to support using NPIs, they run the risk of having their transactions rejected and payments delayed because their plans and clearinghouses will not recognize their NPIs.
Industry implementation efforts over the next few months will significantly impact compliance on Mary 23, 2007.
The NCVHS will hear additional testimony on this issue in January. We plan to obtain input from a variety of provider organizations and health plans, clearinghouses and software vendors. We will provide more information to you then.
In the meantime, we recommend that HHS closely monitor compliance activities and take action as needed to encourage compliance and early testing by all covered entities. Sincerely, Simon Cohn, chairman, NCVHS, with cc to HHS Data Council co-chairs.
MR. BLAIR: Simon, did you want to take questions after each letter?
DR. COHN: I think that probably makes the most sense, rather than reading all three letters. Other than I think probably the very reasonable comment about, well, geez, why should we even send this letter -- I think as I listened to is, I don't think there is anything wrong with the letter. It obviously doesn't state a firm, strong position on anything. It is more of an FYI sort of letter. The question is whether the subcommittee wants to add something additional to it during its breakout this afternoon.
MR. BLAIR: Could we give Harry Reynolds a chance to --
DR. COHN: He is not on the phone right now. He will be coming back this afternoon. Do others have comments about this letter or the issue? Carol?
MS. MC CALL: More a comment based on the earlier comments about the reason for the letter. What I would say is, absent being able to provide specific recommendations and findings, I hear that there is a strong desire, because of a sense of urgency, to let people know what is going on.
So, when I read the close, in particular the last paragraph, I would recommend, and I am punching up the sense of urgency with the need to give them an early signal that things aren't necessarily on track for a May 23 all clear. So, more clearly state why this is coming out now absent specific recommendations.
MR. BLAIR: Do you have any particular wording in mind that would help us?
MS. MC CALL: WE can word smith it off line, but I think in the last sentence it says, in the meantime we recommend that they closely monitor.
Something in that last paragraph and perhaps tying it to an opening that says, this is absolutely vital and that is why we are telling you. So, it has to be more than a recommendation. Maybe, we strongly urge.
DR. COHN: So, I think our suggestion is, we urge HHS to closely monitor.
DR. WARREN: Would it be helpful, Carol, if what we did was put this in the format of a formal recommendation instead of just having it in the paragraph the way it is? There is only one recommendation out of the letter. That is why it was put into the paragraph.
DR. COHN: I think it might look a little awkward, with the nature of the recommendation. I mean, if there is something more substantive, then you could, I think, cull it out.
MS. MC CALL: As I was reading the context of the letter, what it reminded me of is the HIPAA implementation, kind of oh, so long ago.
There is a delightful history of that, actually, in the packet. It says, we had a date, we had to push back from that date because it took time for people to get ready.
Then it also went further to say that there were issues in the implementation, that while we required some covered entities to do it, we didn't require other covered entities to submit it.
So, I found myself wondering if this was, in some ways, kind of a repeat of that. If it is, at least at a high level, it might be worthwhile -- we strongly urge, because of things that we have experienced in the past -- to understand these signals early, the vote early, vote often type of thing.
Is it kind of a repeat? I guess that is a question, then, to the group. Are there similarities to things that we have learned from HIPAA implementation around privacy and transactions and the whole EDI?
MR. BLAIR: There are some similarities, but I think this one is more -- at least my perceptions is that this is more a timing piece, that we are so close that we felt we couldn't wait until February, to be silent until the full committee meets in February.
DR. STEINDEL: I look across the table and I see our CMS colleagues are remaining stoic on this. You know, again, in my multiple hats, one of my hats I wear is as a public health representative to NUCC, where this has been very much discussed. So, I have heard this from a lot of sides, as well as from the NCVHS side.
This is in response to what you were asking, Carol. I think there is a sense out in the community that every time we have come close to a HIPAA deadline, it has been extended. So, there is this sense, okay, it is just going to happen again. We don't have an urgency.
I think what we can say, and I think what I heard Carol repeat this morning, even though she may not admit the way I will interpret is, we have had absolutely no evidence from CMS that they have any intention of extending this deadline, and that it will happen on May 23.
I am stating this just from my interpretations, and from what I am interpreting about what Carol said this morning. I will not put CMS on the spot and ask them to affirm or deny that statement, but I think that is the sense of this letter.
I think some place we do have to state in there that every indication NCVHS has is that this will happen and we are pointing out things that should occur before this happens.
That date is coming very, very quickly, which is why there is a sense that we want to get this letter out at this meeting and not wait until after the January meeting because that just even shortens the time frame -- or the February meeting.
DR. COHN: Michael?
DR. FITZMAURICE: There is one issue that I missed before and now I see, that it doesn't talk about the desire of the health plans to get access to a national NPI data base for validating what the providers give them.
I would suggest that, in the third paragraph, that in the middle of it there is a sentence that reads: Plans' abilities to complete their cross walks depend upon having the NPIs of their provider populations. I would add, and access to the national provider identifier data base or NPI validation.
Now, I don't know what the name of that data base is. It has a name like NPES, NPPES. You can just call it the CMS' national provider data base for validation.
What that will do, I think, is to start lighting some fires. The fires would be, do the providers know they have to do this, do the vendors know they have to do this, do the health plans know they have to do this. Do we know that we have to get that data base available, because everything is critically dependent upon this date.
DR. COHN: So, Michael, I am sorry: would you give your suggestion again? Are you suggesting something be added here?
DR. FITZMAURICE: I would add to the end of the sentence, the sentence that starts off: The plans' abilities to complete their cross walks depend upon having the NPIs of their provider populations and access to CMS' national provider identifier base, or NPI validation, or we could spell out the NPPES, what it means. That was a central part of a lot of the testimony.
DR. COHN: Yes, agreed.
DR. FITZMAURICE: I just missed it before. I should have seen it when we were reading the letter report.
DR. COHN: Oh, can you write that down where you think it needs to be so that we can look at it in the subcommittee?
DR. W. SCANLON: I guess I am thinking that the recommendation in some respects is naive with respect to the timing involved.
I mean, if there are only six months left and you are asking them to first of all monitor and then figure out if there is a need for intervention and then presumably figure out what the intervention is going to be and then implement the intervention, how much time of the six months is left before people in the community are going to be able to get the notice and be able to respond.
I am wondering, if there are only six months to go before May 23, if we really shouldn't be in a position of saying, do something now.
Make the awareness of this date much more in people's minds, so that they take the action. In some respects, start an information campaign that you could argue maybe is not going to be necessary, but it is not going to be effective if it is postponed several months for there to be the information gathering and then the development of an information campaign.
DR. CARR: The way I read this, there is an inherent progression that, until every provider has their NPI, the next step can't happen.
The way it is set up with the single deadline, is it even feasible? Given the way it is structured, is it feasible to expect that step two could be done if step one is due on the same day as step two?
DR. COHN: And step two is use of the NPI?
DR. CARR: Yes, the cross walks, by the payer.
DR. COHN: Karen, do you want to comment on that?
MS. TRUDEL: I think I will stop being stoic. The process is really an iterative one, in that most plans at this point can accept either a legacy identifier or an NPI.
Some providers may already have their NPI, they may be using it, and the plans can accept that. It is a question of when you reach a critical mass of providers that have NPIs.
At some point in time you need to cut off accepting those legacy identifiers. If you haven't reached the critical mass, the providers that aren't cross walked yet will have their claims rejected.
This really is a situation that is similar to the original transactions and code sets. It is not that the plans aren't ready to accept them. It is that, until this whole process occurs, a certain number of providers could be at risk. So, yes, step two and step one can and are being carried out simultaneously.
DR. CARR: Does step one have to be completed before step two can be completed?
MS. TRUDEL: For any given provider, yes, but in toto, no. In other words, if you have one provider that has an NPI, the plan can begin processing that NPI.
DR. COHN: Carol, do you have some additional comments on this?
MS. MC CALL: Yes, just to kind of continue on this same idea, did you learn enough information through testimony to be able to make a specific recommendation that might sound like the following:
Do you know enough to say, look, the cross walk, once you know Dr. Jim has his NPI, it takes about a month for everybody to go through that cycle.
If the go live date is May 23, Dear Secretary and Dear Campaign, tell physicians to get it by April 23 or they are at risk come May 23 of not being able to get something paid.
Is there enough specific knowledge to be able to make recommendations at least like that, to at least let physicians know, get it by enough in advance.
MS. TRUDEL: If I could make a couple of observations, because I worked with Harry in drafting this letter, one of the concerns that I think the subcommittee had after the last discussion was that the testimony that we had heard had only come from one organization, WEDI, which I will grant you represents plants, providers, vendors, but there was a sense that there was a need to hear more robust testimony before actually proposing a specific plan of action.
WEDI did propose one, and there was a deliberate decision on the part of the subcommittee not to move forward with that at this time.
That being said, yes, you definitely need -- you could say two months, three months, and I think the outreach material that we are using now is saying, two to three months is what is needed for the plans to carry out that process.
DR. COHN: Other comments on this letter? Obviously, I think these are thoughtful comments for the subcommittee to further work on the letter. I am hearing suggestions from Michael.
Obviously, the whole committee would like the subcommittee to come forward with the answers in this time frame. I fear that this is a letter that is meant to be a step in the process.
I certainly think that, regardless, we should be expecting a much stronger, more focused letter, which I think is what everybody is wanting for the February full committee meeting, but that this is not that letter.
DR. TANG: I strongly agree with what Bill said in the sense that recommending monitoring is just a self fulfilling prophesy to languish and to delay.
I think we want to, at this point in time, if we are going to stop this repetitive delay cycle, we need to recommend that the outreach, with specific concrete actions by specific dates, be put forward to the remaining practices that haven't been assigned their NPI. That would have to be probably done in the subcommittee this afternoon and approved tomorrow.
DR. COHN: Yes, this letter is not put for vote right now.
MR. HOUSTON: That was going to be my comment. You spoke of the February full committee, and I don't think it can wait, based on Jeff's comments.
DR. COHN: Okay, Jeff, work for this afternoon.
MR. BLAIR: Yes, got a little bit of work this afternoon.
DR. COHN: Okay, so that is letter one. Denise, help us with which letter are we working on now?
MS. BUENNING: We are up to the CHI letter, which is under tab 4 in your booklet, again, addressed to Michael O. Leavitt, Secretary.
Dear Secretary Leavitt: The National Committee on Vital and Health Statistics, NCVHS, appreciates your continued support of the consolidated health informatics -- CHI -- initiative, an impressive effort to bring together experts from throughout the federal government to identify standards for the electronic exchange of health information.
Over the past three fiscal years, the department's special funding has greatly enhanced the CHI process by providing rapid enhancement of CHI recommended standards and for ongoing updating, dissemination and mapping of clinical vocabulary standards.
To cite two examples, this funding has been critical to the department's excellent work on the development and dissemination of the RX norm clinical drug vocabulary and the daily med standard product label dissemination service.
This recommendation level on the final phase II CHI report, completes the role that NCVHS has played in the CHI Council acceptance process, i.e., to provide an open forum for review and an independent assessment of the CHI standards recommendations.
The committee plans to request periodic updates on the status of standards recommended and adopted under this process.
Enclosed are the CHI recommendations on the functioning and disability domain. As recommended by the NCVHS during phase I of CHI, these recommendations also address standards for patient?client assessment instruments that contain functioning and disability content.
The NCVHS concurs with these recommendations and recommends approval of the CHI standards by the Secretary, formal government adoption, and federal support for U.S-wide use and dissemination of the international classification of functioning, disability and health, ICF, and the National Library of Medicine's unified medical language system, UMLS.
Other standards included in these recommendations are Snomed CT, LOINC, and Health Level 7 messaging and clinical document architecture, which previously were recommended for other CHI domains.
We believe that there are many opportunities in the federal health enterprise that would benefit from the implementation of these standards.
Therefore, we support the recommendations under -- -- quote -- future considerations on the importance of advancing a use case for the American health information community, AHIC, and the health care information technology standards panel, HITSBE, that includes the functioning and disability domains and associated assessment instruments.
Implementation of the standards in this report are critical to interoperable data collection and exchange for chronic care, long term care, patient assessment and health functioning and disability outcomes.
However, at this time, these priority areas are not well represented in the national standards portfolio. This could be accomplished through a separate use case or incorporation into use cases for chronic care, problem lists, or electronic health records.
We encourage the department's continued use of the collective CHI reports as the foundation for moving standards forward through the AHIC and HITSBE.
We also strongly encourage the department to continue to maintain a central fund for high priority standards support and enhancement tasks.
As the work of AHIC and HITSBE drives broader implementation in real world settings, new requirements for expansion and improvement of these standards will inevitably emerge.
The ability to quickly allocate resources to address such needs will sustain the forward momentum toward interoperable electronic health records. Sincerely, Simon Cohn, chairman, NCVHS, cc, DHHS data council co-chairs and Robert Kolodner, M.D., and there is a 41-page enclosure which I will now read into the record. [Laughter.]
MR. HOUSTON: Thematically, I like the letter and I think we have to send it forward, but we continue to use the word, encourage.
Specifically with regard to the last paragraph, I notice that we encourage them to do other things. This seems to be in the next item we are going to talk about, too, we talk about encouraging.
We need to be stronger in some of these recommendations. I guess I am underwhelmed a little bit by the letters and the fact that they just sort of don't stand out there and say, you have got to do this. That is my only comment.
DR. COHN: So, I am hearing that you would like to see the word recommend rather than encourage.
MR. BLAIR: There is one other thing that we really should mention. The process of our relating to the work of the consolidated health informatics initiative, CHI, CHI has made the recommendation. Our role is whether we concur with their recommendations.
MR. HOUSTON: I am not talking about that part, Jeff. I am talking about the last paragraph, where we speak specifically to funding and continued use of those CHI reports.
I think we can make recommendations in those regards, and I think we should. I think it is valuable for us to use a stronger word than simply encourage in these cases.
MR. BLAIR: could you repeat again exactly your sentence?
DR. COHN: I think Denise has got -- this is the last paragraph where it is our recommendation, except that we have used, have somehow lapsed, into encouraged. I think this is word smithing, rather than probably a friendly amendment.
