[This Transcript is Unedited]
Department of Health and Human Services
Hubert H. Humphrey Building
Room 705A
200 Independence Avenue, S.W.
Washington, DC 20201
Agenda Item: Call to Order, Welcome and Introductions, Review of Agenda - Dr. Cohn
DR. COHN: Good morning. I want to call this meeting to order. This is the first day of two days of meetings of the National Committee on Vital and Health Statistics. The Committee as you know is the main public advisory committee to the U.S. Department of Health and Human Services on health information policy. I am Simon Cohn, I am the acting chair today in John Lumpkin’s absence. I am the National Director for Health Information Policy for Kaiser Permanente and a practicing physician and obviously I want to welcome you. I want to welcome fellow Committee members, HHS staff and others here in person.
I also want to welcome those who are listening in on the internet. I want to remind everyone, especially since we have a number of new members, that this is being broadcast on the internet and therefore we would ask when you are talking to make sure to speak into the microphone so that they can hear and try to speak somewhat slowly so that they can understand.
Obviously this is a time of change for the Committee. We have six new members who have been appointed and four Committee members who are retiring. The new members, which four of the six are here today, include John Houston, who is at the University of Pittsburgh Medical Center. Stan Huff, who is Professor of Medical Informatics at the University of Utah and with Intermountain Health Care. Robert Hungate, who is with Physician Patient Partnerships for Health, and Russell Localio, who is Assistant Professor of Biostats at the University of Pennsylvania school of Medicine. And we obviously want to welcome all of you.
In addition, we have two other appointed members who are not here with us today. They are Peggy Handrich, who is Administrator for the Division of Health Care Financing for the Wisconsin Department of Health and Family Services. And Don Steinwachs, who is Barbara Starfield’s boss as I understand, who is Chair of the Department of Health Policy and Management at the Johns Hopkins University School of Medicine. And so obviously we want to welcome you all.
Leaving, having completed their terms, include Kathy Coltin, who is Director of External Quality and Data Initiatives for Harvard Pilgrim in Boston. Dan Friedman, Assistant Commissioner, Bureau of Health Statistics, with the Massachusetts Department of Health. Paul Newacheck, who is Professor of Health Policy and Pediatrics at University of California, San Francisco. And finally, Barbara Starfield, who is mentioned as a Professor of Health Policy at Johns Hopkins. We obviously want to thank them, thank you all for your service, I think we’ll also be seeing Barbara Starfield, if not later today than certainly tomorrow since she’s on the agenda.
I also did want to announce that we have one other sort of late breaking resignation that we did want to announce. This is Brady Augustine who we’ve been sort of honored to have on this Committee the last year. He’s with Gambro Health Care. He will be resigning the Committee at the end of December when he takes on a position at CMS as Senior Policy Advisor to the Administrator. So we obviously wish him well in this new role. We’re happy that he’s going to be active in the Committee until such time that he makes that transition but we did want to announce that change also.
Now with that, let’s have introductions around the table, and then around the room, starting with the Committee and people around the table first. Marjorie?
MS. GREENBERG: Good morning everyone and also welcome to the new members. I’m Marjorie Greenberg from the National Center for Health Statistics, Centers for Disease Control and Prevention, and I’m the Executive Secretary to the Committee.
DR. HUFF: I’m Stan Huff, Professor at the University of Utah in the Department of Medical Informatics and with Intermountain Health Care, where I work with the interfacing team and over the coded terminology group. I’m a new member and I’m happy to be here. Thank you all for inviting me.
DR. LENGERICH: Gene Lengerich from Penn State University and an on-going member of the Committee.
DR. STEINDEL: Steve Steindel, Centers for Disease Control and Prevention, liaison to the Committee.
MR. BLAIR: Jeff Blair, Vice President of the Medical Records Institute, and member of the Committee.
MR. HOUSTON: John Houston with the UPMC Health Systems.
DR. FRIEDMAN: Dan Friedman, Massachusetts Department of Public Health, retiring member of the Committee.
DR. MAYS: Vickie Mays, University of California, Los Angeles, continuing member of the Committee.
MS. TRUDEL: Karen Trudel, Centers for Medicare and Medicaid Services, staff to the Subcommittee on Standards and Security.
MR. CAMPANELLI: I’m Rick Campanelli, I’m Director for the Office of Civil Rights. I’m presenting here today.
MS. MCANDREW: Sue McAndrew with the Office for Civil Rights.
DR. NEWACHECK: Paul Newacheck with the University of California, San Francisco, retiring member of the Committee.
MS. BEREK: Judy BEREK from the Centers for Medicare and Medicaid Services. I’m the liaison to the Committee.
MR. HUNGATE: Bob Hungate, new member, Physician Patient Partnerships for Health.
DR. FITZMAURICE: Michael Fitzmaurice, Senior Science Advisor for Information Technology, Agency for Healthcare Research and Quality, liaison to the Committee, staff to the Subcommittee on Standards and Security.
MR. LOCALIO: I’m Russell Localio from the University of Pennsylvania School of Medicine. I’m a new member.
DR. HARDING: Richard Harding, I’m a child psychiatrist and a professor of psychiatry and pediatrics at the University of South Carolina School of Medicine, member of the Committee.
MS. COLTIN: Kathryn Coltin, Harvard Pilgrim Health Care, retiring member of the Committee.
MR. SCANLON: Good morning. I’m Jim Scanlon, I’m with the HHS Office of Planing and Evaluation, head of the Science and Data Policy Unit. I’m the Executive Staff Director for the Committee.
MS. IVER(?): Jackie Iver from NCHS.
MS. JONES: Catherine Jones, NCHS.
MS. CRUTE: Sherree Crute, I’m a writer for the Subcommittee on Populations.
MS. JACKSON: Debbie Jackson, NCHS, staff to the full Committee.
MS. HORLICK: Gail Horlick, Centers for Disease Control and Prevention, staff to the Subcommittee on Privacy and Confidentiality.
MS. JANES: Gail Janes, CDC, staff to the Quality Workgroup.
MS. MYRECK: Kathleen Myreck, Quadriment Corporation.
MR. BEFARCUS(?): Josh Befarcus, JCAI.
MS. HANDBY(?): Pat Handby, McKesson Corporation.
MS. KININE(?): Susan Kinine, writer for the Committee.
MS. MITCHELL: Ms. Mitchell, College of American Pathologists.
MS. PICKETT: Donna Pickett, National Center for Health Statistics, staff to the Subcommittee on Standards and Security.
MR. MANGE(?): Edward Mange from the Association of Matonna(?) and Chubb Health Programs here in Washington, D.C.
MS. FRASIER: Chris Frasier from the AAPC.
MS. PAISANO: Edna Paisano, Indian Health Service.
MS. HAWKE: Susan Hawke, ASPE.
MS. BEBEE: Susie Bebee, NCHS.
DR. YASNOFF: Bill Yasnoff, ASPE and staff to the Subcommittee on Standards and the Workgroup on NHII.
MS. WILLIAMSON: Michelle Williamson, NCHS and staff to the NHII Workgroup.
DR. FERRER: Jorge Ferrer, Medical Officer with CMS and staff of the Workgroup on Quality.
MR. BROWN: Joshua Brown from AMCHIP(?).
MS. KAMINSKY: Stephanie Kaminsky from the Office for Civil Rights and lead staff to the Privacy Subcommittee.
MS. LEON-CHISEN: Nellie Leon-Chisen, American Hospital Association.
MS. PROPHET-BOWMAN: Sue Prophet-Bowman, American Health Information Management Association.
MS. CLAUS: Linda Claus, American Health Information Management Association.
MR. EMERY: Jack Emery with the American Medical Association.
MR. BEBEE: Michael Bebee, American Medical Association.
MS. BICKFORD: Carole Bickford, American Nurses Association.
MS. GIANNINI(?): Lauren Giannini, Alternative Link.
MR. HITCHCOCK: Dale Hitchcock, staff to the Subcommittee on Populations.
MS. WHITE: Gracie White, NCHS.
DR. COHN: I think that’s everyone. Before we begin the Department update I just want to quickly review the agenda for the day and then we’ll sort of ask the question about whether there’s any conflict of interest which is a standard feature of these Committee and Subcommittee meetings.
This morning we’re going to begin with the Department update. This will be followed by Richard Harding sort of leading us on a first reading of a draft letter on privacy coming out of the Subcommittee on Privacy. In keeping with the process of the Committee, I think the intent will be that this will be a first reading today and then assuming that, we will take obviously whatever changes that need to the letter, revise it, and present it as an action item tomorrow.
After the morning break, we will begin as requested by the full Committee at the last meeting a discussion of issues and recommended next steps related to the hearings of the Subcommittee on Standards and Security held this year on ICD-10-CM and ICD-10-PCS. This discussion will continue on after lunch for at least some period of time.
After that Vickie Mays will be leading, and this is a change from the agenda. As you’ll notice there’s an 8:00 a.m. meeting that is supposed to be tomorrow morning related to, I guess it actually isn’t described well in the agenda, but what we’re going to be doing is having a discussion related to population issues that I think the Population Subcommittee has observed, transcend Subcommittee lines and I think Vickie wanted to take some time to bring this to the full Committee’s attention, and I think all the Subcommittees need to sort of take a look at these and see how it sort of works into the overall Subcommittee work plans. Vickie have I described this appropriately? Good, ok.
At approximately 2:30 we will have break-outs for the Subcommittees on Standards and Security and then on Populations and this will be followed at 4:30 by the Workgroup on the National Health Information Infrastructure. I believe there is a dinner for Committee members to both celebrate the new members and thank the retiring members at 6:30 this evening and I think Marjorie will have additional information later on that. Did you have an announcement you wanted to make on that?
MS. GREENBERG: You all know where it is but I’m not quite sure, we’re checking to see whether we need to get a head count and we’ll let you know how we can, it’s very close to the building but how we’re get going to get there, etc., but I encourage everyone to come.
DR. COHN: Now I do want to comment just briefly about tomorrow morning since tomorrow morning starts with Subcommittee meetings. And at 9:00 we have meetings of the Privacy Committee that go from 9:00 to 11:00, and the Workgroup on Quality. I would certainly, as I commented the 8:00 a.m. will be handled by our discussions this afternoon. New members, many of you I’m sure still trying to figure out what Subcommittees you may want to attend, are certainly welcome at any of these Subcommittees and you can sort of at your leisure determine which Subcommittees you want to be affiliated with, so I would certainly hope that you might attend at least one of those morning sessions tomorrow, whichever seems to align with your interests the best.
Now, having gone through that, we ask the usual question for the National Committee members themselves, which is are there, based on what we’ve talked about in the agenda today, are there any issues coming before us for which you need to publicly recuse yourselves? And we sort of open the floor.
Well, I guess I’m the only one then, and since I’m a member of the CPT Editorial Panel, I’m obviously going to be publicly recusing myself from discussions specifically related to CPT and procedure codes.
With that, Jim Scanlon do you want to start off with the Department updates?
MR. SCANLON: Thanks Simon. Well a number of events have occurred since we last met in September and I’m going to take a few minutes this morning to update the full Committee on those developments. Karen and Rick will update us on the privacy regulation developments and the HIPAA Administration Simplification initiative as well. So I’m going to discuss some other things.
In terms of personnel, as Simon just indicated, the Secretary has appointed six new members of the Committee and we welcome them all here today. We’ll be four members of the Committee as Simon indicated are will be leaving the Committee having finished their terms. We’ll have a recognition ceremony, appreciation ceremony after lunch today when we reconvene I think at 1:00.
Let me give you just a brief update on budget. I wish I could say that we have a clear picture but all federal agencies except the Defense Department are operating on Continuing Resolutions until the end of this week and then probably until well into January so agencies are looking at what they could do within the levels of the budget that they had last year and will be able to report hopefully more on that later.
On the NHII we’ve actually had some very positive developments and on the PMRI, clinical data standards as well and let me update this morning. On the NHII we’ve more or less begun to implement at least the spirit of the NCVHS recommendations. As I indicated previously we have appointed Dr. Bill Yasnoff as our Senior Advisor for NHII initiatives in ASPE. We’re happy to have him on a detail with us from CDC. We are also establishing kind of a departmental coordinating point for NHII activities in our office as well in ASPE. We’re thinking about a national meeting in June to bring everyone together on NHII issues and we’ll be pulling together and updating an inventory that we began a while back that tries to describe all of the NHII related activities that we have underway within HHS.
One other issue, we think we’ll probably be developing a web-site for communication purposes relating to various developments on the National Health Information Infrastructure.
On Standards and on PMRI or clinical data standards, in fact you’ll recall that our Consolidated Health Infomatics Working Group has been evaluating the NCVHS recommendations on the first suite of message format standards over the past few months. And they are now making some recommendations to our two councils here at HHS, our HHS Data Council and our CIO Council. In fact we’re doing that this morning and I think, with any luck, we’re probably close to agreeing on a set of standards that we would adopt at least internally in HHS relating to inter-operability for clinical data. It’s the same set of standards that we believe the VA and the Department of Defense will be adopting in their own programs as well for interchange of clinical information. So things are actually moving along fairly well.
It’s probably going to take more than one meeting and discussion in HHS but I think we’re well on the way now and the recommended standards have now reached a point where we can hopefully move them forward. They still have to go through a usual Department clearance so anything can happen obviously.
Also related to strategic issues, you’ll remember that we are revising and updating our HHS strategic plan. The committee members were asked to take a look at a draft and I want to thank you for the comments that you sent in. We’re now revising the strategic plan based on your comments. It’s still internal, I don’t think we’ve finished the revisions yet but we’ll share that revision with you.
You’ll remember that one of the objectives that we’ve now added to the HHS strategic plan is to promote the adoption and accelerate the development of the National Health Information Infrastructure so we’re bringing that together as well.
Let me report on a couple of things that are sort of moving through the process. You’ll recall that at the September meeting I reported that all federal agencies were required by a new law to post on their web-sites the policies and procedures that they use to assure the quality of the information that they disseminate to the public. This is related to the Shelby one and two amendments and as of October 1st all federal agencies, well almost all federal agencies, have posted their guidelines on their own web-sites. The HHS guidelines for ensuring the quality of information that is disseminated is on the HHS web-site at HHS.gov/infoquality.
There are basically two elements to these guidelines. Number one, we describe HHS umbrella policies as well as agency specific policies or what kinds of procedures that we use to assure that the information that we disseminate to the public is, and here I’m referring to substantive information, statistical, scientific, programmatic and so on, how do we assure the quality, the accuracy, the utility, and so on of that information. And that ranges from everywhere to peer review processes to internal review processes and scientific advisory processes. I think what I may offer to do is to brief the Committee at the next meeting on what those, overall how those overall guidelines are structured. Every agency in the federal government now has to have such guidelines.
The second part of the guidelines provides a mechanism for anyone who believes that the information that we’ve disseminated is in error or otherwise doesn’t comply with the guidelines. It provides a process for those individuals to write in to HHS or email and we have a process for dealing with those as well, including an appeal process.
We have a workgroup that’s monitoring these guidelines and how well they’re performing under HHS Data Council. Since October 1st, the guidelines were effective and we haven’t received any requests for correction yet, but we’ll monitor whatever happens in that regard.
A couple of other things. Recall that we’ve established a panel at the National Academy of Sciences to study the adequacy of race and ethnicity data, not only in our own Health and Human Services data systems but in the industry in the health care community at large. What’s needed, how well are we doing this? The panel is well underway, they’ve met twice. They will be having a workshop December 12th and 13th, Vickie I think is going to be our liaison at that meeting and Ed Perrin(?), I think many of you know that Ed is the chair of that panel, and John Lumpkin is also on the panel, so we’ll have a good liaison between the two.
And just two other quick things internal to HHS. We have moved our gateway, this is our electronic web-based gateway to Health and Human Services statistics to the HHS Data Council’s web-site, so we’re providing everyone an opportunity to get a look at that within HHS. I think again I’ll be happy to brief the full Committee on how that is structured at maybe another Committee meeting, but this is an attempt to pull together literally a gateway to HHS statistics and data. It pulls together most of our major data systems. It pulls together all of the pages from our, web-pages form our various agencies that include statistics, data, questionnaires, methodology and so on. It has a search capability so if you’re a sophisticated user you know exactly where you want to go. If you're looking for more of a browsing or search capability, we have that as well. You would just type in the terms that you’re interested in and it will give you all of the web pages we support, including other federal agencies and to some extent state governments as well on these topics. It’s still just the first version, version 1.0 probably, so it’s undergoing some revision but I think I’ll brief maybe the full Committee on that at another meeting.
And finally we’re updating our meta-directory of HHS data and statistical resources. This is basically our descriptive information about virtually all of our major data and statistical systems in HHS. It describes the system, tells you what kind of information is available, what kind of frequency of the data collections and so on. We’re updating it more to reflect the most recent additions and deletions. So let me stop there.
DR. COHN: Any questions for Jim? Jim, thank you. Karen, are you on next? Thank you.
Agenda item: Update from the Department – Date Standards – Ms. Trudel
MS. TRUDEL: Good morning. I’m going to update you all on some of the recent happenings with respect to Administrative Simplification provisions of HIPAA, with the exception of privacy, which Rick Campanelli and Sue McAndrew will address when I’m finished. Just to start out I’d like to close out a couple of items that I’ve been reporting on in the past and let you know how we’ve done with those.
The first is that of course the deadline for requesting the one-year extension under the Administrative Simplification Compliance Act, or ASCA, passed on October 15th. We did receive we believe about a half million requests. Most of those were received electronically through our web-site. About 50,000 we received on paper. We are currently in the process of keying in all those paper extension requests and we expect we’ll be done probably by the end of this month, then we’ll be able to clean the database up and begin to run some reports for the Committee to look at.
In terms of outreach we had set a goal for fiscal year 2002 that our regional offices would conduct outreach sessions in every state and they did do that. Very successfully, we’ve reached a lot of people. We have a 2003 consolidated outreach plan that’s under development right now. We’ll be rolling that out to some of our regional administration advisors later this week in New York and it will outline all of our audiences and messages and timelines that we want to reach in 2003. There will be a change in the message. Last years’ message was one of awareness, HIPAA is here, you need to look into it. This years’ message will be more technically oriented in terms of how we are going to help people achieve compliance at the end of this year. And we did have a very productive meeting with the Office for Civil Rights last week where we talked to them about finding some ways where we could coordinate and leverage some of our common outreach goals.
With respect to the HIPAA regulations, the modifications rule to the transactions and the security rule are still targeted for a publication in December, that’s on our regulations agenda for that month. And the provider and plan identifier and the attachments regulation are still in the review process.
Now I’d like to talk about enforcement a little bit because that’s sort of a new issue. In mid-October the Secretary announced that he was assigning responsibility for enforcement for the Administrative Simplification provisions of HIPAA, with the exception of privacy, to CMS and that CMS would also retain the enforcement responsibility for Portability or Title I, which we have had since 1996.
One of the first things that we have done mindful of the fact that CMS will be not only the enforcement body but also in Medicare and Medicaid a covered entity, is to establish a separate office that will handle this responsibility and we are, to the extent that we can, building a firewall around it to separate operational and enforcement responsibilities. This new office, which is called the Office of HIPAA Standards, will handle not only enforcement but also our other outlook functions. It will include the regulations and our liaison with the industry groups and it will also include all of our outreach functions. The new office Director will be Jared Adere(?) who is currently the Director of the Office of Operations Management where HIPAA responsibilities have resided up until this time and I’m lucky enough to have been asked to serve as her Deputy.
At this point, the enforcement process is envisioned to be one of, it’s going to be complaint driven. In other words, we will not at this point be going out and looking for people who are not compliant. We have set up a process, there is a complaint form that is currently on our web-site and I believe that at this point we have an electronic submission process on the web-site so that people can submit complaints if they want to. We have not received any to date.
What we expect once a complaint is submitted is that we will go back to the covered entity that has been complained against, find out whether, determine whether they submitted an extension request, ask them whether they believe they are compliant and if not, then that covered entity will have an ample opportunity to provide a corrective action plan that explains how they are going to get into compliance. Only if none of that succeeds would be begin to move forward to impose any sort of penalty.
I think that’s pretty much it. There has been discussion in the Department about an enforcement regulation, what it would look like, what would be in it, how there would be distinctions between Administrative Simplification provisions and privacy, and those discussions are still ongoing. So I have nothing to report there. Any questions?
DR. COHN: Ok, Richard.
DR. HARDING: Thank you for that good report. I’m Richard Harding. You mentioned that there were about 500,000 requests for extension. Do you know or have a guess at what the denominator is of that number?
MS. TRUDEL: That’s a really tough question. We don’t have a really good sense of what the denominator is. When we started out looking at this in deadly earnest in August when we saw the number of requests that we had, we were thinking that the denominator could be as high as two million, just judging from the total number of providers in the country, etc. What we found out after spending a lot of time on the phone with providers on our hotline, is that a number of them, a percentage of them that surprised me by its size, are not covered entities because they don’t conduct any paper transactions, I mean they don’t conduct any electronic transactions, thank you. And also we found that once we clarified the definition of a small plan and gave a number of people more clarity as to how they could measure themselves, a number of them fell out, too. So I believe the denominator is a lot smaller than two million. I’m pretty comfortable that we got an awful large percentage of the covered entities, but not all of them certainly.
DR. HARDING: Thank you.
DR. COHN: Are there questions? Michael and John.