MS. GREENBERG: Could you read that sentence for Jeff's benefit?
DR. COHN: Now, we recommend the department's continued use of the collective CHI standards as a foundation for moving standards forward, and I think I would put a period right there.
We also strongly recommend that the department continue to maintain a central fund for high priority standards support and enhancement tasks. Is that okay? Okay, Denise, did you get that?
MS. BUENNING: Yes, I have it.
DR. COHN: Then I guess my question is -- other thoughts on this letter? It will need a little more word smithing. I would observe that somehow we have turned the very first sentence of the document into something that looks suspiciously like a run on sentence, which my father might note. When I start seeing four line sentences, I worry.
This is, I think, a result of our own internal edits, but this is something that we can handle by editing. I guess the question I would have is, is this something that needs to go to the work group for further modification, or with the modifications we have just made, and with further word smithing to be handled off line, is this document basically good to go? Comments?
DR. STEUERLE: This goes back to something I have comment on before. My guess is that all of these letters get shipped out and they go into somebody's office like Jim Scanlon's, who basically takes them and highlights two or three things.
The Secretary probably does not read this, does not even know probably what a lot of the abbreviations and terminology means, and wants to know sort of the bottom line, and whether the staff concurs. Probably unless the staff has some concerns, he probably doesn't.
I am still not sure that we draft these letters with full cognizance of how that process works. Having worked in what used to be called the Office of the Secretary of the Treasury, not HHS, I just know how these systems work.
Sometimes just the highlighting of the bullets and getting to the bottom line, if you have something you would really want the Secretary to read, make sure that is just in bold and bullets and highlighted, and the rest of this stuff is the support stuff that he may or may not read, or the staff may or may not read.
That is maybe more for the future than now. I think you have got this letter decent, go ahead and send it. i think it needs a lot more word smithing, because I don't sense that it is the Secretary that you are convincing by this word smithing. You are trying to convince the staff to go along with the recommendation.
DR. J. SCANLON: There are no surprises here. I refuse to discuss the intricacies of the organization, other than to say there is a very deliberative process.
MS. GREENBERG: In the spirit of self criticism, since I have worked on this also -- full disclosure, I worked on this effort for many years and also, at the request of the standards subcommittee, worked on the letter, in which we used the format that has been used for all of the CHI letters, however, I would agree that it takes three paragraphs to say that what we are doing is concurring with the recommendations of the standards on functioning and disability.
I think the letter would be clearer if we put that in the first sentence and then went on with the rest of it. That might not solve all the problems you are suggesting, but I agree with you on that. This time we really went on for quite a while before we got to what we were about, not that the other things aren't important.
DR. COHN: That is true. I do think that the recommendations toward the end, in terms of additional funding and all of that, continue to fund it, are very important also, probably deserve to be bolded or somehow segregated out. I think I would defer to staff about how we might handle that.
DR. TANG: It is just almost to repeat what you just said which is that, in addition to ordering, bold is a very useful technique that may help those who may prepare these statements for the secretary.
DR. WARREN: I guess I have almost a knee jerk response to Gene's comment. Yes, our initial consumer is the Secretary, but these letters are on the internet, and you have no idea the dispersion that this message gets to.
One, all of my students read them. They are required. People who are looking to see and make decisions about what are we focusing on, if they just do a google query, they are going to come up against some of these letters.
I think that the work that we do here, we need to make sure that, even though the initial recipient is the Secretary, it goes far beyond that and provide some guidance, I think, to the private sector that is trying to answer and deal with some of the complexities, the issues that we grapple with here. So, to put some of the history in the letters, this may be the only one that they pick up.
DR. STEUERLE: My comment wasn't meant to disagree with that at all. I would still put it in there. I would just find some way of highlighting it.
DR. CARR: Along those lines, it would see,m then, after these many letters and these many years, we would have a standard kind of format that the letters would go in, beginning with what are your intentions, what are your recommendations and so on, that looks the same, so that anybody looking at them any time would know where to look.
Secondly, that we have some data definitions around what constitutes important enough for a recommendation versus an encouragement versus whatever other words we use.
I think we ought to have some precision in the words so that we all know what we meant. Perhaps it is a function of how many people weighed in on it or whatever, but I find it variable and a little bit hard to follow, how the letters are formatted.
DR. COHN: Justine, I don't think we will vote on it in terms of this letter, but you are suggesting a style guide, as my English professor father would say.
The truth is that different people write different letter and we will see that in the next couple as we go forward, and probably there will be some value to that, as well as obviously -- I mean, when I read these on the airplane flight out, I was reminded that we do have an editor on retainer, and probably a lot of these letters ought to go through the writer, prior to us getting them in final form.
DR. CARR: I agree with that, on the run on sentences. What I was saying is more format, that we have an enumeration of bolding, bullets and data definitions for what constitutes a recommendation.
DR. COHN: Sure, a style guide. We would certainly take that into consideration. I think Steve has a comment and then we need to figure out what we are going to do with this letter, or Mike has a comment.
DR. STEINDEL: Simon, I would like to comment. As a drafter of many CHI letters for this committee, I would like to point out that actually the first three paragraphs of this letter follow the style of the CHI letters.
There is an introductory paragraph that explains our role, then the usual second paragraph about what we are commenting on, and then the third paragraph which says that we concur with the recommendations and then, if necessary, some qualifiers on that concurrence. So, that does follow the style of a CHI letter, and that is contained in the first three paragraphs.
What was chosen in this case, because of the nature of the disability report and it is slightly different than the other CHI letters, were the last two paragraphs, that encourage the Secretary to go on and use the new process that he has put into place, to consider adding the new process into this, to fund what is needed from the process, and to continue using the CHI information to inform the process. So, that is where the change has occurred.
Yes, we can use recommend or encourage from a style point of view, but also from somebody who is also involved with those processes as well, the Secretary and AHIC have already embraced this within those processes.
So, just making our statement reinforces the course that is already being taken. If you look at the HITSBE contract itself, it says very specifically that they should look at the collective CHI reports when they are considering standards for HITSBE. So, it is already embodied in the work that is going forward.
We have already had a note that we are involved with the use case processes, and this is just adding another comment on the use case tick marks.
DR. FITZMAURICE: I want to second what you started off maybe 15 minutes or so ago, Simon, that the letter is pretty much ready to go as it is.
I would split the first sentence up into two sentences, put a period after initiative, and then start off with, this is an impressive effort to bring experts together and so forth.
Then I would replace encourage with recommend and perhaps bold those two sentences, and I would say it is good to go.
DR. COHN: I think we need to get a member, if you agree, to bring forward a motion.
DR. TANK: I will make that motion.
MR. HOUSTON: Second.
DR. COHN: Okay, is there a further discussion on this, recognizing that I think Mike has basically described I think the word smithing we all thought we needed. There might be additional other minor word smithing that may occur, adding some bolding, as I think Mike has described and I think others have commented on. Any other discussion about this one? Okay, all in favor, aye?
[Voices heard in favor of the motion.]
Opposed?
[No voices heard in opposition.]
Okay, this letter has passed, then. Congratulations to CHI staff. They have done excellent work. Okay, now our last letter of the morning is a letter on an NPRM that is coming forward. I think we need to have you read it.
I have already made a number of clarifications, which I will probably interrupt you when we get down to the end of the third paragraph and begin to add some things as we talk through them.
I think you probably need to read it. Just be aware that this NPRM comment period ends -- Randy, maybe you want to come to the table. We are obviously inviting Randy Leavit from the FDA to sort of join us to help clarify any questions or otherwise.
So, theoretically we could word smith this one. We could even refer it to the executive subcommittee for their December meeting to finally ratify if there are additional changes.
So, we have a little time, is I think what we are indicating here, but he has intended not that this just be a letter to the Secretary, but a letter also responding and encouraging a final rule.
MS. BUENNING: Again, it is addressed to Secretary Michael Leavitt. Dear Secretary Leavitt: The National Committee on Vital and Health Statistics, NCVHS, is directed by the Medicare Prescription Drug Improvement and Modernization Act of 2003, MMA, to develop recommendations for uniform standards to enable electronic prescribing, e prescribing, in ambulatory care.
During the past several years, the NCVHS has focused considerable attention on the feasibility and desirability of standards that are necessary to support e prescribing, and the need for standard terminology for clinical drugs to facilitate automated drug utilization review and decision support for patient safety.
The FDA developed and maintains the National Drug Code, NDC, a 10-digit code that identifies drug products marketed in the United States.
The NDC relies primarily on paper-based reports on ingredients, dosage forms, strengths, labeling and other information from manufacturers, re-labelers, re-packers and distributors to provide details on marketed drug products.
FDA uses this information for drug safety and other regulatory purposes. The NDC is used by dispensers to identify packaged drugs, but is not appropriate for prescriber use because it does not describe the clinical drug.
In previous reports , the Committee documented NDC deficiencies, most notably the concern about perceived weaknesses of the current NDC data base and linkage of the NDC to RxNorm concepts.
The committee expressed the acute need for harmonization of terminologies in the drug area to eliminate incompatibilities that impair drug utilization studies and patient safety.
DR. COHN: Again, basically, where it says drug utilization studies in patient safety, I think minor word smithing where it says, drug utilization studies, and may negatively impact patient safety.
MS. BUENNING: It impairs patient safety. I was wondering, does this impede or impair.
DR. COHN: I said, negative impact. That is just to clarify that, but continue
MS. BUENNING: Let me just review that, then. The committee expressed the acute need for harmonization of terminologies in the drug area to eliminate incompatibilities that impair drug utilization studies and may negatively impact patient safety.
The committee advised that HHS include the National Library of Medicine, NLM, clinical drug terminology, RxNorm, in the 2006 e prescribing pilot tests to determine how well the prescriber's intent is represented or preserved when the RxNorm information is translated from the prescriber's system into the NDC at the dispenser's system.
The FDA responded by providing the NLM with structured product labeling, SPL, which includes the content of labeling and drug listing data elements.
DR. COHN: We really need to modify that sentence. Randy and I were talking about this one. i think somehow we need to annotate that basically it provided the NLM with structured product labeling information, which included the contents of labeling and drug listing data elements, basically including elements necessary for mapping between NDC and RxNorm, which was the point of that sentence.
That will need a little word smithing. I am becoming a victim of run on sentences myself here, but we need to somehow include that concept in there.
The FDA also established collaborations with, among others, the Veterans Health Administration, National Library of Medicine, Agency for Healthcare Research and Quality and the National Cancer Institute, NCI, for purposes of clarifying federal medication terminology.
This included working with NLM to link clinical drug to NDC and distribution of structured product labeling through DailyMed, and working with NCI enterprise vocabulary services to establish the NCI thesaurus as a source for FDA terminology.
The committee also encouraged the promulgation of FDA's drug listing rule to improve the integrity of the NDC and support the correlation of NDC with RxNorm.
In recent testimony before the NCVHS Subcommittee on Standards and Security, the FDA confirmed that the current NDC data base is not authoritative.
Additional testimony from NLM confirmed that RxNorm linkage to NDC is currently complicated by this lack of an authoritative source.
On August 20, 2006, the FDA published a Notice of Proposed Rule Making, NPRM, in the Federal Register, volume 71, Number 167, Docket 2005N-0403, recommending changes that would allow FDA control over the NDC and would result in a complete and authoritative source of NDC numbers.
The proposed rule would make a complete list of drug products marketed in the United States readily accessible electronically, providing for accurate, unique and unambiguous DC numbers for each drug.
This would allow electronic systems to reliably and consistently link the NDC number to the appropriate drug labeling through structured product labeling, SPL.
The drug labeling would supply the drug ingredient and other information necessary to support the development of medication terminology standards for electronic prescribing.
As such, the proposal would provide important support for the full implementation of the electronic prescription provisions of the Medicare Modernization Act.
The NCVHS commends the cooperation of the FDA and NLM as they address these issues. The NCVHS recommends that the proposed rule be adopted as soon as possible, so that it can foster the resolution of those NDC issues previously identified as problematic. Sincerely, Simon Cohn, Chairman, NCVHS.
DR. CARR: What does it mean when it says, current NDC data base is not authoritative.
MR. LEAVIT: The current list of NDCs is not complete because it relies on the companies who assign their own NDCs to report their NDCs in a listing process. So, our list is not necessarily complete, up to date, because of that, that companies assign their own NDCs.
MS. CARR: Could we just say it is not complete?
DR. TANG: There is a question that it may also conflict. I thought one of the complaints about NDC is that there is a re-use of code.
MR. LEAVIT: That is another issue. There are a number of issues with the NDC.
DR. TANG: So, if the FDA were to be the authoritative source, then it would be the only source.
MR. LEAVIT: It would be the source, right.
DR. COHN: Would that solve the problem of re-use? I am actually looking to Randy to respond. So, does this solve the problem of re-use?
MR. LEAVIT: Yes, this proposed rule proposes a solution for re-use.
DR. COHN: For re-use, okay. Russ, did you have a comment on this one. Do you want to help us with authoritative --
MR. LOCALIO: Well, I have some practical experience in this area. I was trying to, several years ago, when I was a member of this committee, merge the prescription drugs in the Pennsylvania Pace Program, with the FDA's data base, and it just was not helpful at all.
So, the only way you can actually get an idea of what is being used is to go to the private sector and use one of their data bases. It is quite expensive.
Steve and I had some discussions about this. My understanding of what the FDA is trying to do is, for the first time, to have a data base that has all the drugs that can be prescribed on it. Is that correct?
MR. LEAVIT: All marketed drugs.
MR. LOCALIO: All legally marketed drugs.
MR. LEAVIT: All marketed drugs.
MR. LOCALIO: I think, if you put it in that perspective, I think there are data bases that are probably about as authoritative as they can get, that they are not under the control of the FDA and, if you try to use the FDA data base today, it just doesn't work. Does that help?
DR. COHN: It does and I think it puts the exclamation mark there. I am wondering if we need to -- I am actually looking very hard trying to find the word authoritative and where it appears first.
MS. BUENNING: It is in the second to last paragraph.
DR. COHN: Is that the first time it appears?
MS. BUENNING: I believe so.
MR. BLAIR: Does it appear to be a consensus that we do want to change the word, authoritative, to complete? My thought is that, if we do that, there are other aspects. It isn't just like, well, is the list of drugs complete.
I think the word, complete, in this case is multi-faceted. I am afraid that will be lost. Authoritative, as long as we know what authoritative means, might be a more appropriate word.
DR. COHN: I guess the question is, do we put a parenthesis with a couple of e.g.s of what we mean by authoritative, to help clarify what we mean.
DR. CARR: I apologize if I am not sophisticated in the use of the word, authoritative, but it is hard to intuit what is the comprehensive coverage, what does it mean. So, yes, a couple of e.g.s would be helpful.
MS. BUENNING: I think that if you look at the use of the word in that paragraph, it is used three times. In two of those instances it seems with reference to source, as it being the authoritative source. I think in that regard, it probably is appropriate.
Where it is maybe not appropriate or subject to interpretation is where we talk about the current NDC is not authoritative.
MS. GREENBERG: Would it be correct to say that it has not been validated, not complete, whatever you want to say.
MS. BUENNING: So, in that instance, then, what I think I am hearing is that reference to complete.
MS. GREENBERG: it sounds to me that it is not just that it isn't complete, but that it maybe over -- it hasn't really been validated, it sounds like. I don't know. Complete just sounds like there are things missing.
DR. COHN: I am not sure not validated -- I don't know if that helps us either.
MS. GREENBERG: That may not be correct either, but I am not saying it isn't complete.
MS. BUENNING: If there is a dependence on the manufacturers or whoever is reporting this information, in that regard you could say it is not complete, because they are depending on an outside source for it.
DR. COHN: You know, for the purposes of a letter like this, the word, complete, might actually be fine for the first authoritative, and then you can use authoritative later on. Michael, did you have a comment?
DR. FITZMAURICE: The authoritative is in there and it is important because it says that, if it is authoritative, it is under timely, central control. Somebody is in charge.
It is spread around to manufacturers who get around to reporting that they have assigned a number to a drug. This says it is under timely central control.
Now, you might not like central control on a lot of things, but I like to know there is somebody in central control of the labeling of drugs that my family and I take.
DR. STEUERLE: Perhaps the FDA confirm that the current NDC data base is not adequate for use as an authoritative source, period. Additional testimony, and so on and so forth, complicated by the lack of any authoritative source, or an authoritative source, it is clear that what is going on is two things are going on.
You are trying to make the data base more adequate to be an authoritative source, and you are trying to make an authoritative source.
DR. COHN: Okay, everybody is nodding their heads that that is a very good solution to this particular issue. Other comments about this letter?
I was going to also suggest a new paragraph. This starts later on in that paragraph. It says, on August 20, 2006 -- I mean, noting the NPRM right in the middle of the paragraph, it seems like it is a paragraph in its own right, but that is once again word smithing.
MR. HOUSTON: Two things. First of all, nobody really defines what the proposed rule is, although I am assuming that it is --
MR. BLAIR: A little louder or to the microphone?
MR. HOUSTON: There is no real definition of the proposed rule other than, in one sentence, you talk about the NPRM and then the next sentence you start off by saying, the proposed rule, which is half way through the first paragraph on the second page. I guess I am assuming that the MPRM is the proposed rule. Therefore, it might be good to clarify that.
Secondly, I hate the fact that we are in the very last sentence of the letter where we make our recommendation after a fairly wordy discussion.
I guess I question whether we should try to figure out a way to push forward the recommendation to the start of the letter in some way, and I am not sure how to do that.
I know that we typically -- to Justine's earlier point, which is that, in having a style for these letters, maybe put a subject line on the letter that says something to the effect that we recommend the proposed rule be adopted, and there was reference to the NPRM or the Federal Register number. Again, it is just a way to get the recommendation some more clarity, because it is in the last sentence.
DR. COHN: The NPRM is not mentioned until the second page.
MS. TRUDEL: The recommendation really needs to be that the NCVHS recommends that the final rule be published as soon as possible.
The notice of proposed rule making is already published, and then it is followed up, after a comment period, by a final rule.
DR. COHN: So, the final rule be adopted as soon as possible?
MS. TRUDEL: Published.
MR. HOUSTON: As far as we agree with the proposed rule, which we are. So, you really want to have both pieces of that. We agree with the proposed rule and we ask that it be published in final form as quickly as possible.
MR. BLAIR: Now, help me out on this a little bit, because I can't see the letter, but I thought that our recommendation begins with the fact that we support the publication of the proposed rule, but that it goes further than that and asks for support or funding. No? It does not? Oh, so that was changed. Thank you.
MR. J. SCANLON: Procedurally, again, is this meant to be a comment on the proposed rule, a letter or support for the proposed rule? Would it go into the docket, for example, and would it be used in support of the proposed rule? I think probably address-wise, we need to make it clear that that would be the case. This would be a letter in support of the proposed rule.
Secondly, I think you are right, Jeff. I think we should start off by saying that the NCVHS means to support the proposed rule. Start out by saying it is a favorable comment in support of the proposed rule.
MS. TRUDEL: The NCVHS commends the cooperation of the FDA and NLM as they address these issues. The NCVHS agrees with the provisions of the proposed rule, and recommends that the final rule be published as soon as possible.
MR. HOUSTON: I think we need to move it up also, because that is the last sentence.
DR. COHN: Maybe it is there and maybe we need to say something at the very beginning as well as at the end.
MR. HOUSTON: Yes, and then we can go back to it.
MR. LOCALIO: I just want to make sure that we all understand the time table here. The proposed rule becomes final and then there has to be some delay of time between then and when the people who have the NDC code are required to make them available to the FDA, when the data base becomes complete and authoritative, and when e prescribing takes effect.
Unless the time table is correct, we are going to have the situation of not having e prescribing in force and not having the availability of a complete and authoritative data base to support that activity. Are we announcing that the time table is going to work or are we just waving our hands at that?
MR. BLAIR: To answer that question, maybe Randy could tell us if the proposed rule includes a time table and request for appropriate funding to expedite the availability of the structured product labeling?
MR. LEAVIT: It has a time table, that companies have nine months to make sure that they have listed their products. After nine months, if their products are not on the list, they are not considered listed. As far as funding, I don't think there was anything in the --
DR. COHN: Proposed rules don't typically include funding. So, it is a nine month -- that sounds pretty good to me. We should get that with HIPAA sometimes, but that is another conversation. Russ, does that help? It actually sounds like it is a good --
MR. LOCALIO: Yes, I wanted to make sure that was on the record.
DR. W. SCANLON: This may be overkill, but just having seen final rules come out that don't reflect proposed rules, or are missing key components of proposed rules, I guess it is more than publish the final rule.
We would like the final rule to reflect the proposed rule that we were just endorsing here, some language a little bit beyond what Karen had in terms of publishing a final rule.
DR. COHN: That is a statement based on experience, I suspect. Karen, can you incorporate that?
MS. TRUDEL: Something to the effect that the final rule be --
DR. COHN: It does say that, though. It says the proposed rule -- you said, the proposed rule be adopted -- that they adopt the proposed rule --
MS. TRUDEL: You don't adopt a proposed rule.
DR. COHN: You adopt what was proposed.
MS. TRUDEL: The NCVHS agrees with the provisions of the proposed rule and recommends that the final rule contain these provisions and be published as soon as possible. We will word smith that.
DR. CARR: Just another question. This last sentence in the second paragraph, the NDC is used by dispensers to identify packaged drugs but is not appropriate for prescriber's use because it does not describe the clinical drug. I think I know what that means, but it is an odd way of saying it.
I mean, it is the drug. One is describing packaging and one is describing the pharmacokinetics? What is the difference between a packaged drug and a clinical drug?
MR. LEAVIT: The NDC describes a drug at the product level that the manufacturer markets. The clinical drug goes to a level that is more of a generic level.
If you say someone is marketing tylenol, then the NDC will identify it as tylenol because that is specific to a manufacturer, but the clinical drug will talk about acetaminophen.
DR. COHN: Also, the NCD talks about the 30 pills in the package.
MR. LEAVIT: It will say tylenol and then it will say that tylenol is packaged in a bottle of 30 or a bottle of 50, very specific to who makes that, who is marketing that product. That is where that goes to, right to the bottle that is on the shelf, where the clinical drug is more at the level of the ingredients.
DR. COHN: Yes, but Justine, you bring up a good point.
MR. HOUSTON: May I propose that, after the word, packaged drug, that you put in parenthesis, i.e., its trade name or -- something, the drug packaging or the trade name or marketed name.
I don't know if you put anything after clinical drug also, to describe it, something real short just to say what those two mean.
MR. LEAVIT: This identifies the drug as it is marketed.
MR. HOUSTON: right, just put that in parenthesis so that the person reading it would understand.
DR. COHN: Other comments on this? I guess I would ask the committee what your desires are on this. I think we have been talking primarily about -- I mean, we will have a considerable amount of word smithing, and I am not seeing anybody really objecting to the nature of the recommendations or having a letter come forward.
This obviously will take some word smithing, and I don't really think that we should waste the committee's time either today or even tomorrow sort of going over it.
It might be something for us to consider, if we agree with the spirit and the nature of the recommendations, to approve, with the ability of the executive subcommittee to do a final review, given that we have until January to get the letter in.
The executive subcommittee will be having a call in December, with the idea that people can clean it up, we can actually re-send it out if people would like to make sure that the word smithing is adequate, but approve it with the idea that the executive subcommittee would do the final review and get it out the door. Is that something of interest to the committee or do you have other thoughts?
MR. BLAIR: Could I take up your lead and make a motion? Simon, if it is okay with you, I would like to make the motion in terms of all three letters.
DR. COHN: No, Jeff, we have already passed the second letter and the first letter is going back to the subcommittee.
MR. BLAIR: That is fine. Then with respect to the CHI letter and with respect to this letter --
DR. COHN: Just this letter, Jeff.
MR. BLAIR: You are just doing it to this one?
DR. COHN: We have already passed the CHI letter.
MR. JEFF: I am sorry, I thought it was the other two.
MS. BUENNING: The CHI letter was already moved and passed. The NPI letter is going back to subcommittee.
MR. BLAIR: So, do you want it just for this letter alone, then?
DR. COHN: Yes, please.
MR. BLAIR: Okay, I make a motion that the committee approve this letter, pending word smithing and review by the executive subcommittee.
DR. STEINWACHS: Seconded.
DR. COHN: Discussion? Okay, all in favor --
MS. GREENBERG: I wouldn't say pending, I would say, for finalization by the executive subcommittee because it won't then come back to the full committee.
DR. COHN: Okay, discussion? All in favor, aye?
[Voices heard in favor of motion.]
Opposed?
[No voices heard in opposition.]
Okay, that letter is passed. Thank you. Jeff, thank you for the motion. Now, it actually in reality is 12:15. I am going to suggest that we adjourn for an hour's lunch break. We will reconvene at 1:15. Thank you.
[Whereupon, at 12:15 p.m., the meeting was recessed, to reconvene at 1:15 p.m., that same day.
DR. COHN: Now, a couple of housekeeping items. First of all, we are, of course, not in an unusual fashion, moving the agenda around a little bit.
What we are going to do, as I said, we have a couple of items we have to deal with first. Since Charles Safran is here to talk about the AMIA document on secondary uses of data, I suggested that potentially we do that immediately after lunch, rather than making him sit through our conversations for a couple of hours. He has gracefully consented, as much as he would enjoy it. I thought we would give him back half of his day, in other words.
As I said, we need to do a couple of things first. Another piece is that we are changing some of the subcommittee and work group activities for late afternoon.
Specifically, Mary Jo Deering is not here, and she is the lead staff for the NHII work group. I think what we will do for that group is to hold a conference call some time in early December to sort of talk about next steps, when she can be available and we can have a conversation on that.
Instead, what we are going to do is have a work group on quality meeting from 5:00 to 6:00 in this room, 505-A, from 5:00 to 6:00, noting that there are, I think, some issues coming forward that the quality work group may want to get involved with.
Certainly, everyone, including non-members of the quality work group, are invited to sit in and be part of the conversation.
MS. GREENBERG: I think it might be preferable, if they stayed, if the quality group met in 325-A. The subcommittee on populations will already be there.
DR. COHN: What is the desire of the group?
MS. GREENBERG: Whatever you prefer.
DR. COHN: I think this is a nicer room for a larger crowd, so why don't we do it up here. Now, the next item actually has to do with dinner tonight.
I think as you all know we have arranged a special dinner for the committee, both to honor retiring members as well as a chance to get together to talk a little bit in an informal setting. [Dinner logistics discussed.]
MR. BLAIR: Can I ask a question? The fact that we are not having the NHII meeting from 5:00 to 6:00, I understand the quality subcommittee would meet then. Does that give us any latitude to begin dinner any earlier?
DR. COHN: We are having a different meeting from 5:00 to 6:00.
MR. BLAIR: So, the answer is no.
DR. COHN: The answer is no. The final piece is, I think we started out this morning by really acknowledging the hard work and dedication of our retiring members. I am actually going to turn it over to Jim. We actually have some plaques.
I just wanted to give you something real to remember your term on the NCVHS with that is tangible. Jim, please.
MR. J. SCANLON: That is right. In addition to the high pay, the Secretary, for Bob, for Stan and for Russ, the Secretary has prepared a certificate of appreciation and letters of appreciation to all three of you.
If we have enough time, I would like to read the citation. Let me start with Bob. You have got a nice certificate, but I will read the letter itself.
Dear Mr. Hungate: It gives me great pleasure to award you this certification of appreciation for your four years of service to the Department of Health and Human Services as a member of the National Committee on Vital and Health Statistics.
This committee is one of the oldest and most prestigious advisory groups serving the department. Its recommendations have helped shape health statistics, health data standards, health information policy and epidemiology for our nation, and have had a profound effect on new legislation.
Your knowledge, expertise and experience have contributed greatly to the excellent work of the committee. We wish particularly to commend you for your time, effort, leadership and counsel that you have provided as the chair of the work group on quality, member of the executive subcommittee, and work group on the NHII and the subcommittee on populations. [So, it is a nice portfolio.]