DR. FITZMAURICE: You’ve got a tough job, Karen, responding to all the questions that come up. One of them is certain to be that you have a new office for enforcement, you have a firewall around it, will this office also provide national leadership on where HIPAA standards should be headed? And could that give rise to a conflict between administrative costs and benefits to the Medicare and Medicaid programs compared with the cost to other private sector institutions? I’m thinking specifically of things like secure email and secure web claims transactions, as opposed to EDI. Will you be providing national leadership in that office and do you think the conflicts between the program directions and what’s good for the nation can be resolved?
MS. TRUDEL: I would turn that right around. I think that while some people are saying that having CMS provide enforcement and be a covered entity is a conflict of interest, I think that there are really positive benefits to be incurred. I think the fact that we are very much aware of the impacts of various decisions and potential decisions and potential standards on a real life very, very big insurance company, or two of them actually, really informs the discussion rather than detracts from it. So I would say the fact that we’ve got a good grounding in how to run a health insurance plan is a benefit and not a detriment.
DR. DANAHER: Karen, I have three quick questions that fall into the bucket of I should know this but I don’t, so once again belying my ignorance. I knew that privacy enforcement was OCR and I knew that transaction and code set was CMS, I did realize security, so security enforcement is?
MS. TRUDEL: Yes.
DR. DANAHER: Secondly, you said sometime in December, the security regs are going to be published. Is it going to the same NPRM process of 30-day comment, 30 days to get into compliance?
MS. TRUDEL: These two regulations, the security regulation and the modifications have already been published as proposed rules so these would be published as final rules. There’s then, in the case of security because it’s a major rule, a 60-day Congressional review period, and then the two year implementation clock starts from that time because this is a new standard.
DR. DANAHER: Ok, so when’s the, privacy is April 2003, transaction code is October 2003. When’s security?
MS. TRUDEL: Covered entities can implement these standards whenever they want, up to the deadline. If we do publish at the end of December, then add two months to that, we’re talking about the end of February, and then two years to that, so it would be February 2005.
DR. DANAHER: That’s very helpful. Thank you.
DR. COHN: Other questions for Karen? Karen, thank you and I guess your new title is Deputy Director is that? Congratulations. With that Richard do you want to take the lead? And obviously thank you very much for coming and joining us.
Agenda Item: Update from the Department – Mr. Campanelli
MR. CAMPANELLI: You’re welcome, it’s good to be with you. I’m sorry my voice didn’t come all the way with me but I’ll do my best to make it through. And also Sue McAndrew, who is a Senior Privacy Analyst with us and has been intimately involved in drafting of the rules and also the guidance which I’m going to tell you a little bit more about is here. Kathleen Fyfe is in New York providing our regional staff with training, which is one of the capacity building things that I’m also going to talk about.
Let me just give you an update since the last time I was with you about two months ago I think, on what’s going on in the way of technical assistance and outreach. We received the Committee’s letter, we’ve looked at it carefully, and in fact it think it’s tomorrow afternoon, Subcommittee Chairman Rothstein is going to be with us and members of the Privacy Council to talk about some of the specific recommendations, I think things we’re working on as well today. And I think Dr. Lumpkin is invited to join us by phone and he’s going to try to be available.
The first thing just to go over some technical assistance, what’s happening in that arena. First I want to tell you that with the publication of the rule in August, we were then really free to turn our attention to these technical assistance efforts with the final rule in place. The first thing that’s going to happen, I was hoping to say here it is, but I’m about to say it’s about to be here, is the guidance, I really think in a short timeframe here, a matter of days, we hope to be able to get those guidance out. This is the technical assistance document that is going to replace the very well received prior technical assistance document that was on the web until July, just actually recently when we published the final mods.
It’s going to have a number of updated sections and a number of expanded sections. The updated sections are going to be general overview, discussion of minimum necessary, business associates, marketing, and research. And if you recall the format before except these are going to be expanded, there was an introductory section describing the rule and then a Q&A section on that. We’ll be looking to expand the Q&A in a lot of these areas.
In addition there are a number of new areas, incidental uses and disclosures, these are occasioned by the modifications, personal representatives, public health, and workers comp. So these are areas that we are, part of the way we did this, and the way we continue to look at how do we prioritize the guidance we’re putting out, is we’re looking if it’s coming in on the web, we’re looking at what we’re hearing otherwise, questions on our telephone line, and trying to see what are the greatest concerns out there. So this round we’re going to put out, we’re now looking to the next step which is what’s coming up next and we’re trying to prioritize along these lines. A number of things that we’re looking for as high considerations for the next steps in guidance is covered entity guidance and administrative requirements, what people have to do to comply with HIPAA in different areas.
That brings me to the targeted technical assistance we’re doing. When I was with you last time I mentioned that we had a major technical assistance contract that we’re letting which we are pursuing aggressively now. We are interviewing the contractors and these are going to be targeted to certain areas. The targeted areas we have are health care institutions, non institutional health care providers, health plans and group health plans, health care clearinghouses, consumers and state and local health departments. And then there are subsets within each of those areas that we’re going to be focusing on. We’re going to be producing for each of those depending on what we would think would be helpful in each of them, either a descriptive paper or pamphlet, checklists and summaries of what the law requires. And what we’re hearing from the public are the important issues that are relevant to each of those targeted groups.
We’ve posted now on the web-site, and you can get it there, an integrated copy of the regulations itself, which incorporates the modifications and we’ve gotten a lot of good feedback and relief about that. We have also posted a set of FAQ’s, and these are miscellaneous FAQ’s, they’re not delayed to put in the context of a specific set of guidance and what we’ll be doing is we’ll be updating them as well as we’re hearing specific topics of concern that may not fit into a generalized area but we think are really helpful to a broad segment of the public.
In terms of capacity building and outreach, I mentioned that Kathleen is up in New York right now. For the last, prior to the issuance of the modifications, prior to April last year, we had conducted a significant series of trainings for our staff in the area and the idea here is to build the capacity of OCR to be able to do outreach in this phase and so we have been doing that. And now we are also going to the other five regions to provide two-day comprehensive training. We’ve invited in all our specialists in for a really, the graduate level training in this area. So we feel like we’re making good headway both in building our capacity to be able to deal with the compliance issues we’ll have to deal with. But especially in this phase to be responsive here and in the regions to questions that are coming in. And we are fielding questions and referring questions out to the regions now and so I think this is establishing process where we’re able to be responsive and we’re going to be building on that capacity.
We’re also working, Karen had mentioned that we met last week with CMS. We’ve done a number of things which I think have been really with CMS. Really the privacy rule I think has provided a new opportunity for us all to work together, not just CMS and OCR but other elements of the Department. I’m just going to briefly touch on those. We have participated in regional conference calls that CMS has had, many of those reaching one or two thousand people, up to two thousand people at different times. And it reaches, it expands the range of significant and complex institutions to small health care providers and we’re happy about that because we really want to be able to do that.
I’ll just mention some of these things because you didn’t. Sue Mess(?) has produced a variety of privacy guidance materials on it’s web-site. We’ve gotten a lot of good feedback about the covered entity chart that OGC helped prepare and is available both on the CMS web-site and our web-site. And we’re thinking a lot of the fundamental questions, we’re seeing that a lot of the fundamental questions that we’re getting from the public and from covered entities, we can, these are helpful tools. We’re going to be enhancing that as we said in the guidance we produce.
We are also preparing, we’re trying to leverage our sister agencies as well, and with their willing requests and so we are preparing a series of slides to work with CMS presentations, because we believe that a lot of the folks in the public, they’re not saying gee, I wonder if CMS can help me or OCR can help me, or HRSA can help me. They’re just saying help. So we’re coming out there, we’re going to be able to coordinate with each other, at least so that we can provide the basic information we need in a format we think that’s going to answer a lot of people’s questions and be more efficient.
I’ll just briefly touch on these, AHRQ and NIH, CDC, FDA, OCR of course, and SAMSA(?) and HRSA, are all producing materials, all available, or to be available on their web-sites. SAMSA for instance in addition has provided four technical assistance conferences to the states in 2002 and is developing a series of audio conferences. And HRSA recently sponsored a meeting of National Governor’s Association at CMS and OCR leadership participated in really a dialogue with the state and local, mostly state level but also county level public officials addressing their concerns and hearing their concerns as covered entities with compliance issues, preemption issues, and similar issues. So we really are, and we’re looking to continue that engagement and we think there are good opportunities to do that. We’re engaging in a process to see how we can most efficiently identify what these various opportunities are and use our resources in that way.
Also I mentioned last time and these are now in progress looking like they’re going to happen likely in late January or February, the Secretary, the Regional Directors, the Secretary’s representatives in the regions, are collaborative with often mostly Universities to provide a one, possibly two day, likely one day conference on the privacy, that OCR primarily will staff. It will be a full day conference leveraging the University’s ability to reach out in those areas, sometimes doing video conferencing to reach out to their networks in an area, hopefully being able to reach out to again, across the spectrum, of larger and smaller entities as we hear needs in different regions and different sizes of entities and we can be more responsive.
I think that’s really where we are right now. As I said we appreciate the letter we received from you all. We know we’re going to hear more. When I was here last time we invited and I’m looking forward to receiving your specific recommendations about how we can target these efforts. I hope I am able to convey that this is a matter of very extremely high priority to us and we’re going to continue to do everything that we can to try to make this public education work.
DR. COHN: Richard, thank you. Sue did you have a comment? No. I obviously want to thank you for coming, especially given that your voice is giving out a little bit here. And I think we’re all aware that there’s a lot to be done in a very short period and Richard know that you have our support and we’re looking to try to help in any way we can. Are there questions from the full Committee? Richard?
DR. HARDING: I was just going to say that those plans and the actions that have already taken place are very positive and very good to hear and I know that you all with, again, with limited resources as the Chairman was saying, have been able to do this in a short period of time and I’m very pleased with how those things are going.
DR. DANAHER: Mr. Campanelli, as a member of the Subcommittee I just wanted to, the Working Group on Privacy, I just want to bring up, not to usurp the meeting you’re going to have with Mr. Rothstein, etc., but I just wanted to bring up one theme that I think came up, that I think a number of us felt had merit. I think it would be a good way of framing a lot of these outreach efforts that you’re saying, talking about. I think that there is, as much as OCR in their outreach efforts can frame April 2003 as the launching date, as the starting date, rather than, I think the impression that communities, covered entities, hybrid entities, etc., have is how much can we cram in between now and April 2003 to get us where we need to get to. I think if we can change that image of April 2003 being the drop dead date to be more how can we lay a solid foundation for this privacy work which is going to be with us going forth, this is not a one time administrative fix, with transactions and code sets that you’ve got to hit this date and then God be with you if you don’t hit it. This is how can we, how can April 2003 really be the start date, the launching date for all the good things that we want to build on going forth. Just a plug for that.