Only the very best are asked to serve, and we are proud to have had the opportunity to associate with you in this endeavor. Should the occasion arise, we would like to feel free to call upon you for further assistance.
So, the door is left open, Bob, and again, I emphasize the free part of it.
MR. HUNGATE: Thank you very much.
[Applause.]
MR. J. SCANLON: For Russ, Dear Mr. Localio: It gives me great pleasure to award you this certificate of appreciation for your four years of service to the Department of Health and Human Services as a member of the NCVHS.
This committee -- [I will repeat some of this] --is one of the oldest and most prestigious advisory groups serving the department.
Its recommendations have helped shape health statistics, health data standards, health information policy and epidemiology for our nation, and have had a profound effect on new legislation.
Your knowledge, expertise and experience have contributed greatly to the excellent work of the committee. We wish particularly to commend you for the time, effort, leadership and counsel that you have provided as a member of the subcommittee on populations.
Only the very best are asked to serve, and we are proud to have had the opportunity to associate with you in this endeavor. [Again], should the occasion arise, we would like to feel free to call upon you for further assistance.
[Applause.]
I will repeat it again. Dear Dr. Huff: It gives me great pleasure to award you this certificate of appreciation for your four years of service to the Department of Health and Human Services as a member of the National Committee on Vital and Health Statistics.
This committee is one of the oldest and most prestigious advisory groups serving the department. Its recommendations have helped shape health statistics, health data standards, health information policy and epidemiology for our nation, and have had a profound effect on new legislation.
Your knowledge, expertise and experience have contributed greatly to the excellent work of the committee. We wish particularly to commend you for the time, effort, leadership and counsel that you have provided as a member of the work group on the national health information infrastructure, subcommittee on standards and security, and the ad hoc work group on the national health information network.
Only the very best are asked to serve, and we are proud to have had the opportunity to associate with you in this endeavor. Should the occasion arise, we would like to feel free to call upon you for further assistance. Sincerely, Michael Leavitt.
[Applause.]
DR. COHN: Clearly, the discussions will continue this evening. So, thank you all very much. Russ, we are sorry that you can't join us this evening. Obviously, you will be calling in in the morning and then leaving for Michigan.
Okay, with that, we are obviously very pleased to have Charlie Safran join us for a presentation. I hope you have all had a chance to review the document, which I thought was an excellent sort of discussion of secondary uses of data.
I am obviously very curious to hear your thoughts on this and take, and I am sure we will have an opportunity to have some conversation around this, as well as next steps.
Agenda Item: Presentation - American Medical Informatics Association.
DR. SAFRAN: Dr. Cohen, members of the National Committee on Health and Vital Statistics, thank you for inviting me to come here today and talk about this important issue.
As Dr. Cohn mentioned, my name is Charlie Safran. As Dr. Cohn mentioned, I am here as the past chairman of the American Medical Informatics Association, ably succeeded by Dr. Paul Tang, to report on the use of secondary health data as it relates to a meeting and a paper that we have recently published.
I am a primary care physician and I am also an associate clinical professor of medicine at Harvard Medical School in the Beth Israel Deaconess Medical Center.
I am honored to be here today among friends and fellow members of AMIA, and our College of Medical Informatics.
The board of directors of AMIA has identified the secondary use of personal health information as a critical issue for the widespread adoption of health information technology.
We convened, in April of this year, a blue ribbon panel of experts from industry, government, academia, to develop a framework that could help guide policy about, and the use of, secondary health data.
The panel has issued a preliminary report which can be accessed through the AMIA web site, through our journal's web site, and I believe there are preprints of the report here on the table for you to look at.
I won't read all the names of people who have contributed to the blue ribbon panel. There were approximately 30 members. The current national coordinator, as well as the previous national coordinator were both in attendance, as were some of the people in this room, members from most of the important areas of government that touch on health data, a reasonable sampling of industry representatives, not for profit, consumer groups, and some academic or scientific experts.
This list, I believe these slides and the members of the panel are all included in the materials that I provided.
We broadly defined the secondary use of health data to be the non-direct care use of personal health information including, but not limited to, analysis, research, quality and safety measurement, public health, AMIA provider certification and accreditation, marketing and other business, including strictly for commercial activities.
We were interested in issues concerning the benefits, the risks, the public trust, the balance between public good and individuals' privacy, the impact of innovative technology, commercial drivers, remedies for misuse and policy, including regulation and legislation. We had a very broad set of charters for the two days that we met.
We convened over a two day period. We had 30 people in a room about this size. We had a method that we published to produce the results that I will talk about today, but I thought I would delve into what the results are, rather than how we got them.
So, our major findings were, first, that the use of secondary data was more widespread than most of the assembled experts had expected.
For instance, we learned about physician practices that were selling anonymized data from their electronic health records for over $100,000 per practice.
The way this mechanism worked was that, if you had an electronic health record and transmitted the data to this corporate entity, and the corporate entity was able to sell that data as part of a study sponsored by a pharmaceutical company, then the practice that had contributed that data were compensated.
In aggregate, a given practice of moderate size might receive about $40,000 per quarter for the use of this data.
Neither the physicians in the practice nor the patients whose data it was were informed of this practice. It was the decision of the practice administrator.
Now, that might have included the physicians. They might have been well informed and, in most cases, probably were informed in the decision, but that wasn't a requirement of how those data got to the central resource.
Although it is probably no surprise to those of you here, we also heard from the government, CDC particularly, about the biosense project, and the widespread collection of health data directly from emergency rooms across the country into a centralized government controlled data base, which was not generally known by the 30 people in the room at the time.
The second thing that was apparent through discussion was that patient privacy issues completely dominated the discussion of public trust. This issue came up in almost every discussion that we had with respect to the secondary use of health data.
Third, technical innovation made many of the policies and procedures that were in place out of date. In general, the panel did not believe that anonymization could be practically achieved.
Lastly, we identified the need for attention and leadership at the national and state levels concerning these issues, and we are pleased to be here today as part of the process of bringing this to a higher government level.
We had a framework that we are proposing, and I will go into a little bit of detail of each of these recommendations concerning a national framework.
That is, transparency, stewardship, consensus, awareness, comprehensiveness and national leadership, these are the six points of the framework that we are putting forward.
Specifically, the secondary use of health data must be conducted and managed solely through the open and transparent process.
This example of the physicians selling EHR data, or practice selling EHR data without the knowledge either of the physicians or the patients, this points to the sets of issues that repetitively came up.
So, transparency in the process was one theme that kept coming up and needs to be a foundation of any framework moving forward.
Diverse stakeholders need to be engaged and need to have full disclosure of how their data is being used and how it is being re-used. Ongoing and future public policy discussions need to explicit address these issues more directly.
Secondly, we felt that it is important to focus on stewardship rather than ownership of data. By stewardship, I mean access, use and control as opposed to a strictly -- I am not a lawyer, I see there are a few in the room -- but it was the sense of the group -- and there was only one lawyer among the 30 participants in the room -- that ownership was a legal definition and wasn't useful in the ongoing discussions.
So, we needed to shift the discussion from ownership to stewardship of the data. Then, discussions should include considerations and approaches for risk management and mitigation.
Thirdly, public and private sector organizations involved in advancing the use of health information should be encouraged to participate in future discussions on an array of complex issues, striving toward consensus on pivotal issues.
It was clear, among the participants, that not all the issues had adequate consensus among the diverse stake holders, from the consumers to industry to those researchers who wanted access to data for research quality and other issues. So, the issue of how to build consensus among a wide range of stakeholders remains to be an important issue.
The wide range of stake holders, especially consumer oriented groups, including patients and their care givers, need to be convened to assure that the public is better informed and educated.
So, a recurring theme was that consumers or citizens were particularly poorly informed about the use of their health information.
One example of this might be as it related to personal health records and the emergence on the web from corporations of personal health records, which might be considered under HIPAA non-covered entities. Hence, there would be perhaps no protection of how that data was used and reused.
That is, a citizen comes to a web site, perhaps provided by WebMD -- and I don't mean to pick on them -- perhaps provided by an employer, neither of which is in a care giving setting. What happens to that data, how that data is processed and reused is not well understood by the citizen.
There was another issue related to this with respect to the citizen's knowledge about what happens to their data. That is, a coercion of the financial sector industry when you, for instance, apply to a mortgage. You frequently sign whatever you have to sign in order to get the mortgage.
There was general consensus around the room that most of us don't read the fine print or what is then enabled by the bank in order to convene a loan.
In fact, you probably somewhere in there give away your right to access quite a bit of your personal information, perhaps including health information, to various re-suppliers of health data.
From a technical or research point of view, one theme that came up was that there wasn't an adequate taxonomy or classification of all the kinds of uses of health data.
It was thought that it was important and an immediate task to develop a taxonomy of uses of personal health information which would be comprehensive and would help clarify the societal, public policy, legal, technical issues involved in future discussions. We thought that that was an important early task that clearly needed to be addressed.
In a related way, or not in a related way, but another issue of technology was that we strongly felt that the technical issues involving identity management and authentication were, at least from the point of view of the experts that we convened, not well understood.
There was a general feel among the participants, generally knowledgeable people, that the technology for data mining and data analysis and combinations of disparate data streams that were seemingly unrelated far outstripped the citizen's understanding of what could be reassembled.
This gets back to my point that the experts convened really didn't believe that anonymization was possible, given this kind of technology that we perceived, or that we were told by experts were out there from other industries from the marketing point of view.
Lastly, we have recommended and, as part of our being here today, that there needs to be renewed national and state attention on the secondary use of health information.
Particularly concerning were new kinds of data that were coming on line, such as genomic data. That needs to be thrown into the mix.
It was important, from a national policy and state level policy that these issues of secondary use of health data be addressed, and be addressed comprehensively.
So, in wrapping up here, the six principles that we put forward in these recommendations are transparency of policies and practices, stewardship rather than ownership of data, consensus on privacy policy and security as it relates to data, public awareness of the kinds of things that are happening to their data.
Comprehensiveness in our approach to secondary use of health data, not just for research, not just for quality, but taking into account the commercial uses that are now widespread and, lastly, national leadership.
So, our board of directors have reviewed and published this white paper. We intend to hold, convene, a second meeting of a slightly larger nature of perhaps about 100, 120 folks, to try to lay out and formulate a clear road map to depict and identify multi-tiered use and reuse of health data, taking into account both current and foreseeable future applications.
We believe that it is essential to address the complexity that surrounds secondary use of health data in order to both advance the national health information infrastructure, as well as to protect the citizens of our country.
That is what is in our report. There is more detail in process, and how we arrived at some of the findings, but that is a pretty good overview.
DR. COHN: Charlie, thank you very much. When I read it on the plane yesterday, I found it sort of fascinating.
I guess in some ways I was a little concerned about what appeared to almost be sort of a fundamental assumption, that one cannot anonymize data.
That may absolutely be the case, although I was trying to figure out whether that needed to be further validated, considering that that is something that we sort of tend to believe, that there absolutely ways to make it anonymous.
Is that something that you are going to be getting further validation of, or was this just the general sense of the group?
DR. SAFRAN: So, the group didn't have the appropriate experts available during the two days that we met when this surfaced as an issue.
As part of the reconvening of a slightly larger group, what we are hoping to do is to convene a group of experts specifically around this issue, to then report to the larger group when we reconvene it, to try to more definitively address those issues.
There have been some scientific publications. Latonya Sweeney at Pittsburgh and others have tried to address some of these issues around anonymization, and the lack thereof.
We really didn't have enough -- I mean, we had a few computer scientists in the room or appropriate folks that deal with this, but we will specifically address this as a breakout subgroup prior to the reconvening of the larger panel.
DR. COHN: Why don't you come to the microphone and introduce yourself.
DR. SAFRAN: Meryl is one of the co-authors of the paper, and runs our policy group at AMIA.
MS. BLUMROSE: Meryl Blumrose. I just wanted to mention, Simon, to confirm what Charlie said. We did hear anecdotally during the meeting of people who, when they wanted to badly enough, could link disparate data sets and, thereby, identify the patients.
So, in a particular data set maybe the patient could not be identified or the user might say the patient's data was anonymized, but by linking disparate data sets, they could re-identify the patient, and that was mentioned more than once.
DR. SAFRAN: There was one interesting business side light of that, and that is that the pharmas really want data that is unidentifiable, for liability reasons.
So, they are very supportive of, and need to get hold of, data that cannot be re-identified. That was an issue that came up from the industrial view. They would like a technology that supported anonymization.
MR. ROTHSTEIN: Thank you. I want to start out by saying I appreciate the interest in the topic by AMIA, because I think it is a very important one.
As you move forward, let me suggest that it would be helpful, from my perspective, if you had a broader definition of secondary use.
I think that the definition you have now is only broad enough by reading things into it. It is not self evidence that it is broad enough. I don't know whether it was intended that way or not.
I think it is arguably at the present a narrower definition of secondary use than the NCVHS has used, and what I would consider secondary use would be anything beyond TPO.
DR. SAFRAN: TPO is?
MR. ROTHSTEIN: Treatment, payment or health care operations. I think most of the secondary uses you discussed are really ancillary uses related to the health care data by researchers for epidemiology for quality assurance, for all those sorts of other things.
We used the term secondary use in our June letter to the Secretary in a broader context, meaning mostly beyond health care settings, that is, uses by non-health care entities for non-health care purposes.
I would invite you to consider some of the recommendations that we made directly related to secondary use, and would personally -- and I would think the rest of the NCVHS would welcome your support -- of some of our recommendations.
I just want to go through three of them related to secondary use. Number one is, we recommended that contextual access criteria be built into the NHIN to limit the scope of information disclosed by authorization to secondary users.
For example, if I apply for a job tomorrow, my potential employer has a legitimate use in knowing whether I can do job related function, but they don't have a legitimate use in every medical record that has been generated about me since the time I was born.
The ability to compel me to sign an unlimited authorization allows them to get everything. Even if I signed a more limited authorization, we don't have the capacity built into the system to filter out, somehow, only that which is relevant to my job application or my life insurance application or what have you. So, that is why, in June, we recommended that research be done on this and that it be part of the NHIN.
The second thing that we recommended is that there should be regulation of the compelled disclosures of protected health information to secondary users.