MR. CAMPANELLI: Thank you. I might just comment on that. You’re right, we’ve tried, that’s good advice, but as I take it in, we are really, we’ve tried to say that, and I think you all have said or are making the point, that start date and that mindset change, it happened a while back. We are in the process of now, in December 2000 the first rule we came out, while the modifications came out early in August, we’re in the process now, and as we communicate about this, we are required to emphasize the April 14 date because of course that’s when the obligations to comply arises with the privacy. But we have really tried to emphasize this point. This is an on-going, this is not just something that you pay attention to for a little while and it goes away, that many, many of our providers out there and covered entities, are already doing it because they care about privacy. They’re already doing a lot of these things. But this is going to formalize and regularize that, so there’s a sense in which we’re already saying what you’re saying and beginning to say it. There’s a sense in which we are obligated to emphasize the April 14th date and we’re doing that. And as we do that we also try to emphasize what our philosophy, and really what the rule’s requirements are, in terms of our enforcement and continuing efforts to promote voluntary compliance. So I think we are trying to say all those things and if you could figure out how to get them into a sound bite it would be great to do it. But I appreciate your input on that and those are important concepts.
DR. COHN: Other questions and comments from the full Committee? Well Richard I want to thank you very much. As you know we’re going to be discussing a letter coming to you and we’re obviously to note that there will be follow up, it sounds like at the end of the day tomorrow on that letter and other issues that we’ve identified. Obviously we look forward to working with you closely as the implementation continues.
MR. CAMPANELLI: Thank you very much, it’s great to be with you this morning.
Agenda Item: Draft Privacy Recommendations -
Action Item Nov. 20th – Dr. Harding
DR. COHN: Now we turn to the next agenda item, and this is Richard Harding, you’re taking the lead on this. Hopefully all of you have the most recent draft of the privacy letter. I guess as I look around, do all of you have the most recent draft of the privacy letter?
MS. GREENBERG: We do have extra copies if anyone needs one.
DR. COHN: This should be a letter that most of you received sometime after noon California time yesterday. I picked it up on the way out from my office. Given that this particular version as I said is so hot off the presses, I’m actually, even though Richard is a little resistant to this, I’m actually going to ask him to read it, both for the Subcommittee, for the full Committee so we can appreciate what it says as well as those on the internet who haven’t even seen a draft of this. However, given the length of it which luckily at least in this version is not ten pages, is only seven pages, and of the fact that we only have one hour for discussion, I’m actually going to divide this discussion into sort of two different pieces. One is the actual letter itself, and I’m actually just going to ask Richard to read the letter because I think that is, there’s less controversy and I think there’s less reason to potentially modify that. And then we’ll spend a little more time going through the specific recommendations, where there may be more issues or concerns. Obviously the purpose of the next hour is to go through the document, identify issues that the full Committee feels need to be changed or modified, so then we can bring back a finished letter for action tomorrow. So once again, this isn’t, this is not an occasion for everybody to argue every fine point, but if there certainly are things that you feel that are off the mark or in appropriate for a letter to the Secretary, we need to hear from you about that as we go forward. Is everybody ok with that process? Richard, do you want to take the lead here?
DR. HARDING: Thank you Mr. Chairman. The Subcommittee on Privacy and Confidentiality composed of Mark Rothstein, chair, Simon Cohn, John Donaher, Richard Harding, and Kepa Zubeldia, met on several occasions and we have come forward with a draft letter for the Committee to the Honorable Tommy G. Thompson, Secretary. I will be delighted to read it because it’s self explanatory I think and explains the process by which we came to these recommendations for your information. So with your indulgence, I will read the letter at the present time.
Dear Secretary Thompson: As part of it’s responsibilities under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the National Committee on Vital and Health Statistics (NCVHS) monitors the implementation of the Administrative Simplification provisions of HIPAA, including the Standards for Privacy of Individually Identifiable Health Information (Privacy Rule).
On September 27, we wrote to you with preliminary findings from the hearing in Boston on September 10 and 11, 2002, held by the Subcommittee on Privacy and Confidentiality of the NCVHS. This was the first of three hearings scheduled to learn about the implementation activities of covered entities. The Subcommittee has completed its other two hearings in Baltimore on October 29 and 30 and in Salt Lake City on November 6 and 7. In all, the Subcommittee heard testimony from over 70 invited witnesses and other individuals during public testimony. The witnesses represented a broad array of health care providers, health plans, professional and trade associations, state agencies, public health authorities, health information associations, healthy privacy advocates, and experts on health education and communication.
In general, the witnesses at the Baltimore and Salt Lake City hearings reinforced the views of the Boston witnesses we noted in our prior letter. The NCVHS found widespread support for the goals of HIPAA and the privacy rule. The August 2002 amendments were viewed positively as reducing some of the unnecessary burdens associated with the privacy rule. Witnesses praised the clarity and utility of the Guidance and Frequently Asked Questions (FAQ’s) issued by the Office for Civil Rights (OCR). Publication of an integrated text of the privacy rule was mentioned by some witnesses as being extremely valuable. Other witnesses lauded the OCR web-site.
Despite these positive comments, the tenor of the testimony at the two later hearings was virtually identical to that which we described in our letter after the Boston hearing. There is an extremely high level of confusion, misunderstanding, frustration, anxiety, fear, and anger as the April 14, 2003 compliance date nears. The OCR is widely viewed as not providing adequate guidance and technical assistance. In particular, numerous witnesses lamented the lack of model notices of privacy practices, acknowledgments, authorizations, and other forms. Many witnesses also complained that general guidance was of limited value because of their special industry or professional circumstances. Witnesses conveyed a great sense of frustration that they could not obtain any clarifications from OCR or answers to the questions they submitted via OCR’s web-site.
A large number of witnesses said that issues of preemption made compliance much more difficult, costly, and complicated. To determine whether state privacy laws or the HIPAA privacy rule applies to the multitude of health privacy issues, covered entities must obtain a comprehensive “preemption analysis,” detailing whether state or federal law applies. These analyses are often lengthy documents, expensive to research, highly technical, and not binding on any enforcement agency or the courts. Large, multi-state covered entities need to have such an analysis for every jurisdiction in which they do business. There is no national coordination on the issue or preemption, and state and local efforts vary widely in their degree of completion and, for those already completed, in the cost to obtain copies. A related issue involves conflicts and overlaps between HIPAA and other federal laws dealing with privacy, including Gramm-Leach-Bliley, the Family Educational Rights and Privacy Act (FERPA), the Privacy Act, and other statutes and regulations.
The lack of clarity on compliance responsibilities, the unavailability of free and authoritative model forms, and the absence of widely available training materials have left many covered entities lacking the wherewithal to come into compliance. Several witnesses described the aggressive efforts of numerous vendors and consultants to fill this vacuum by offering implementation assistance. Covered entities testified that they have no way of judging the accuracy of the information they are being given or the necessity of the expensive measures some vendors and consultants have urged them to adopt to become “HIPAA compliant,” such as redesigning their facilities or replacing their computer systems. Some witnesses said they would like a system of certifying vendors and consultants or some other way of assisting covered entities in determining when such services are needed.
Several witnesses estimated that well below half of all small providers had made any effort to comply with the privacy rule, and some have no intent to do so. One witness reported that some rural providers have given up on compliance and adopted the position that “I can’t do this, let them catch me.” Even more troubling are the potential adverse effects on the health care system. Some witnesses said that some Medicaid and other “safety net” providers may drop out of the system of providing care to indigent patients because they cannot afford to absorb the costs of complying with the privacy rule, and there is no way to pass along the costs. One witness, an administrator of a large oncology group, in this area by the way, said that the difficulty and expense of HIPAA compliance had caused her practice to abandon the use of electronic billing and to go back to paper claims to avoid being a covered entity.
Fears surrounding HIPAA also featured prominently in the testimony. Witnesses were very concerned about the possibility of overzealous enforcement by OCR as well as private lawsuits, both of which were viewed as costly to defend. Other witnesses reported that the fear of violating HIPAA already has resulted in negative health outcomes, including the providers’ refusing to share patient medical information that would be helpful in treating another patient and a decline in mandatory or permissive reporting of essential health data to public health agencies, tumor registries, and other entities.
Another important part of the compliance picture is the need for education and training. Millions of health care workers will need to be trained in the next few months, but there is a dire shortage of expertise, materials, and funding. Overwhelmingly, witnesses said that generic training will not work; to be successful it must be customized by industry, entity, and job description. In addition, consumers have received virtually no information about HIPAA, and it will be difficult for them to understand the basis or context for the myriad notifications, acknowledgements, authorizations, and other forms with which they will soon be presented. Public education is complicated by consumers’ varying levels of education, cognition, and language proficiency.
Some of the most promising testimony received by the Subcommittee came from state and regional coalitions of covered entities and professional associations, which have often succeeded in advancing implementation for their members. Unfortunately, there is no federal interface or coordination with these groups, and the number of covered entities reached by them remains relatively low.
Complete versions of the testimony from the hearings have been posted on the NCVHS web-site. This letter contains some key findings drawn from the testimony. Our recommendations for implementing the privacy rule are detailed in the accompanying attachment.
The additional information derived from our last two hearings reinforces the view we expressed in our letter of September 27, 2002, that unless prompt vigorous action is taken to ensure that implementation goes smoothly, the public acceptance and viability of the entire privacy rule will be threatened.
We appreciate the opportunity to offer these comments and recommendations.
Sincerely, John R. Lumpkin, M.D.
That’s the conclusion of the three-page draft letter to Secretary Thompson.
DR. COHN: That obviously doesn’t include the recommendations. Anybody decide to just take a break for a second, not from the reading, but basically to see if anybody has any comments, questions, or feels the need to make further modifications, or suggest further modifications, to this part of the letter. As I said, I think this is relatively non-controversial, somewhat strong but I think it goes along with our first letter. Do you have any comments about this or should we move on to the recommendations? Mike?
DR. FITZMAURICE: The third to the last paragraph that starts with some of the most promising testimony came from state and regional coalitions of covered entities. Unfortunately, there is no federal interface, and the number of covered entities reached by them remains relatively low. The thrust of the paragraph seems to be that with the federal interface they could reach more providers, or the thrust could be they need federal interface to make sure that the message they’re communicating is clear. Are those both intentions of that paragraph?
DR. HARDING: I believe so. Stephanie you could help out with that.
MS. KAMINSKY: Yes. Definitely. Those are both intentions of that paragraph, yes.
DR. COHN: Other comments?
DR. MCDONALD: I guess just to summarize, and this is from the past discussion we had, it appeared from the testimony that lots of people are worried about the process, there’s fear and trembling among the people in the world. That’s how I kind of read it. I bring that up because the recommendations don’t always parallel, I don’t think that the tone of the letter was a suggestion we have to worry about. The fear and trembling was not about privacy access violations, the fear and trembling was about paralysis or difficulty with implementing the privacy rules.
DR. COHN: Stephanie, comment?
MS. KAMINSKY: I’m not, I see what you’re saying, the recommendation tone is more about paralysis for not –
DR. MCDONALD: I think some of the recommendations don’t seem to deal with that issue, but seem to deal with potential for inadequate privacy.
DR. COHN: Maybe we should take a look at the recommendations since this is really a recommendation issue. Are there any other comments related specifically to the wording, since the letter itself, none of this comes in, there’s 40 different recommendations, 39 different recommendations, and we have followed sort of the cover letter.
DR. SHORTLIFFE: Suddenly I’m going to pay attention to this, but I think the word or is supposed to be for or in, paragraph in the middle of page two, very last sentence. Just a typo, vendors and consultants for some assisting covered entities in determining, when such services are needed.
DR. COHN: Actually I think it probably is or.
MS. GREENBERG: They would like a system of certifying vendors and consultants, or some other way of assisting covered entities.
DR. SHORTLIFFE: Or, that needs some clarification, that’s a little hard to read that way.
DR. COHN: There needs to be a comma there or something on that level. Punctuation issue. Richard why don’t you move on to the recommendations? I guess, once again recognizing that we have 40 of them. I believe we can go over them in groups related to the Roman Numerals. Is that ok?
DR. HARDING: That would be fine. Would you like me to read the recommendation and the back-up paragraph on each one or just the recommendation just for the sake of time? I’m glad to do either.
DR. COHN: I think you need to do both. And if your voice gives out we can have Stephanie assist maybe with some of this. This is sort of tough on a lot of wording there.
DR. HARDING: Ok, I will then begin with the Addendum to the letter, recommendations, this is titled National Committee on Vital and Health Statistics, Recommendations for Implementing the HIPAA Privacy Rule, and says note: the principle recommendations that NCVHS indicated by bold type face are based on their significance and feasibility, as well as a recognition of resource constraints.
Number I, and there are I believe about five sections. First section is titled Organization, and the recommendation number one is, the Secretary should consider establishing a HIPAA Office, at the level of the Office of the Secretary to coordinate efforts among CMS, OCR, HIS, HRSA, and other HHS entities. Problems in coordinating agency efforts, already beginning to surface, are likely to intensify as all of the elements of Administrative Simplification come on line.
Number two. OCR needs to work with CMS to coordinate education, outreach and technical assistance. That is the first section Mr. Chairman.
DR. COHN: Ok, comments or questions?
DR. HARDING: I think we heard this morning from Director Campanelli that some of these things are beginning to take place already and that was very good to hear.
DR. LENGERICH: I’m a little bit confused on the issue of why some of these are bold and some are not bold. That opening sentence there says that they are based on significance and feasibility, so what exactly does that mean? Are these the most significant and most feasible?
DR. HARDING: It was an effort to prioritize, of the 30 some, which ones were felt to be of the highest priority. And Stephanie I’m sure could add to that, but is that basically the?
MS. KAMINSKY: Yes, the bold is an effort to prioritize, I’m not sure now that you point it out whether that note actually captures that totally. That was reworded at some point and I’m not sure, I think something might have gotten lost in that rewording, so we can try to put something in about, if you agree with these priorities, try to say something about the fact that the bolded recommendations are the ones that were not the highest priorities, but those priorities were based on significance and feasibility.
DR. LENGERICH: I think that some clarification of how we got to that process of identifying these priority ones needs to be added in there.
DR. NEWACHECK: It seems kind of strange to me to use this bolding technique, I mean it makes it look the non bolded ones are not important, or maybe could be ignored, and something like the second one here seems like an important and easy one that would be feasible and that is feasible certainly. It just seems like an odd kind of process for a letter.
DR. COHN: Stephanie, do you have a comment?
MS. KAMINSKY: Well, earlier we addressed something to the affect of, we all believe that the other non bolded recommendations have merit, so we could either reinsert that or we could take out the bolds.
DR. DANAHER: Let’s take out bold, I just think it’s just not accepted. I mean if we want to summarize the top priorities --
DR. COHN: I guess I would just sort of ask, Richard, based on what we heard in terms of testimony, which appear to me that OCR and CMS are beginning to coordinate better, at least that’s what the Department update seemed to indicate. As an issue here, do we need a HIPAA Office or do we need better coordination? I guess I would just sort of ask that question.
DR. HARDING: From the discussion of the Subcommittee I think that it was the feeling that there should be one office, and that would be a recommendation of the Subcommittee.
DR. FRIEDMAN: Richard, I don’t care whether it’s bold or italicized, underlined or in bright red print, but you do have, there are five pages of detailed recommendations and I think unless there’s some way of clearly indicating which are essentially the topic sentences for the most important recommendations, there are going to be many people who will want to read them that are going to get lost after the first page.
DR. COHN: A lot of folks after they read through would know to handle the bold. Do you have a comment?
MR. BLAIR: In our letter where we’re asking for the establishment of a HIPAA Office, in January the NCVHS asked for the establishment of an office reporting directly to the Secretary to coordinate the National Health Information Infrastructure, which of course included HIPAA standards. Is this a different office? Is this a subset of the Office that would enable NHII or how does this relate to the office that was called for NHII?
DR. COHN: Richard, do you have a comment? I think they’re separate myself, but maybe you have a --
DR. HARDING: That would be my impression but I don’t know how to answer that.
MR. BLAIR: I would have a concern if they are separate, why should they be separate?
DR. HARDING: The comments from many of the testifiers were that having two sources of enforcement, it’s like there’s no 1-800 number to call and that the coordination of security and privacy and so forth has to be very closely worked out so that having one oversight group would be most hopeful. That was kind of where it came from.
MR. BLAIR: My concern is that we might be fragmenting requesting offices for different things. Can we give some consideration to referencing the request that we made for an office that would coordinate the development of an NHII? I would think that this would be a function that would be part of an overall NHII office. And I sort of feel like we’re winding up with uncoordinated recommendations if we don’t reference that and indicate relationship of this office, too, the NHII Office.
DR. COHN: Dan Friedman, Marjorie.
DR. FRIEDMAN: I would argue for clearly indicating the relationship to the NHII office but I would be concerned that an NHII office, if given these responsibilities, have it’s direction taken from away from the more strategic issues and placed much more on day to day operational issues and have an operational burden, and that would really force digressions from the long term agenda.
MS. GREENBERG: I want to make two comments I guess. One is that I think we’ve heard back from the Department that in regards to the recommendations for an NHII office, they have established a session or at least the opposition on detail for a kind of special advisor on NHII and to coordinate NHII activities, but not an office. So you could ask the Department to revisit that, but given the way that the Department has responded at this point I don’t think you would want to burden this senior advisor function with HIPAA issues as well. And I think in both cases, probably what the Committee is trying to convey is the need for some oversight and policy guidance of these related activities, as opposed to shifting enforcement for privacy up to the Secretary level, or enforcement of Administrative Simplification itself, I think you can probably accomplish the same thing by articulating what is needed and whether it be an office or be a function of the data council or with a special assistant in this area as well as one in the NHII, I think you could think in terms of that but I think given the way that the Department currently is addressing the NHII recommendation I would agree with Dan that to encumber that with this as well would probably be not, would be problematic.
DR. COHN: I think, I’m assuming that we would probably ought to, unless there’s support otherwise, I think we publish and try to keep these things separate. My own view obviously is that the HIPAA pieces are necessary for NHII, but NHII really builds on top of HIPAA, we probably ought not to try to merge them at this moment. Maybe in future years they will because of similar interests, they will merge, but probably not today. Dan, before we start moving down the list, I see we have 39 of these, we may have to skip lunch here.
DR. HARDING: I agree with this, but I also think that Jeff’s point about making explicit relationships to the NHII is very well taken and should be referenced in there, we’re meeting again before coming back with this and we’ll try to incorporate those into the final document.
The next group of 15 recommendations is around technical assistance, and I will begin with number three. OCR should establish covered entity teams to assist the various industry and professions with their unique compliance issues. The assignment of a designated staff person for each major profession and industry would permit ongoing and closer contact between OCR and health professional and industry groups that could result in among other things, compilations of valuable compliance materials for the OCR web-site, identification of specific issues for FAQ’s, and OCR presentations at meetings of the relevant groups.
Number four. OCR should establish teams to assist state governments in determining which of their programs are covered entities under HIPAA. Many of the state programs are HHS grant and aid programs and HHS has particular expertise and interest in the programs. OCR also can provide other coordination and assistance to states in complying with the privacy rule.
Number five. OCR should focus it’s technical support on “fragile providers” including community health centers, rural physicians, Medicaid physicians, Advanced Nurse Practitioners in rural areas, and solo or small group practitioners. Large health care entities such as large hospitals, have made considerable progress in their implementation efforts. Many individual practitioners, those in small groups and other providers outside of acute care hospitals, have taken few if any steps to comply with the privacy rule. Health care providers treating indigent populations lack the time and resources to achieve compliance and should be a primary focus of OCR assistance.
Number six. OCR should address the use of "defensive practices" of covered entities. There is considerable misunderstanding about the requirements of the privacy rule and concern about possible HIPAA liability and causing some covered entities to restrict the uses and disclosures of essential protected health information when doing so is permitted under HIPAA.
Number seven. OCR should publish the list of no cost and low cost compliance measures. Many covered entities are convinced that everything associated with the privacy rule is expensive. Publishing a list of no cost or low cost measures, such as placing charts face down in the racks outside examining rooms, should promote at least some compliance measures by all providers immediately, and get them on the road to fuller compliance in the future.
Number eight. OCR should post answers to questions within 30 days. Part of the frustration in complying with the privacy rule is that OCR has not been able to respond to the tens of thousands of questions that it has received. At the end of 30 days covered entities cannot afford to wait any longer and must attempt to find their own answers to problems. If OCR begins conference calls, web seminars and other outreach efforts detailed in this document it will not need the FAQ mechanism to learn what issues are of concern to covered entities. The questions submission feature on the OCR web-site needs to become a timely, meaningful part of outreach, or it should be dropped altogether. The current arrangement has created a great deal of bad will.
Number nine. OCR should assist in the coordination and publication of state preemption analysis, including putting state specific preemption analysis links on its web-site. OCR also needs to publicize and inform covered entities about the underlying preemption principles of HIPAA and the privacy rule.
Number ten. OCR should publish an analysis of other federal laws that may overlap with the privacy rule, setting forth how to comply with multiple privacy requirements simultaneously. That is Gramm-Leach-Bliley, FERPA, Federal Substance Abuse Regulations, Privacy Act of 1974. HHS should recommend legislative amendments and technical corrections where it would be difficult to comply with two federal privacy laws simultaneously.
Number 11. OCR should recognize that most physicians and health care providers have never heard the message that the Administrative Simplification provisions, including the privacy rule, are part of an effort to save ten percent of the costs of billing and related transactions. Making this information part of the message to providers may increase their willingness to make the effort needed to comply with the privacy rule.
OCR should revamp its web-site to provide for greater segmentation, including by professional, industry and state. Numerous links should be added to professional groups, provider associations and state-wide coalitions. A disclaimer that these other sites are not official would not diminish the value of supplying this information. HHS should also ensure better coordination of all its web-sites containing HIPAA related information.