In other words, whether these people who can compel an authorization should be limited in what they can compel you to do.
Should employers be able to insist that you sign an authorization disclosing everything or only job related information. Should a life insurance company have you disclose everything or just information relevant to your mortality risk.
The third thing that we recommended in June is that privacy and confidentiality protections need to be extended beyond the three classes of covered entities currently covered under the HIPAA privacy rule.
That is something that certainly the department can't do, but we recommended that the Secretary promote that issue in Congress.
More generally, it speaks to the need for more comprehensive health privacy and confidentiality legislation.
A lot of people, as you know, think that the HIPAA privacy rule is more than it is or that it was intended to be, and is not, never was, intended to be a substitute for comprehensive privacy and confidentiality law.
Your focus on secondary uses really is, I think, wonderful in raising the issue of the gap in the protections that we have available.
Sorry to go on so long, Simon, but I could go on for the rest of the afternoon, as the rest of the committee knows, but I would encourage you to keep up with this work and broaden the recommendations.
DR. SAFRAN: At the time we convened this group in April, we didn't have the advantage of input from this group. So, we welcome that input and we will be more than happy to work with you in our next iteration.
MR. HOUSTON: I want to go to some of Mark's comments, but I have one background question first. What prompted you to say we need to look at secondary uses? Was there some compelling event? Was there something that said, geez, this is an issue that we have to really delve into. I am interested to understand what precipitated or motivated you primarily.
DR. SAFRAN: That is a complex question. I think we were a little bit being opportunistic as an organization, looking for issues that needed to be dealt with and weren't being dealt with by others, that we saw a vacuum and a need.
Then, coupled with that, just to be forthright, it was one where we could get sponsorship around it. We weren't interested in getting the government to sponsor the meeting.
I know this is probably the wrong group to say this to, but it was our feeling that, when the government sponsors a meeting, they have an agenda, like a report that is due or an AHIC presentation next week, that whatever you are doing has to be mapped down into that time frame for that agenda.
So, we were exploring a way that we could find an issue and a need that could get broad based community support.
This issue seemed to resonate quite a bit, and I should have mentioned it was on this slide, that we were bale to get support from pharmas and systems integrators and health IT companies and publishers for this kind of endeavor. So, I don't know if that quite answers your question.
MR. HOUSTON: It did. I was just wanting some background. One of the things that was said, and Mark indicated also, was the issue of anonymization and whether you could ever have complete anonymization and whether there was some type of -- something occurred or there were issues where there was this egregious use of secondary data such that AMIA felt that they needed to get involved.
DR. SAFRAN: There was no seminal event that drove us. In other words, once we happened on the -- once we were directed after this issue, you can see almost every day in the newspaper something that is relevant to the topic.
So, the relevance of the topic sort of fed on itself, but there was not something -- massive exposure of data -- at least in my recollection -- so, there was nothing specific in terms of a news event or a national incident that drove that. However, issues of disclosure happen all the time in the newspaper.
MR. HOUSTON: Just a comment and I will be done. I am just very concerned because anonymization is an issue, especially, that people -- I won't say they become comfortable with but they are sort of starting to accept.
I think that is an area that really deserves some more attention. I think that if the sound byte coming out of a meeting like this or your presentation is that anonymization is not -- that we are not capable of having complete anonymization, then it does do two things.
One, I think it does cause people to potentially lose confidence in where things are going with NIH, and the issue of secondary uses, but I think it also causes people to look back at HIPAA and say, okay, all of these anonymization provisions that were in there, de-identification provisions that are in there, really, are they appropriate.
Do we need to further consider whether, when something is de-identified, it sort of falls out of the purview of HIPAA. It does raise some interesting questions and I guess I will just leave it at that, with that comment.
DR. SAFRAN: I will only say that there were 30 interesting people in that room -- 29, I will exclude myself -- and it was an issue that kept coming up. It wasn't an issue that we had before convening the meeting, but it was an issue that we couldn't resolve adequately within the room.
Our recommendation is that really the issue is urgent and needs attention, not that anonymization isn't possible. That would be the wrong message.
MR. HOUSTON: I sort of heard that, though.
MS. MC CALL: First, thank you for your comments. This is a topic that is near and dear to my heart, as well as a number of other people in the room because of the work that we do.
I would like to first share some thoughts from our work in the quality work group that are associated with this, and then a couple of specific recommendations.
First, the thoughts from the work that we have been doing. As we surveyed the landscape of different efforts around quality, what became apparent to us is that quality and defining it and finding it will require aggregation.
That aggregation is, in itself, a distinct undertaking with its own technical process, standards and policy issues, separate and distinct from all of the work around individual records and NHIN and EHRs and all of that, that it is, itself, its own discipline.
So, to that point, a couple of questions slash recommendations. The first recommendation is to consider the same issue that we have been talking about around standards and taxonomies, but consider that for the analytic framework world, the secondary use world, as well. So, did that, in fact, come up as one of your topics.
The second was, I agree with your comment that technology is way ahead of policy. In fact, I would agree that technology is way ahead of what most of us understand as capable.
Back to the issue of anonymization, I would strongly encourage you to look outside the health care field for what is being done and what is possible in different areas in the -- quote unquote -- intelligence industry more broadly and what is being done there, and other types of businesses.
I do know that there are some absolutely fascinating things going on that are possible now that were not before. I have talked to some of these people and I would be happy to share those names off line. I would strongly encourage you to invite them into these forums.
Last, just to echo John's comments about how we talk about things, I think rhetoric will be important, everything from whether or not something is possible to even our use of the words, kind of protect.
They conjure up things that people really don't understand but the first thing is, if you feel the need to protect me, I guess maybe I should feel the need to be afraid.
Yet there is value, too, in secondary use, but I think we need to make sure that people understand that the uses to which we put a lot of this information is what makes learning and discovery possible, for things that have great value.
So, it is trying to provide that and make sure that comes out through what we talk with people about as well.
DR. SAFRAN: Just one quick comment, your points are good. The issue of value is one that was repetitively talked about.
In terms of the dialogue and education with the citizen -- this is sort of in the paper, I left it out in terms of my presentation today -- but that is a repetitive theme and point that we make that, in terms of our discourse with citizens, it is a trade off between what the value is and what the risk is. That is part of the dialogue and transparency that we need to have as we sort of move forward.
I was perhaps a little too glass half empty with respect to my presentation today, but certainly the value of secondary data was on the minds of everybody there.
Many of the people in the room professionally earn their living, so to speak, by creating value out of secondary data.
MS. MC CALL: I would agree. Again, I think it is near and dear to probably everybody that was at that meeting because they make a living at it.
I don't think that the average consumer probably understands what that value is. They do not live it and breathe it every day.
I think what we take for granted probably needs to be explicitly surfaced. That was really my only reason for pushing it.
DR. TANG: Let me start by addressing one of John's question, which is why do this, why look at this issue.
I am not sure it was a seminal event as much as an increasing prevalence of the misuse of data, just like 200 years of misusing paper didn't suddenly happen to us. We just realized that things could be done a better way for the quality of care. The same thing with the protection of confidential health data.
Another clarification, something that Charlie mentioned in terms of physician practices having data transferred to the vendor, that wasn't done in an anonymous form at that stage. It was only re-sold as anonymous data.
That is an important distinction, because there are many contracts with vendors that entitle -- and that is not an over-use of that word -- the vendor to have access to your data base and the data from it.
Many of them, for their own protection, declare that they intend to resell it. So, it is not one event. It is something that is becoming increasingly common in contracts. I am not sure that the practices, and surely not the patients, understand this.
To talk about de-identification, Latonya Sweeney, who actually began this work as a student, one of her findings is that 87 percent of us can be identified only with our date of birth, sex and zip code, like voter registration record.
Perhaps something that may be more startling is that most people's genetic information is stored in -- quote -- anonymized or de-identified data bases.
With only the date of service, depending on how large the size of the health care institution you go to, you can go and re-identify this genetic material and, of course, genetics is self describing in the end.
So, that is the basis for which saying most of this stuff is just not anonymizable, unless you really do. So, I think HIPAA is correct there.
If you use the 18 identifiers, one of which is a catch all, because it excludes even date of service, because of the fact I just pointed out is very revealing, then it truly would be anonymous.
However, it probably wouldn't be as useful to many people. So, that is the catch. That is where one of the recommendations of the privacy committee's letter said was, you need to extend the prohibition on mis-use of data to anybody who touches data.
You can't just say you can share something that can be completely anonymous, because it can't. So, I just wanted to clarify that.
As far as, if we do use -- in fact, I almost would -- this is a personal opinion not a committee opinion -- about the out of statistical de-identification. That is what I think we are saying is less and less possible, that if you truly de-identify these identifiers, it probably is de-identified.
DR. STEINDEL: Until Paul talked, i had three comments that I wanted to make, and Paul stole my comment on anonymization. So, I am not going to repeat it.
It was the point that I wanted to make, that you can de-identify data. The question is how useful will it be, and I think that is really the big issue.
I still have two comments that I would like to make and the first one as in response to your comment about the biosense system.
The way the comment came across a little bit, at least the way I heard this, was that this was some nefarious scheme to maintain a data base of health care information at CDC.
I just wanted to set the record straight that, of course, biosense has been well talked about and well presented, both within the department and within the community since we started the project, I guess it is now about four or five years ago, in its inception stages, and we have been rolling it out since last year.
I wanted to point out that each one of these systems is put into place with a signed MOU regarding what data will be collected, how it will be collected and what it will be used for at CDC, and that is with each one of the institutions.
So, there is very clear policy. It is a limited data set and that data set is described. It may change as we progress, because the intent is to use it for biosurveillance purposes and our knowledge of what is useful there changes on an almost daily basis, but at least on a year to year basis. So, they are modifiable.
The data is stored at CDC in a pseudo-anomymized fashion. It is not that we couldn't identify the people. We can, but we do collect it in a pseudo-anonymized fashion because, if we do detect public health problems in the community, we want to turn that data back in to the public health agency in the community so that they can handle that.
So, we do have ways of re-identifying. When I say we have ways, I don't mean CDC has ways. I mean the royal community has ways of re-identifying data to address immediate public health concerns.
So, it is not the federal data base in the sky or anything like that. It has very specific purposes. It is well defined and has specific uses, and is done with specific agreements with the community, the provider organizations. I just wanted to set the record straight on that.
The second is, I wanted to commend you on your discussion of defining better, and especially your idea of a taxonomy, on secondary use.
The reason why I am commenting on this in particular is, at the last AHIC meeting -- and we heard Dr. Kolodner talk about this this morning -- ONC was proposing a matrix of cross cutting issues around the AHIC work groups, and how they can better define that in the future.
One of the items they identified as a cross cutting issue was what they put out in what they assumed would be in a totally understandable fashion, was secondary use of data.
Immediately after their presentation, the whole conversation around the AHIC table was, what is secondary use of data, what is it limited to.
So, there is obviously not a clear understanding of what is meant by that, what is meant by a cross cutting issue. So, I really commend your group on taking this forward, and I hope you are going to be able to develop some sort of better definitions, from my point of view, as an informatician, a taxonomy that we could really use for this area. So, thank you.
DR. SAFRAN: Steve, thanks for those comments. I think that my comment about biosense was that it is still the public.
So, 30 people in that room, I would say that at least 20 had never heard of biosense, and these were sort of interesting folks in the room.
So, your points are all well taken but they are not communicated to the public at large, and that is part of the issue of transparency that we have in this country, that we don't really have a mechanism or a way of having that dialogue.
So, it is an issue. It is not whether it is a valid use or not a valid use or whether the appropriate checks and balances are in place. It is just a need for a better communication or better dialogue with our citizens around those types of issues.
DR. STEINDEL: That is why I wanted to make the points on the record of NCVHS, that this was no, not really that you were suggesting it was that, but those of us who are liaisons to NCVHS from our federal agency point of view, we feel there is a need to clarify issues like this for the NCVHS record.
As was pointed out earlier, people do hit the internet, they do read this, and we want to make sure it is clear to them.
DR. STEUERLE: I was going to repeat a little bit what Carol, when she mentioned value, I think the need for protection, I think it is very important not to stress either right to privacy or right to anonymity as being the ultimately highest value in terms of public good.
There are things -- we try to maximize privacy and anonymity to the extent that we can, but often forsaking public good.
You are probably doing this already, but this issue is not confined to health at all. Census is having the same debate about the release of census records, which have been available to the research community for decades, our tax records are available, withdrawing classifiers and other things for people, but if I know you have $33,200 worth of capital gains and you have an income of $73,500, and I can identify that on a data set, I am liable to be able to match up the data sets and find out all sorts of information about you as well.
So, this information actually cuts across the entire statistical community. Of course, in the world of computers, what makes it more relevant is now people can do sort of the data searches -- they can make sort of an infinite number of data searches relative to the things that we might have done by hand historically, which is why I think it is getting renewed attention.
I really encourage you, when you make the presentation, not to present the anonymity which, given these facts, is impossible to guarantee at some level.
I think your correct but when the statement just comes out that way it often leads -- particularly, I think, for the legal side of the public sector -- to protect itself by basically constantly withdrawing data from public use.
That has a very grave danger on the other side. I just encourage you to, a, represent that balance in your presentation and, b, also -- and you probably have tried to find out what Census, IRS and other agencies are trying to do to deal with this issue.
MR. BLAIR. Dr. Safran, I applaud the work of AMIA in studying this subject. One of the things, as you have heard around the table -- and I am going to add a different dimensional perspective to it -- is also applauding your intent to come up with a taxonomy.
When the ad hoc team for focusing on the functional requirements of a nationwide health information network was established as part of the NCVHS, I am not positive, but I believe that we received testimony from the federal health architecture folks.
If I recall correctly, they had a taxonomy and one of the things that they distinguished between was anonymization and de-identification.
That was very helpful to me, and I find that, ever since hearing that, whenever I hear folks use anonymization and de-identification as if they are synonymous, I start to get confused as to exactly what they are talking about. So, that is one reference source that might be helpful as you go through the development of the taxonomy.
DR. TANG: Maybe just a brief comment. I think the comments that Carol and Gene made are very, very important, both in the way it is in presented, but I think the letter that you sent to the Secretary in June is the only way around it in the recommendation that Mark reiterated.
That is, you can't at the same time cut off the transmission for good things at the same time you cut off the transmission for bad things.
It seems the only logical thing you can do is to put everybody under the same rules, that you cannot do bad things.
We can't prevent good information to be used by good people to accomplish societal good unless we have a universal rule that says what you can and can't do with the data, it seems to me. I don't know any other logical way to resolve this to create the balance. That may be something the committee wants to reiterate in terms of the letter that it has already sent.
MS. MC CALL: I actually had a related question, not for Dr. Safran, but for CMS. You talked earlier this morning, Karen, about some pilots, about taking CMS' data, the fee for service data, and doing some demonstrations with some personal health record vendors.
What do you allow them to do? What do you prohibit them from doing? Do they come under HIPAA for the purposes of those pilots?
MS. TRUDEL: For the purposes of these two very limited proof of concept pilots, yes, the organizations are under contract with us. They are required to follow all of our rules, including HIPAA.
These are organizations, keep in mind, that already have medicare fee for service data. In other words, we contracted with our own fee for service contractor to do this as a separate line of business.
You raise a really good point. When you talk about organizations that offer PHRs and the extent to which we would be potentially providing data to those organizations, what are the secondary uses that those organizations might be contemplating behind the scenes.
I think that is one of the issues in terms of authorization and authentication that we need to tackle in our next couple of rounds.
MS. MC CALL: As data becomes liquid, which is really what we are talking about, even before we get to the magic data bases in the sky, there are issues around -- I think your point, Paul -- around what are the standards and requirements that these entities have to be held to, whether it is secondary or aggregated or not.
DR. COHN: Charlie and Meryl, thank you. It has been a very interesting conversation. As you can tell, we are very engaged by it.
I am reminded that back when I started on the NCVHS, Don Detmer was chair of the committee. I guess, based on the fact that he is now your CEO, I am not surprised that you would be wandering off into this area.
Having said that, I am also reminded -- and I think we learned this with HIPAA -- if you remember, the original intent of HIPAA was to have a public conversation that included Congress in the development of privacy laws within three years after HIPAA.
There was never the intent that HHS would have to fashion from HIPAA really our first national privacy rules and regulations.
MS. GREENBERG: Well, it was the fall back.
DR. COHN: It was the fall back position. I think it just reminds us how difficult this area is and at times how elusive a consensus is around all of this.
It is very easy for us to identify problems. It is a lot harder to come to consensus about assuring ways that the good things get through and the bad things, as Paul described, are stopped.
There is not a universally held view of what are the good and the bad things in this. I just wanted to reflect on that for a moment. Anyway, I want to thank you. It has been a wonderful conversation and thank you for joining us.
Now, I am going to suggest that we take about a 10-minute break and then we will get back together and talk about our letter report, and then some of the cross cutting issues across the committees.
[ [Brief recess.]
DR. COHN: I welcome everyone back. It is 2:45. We have actually three pieces of work. One is discussion about the HIPAA report. The next piece is the letter coming forward from the populations subcommittee. The third will be at least beginning to discuss sort of cross cutting issues with subcommittees although, depending on how much time we have, that is something we could also continue tomorrow. So, we will obviously have more than enough time to cover things.
Agenda Item: HIPAA 8th Report, Action November 29.
DR. COHN: Now, the first, as I said, topic is the HIPAA report. I do want to remind everybody that this is a first draft, and actually it was really not reviewed by the executive subcommittee prior to being sent around to the full committee. So, I would have you consider it as that.
My general feeling is that -- this is my own personal feeling is that -- is that it probably deserves discussion at the subcommittee level with modifications sent up and revisions made before we are to vote on it. If you feel differently, we could certainly discuss that.
MR. HOUSTON: Which subcommittee?
DR. COHN: I think each subcommittee, where it is appropriate, will handle their area. So, basically, areas relating to privacy I think would be reviewed by the privacy and confidentiality subcommittee. I think standards and security will probably need to handle the other parts, and I think the NHII will somehow deal with it.
MR. HOUSTON: Let me ask a question. This report is specific to HIPAA?
DR. COHN: Yes.
MR. HOUSTON: When I read through it, there was a lot of information in there that was unrelated specifically to HIPAA.
There was a discussion about NHIN and other things which, when I read it, I said, geez, this is informative but should it be in a report where we are responding specifically to a requirement that we report on HIPAA. That was, I guess, one comment that I had generally.
MS. GREENBERG: We have always included not only the administrative aspects of HIPAA, the transaction code sets and all of that, but also the aspects of HIPAA in which the committee is supposed to make recommendations on patient medical record information, which extends it into the electronic health record. So, then I don't think the NHIN is that big of a leap from that, but I guess that is open for discussion.
MR. J. SCANLON: Let me talk historically about the report, and this one as well. It is correct. This is in HIPAA, the statutory language, and it requires an annual report by the committee on HIPAA implementation.
We started out, remember, with sticking pretty much directly to the statute but, like a flower unfolding, the committee got into, even under HIPAA now -- I should say like an onion -- even HIPAA, remember, asked the committee to provide recommendations on, I guess it was called standards for patient medical record information, which was kind of the entre to the whole clinical side.
You could argue that we have probably engaged in somewhat mission creep, because now we are including electronic prescribing and other terminology and health data exchange standards as well.
This particular report, as it was in previous years, was put together by various pieces. I think, as Simon said, it is really intended at the moment as really kind of a rough draft.
CMS provided information, other staff provided information, OCR provided information. You could argue that it goes beyond HIPAA but there is a trace back to HIPAA in terms of the assignments the committee got. The NHIN is somewhat different, but it probably completes the picture.
DR. COHN: Actually, let me make a comment, and I am just actually reflecting. I actually had the opportunity, the privilege, to present at a meeting recently talking about the 10-year anniversary of HIPAA.
Interestingly enough, the speaker after me, who I will not name, talked about unique identifiers for individuals, and referenced that, if one thinks about it maybe a little differently, the concept of matching patients to their records is actually another way potentially to think about that.
MR. J. SCANLON: It is a functionality.
DR. COHN: The question is, do we include that or not include that. I just throw that in as sort of an interesting take from another presenter.
Whether or not that maybe should be referenced as a way of at least advancing on that goal of assuring that health care data is accurately connected with the data who is identified. Just a thought there. I know Judy probably didn't think she was doing that but --
DR. WARREN: No, I did. We talked about that in the subcommittee, that we needed to re-look at patient identifier from a unique perspective in order to handle this. I mean, it was the direct child or sibling.
DR. COHN: Now that I have really messed up the conversation, my apologies.
MR. J.SCANLON: The structure of this report, I think we agreed in earlier discussions, it would be an update of what transpired in HIPAA and related activity since the last report, which was, I think, April 2005. So, this covers May 2005 through the end of November.
In addition, it was a look back at the 10 year experience, or the 10 years to when HIPAA was initially enacted, and some lessons learned that the committee has already kind of stated publicly. So, it would include that as well.
Obviously, it already has a 12-page executive summary, which is too long. It may be that the committee may want to consider restructuring, in terms of the letter report, a shorter one or just the executive summary.
The standards that were updated or issued, the enforcement rule, for example, and the time period and other things, that could certainly be covered on one page, but there are a lot of other implementation issues.
It may be that the committee wants to emphasize the 10-year what did we learn aspect of it, but it is a 12-page executive summary, and I am one of the authors, and it is too long.
MR. HUNGATE: The executive summary is longer than the body, I think.
MR. J. SCANLON: No, but it is close. Others have argued that they like the detail and that it is the only place anywhere where all of this is documented in one place, and when they go back, including several former chairs of this committee, they have said it is the only place where we actually provide some detail about what happened. So, you could argue it either way.
MR. BLAIR: I feel there are several ways to go. However, I feel uncomfortable having a document labeled HIPAA or the 10 year anniversary and include e prescribing and NHIN.
I think, if we want to include all of that information, I think it should be properly labeled as a report from NCVHS on its activities over the last 10 years.
Now, I have tremendous respect for the thinking that the folks that worked on this document may have had and the things that they wanted to accomplish.
Frankly, I am not going to ask for what that was, but I think I would suggest maybe two or three options and, if one of those options could meet those needs, then I would go with another option rather than try to slip in other topics under a banner of HIPAA 10 years.
So, one of them is to refer to it as NCVHS accomplishment or history over that last 10 years. That way that is an umbrella where we can have them all, or we could have the HIPAA 10 years as a separate document and then wind up doing a second document out of this, which would be a summary of the non-HIPAA NCVHS activities, which not only include e prescribing and NHIN, but a lot of the population, the quality, some of the privacy stuff, some of the things related to EHRs.
So, I would rather that we go with either of those two other options than leave the title of this document as if it is just HIPAA.
DR. COHN: Just correct me if I give it over to Bob, but I just want to remind you that privacy is HIPAA.
MR. BLAIR: I think there are issues related to privacy that go beyond specifically. As soon as you get into the privacy recommendations for the NHIN and you get into the secondary issues, and you get into the letter from this summer, that gets into issues where HIPAA isn't covered.
MR. HUNGATE: I was quite comfortable with the pattern as portrayed here from the standpoint that one of the activities of this past year was to look back over the past several years and recap that.
I am comfortable with the HIPAA focus because that is a clear audience that needs clear communication of things that they have assumed responsibility for through legislation.
I was struck by the similarity of the executive summary and the document and wondered, when I read documents, I often kind of thumb through the whole thing and look for things that tell me something.
So, I wondered whether maybe bolding pieces of the whole document would then serve the summarization methodology for people like me who thumb through it, because then you stop where something is of interest to you, and you do the rest of it so that you have the rest of the detail. This was just a mechanical technique thought, of a way to deal with the commonality of the two documents.
MS. GREENBERG: I think you ended up getting a copy that I handed out to you of the version that I commented on.
Let me just say a few things in relationship to what has been said. First of all, we will do an annual report. Our last annual report was 2003-2004.
We will need to talk about actually doing a 2005-2006 annual report, and that is the report that covers the entire work of the national committee.
It will probably reference this report, whatever it ends up being. So, we will go into some more detail on some of the HIPAA stuff in this report, the HIPAA related health IT in this report, than we will in the annual report, but we do have another vehicle for reporting on the entire committee.
We used to do it annually, and the last several years we have done a biannual, which I think works out pretty well. So, that is something the executive subcommittee has to talk about in its call actually later next month, as to when we want to get started on that, since it will be 2005-2006. That is in response to Jeff's suggestion.
I think one could just clarify that, in addition to things specifically under HIPAA, which does include clinical records, as we have said, there are other health IT topics that are included here because of their synergy, whatever.
I think being too narrow that this is a HIPAA report is probably not helpful to really convey to the audience kind of the work that the committee has done in this general area.
So, that, at least personally, that didn't bother me that much. I did suggest, in this version, that one way to cut back on the -- we always have this problem that there is too much in the executive summary.
It really isn't 12 pages. It is more like nine or 10, I think, but one way to cut it back by a few pages is, there is no need to put all of the entire lessons learned with the findings and recommendations in this executive summary. I think you can reference it and then the high points, maybe the top level recommendations or something, and then put the full thing here in the full report. We probably should try to keep the executive summary to probably no more than about six pages.
I think the real issue is, we have got the lessons learned. That comes right out of the letter. Most of it, almost all of it, I think, comes out of letters that have already been sent by the committee.
So, I don't think it is controversial in that regard. It has gone through the committee process and I think there is value in bringing it all together in one place and, in fact, we are required to.
Particularly, I think the real issue is, obviously it has to be reviewed by the appropriate subcommittees and all that, but the real issue is whether there is anything else the committee really feels should be done or said in this report, particularly because we have just observed the 10th anniversary of HIPAA, or whether it is just a question of sort of packaging and repackaging, maybe, the information that is already here, whether the committee wants to use this as a committee to say anything else it hasn't already said in the last 18 months. I think that is the main issue at hand. Otherwise, I think most of the stuff is in here and it is already up on our web site, and it is just a question of packaging it.
DR. COHN: Marjorie, I think I would actually sort of agree with the comment about whether there is anything new or more.
Maybe the comment about structure and all of this, as I looked through this, it appeared to me that what we needed to do was to -- if you could now merge the executive summary with the body of the text and have a report with appendices, if there is a need for appendices, to handle that.
It appeared to me that if we had a letter that was a page and a half or two pages long, that would be both the letter and the executive summary. That was sort of my view of what is important.
I think there are ways to sort of put this together in a way that it looks like a report and it looks like you have got a way to highlight the important pieces here. That is one thought, rather than try to create a four, five, six, seven page executive summary.
To me, there is actually a more fundamental question which, Marjorie, I think you have gone to which is, this report continues to serve the same old, same old, same old melodrama of HIPAA, which I think Carol brought up earlier about, haven't we learned anything in the last 10 years, isn't there anything that we could apply to this and all of that.
Now, this is actually something I want to bring up with standards and security. There may be a different view in privacy or whatever.
As I said, I had to stand up in front of people without the benefits of the most recent HIPAA administrative simplification report, much to my chagrin -- I had the lessons learned -- and talk for an hour about what had happened over the last 10 years and lessons learned.
I was aided by some very thoughtful work from Karen Trudel from CMS, and actually I have about 30 or 40 slides which I would be happy to send out to the whole committee, if you would like.
This is a different view of lessons earned, which I think sort of augment and sort of add more flavor to this whole thing.
It isn't just everything is dour, but that there have really been some lessons learned and some positive things going forward.
The other thing that I am becoming increasingly convinced about -- once again, this is not through a complete industry-wide survey but more anecdotally as I began to talk to people about what was going on.
This, as I said, really applies more to the administrative and financial transactions as opposed to privacy, is this sort of sense that we may be turning the corner, and that we may be moving from a place where we continue every year to complain about there is no ROI, people aren't using it, if only government would do X,Y and Z to make this happen, to an environment where I am going, geez, people are actually beginning to use it, there are industry groups getting together to figure out how to do some of this better and create more return on investment.
People are anecdotally at least coming out with significant returns on investments from the non-claims transactions, which is something that we always sort of talked about.