Number 13. OCR should tailor FAQ’s to be more responsive to the needs of specific entities, professions, and groups, such as long term care facilities and academic medical centers. Answers to FAQ’s with special relevance to particular covered entities should be posted on the segmented web-site described in recommendation 12.
Number 14. OCR needs to provide more examples, decision trees, diagrams, and matrices. Any visual aids to summarize the complexities of the privacy rule would increase comprehensive. OCR needs to train regional OCR staff so that they can serve as a definitive resource, working with local groups on state specific compliance issues and relieving some of the burden from the OCR national office.
OCR should continue to sponsor train the trainer programs. With millions of health care providers and other individuals to train, these programs will leverage OCR efforts.
Number 17. OCR should publish a list of compliance issues on which vendors and consultants may be valuable. Covered entities are extremely concerned about wasting money on worthless consultation services. They would like some way to evaluate whether such services are necessary. Although it is impossible to have OCR certify vendors and consultants, some guidance on how to know if you need outside help would be easy to do and valuable. Ideally OCR produced documents will replace the need for consultants for simple compliance measures.
And number 18, the last one in this section, OCR should provide on-site assessments of compliance. A comparable program of OSHA on-site consultation provided by state agencies and contractors under the auspices of federal OSHA has been successful. Getting a clear in person ruling on the type of measures needed could save considerable time and expense for covered entities.
Mr. Chairman, that’s the end of the technical recommendations.
DR. COHN: Ok, comments, questions, John?
DR. DANAHER: Simon, could we just revisit number 11? I’m forgetting a little bit of how we came up with that one. And what I’m specifically getting at is --
DR. COHN: The ten percent.
DR. DANAHER: Just in terms of the privacy, in terms of the transaction code sets, I’m totally there and totally appreciate that. I just wonder whether, I don’t remember hearing in the testimony or ever coming across anything that anyone is making claims that the privacy rule is going to save money. Is that what it says?
DR. COHN: I’ll speak for Richard on this one. I don’t think the intent of that piece is that the privacy will save money, it’s more the total package together of which privacy is an intricate part.
DR. DANAHER: Right, but I guess the flip side is, I think we heard plenty of testimony, specifically the folks from Yale and others that came and talked about how the privacy rules were actually quite an operational expense. So I guess I’m questioning the integrity of number 11.
DR. MCDONALD: Speaking of the same point, I think 11 could, I don’t think anyone’s proven any of this is going to save money, and what we hear from other testimonies that people are complaining about regular HIPAA things is costing money. So I’m fearful that this will just increase cynicism rather than have any reassuring value. I would take it out.
DR. COHN: I see a lot of people nodding their heads. I guess I’m going to suggest we remove the entire, the whole 11, rather than even trying to wordsmith it. Everybody, Robert?
MR. HUNGATE: I had a different need in listening to these. I feel the need for a grouper. As I look through the recommendations it seems like some are close to others, but they’re not organized in the same place. So I feel like related recommendations could be put together and increase the coherence of the recommendations. For instance it seemed like three, 12 and 13 were very closely related. Seven and 17 are closely related.
DR. COHN: Ok, so I guess what you’re suggesting especially given that we’re not going to have bolding in all of this stuff, we need to come up with a better way of putting this all together so it doesn’t look like 10 pages of on and on. Are you going to be at the Privacy meeting tomorrow morning? I was just going to suggest you might think about the grouping and provide them either to Stephanie or to Richard or join us at the session tomorrow morning. You can provide it to them before, whatever you think the organizing principles are, but I agree with you. Clem?
DR. MCDONALD: I have trouble with item seven. Not that we should try to come up with no cost, low cost but actually I don’t think that this is required as I recall the rules under HIPAA. I may be wrong, I should be pointed out, and I think that some of these things could read the danger if we have to start hiding the patients labels around where other people might see them, in terms of where, the business about turning the chart around backwards outside the room. I thought that incidental information was excluded and the process of mix-ups that we already know we can have in health care, if we extend this to inside the room and so we don’t have clear labels about who the patient is, we could do a lot of harm in health care.
DR. COHN: Clem, are you objecting to the example given here?
DR. MCDONALD: Yes. I mean if in fact this is the case that is required, and this is sort of hinted, is this just the beginning of what you should do to keep the patient obscured whenever you’re trying to deal with them.
DR. COHN: I think without getting into specifics it sounds like we need to remove the example, the example may be causing some problems. Paul.
DR. NEWACHECK: I agree with the comment about the need for grouping them and perhaps grouping them differently, I think it would be much more cohesive that way. I also think it might be helpful, just because there’s so many recommendations, to maybe use bullets like to combine a group of things and have a broad recommendation with a set of bullets with the specific examples. Because some of these are relatively, I mean they’re pretty small points within a larger point, and I think it could just be much more cohesive that way and get the message across better.
DR. DANAHER: Should we bold those bullets? Just a joke.
DR. HARDING: These are very helpful recommendations. I think that you all should understand that the last hearing was ten days ago and that all of this has been gathered together by a conference call and Stephanie and Mark working like Trojans to get this out by yesterday, so I think the subtleties in some things like that and the groupings are all very helpful and we would appreciate that kind of help as we go forward.
DR. COHN: Well, exactly. Michael?
DR. FITZMAURICE: A question on number eight. The middle sentence says if OCR begins conference calls, web seminars and so forth, they will not need the frequently asked question mechanism to learn what issues are of concern. I’m not sure that that sentence supports or rejects the bold sentence. I would recommend considering taking it out.
DR. HARDING: As I was reading that I thought the same thing.
DR. COHN: Great. I think anything to make the document shorter. Other comments on this one? I think I’d also as you all mull over it, if there are additional pieces you want to submit in writing or notes from this draft, we’ll obviously be going through it from 9:00 to 11:00 tomorrow morning, and people will be working on it this evening and late this afternoon I’m sure also. Other comments, Eugene?
DR. LENGERICH: Over on number five, I guess this may be a grouping issue but number three and four talk specifically about teams to assist different groups and then we come with the issue about fragile providers. Is that a specific team that you would like to see established? The last sentence also talks about this being a primary focus of OCR assistance, and so I think, I wonder what primary means in that, primary focus means in that sense, does that mean that three and four are less primary? And then also within that last sentence you then talk about indigent populations. Indigent populations are one of the groups that are served by those fragile providers but not necessarily the only group that is served by those fragile providers. I think there’s some distinction there.
DR. COHN: Richard, is that input helpful? The bulleting and shortening may help here a little bit. Kathy Coltin?
MS. COLTIN: In number 17 you have a phrase that says although it is impossible to have OCR certify vendors and consultants, and yet if you’re highlighting the most important things in the letter, you have in the letter that witnesses stated this should be done. So I think if in fact you’re discounting it perhaps it doesn’t belong in the letter.
MS. GREENBERG: I think that’s why with the clarification in the letter, I think the letter to some degree was trying to represent some of the main things that were heard by the Subcommittee. But if you say some witnesses said they would like a system of certifying vendors or consultants or some other way of assisting covered entities in determining when such services are needed. Then that makes it less, I think it’s consistent then with the recommendation that, even if they can’t certify they need to provide some assistance. We heard a lot about –-
DR. FITZMAURICE: One could argue that it’s not impossible, just expensive, to have OCR certify vendors and consultants.
MS. GREENBERG: I know in the case of Administrative Simplification provisions as well this came up and there does seem to be general reluctance or, for good reasons, but to actually certify --
DR. FITZMAURICE: If it were cheap and easy, they might do it.
DR. COHN: I guess the question, and Stephanie I look to you, I think what we’re commenting on is the word impossible. Is it impossible or just difficult, expensive? I don’t know the legislation for federal rules on this one.
MS. KAMINSKY: I’m not sure about federal rules either but I think that the issue goes to something beyond expense.
DR. DANAHER: The impartiality, and seeming to endorse it. Why don’t we just make it although it would be difficult to have OCR certify vendors and consultants.
MS. GREENBERG: Maybe, although it is probably impractical.
DR. HARDING: The Subcommittee will come back with a phrase there that --
DR. COHN: Other comments on this? As I said, as you look through and mull over, I think there’s additional written pieces or things you want to see taken out, I think this document would benefit from compression. Anyway, with that, Richard do you want to do a final before?
MS. GREENBERG: The only thing I would say about that and this was something obviously the subcommittee discussed and why they came up with the bolding because they wanted to somehow prioritize but at the same time not lose detail. I think what we’ve heard from OCR is that the more really specific recommendations that can be provided to the Department the better. So an effort has been made here to, and we’ve go tremendous amounts of testimony that was really very both informative and heart felt, so that it was felt that it would in this case it would be most valuable to provide as much detail as possible, although I also, there was a wish not to have the letter be dead on arrival because it had so much detail in it. So I think you just have to recognize that balance and might have to find ways to not lose the detail but --
DR. COHN: Let’s move on to the outreach. I think the Subcommittee will have to wrestle with that issue tomorrow morning.
MS. GREENBERG: I just wanted to explain the thinking behind that.
DR. HARDING: This is Richard Harding again. The outreach section is six recommendations, or seven.
Number 19. OCR should have regular conference calls on compliance issues. CMS conference calls on HIPAA have been widely praised and should become a part of OCR’s privacy rule implementation program.
Number 20. OCR should support and participate in state-wide coalition building. OCR coordination and support for private sector initiatives will leverage existing programs and increase their reach and effectiveness. Support for existing programs will be much less expensive than creating new measures.
Number 21. OCR should start a monthly newsletter which can be distributed to, among others, all Medicare providers.
Number 22. OCR should host web-based seminars.
Number 23. OCR should establish a toll-free hotline to answer questions.
Number 24. OCR should pursue with CMS a mailing to all 35 million Medicare recipients about the privacy rule. The annual CMS guide to Medicare benefits might provide this opportunity.
Number 25. OCR should contact all the individuals filing for an extension on the HIPAA transaction rule informing them that they may be covered entities under the privacy rule and that filing for an extension with CMS does not operate as a stay of their compliance obligations under the privacy rule.
This was a concern of some people thinking that they were delaying the privacy rule implementation as opposed to the security and transactions.
DR. COHN: Actually I think this section cries out for being bulleted. John?
DR. DANAHER: Simon, I think that point number 24, we probably should be a little bit more specific in that I think when we heard the testifier and she brought along, the CMS testifier brought along the Medicare benefit guide, she did show that HIPAA was mentioned in it, in the privacy rule. I guess what I don’t want someone to do is read this and summarily dismiss and say oh, well we’re already doing that. So what specifically are we saying in addition, in 24 –-
DR. COHN: That’s different than what’s already happening. Richard, can you comment?
DR. HARDING: What was in the Medicare bulletin was a kind of a generic privacy is now important kind of statement.
MS. KAMINSKY: It was the notice of privacy practices.
DR. DANAHER: But it was a bullet form of maybe ten things?
MS. KAMINSKY: The requirements and the notice of privacy practices.
DR. DANAHER: I think tomorrow we should just figure out, I think it’s a very good idea and it is a very good vehicle, I just think we might, what exactly else do we want included in there.
DR. COHN: Ok, very specificity. Paul?
DR. NEWACHECK? Why is it that we’re only talking about Medicare here instead of Medicaid? CMS does both and they’re both public beneficiaries, shouldn’t we be advising both groups about policy? If we’re going to advise one –-
MS. KAMINSKY: Yes, I think that’s a good idea, I think that, well, Judy can comment better than I can, but I think that part of it is just a question of efficiency of hitting groups that the federal government will be directly interfacing with as opposed to what state agencies will be interfacing with, but go ahead.
MS. BEREK: CMS does not directly interface with Medicaid beneficiaries so we actually don’t have mailing lists or anything like that to communicate with Medicaid beneficiaries. We would have to, you’d have to change the recommendation to ask the states to do that because all of the interface with the Medicaid program is through the states. I also just want to add that CMS has spent probably the last eight years trying to make the Medicare handbook understandable, so as you think about recommendations for what should go in the Medicare handbook, you have to think about the fact that if it is not easily understandable, it is a waste of paper to have it there. Because we learned by having an incredibly detailed accurate handbook for many years and nobody read it and it was useless. Now we have tried very hard to get it to be a useable documents, so I would just hope you think about this in that spirit.
DR. COHN: Ok, and I think it will probably not be including this as part of the Medicare benefits documents, but as something that’s separate, but once again I think the Subcommittee needs to come back either with further clarification on this or delete the recommendation.
DR. NEWACHECK: I would like to see though some discussion or at least some thought from the Subcommittee about addressing the Medicaid population as well, even if it requires going through the states because they both are public beneficiaries, both sets.
MS. KAMINSKY: Certainly CMS does write routine Dear State Medicaid Director letters that inform state Medicaid directors, and by implications Medicaid agencies, of important CMS policies and that would be a parallel track that we could put in here.
DR. COHN: Ok, great. Other comments before we move on to the next section?
DR. HARDING: The next section is entitled consumers, and there are four recommendations.
Number 26. OCR should prepare a simple one-page handout explaining the basics of the privacy rule for providers to distribute to their patients.
Number 27. OCR’s public education needs to proceed along many tracks including editorial briefings, extended radio and television interviews, featured articles and town meetings. Public education must be coordinated with educational efforts aimed at health care providers because if patients ask their physicians about the privacy rule and the physicians have no idea what the patients are talking about, this will undermine the physician-patient relationship.
Number 28. OCR’s consumer education efforts need to be segmented, beginning with those most vulnerable to discrimination and hardest to reach, that is chronically ill, mentally ill, substance abuse, homeless.
Number 29. OCR’s consumer education must include communicating the value of health information interchange including better health outcomes and reduced costs.
That’s the end of the consumer section.
DR. COHN: Comments, Judy?
MS. BEREK: I think in reading the consumer section, number 24, the outreach to Medicare beneficiaries, should be moved into the consumer section, as well as any comment we might want to make about outreach to Medicaid beneficiaries.
DR. COHN: Great, great suggestion. Clem?
DR. MCDONALD: Actually, I wanted to comment on 24 in the context of this next section. It is a little reminiscent, or it might be though as reminiscent of the letter that was send out to Medicare beneficiaries, it more or less could be summarized as check to make sure that your doctor isn’t a fraud. I can’t see this as being viewed as relaxing to the community who is worried in the letter, saying we’re going to send out all these letters to your patients, so you will be fiffed up when they come in, they’ll know more than you. And they’re going to know all the things they can do to you if you don’t do things right. I just worry that this thing is not going to be relieving to the people who are at the testimony, most of these things, about individual patients getting all their explicit things that a doctor could be doing to screw them up. That’s how I think it will come across to the medical community.
DR. HARDING: Number 26 you’re talking about?
DR. MCDONALD: All of this is about separate to the patient letters, if you’re worried about the patient knowing more about it than the physician, than why are you proposing to teach them more about it to start with. That’s more or less what this is saying. The physicians are supposed to do a privacy notice in their own office, and they’re supposed to have handouts that the patients have to sign, so is this going to be conflict or contradictory, or confusing, or are you suggesting that this would be the privacy notice which would be a benefit, some common privacy notice.
DR. HARDING: My own thought was that 26 would be to put providers and patients on the same page so to speak. That they would, the provider would provide a document that would come from the provider stating kind of what, explaining the basics of the privacy rule.
DR. MCDONALD: Well, that context, they’re required and when the patients sign their consent to give the patient their own documents. How do these relate?
DR. COHN: Is this additional or what?
DR. MCDONALD: Confusion to everybody.
DR. DANAHER: Clem, just to reiterate I think the point Richard was making. The context in which this point came up and was brought up was that we were all talking about what the Gramm-Leach-Bliley, how we get all these bills from banks, etc., these things. And the net effect is we toss them in the garbage. So we kind of looked at the patient or the consumer and said, come April 14, 2003, they are going to get four or five different Notice of Privacy Practices. They’re going to get one from their general practitioner, if they go into the hospital, from them, from their insurance company, blah, blah, blah. So what I think the effort was was to clarify the morass and not so much to say this is all the ways you can screw your doctor, whatever, but just to kind of be, to help as a clarifying thing what are your rights and what does HIPAA mean for you kind of thing. And actually what we saw in this Medicare beneficiary manual, I think all of us would agree, it was not inflammatory, it was just very clearly laid out this is kind of what it means vis-à-vis us.
DR. MCDONALD: I still have trouble, it’s one more document to add to the morass and whether, it would be far better if we had a standard or a suggested draft policy that would be more standard and one could say this is the standard policy so that people wouldn’t have to re-read it, and have additional mailings sent to them.
DR. COHN: I do understand what you’re saying that you wind up the problem that each organization and provider will likely have their own privacy policies and statement of information practices, so do we go with that or do we add something additional that may be a little more understandable. I think there’s, like John, I think we heard a lot of frustration that patients and others were likely to be getting six, seven, eight page documents. Now that may be layered, but the question was is than in all of this was there some way to get the essential elements out and it may be that this is a bulleted very short document that we make sure gets out to people. I hear your concern, I think the Subcommittee needs to sort of think this through and maybe come up with something that sort of puts it all together so that it isn’t viewed as being a bigger problem, create a bigger problem than it solves.
DR. DANAHER: And I don’t think anyone would disagree Clem, with your approach, I mean we would have liked OCR to put out sample notice of privacy practice forms, so that there was a standard. Given that what we heard was everybody was drafting up their own and were well along the way, what could be our role to help clarify that?
DR. COHN: Paul did you have a comment?
DR. NEWACHECK: Not on this point but on another. A couple of suggestions on 26, the one page handout. I think it would be helpful to suggest also that translations and other common languages be available. And on number 28 where we talk about vulnerable populations, I’d like to add in that parenthetic reference low income persons.
DR. MCDONALD: Come back to 26. Especially when you’re thinking about these small practices, and rural practices, if this document could serve as the privacy policy, that would be a radical and simplification and that then might actually induce a commonality and then I’d be kind of enthusiastic about it.
DR. COHN: I think what you’re describing is a change to actually the privacy rule, which I don’t think any of us are terribly optimistic at this point --
DR. MCDONALD: Well one must have a policy and if this covered the items or do in a lot of cases --
DR. COHN: Clem, I think you’re talking more about model forms right now and I think the reality is, and I can only speak for myself and what I’ve looked in this, the requirements that are put into the rule that relate to all of this get way beyond a page, very quickly, unless you use very small type. I share your view and I think we’re all concerned about the issues of people taking privacy policy and throwing them in the trash, but I think this is, maybe at a future time we can suggest simplification, but we’re a little late in the process to suddenly start recommending complete changes to how the notice of information practices, but I do share your concerns. Stephanie, do you have a thought on this one and then Vickie?
MS. KAMINSKY: I don’t have anything further than what’s been said already.
DR. MAYS: Different. Do you want in 26, you use the word simple, and actually what I’d be a little bit more concerned about is the level of readable, since at number 28 when you talk about the populations. And I know sometimes it seems like it’s a given, but then the things come out and everybody complains they’re not at the right literacy level, so somewhere in here maybe a comment about the literacy level.
DR. COHN: Ok, friendly amendment. Other comments before we move on to the next section? As I said, all your comments are obviously being somehow filtered into our notes here and I can’t say that we’ll reflect all of them but we’ll do our best to try to maneuver into these areas. Regulation and Enforcement.
DR. HARDING: Hey, we’re halfway through. Regulation and Enforcement.
Number 30. OCR should communicate with providers and other covered entities about its enforcement plan and penalty assessments. There is great anxiety about overzealous enforcement of the privacy rule and dissemination of information about enforcement could allay these fears. OCR needs to reassure provides that reasonable efforts to comply will not lead to enforcement actions and OCR should communicate the issues it believes to be most important in developing compliance programs.
Number 31. OCR should issue a statement that it does not certify any products or services as “HIPAA compliant.” The use of this phrase and similar ones has caused covered entities to rely on the unsubstantiated claims of vendors and consultants.
Number 32. OCR should consider extending the 30- day cure period to at least 90 days, and for complicated matters up to six months.
Number 33. OCR should consider deleting mandatory disclosures, that is disclosures required by state law from accounting requirements, thereby relieving the burden on disclosure for covered entities because most of the accounting of disclosures is believed to be for mandatory disclosures. Guidance is also needed on the degree of detail required in the notice of mandatory disclosures.
That is the last of four under Regulation and Enforcement.
DR. COHN: Comments, Clem?
DR. MCDONALD: Hear, hear.
DR. COHN: Ok. Then moving on to Guidance, now Richard what I’m going to suggest here is that you need to read 34 and then 35 since these are just topics, I would suggest you just read the topics, the underlined areas under 35 A though AA, or Z, or whatever we’re down to on that.
DR. HARDING: I’d be delighted to do that. Guidance.
Number 34. OCR should draft and make widely available model forms and templates, including state specific industry specified and professional specific forms. Such forms should include model notices, model authorizations and model acknowledgements of notices received. In addition, OCR should consider publishing standardized gap assessment guides, simple checklists, a HIPAA practice management handbook, and timelines to assist covered entities. OCR also should publish a summary of the privacy rule in a brochure booklet as well as poster format for both employees of covered entities and consumers.
I will now read number 35. OCR should provide guidance on the following topics and only give the titles of the different topics. A. Covered provider questions. B. State agency quasi health plans providers. C. Health plan. D. Group health plan sponsors, self-funded and fully funded benefit providers. E. Employers. F. Medicaid and Medicare. G. Hybrids. H. Organized Health Care Associations, or OHCA’s. I. Business associates. J. Training. K. Reasonable safeguards. L. Notice. M. Right to deny request for restriction confidential communications. N. Accounting for disclosures.
That was probably a little difficult to follow for those on the internet.