In reality, with NPI, most of the transactions are out there. So, telling the government once again, well, geez, you need to get them all out there before we can do anything maybe sounds a little hollow.
Anyway, as I said, I need to talk to standards and security about it to see if any of this strikes a chord, but I am actually wondering if the message may be actually changing and really we are in an environment where people are beginning to make use of it, that people are creating value out of all of this, that maybe there is a need for new transactions or updated transaction s because people want to make even more value of it, and that this has really been a year of almost what I would describe as transition, moving from implementation to optimization, which is a term that I use inside my own company when we talk about implementation.
It is amazing how many systems you put in and how long sometimes they are there before you actually start doing something where somebody optimizes their value, and I include electronic health records in that.
Maybe we are actually, at 10 years, into that framing. Anyway, I just bring this up as something that I sort of saw when I was giving the presentation. I don't know if it strikes a chord or not in what people are thinking, but it really does give you a different sort of report.
MS. MC CALL: It does strike a chord and I think it is tough for us to hold maybe the memory of what it was like 10 years ago in our heads as we talk about what it is like today.
Yet, wouldn't it be valuable, would it be fascinating to go back and literally dig up the transcripts of the types of things that were always on kind of the tip of our tongue 10 years ago, and look at the problems that we have solved or the things that just aren't as present any more, and look at the types of things that we are wrestling with now and see how they are different.
How many things are we now able to kind of take for granted or begin to truly assume today that we couldn't even begin to assume 10 years ago.
I think that there is a shift, and I hear it implied in our language as we sit around this table and talk. I hear it at my own company when we talk about EDI. That just wasn't possible before in our own company, and the level of first pass -- nobody even had to touch it -- adjudication, because of some of what has been enabled.
MR. REYNOLDS: I think that -- I obviously saw your presentation and I think it does set a good tone. I think Carol's comments, if we were to start where we were 10 years ago where everybody was doing it proprietarily and the volumes were a lot less than they were, and CMS was nowhere near 100 percent automated claims, start that off, use your presentation.
Then I still struggle with some of the earlier questions. I think John asked a good question and so did a couple of others, where there is a lot more in there other than HIPAA and maybe that is a section called sort of the next wave.
I think it is a stretch to act like they are HIPAA, but I think it is a mistake not to discuss some of them. That would be my input.
MR. BLAIR: I am very glad you put him first, because I can piggy back on his comments. Yes, I think there is very much the sense that I have, that there were very important lessons that we learned from the HIPAA experience.
We began to apply those lessons. I think Congress did also, in the way they crafted the Medicare prescription drug improvement and modernization act. They did a much, much better job.
They also were willing to listen to us when we modified the process that we went through in order to try to provide improved information for e prescribing standards.
So, Harry, your remark, I would hate to see the e prescribing and the NHIN thing just put under the banner of HIPAA.
While I do agree that folks have begun to see some type of rate of return, just like a lot of things that are good, there is also sometimes baggage.
Right now, HIPAA has baggage. I think we have an opportunity here to get a message through on what we learned about HIPAA, HIPAA lessons learned.
If we either dilute it or lose the achievement of what the e prescribing and the NHIN pieces are by sticking it under the umbrella of HIPAA, it is like mixing apples and oranges, and I think we may lose the benefit of both. I think that is all I will say.
DR. TANG: I think you are right, Simon, that there has sort of been somewhat of a tipping point since 10 years ago, in terms of we don't worry about getting there. It is like what do we do once we are there.
The three themes I heard from our discussion is, one, there is this perpetual delay. Secondly, we need a streamlined way of updating the whatever it is, the standards for transactions, whatever. Those are very concrete recommendations.
One of the things, when we use the term, lessons learned, sometimes it is used, lessons learned, let's have the close up meeting, talk about lessons learned and put them on the book shelf.
I think we actually mean it lessons learned and recommendations going forward, have that kind of tenor to it or tone.
I wonder, again, if it is not word smithing to create the way that it is presented or rendered to the public or policy makers.
You want to do recommendations to make this better going forward, instead of just lessons learned from the past.
The third theme I heard, which is not reflected in our lessons learned or recommendations, is we talked about processes that could be improved upon.
One of the things is some of the policies that need to actually need to play catch up again with where technology is.
That refers to the privacy and potentially the security in the way that NHIN works, because that wasn't envisioned 10 years ago and it is a completely different set of players, secondary uses and rules that need to be applied.
I think that really has actually gone beyond the original HIPAA and may need some updating in the fundamental rule. I say that with some trepidation but I think that is probably true.
MR. ROTHSTEIN: I have a practical concern about where we are going with this discussion. I think we need to decide what kind of report we want to present.
In the past, our reports to Congress have really been descriptive. We have said what we have done in the last year relative to our charge from Congress.
What I hear many people talking about -- and I don't disagree with the value of what is being proposed -- is a more substantive assessment of lessons learned from the past and where we go forward and, in a sense, new recommendations or new conclusions, at least, based on our study.
If we want to go that route, it seems to me that producing a report like that would take at least six months. The reason that I say that is that it does take very long to get to sort of contentious issues that you need to work through.
So, if we wanted to think back, to take Carol's suggestion, what were we thinking about 10 years ago, or six or seven years ago or whatever.
One of the issues that was roundly debated, not just in NCVHS but also in the department and also was, should we have consent or notification as the standard.
Now that issue is resolved, but there is still not very much agreement on whether it was resolved the right way or the wrong way.
So, the issue is off the table, in a sense, but I could argue that there are actually three different ways that we could approach it. The department made the right call, the department made the wrong call, or it really doesn't matter which way the department went on this rule or this particular aspect, for reasons that I will spare you.
The result is, it would take a lot of debate in subcommittees and in the full committee to sort of hash that out.
So, what I would propose is that we go with the first sort of view of the annual report, the traditional descriptive report.
Then, if we want to take up the issue of composing, maybe with a separate working group or some other arrangement, a separate report on lessons learned from 10 years of HIPAA, then we can give it more consideration and come up with some new recommendations.
MR. J. SCANLON: I guess I would add to that as well. The annual report, it is literally supposed to be an annual report to Congress on the status of implementation of administrative simplification.
What it does is, it summarizes what occurred over the past year. It has not simply been descriptive in the past. it has been analytical and pointed out some new things.
If the committee is thinking of new recommendations, new lessons learned, then you have to have an evidence base, you have to have on what basis are you concluding why it is better or there is a tipping point. Otherwise, it is just more conjecture.
You probably need some sort of a process to work that through, which I think you did to some extent, or you thought you did, anyway.
So, again, you can use all the recommendations you have already made in the deliberative process. You are just restating them and pulling them together. It is probably the only place where all these things are pulled together.
If you are really thinking of new interpretations, then you need new findings. Otherwise, I don't know, you could say the committee believes or the committee thinks, but it is not a recommendation that you have made before, and there is a question of what is the evidence that supports that conclusion or recommendation.
MR. BLAIR: I think we have an opportunity here. There are the recommendations on streamlining the HIPAA process, and i this is going to be a lessons learned, I would think that streamlining the process is an excellent complement to the lessons learned, much more so than the e prescribing or the NHIN.
DR. COHN: Jeff, actually, the lessons learned is already in here, which includes the recommendation around streamlining, although not the specifics.
MR. J. SCANLON: Not the specifics.
MR. BLAIR: Great.
DR. COHN: Steve, you had a comment?
DR. STEINDEL: I am a little concerned about the discussion of drifting off and introducing new themes in the annual report to congress.
That is what I think is the subtle difference between this and what we advise the Secretary on. This report does not go to the Secretary. It goes directly to congress. If we start introducing things that we haven't advised the Secretary on, I am concerned about our position.
MS. MC CALL: With that comment in mind, which I think is very important, the question that I have for us now is, how can this description be most valuable to Congress, given the issues that we think they will be most likely to have in front of them next year.
It can be about how much we share, how we summarize, and also what we lead with. That, I think, is probably the most important thing. I am back to, let's just describe the packaging. This is packaging.
MR. J. SCANLON: I would suggest that it would, in terms of timeliness -- we have got a new Congress.
DR. COHN: Jim, I half understood what you just said.
MR. J. SCANLON: The whole House of Representatives changes.
DR. COHN: Yes, but you said about timing.
MR. J. SCANLON: In terms of when would be the appropriate time to get it there. The other thing is, if we really want to look in more depth about progress and tipping points and new recommendations, there is no reason why the committee couldn't say you were going to do that in the months ahead. It just wouldn't be part of this report.
You could sort of foreshadow -- well, you could say you are going to be looking at this area and provide more substantive detail and further evaluation.
I mean, when the annual report has new recommendations in it, as long as they are part of the full deliberation of the committee and the public process, that is one thing.
Normally, it contains recommendations and findings that you have already gotten on record, and you weave it together and interpret, but normally the recommendations of the committee are based on the full public deliberative process.
MS. MC CALL: If they are going to be considering a bill that has to do with health IT, I would love for them to get a sense that it is not a Groundhog Day experience.
I would love for them to get a sense that we have traveled tough journeys and tough paths and, guess what, we got something for it, and here is what it is. Let me remind you, kind of to your point, Simon. If we can't do that in this report, then we can't, but it could be valuable. I don't know enough about the newness of the members combined with the steepness of the slope they all think they are going to be facing.
DR. COHN: You know, I think we may be sort of coming around to -- I am not sure we have a consensus here, but I am hearing nobody having an idea for a draft and spending the next year doing the report that we are hopefully going to be done with in February. I think that our hope would be that people would look at it until February.
I am also hearing that people think that we need to take a hard look, and the subcommittees need to take a hard look at the descriptive information and all of that in here to see if it needs to be updated, slightly reframed -- I don't think anybody wants to add lots of new recommendations to the report.
The question is, are some of the recommendations no longer as appropriate as they were when they were made or do you have other thoughts that might help explain them.
I do think, however, that we are talking about framing and the issue is what comes first, what comes second, what deserves to be in the letter, the maybe page and a half letter that we send to the Speaker, versus somewhere in the body of the text.
I think that, to me, is sort of those sorts of questions that I think we need to ponder. The subcommittees, I think, can be very helpful in terms of saying, yes, this is important enough that it really does deserve to be highlighted here as opposed to buried on page seven or on page 10 or on page 12.
As I say, I don't think the intent to bring this forward was to -- I don't think we thought we would pass this today, but I am hoping that by February we will be comfortable with this and be able to move forward.
MR. J. SCANLON: That would be a very good time for it.
DR. COHN: I also agree with Steve that I don't think we want to blind side anybody with recommendations coming out of the blue, but on the other hand, I think that if we think things are working a little better, there might be a nice way to say that. So, thoughts on this one? Are we comfortable taking this back to the subcommittees, having this be part of the discussions?
The executive subcommittee will obviously work with the chairs to help bring this to life and do what we can to sort of turn this into something that we all say, yes, that is about right, for the February meeting with the idea that some time probably in January hopefully we would be able to get it out to everybody, the next version, to sort of get all of your input before we present it.
MR. REYNOLDS: I guess the only issue that still is on the table is, is this just about HIPAA or are we going to get into the other things?
DR. COHN: Harry, I actually thought that your description -- maybe I will take the prerogative as the chair because I don't want to spend another hour arguing about that, but I thought that your suggestion, which was, as with many others, that we shouldn't just talk about HIPAA, only because we spend a lot of time arguing about what is HIPAA versus what is maybe a little bit beyond HIPAA.
I think your description of sort of this next wave and that being a piece of it, but clearly identified as such, is probably the best way to handle that.
MR. REYNOLDS: Okay.
DR. COHN: Does that makes sense to everybody? It is sort of in there but it is not the pivotal piece, but to completely ignore it, probably we are missing an opportunity to inform Congress about our good work. Jeff, I should ask, are you okay with that?
MR. BLAIR: Yes, thank you. That puts the other pieces in a different context as the next wave, and I think that that is appropriate and helpful. It is complementary as opposed to just putting it under the same banner.
DR. COHN: Harry, does that help you?
MR. REYNOLDS: Yes, thank you.
DR. COHN: When do we see you in person?
MR. REYNOLDS: Well, it looks like dinner.
DR. COHN: Too bad, we were hoping to see him for meetings later on today. Okay, so I think we are done with the letter. Do you have another thing?
MS. GREENBERG: Would it be reasonable to ask the subcommittees to kind of validate the content, the relevant content, before Christmas or something. Is there something missing or is this not relevant.
Get the content validated and then we can discuss how we are going to work on the framing of it, re-framing of it.
MS. J. SCANLON: We are looking at staff to verify it as well, bring some of the members up to date.
DR. COHN: There is a pained expression on people's face, but okay, sounds good. Now, with this, let's move on to the other letter, our final letter, and this is coming from the populations subcommittee.
Agenda Item: Populations Subcommittee Letter.
DR. COHN: I think most of you received it via e mail. It is not part of your document. It would be -- I think it admittedly is a first draft letter. Bill, who is present it? Are you presenting it or is Russ presenting it?
MR. W. SCANLON: I think Russ is going to present it.
DR. COHN: I guess, Russ, just to remind me, this is once again a response to an MPRM and this needs to be completed by when?
MR. LOCALIO: I will go over that.
DR. COHN: Please.
MR. LOCALIO: On October 18 -- that is quite a bit after our last meeting -- the Department and CMS came forward with a proposed rule for the use of Medicare Part D data.
The time table is somewhat limited. Comments have to be in by December 18. So, we are talking about a two-month window in contrast to the FDA's proposed rule which has a five month window. We talked about that this morning.
Now, neither the Secretary nor CMS has asked the committee for any comments, but what we did was, last week we had a conference call on this proposed rule.
We thought that, owing to the subject and the amount of discussion we had had on these issues here at the committee, it would be better for the committee to weigh in and provide a recommendation albeit unsolicited, rather than to do nothing.
It fits in with what we have been doing. It puts the committee on the map as continuing to be interested in the subject.
So, very briefly, what the proposed rule says is the CMS is going to require the sponsors of the Medicare Part D prescription program -- those are the organizations that are actually running the benefits program -- to collect and provide to CMS a great deal of data on individual prescriptions and payers and costs and amounts and beneficiaries.
That this information be used by CMS for monitoring the program, but also be used for three other purposes.
One, to be shared by other federal agencies. Two, to be shared with Medicare beneficiaries and, three, to be shared with legitimate researchers on approved projects with minimum necessary identifiers made available under data use agreements that are currently being used for Medicare Part A and B data.
So, based on that and about an hour's worth of discussion last Wednesday, we came up with this draft in what I have to say was record time. Total elapsed time was about two hours from the first finger on the first key until actually it got -- Marjorie and Debbie circulated it on Wednesday.
So, how do you want to proceed, Simon? Should I read it or how do you want to -- should I give an overview of what the letter says?
DR. COHN: Why don't you give an overview of what you think it says, and then you can -- I think reading through it for us I think would be helpful. I found myself, as I looked at it, I think I understand what you are trying to say, but I wasn't sure.
MR. LOCALIO: The letter basically commends the Secretary for the proposed rule, essentially agrees with the proposed rule, but notes that there are many benefits that are in addition to the medicare program, advancement of public health and scientific programs, the ability to link these data to the other medicare data as well as surveys, and disease registries, then, by sharing the data and being able to link data to facilitate various evaluations and studies that would not be feasible otherwise.
In other words, to make efficient use of these data for purposes as the proposed rule outlines, over and above the day to day running of the Medicare Part D programs.
Essentially, that it provides many opportunities for analysis, not only in terms of the effectiveness and efficiency of the program, but for scientific purposes, subject to traditional protections of individual privacy.
So, the proposed rule would further many of the types of initiatives that this committee has supported in the past.
Essentially, that is supposed to be the tone of the letter. We wanted to keep it brief. So, I have always talked about the one page letter, and that is still feasible, given editing to condense it. Would the others essentially agree?
DR. W. SCANLON: If I could just add a couple of things, one is that there is no new data collection involved in this. These are the data that were going to come as a result of claims for drugs being submitted under Part D.
There is a provision in the statute, and actually the rule sort of says that the purpose of this rule is to clear up an ambiguity that exists with respect to the medicare modernization act.
There is a provision within the statute that says the data cannot be used for -- I can't quote you the exact language -- but what the rule indicates is that there are other provisions of law that say the Secretary has a responsibility, in managing the Medicare program, to use data for effective management of the Medicare program and, in addition, there are all kinds of other benefits that can be earned from using this data, as Russ has pointed out, consistent with what we have talked about and in many other contexts.
So, that is the purpose of the reg. When it came down to looking at the burden of this, which is an obligation tha tyou have in publishing a rule, they didn't do that analysis, because they said there is no new data, new data collection that is being required.
This has been an issue that has been discussed I don't know how long, maybe since the act passed, and there has been a very serious concern to a lot of different organizations and people.
Senators Grassle and Bacchus introduced a bill this summer that was going to essentially accomplish what the reg does, just to eliminate any ambiguity saying, these data are too important not to make use of in terms of the kinds of analysis that they can support.
They are unique. When we normally look at administrative data for claims, we have such limited information on the beneficiary, that it is almost a rule of thumb that the diagnoses are somewhat suspect.
Now you have information about their prescription. There may be some parts of those data which are suspect, but it is a whole lot better in terms of knowing about a person's health status than we have ever had in the past.
So, it opens up all kinds of avenues for analysis to improve sort of what we can understand about utilization patterns risk adjustment, et cetera.
MS. MC CALL: I was talking off line with Simon. I will go ahead and make it an online comment, and it is related, Bill, to what you are talking about and it has to do with the value of the data.
So, depending on what we do with the letter and whether we are recommending and, therefore, voting, I may actually have a conflict that I have discovered.
It has to do with a company that we have formed in partnership with another, and the company is, itself, Green Ribbon Health.
It is part of a chronic care improvement pilot through CMS down in Tampa. The long and the short of it is, because of this little kind of hitch in the git along in what is in the language of the MMA, we have not been able to secure the specific pharmacy or Part D data on the people that are participating in the program.
It was anticipated at the time everybody bid. It has been a very large issue for the people that actually are running these pilots now, in terms of the other requirements that are part of the program, in terms of clinical outcomes and guarantees that we have made clinically, financially, with respect to the program itself.
I have just personal knowledge of how valuable it can be, but also we have actually gone on record with what some of those barriers may imply for some of the requirements of the program as well.
That may, depending on what we do, qualify me with the first conflict that I have heard out of this group since i joined.
DR. COHN: So, Carol, just to clarify, depending on what we do means, if we vote on it you will have to recuse yourself?
MS. MC CALL: I would look for guidance from you on that particular matter.
DR. COHN: Okay, thank you for your comment on that. I think I will ask the executive director and the executive secretary to advise us on that. Do you have a comment?
MS. GREENBERG: I think when you have a particular interest related to a recommendation you do need to recuse yourself.
This isn't one tha tyou are on record for, but I thank you for raising it. It sounds like it is a particular rather than a general.
MR. J. SCANLON: I think if it were just general policy and it didn't involve the specific company, then it is more policy, but in this case it sounds like a particular interest. On your own you could send in comments.
MS. GREENBERG: The fact is, you are not the only, obviously, company that would be impacted, but I think I would feel more comfortable, since you have raised this, to recuse yourself.
DR. STEindeL: As I recall, in the past when we have had conflicts of interest arise, which has been rare but they have been, the person has recused themselves from voting, but we have encouraged participation in discussions as a technical expert.
MR. ROTHSTEIN: very briefly, Russell, I support this letter. I appreciate your taking the initiative on this. I just have a minor suggestion in the second line.
I would recommend taking out the U.S. citizens. I think it should read, because of its assigned role in advising on development of information systems and data vital to health, comma -- okay?
DR. COHN: I thought Mark was going to go a lot stronger than that and say, I have some privacy and confidentiality wording that needs to be inserted in here. Mark, you are being very mild today.
MR. ROTHSTEIN: Hey, I have mellowed.
DR. STEUERLE: I would just like to reiterate that, when we drafted the letter, we were actually very impressed by the discussion in the proposed rule already about most of these issues raised here.
Our purpose was basically to highlight particularly the value of these data for all sorts of purposes, including the value of dealing with other agencies on issues that might come up later in terms of, well, maybe you want the data for purpose X but do you really need it for purpose Y.
The proposed rule actually did deal with these, and we were very impressed, I think, just speaking for myself, with just how well drafted it was.
We basically just want to be on board as supporting this variety of health uses. We wanted to emphasize that this was important to the health of the population.
I think we often take it for granted when we pursue these matters. It never hurts for policy officials to know that the reason you are doing this is -- what the net good is that you are really hoping to get out of it. It is not just some statistical -- for the people who love data.
MS. GREENBERG: I have a question. As I admitted on the conference call, though, I would encourage the group to go forward, and I think it is a nice example of maybe not quite turning on the dime, but almost, that the small group from the subcommittee on populations or the subcommittee was responsive to a need and I appreciated that.
I haven't actually read the proposed rule. So, I acknowledge that. Does the proposed rule actually reference the health surveys conducted by NCHS and other federal agencies, and disease registries such as SEER?
MR. W. SCANLON: Yes, and I don't remember the NCHS surveys.
MS. GREENBERG: It references SEER but not the NCHS?
MR. W. SCANLON: I didn't remember the NCHS, but I do remember SEER. I think they mentioned the CDC survey.
DR. COHN: I think Marjorie may have to recuse herself, too, as a conflict of interest.
MS. GREENBERG: I don't vote. I thought, when I referenced this initially, I thought maybe it was going off a little beyond the scope of the rule. If these data bases are actually referenced in the rule, then I don't have that concern.
MR. LOCALIO: I would have to check again because it has been six days.
DR. STEINDEL: I think it has been a little less than six days, but it did specifically mention SEER and I do believe it mentioned, I believe, CDC surveys. I had to stop and think what they meant by that and I realized it was the NCHS surveys.
Just as an observation on my reading of the proposed rule -- and I am going to summarize this very succinctly as I sometimes do -- this was the intent of Congress, I think, when the passed part D, is authorizing the use of Part D data on medications for the exact same thing we use Part A and B for today.
So, it is really opening no new ground except to cover, as they discussed very eloquently in the proposed rule, this ambiguity that existed. It is an ambiguity and they are using regulation to close it.
MS. MC CALL: But the letter basically says -- if I understand, the letter basically says, we really like the rule, hurry up.
MR. LOCALIO: :Marjorie, yes, I found it on page 6-1-4-5-1, right column, on the bottom. Just to give you an idea, because this is the flavor of the proposed rule, it says, moreover, matching part D claims data with the surveillance epidemiology and end results, SEER, cancer registry, would enable additional studies of cancer treatment and outcomes.
So, that is the flavor of the proposed rule and the intention of the proposed rule, to open up new possibilities through the collection of data that can be shared and merged with other existing data sets.
MS. GREENBERG: So, it is in the context of linking the part D data with these other data sets.
MR. LOCALIO: Yes, that is correct.
MS. GREENBERG: Which actually the point made here I think is somewhat broader than that. The next point talks about linkage.
MR. LOCALIO: Well, it assumes that people are going to be using it outside of CMS. I am not sure that CMS has the capacity to do what has been done with the SEER data alone.
I would say most of the research done with SEER data is done outside the federal government and it is done on the basis of grants.
I anticipate that the purpose of the rule is to say we would be able to supplement those investigations by now allowing linkage with the SEER data set.
Actually, there is a SEER CMS data set that is already generated by CMS, and then used by investigators. This would be to supplement that. So, it is an add on.
MS. GREENBERG: I just wonder if it would be more in the context if you said the reinforcement of the utility of existing national data bases. it is not exactly clear.
DR. COHN: Can I break in at this point? I am really trying to stay away from word smithing, as I have pages of word smithing on this one.
Now my question is how to proceed. Now, this is the first draft of a letter. I see multiple places where I would like to see changes, including the fact that, in the first paragraph, it would be nice to have a little more standard language, as well as a statement that we are supportive of the rule.
I would like to see more privacy and confidentiality language infused into this, privacy protections, which I thought was where Mark was going to go.
All of that aside, the question is, yes, we could spend the next three hours word smithing this. I personally don't think that is a good use of the committee's time.
I guess the question is -- I really ask people for assistance in terms of how to proceed. We have a couple of options here.
I mean, we can basically approve in principle going forward with a letter supportive of the NPRM and asking that the NPRM be -- what was the term you used in the other letter -- the final rule be published speedily and with the same concept as this rule.
I think we can infuse some preamble language based on what I think Russ has done to sort of provide a little more support of that.
I think at the end of the day that is what we are really saying there. We are using words to sort of say, yes, we think this rule is a good rule.
Now, if that is the case, one option we would have is to I guess pass it in principle, ask the executive committee which I guess meets before December 18, to work with staff to get a word smithed version.
This would be something that maybe we would send out to everybody to make sure that we are not completely off course on all of that but, assuming that, ask them to be the final adjudicators of the letter, knowing that the point of the letter is to support this rule.
Now, is that something that makes sense for people? Is that the route you would like to go? Alternatively, we can read through this and sort of discuss each of the bullets or we can defeat it.
MR. ROTHSTEIN: I support your suggestion, Simon. this is not a letter that is presenting new facts. It is not a new recommendation developed by us that we need to hash out every word in full committee. It is really a statement in support of this NPRM and I think your proposal is certainly appropriate.
DR. COHN: Is there a motion?
MR. ROTHSTEIN: And therefore I so move.
DR. COHN: Is there a second?
[Motion seconded.]
Is there discussion? So, if this passes, what we will do, then, is ask staff to help us with the next version of this letter.
We will send out the version after I have reviewed it to the full committee for a final review and input, which then will be finally adjudicated by the executive subcommittee which is meeting hopefully before the 18th of December.
MS. GREENBERG: Fifteenth.
DR. COHN: Fifteenth, so just in time. So, any questions about that process as described?
MR. BLAIR: I just have one question with respect to when we vote. Is it advisable or appropriate for there to be identification of the folks that vote yes and the folks that abstain and the folks that vote no, so that there is a record?
DR. COHN: How about if we do it this way. Is there anyone here who is going to recuse themselves?
MS. MC CALL: Based on specific recommendations, I would stand recused on this particular one.
DR. COHN: Anyone else moving to recuse themselves on this one? Okay. Jeff, I guess what I will say is, if there are votes yes and no, then we will identify specifically the votes.
MR. BLAIR: That is fine.
DR. COHN: Okay, all in favor?
[Voices heard in favor of the motion.]
Opposed?
[No voices heard in opposition to the motion.]
Okay, and Carol, thank you for your recusal. With that, we are at 3:45. Now I guess I should ask, we obviously have standards and security up here.
Before we determine finally where the quality work group is going to meet, Jeff, will you be done by 5:00 or should we have that group continue?
MR. BLAIR: I would hope that we are done by 5:00 but you never know.
MR. REYNOLDS: Simon, we should be done by 5:00.
DR. COHN: Okay, so basically, standards and security meets up here, populations downstairs, then quality comes up here at about 5:00 to meet from 5:00 to about 6:00. We have dinner at 7:00 and there are instructions on how to get there. It is very close or at least central, I guess is better way to describe it.
MR. ROTHSTEIN: The privacy and confidentiality meeting for tomorrow morning has been canceled. The hearing will begin at 2:00.
DR. COHN: Okay, we have handled all letters except for the NPI letter. We have an hour and 10 minutes for that.
Now we have now, however, had a chance to talk about cross cutting issues and other plans like that, that I would like to do early in the day if we can. Are people willing to start at 8:30 with the assurance that we will be out by noon and maybe even a couple of minutes before?
Okay, so we will reconvene tomorrow morning at 8:30, for certain done by 12:00 noon, with privacy and confidentiality starting at 2:00.
MS. GREENBERG: We won't have any action items until at least 9:00, I would say.
DR. COHN: Yes, absolutely. We will talk about cross cutting issues first and then get to the action item after that. Okay, I want to thank you all. It has been a busy day, a full day, and we will see you for dinner. Thank you. The meeting is adjourned until tomorrow.
[Whereupon, at 3:45 p.m., the Full Committee meeting was recessed, to reconvene the following day, Wednesday, November 29, 2006.]