DR. COHN: I think that there are a variety of guidances that we’re suggesting OCR prepare. Does anybody have any more guidances that they feel need to be prepared? I think we’ve pretty well covered the waterfront here. John?
DR. DANAHER: If Stephanie or someone else would just quickly dispose one. Just to Vickie’s earlier point, I think that there is an underlying paradox of what the recommendation is in terms of the reading level at which these policies and procedures and notification, whatever, is targeted at, and I think it’s sixth grade or eighth grade? Is it just, and I guess a theme that I heard in some of the testimonies was that the concepts in the regulation, the regulation itself, things like notify the requester, or verify the requester of minimum necessary disclosure, and especially in areas having to do with research and other things, there was no way you could do outreach, train, etc. and meet the CMS guidelines of sixth or eighth grade reading level. I think it’s perfectly plausible to do the notice of privacy practices at the sixth or eighth grade things, but a theme that I heard in the testimony is that organizations were grappling with how do you take this thing, which its inherence nature is above the eighth grade, and then go about training at a lower level.
MS. KAMINSKY: So if we add a sentence about that issue in the training guidance piece would that --
DR. DANAHER: Training and outreach, yes. I think that, yes.
DR. COHN: The other piece that I would suggest also is in 34, the last sentence, where it says OCR should also publish a summary of the privacy rule really for both employees of covered entities and consumers, probably doesn’t fit under guidance, it probably fits more under outreach or under consumers, and maybe needs to be thought of, I mean how many different things are we going to be shooting out to these people, it’s either a booklet or it’s a one page summary or it’s a something, but it isn’t all of those things at once I don’t think. So we just need to reorganize that one and think about it. Other comments about this area? Ted?
DR. SHORTLIFFE: Simon, there’s an issue that’s been on my mind and certainly doesn’t come under Congressional measures so if it needs to be included it needs to be in one of the earlier sections, but I’m not sure exactly where or whether in fact Richard believes it’s already been attended to. This is the perverse incentive that we appear to have created that would make an oncology practice return to paper records. I’m concerned that somehow or another that, I mean that clearly is exactly the opposite of one of the intentions of this Committee in general and even legislation, or the rules. So I was thinking as maybe as sort of another topic under number six about the defensive practices notion, because stopping using electronic media for medical records or medical data management is a kind of defensive reaction just to stop being a covered entity, although this is really intended to cover a different kind of activity. And maybe it’s a guidance issue but my concern is that right now all the efforts that we’re defining here for trying to better extend an arm and provide the information that’s necessary won’t necessarily deal with the fact that some people are going to say look, this is just too much, I’m going to stop using computers and go back to paper and then I won’t be a covered entity. And how do we address that in our recommendations?
DR. HARDING: I think the frustration that the individual who brought that up in public testimony in Boston I believe felt that it was impossible at this time and point to get specific recommendations clarified, or rules clarified, that they felt, as an oncological group would protect them from future liability issues, and therefore were not willing to take those risks because they couldn’t get specific answers and so therefore regressed.
DR. COHN: I think also, just because I remember the testimony also, it probably isn’t being completely represented here. Part of the issue was privacy but a lot of the issue had to do with the fact that the administrative financial transaction updates had not come out so there weren’t even sure what, and they couldn’t get a system vendor to certify that they were going to be HIPAA ready. So they threw up their arms and said I’m going to wait until all this sort of settles out I think was sort of the, am I representing the?
DR. HARDING: That’s very accurate.
DR. COHN: I think we need to think about how we represent that here.
DR. SHORTLIFFE: This is the question, is there a specific recommendation that would address this kind of perception that would allow us, even if it was a special document to try to present the arguments for not doing away with automated approach, that’s why I thought maybe it came under guidance, there’s just got to be some way that we try to create the counter arguments to that kind of reaction.
DR. FITZMAURICE: In one spot the Administrative Simplification Compliance Act says that if they bill Medicare this coming October, they’ve got to use electronic claims and that brings them under HIPAA as a covered entity, so they can’t do that very easily. But that’s not really the point. The point is how to enable them to do it easily. How to enable them to understand it, to get systems available for their use.
DR. SHORTLIFFE: That’s part of being a covered entity, I understand that point. But the fact that we’re even encouraging people to think that way concerns me.
DR. LENGERICH: A somewhat similar concern, but there are some distinctions here. As an epidemiologist and as a member of the Populations Subcommittee, I’m also looking at the bottom sentence there on the letter, which talks about people already having resulted in negative health outcomes from the fear of this. And so I guess I’m wondering where we address that sort of possibility of some of these resulting from. The bottom of the letter, page two, where it says other witnesses reported that the fear of violating HIPAA already has resulted in negative health outcomes. And so I guess I’m wondering how we address that kind of concern from the populations perspective. Do we perceive that there are certain populations that are going to be more negatively affected than other groups, though the process then as well, so I have a similar concern, not about excluding people but is this as a potential, or has been reported at least, already have caused adverse health outcomes.
DR. COHN: Well, Gene, let me actually ask Richard that question also because I agree with everything here about providers refusing to share and all that. Now I didn’t attend all of the testimony, I didn’t make it to the third one, I’m trying to think of whether there was actually an example of actual negative health outcomes.
DR. HARDING: It was the fellow by the name of Keith Vandercastle(?) during the Baltimore hearings, whose presentation dealt with a whole bunch of adverse outcomes, that had, the fellow gave the example of an anesthesia nurse or anesthetist or whatever, who did not share clinical information because he or she had learned of it in one setting and was concerned. I think that fine line we’re walking, and Ted to your point, we heard testimony from Blue Cross/Blue Shield of Rhode Island that they initiated a provider outreach education seminar to address their fear that they were going to be inundated with paper claims from all these things. And to your point, I guess what our difficulty was, or let me speak for myself, was trying to take anecdotal things that we heard from testifiers and trying to figure out public policy steps that we could do without chasing windmills kinds of things. So I guess my best, not speaking for the Subcommittee, but I just think a lot of what we’re trying to do with these positive outreach efforts by OCR is just to clarify some of the misconceptions about the regs. I don’t know how you prove a negative or whatever so I think that that’s, because those anecdotes are out there, we did hear anecdotes about docs who were choosing now to submit things by paper, we did hear anecdotes about patient harm that had come as a result of it, etc., and so our effort was to really suggest that the agency and OCR be very proactive in talking about the goods, the benefits, in trying to demystify this.
DR. SHORTLIFFE: You see it in the letter, the discussion of the specific issues, but the actual action items, if you will, fall out from the recommendations. And to the extent that we’re concerned about this item enough to have raised it, the one that I raised, and I think both of these points, raised explicitly in the letter, obvious causes for concern, that if the action items in our recommendations become the checklist that HHS now works its way down in an effort to try to be responsive, we need to get on that checklist something that explicitly identifies these two additional issues. Even though I agree that in a way we’re raising the negative, but if there’s a specific mechanism by which by including them in the recommendations we can make sure they’re attended to, maybe with a specific document, specific guidance, something like that, I just want to make sure it doesn’t fall through the cracks.
MS. KAMINSKY: I have two responses. One is with respect to the pubic health or negative health outcomes or maybe even specific populations, I think that certainly a sentence can be added to number six to make that tie with the text in the letter a little more explicit to explain why we're making the recommendation about trying to stop these defensive practices because they do impact I think public health agencies. I think that's the area that was of greatest concern certainly to Mark if I can speak on his behalf, maybe he'll correct me tomorrow, but that's my understanding.
With respect to the issue about providers choosing either not to go electronic or to go back to paper, I think it's a much trickier issue and I'm not really sure what you are suggesting would be the recommendation except to put back in the business about the savings of costs on participating in the electronic world. And actually we did hear testimony in Boston from John Helumka(?) of Care Group where he's documented extensively the savings that that enterprise has had based on being in an electronic environment for some time now. So other than sort of emphasizing that, given the fact that this statute does give some latitude there for providers, I'm not sure what the Committee is suggesting.
DR. SHORTLIFFE: First, unfortunately, organizations like Care Group of course will and cannot avoid being covered groups, they are never going to go back to all paper. But I think this is an issue more for smaller practices and individuals who really could realistically think about avoiding it at least until they have to give up Medicare patients in order to avoid being a covered entity.
I guess all I'm, and I don’t think we have any data to show cost savings in those practices the way you might in a care group kind of environment, I think that the most I could suggest that's proactive in this area is explicit either FAQ's or guidance documents or something like that. I can imagine a FAQ that says given the hassles associated with complying with the privacy rule, why shouldn't I stop using electronic media for medical records? And then a response which is a reasoned response for that question to try to explain why that would be a bad idea. So even an FAQ might be helpful or a one-pager, a document, some way in which as you're doing guidance, A through N here, we add another one which is essentially addressing that issue.
DR. COHN: Russ?
MR. LOCALIO: I run the risk of disclosing my ignorance because I'm a new member, but on this issue I've been involved with these regulations when they hit my desk approximately two years ago, I think it was December 27th of 2000 and somebody, my boss, asked me to go through them and make the recommendation. My concern is this. I've heard too much about stories, anecdotes, complaints, and I do research for a living and I don't think that's the best way to evaluate the impact of a regulation on cost of care, cost of compliance, impact on people's health, understanding. I think what there should be is a formal mechanism of evaluating the impact and the cost of impact of these regulations on the health care community and the people who are supposed to benefit from them.
Now, this can be very specific. For example, I twice wrote letters that were solicited from federal regulations, I didn't sign them, my boss did. And one of the impacts that I felt was what was going to be the mechanism by which there was going to be a formal assessment of the impact of the privacy rules on the availability of data for research. I got no response twice. I know people are busy in Washington but I thought it was a good point and I still do think it's a good point. The only things that changed is I was just out in the field then and now I'm here so I can articulate it more formally. But I still think it's important, just as one aspect of a plan to evaluate what's happening. So again, I don't like anecdotes. Hearings I think are important but if one person says one person has a problem because they're going back to paper records, and one oncology practice, that doesn't mean that 92 percent of the oncology practices in the country are going away from electronic returning to paper records as a result of this. It's one persons' story who happened to get in front of a microphone. By the way, my particular comment should also be evaluated, in effect I'm only one person in front of a microphone. So really what we should do is survey everybody here and find out how many people agree with me but thank you.
DR. COHN: Just to try to reflect on what you're saying, you say a number of things but I think one was is that you would like to see an on-going monitoring activity by OCR to understand really issues related to the implementation. Is that what I'm?
MR. LOCALIO: It should be formal evaluation. That may be done by OCR, it may be done by NIH in the form of grants to people, for assessing the impact of the privacy regulation. It may be AHRQ doing, giving out grants, but that is up to the best way to get the research community, writ large, involved in assessing the impact of these regulations on those who provide and those who obtain care. I think that's what we're all talking about here. The purpose of the rules were to improve privacy, that comes at a certain cost. What is the cost, what is the benefit?
DR. COHN: I think we can probably add that on-going monitoring piece to all of this. Obviously right now our main focus is that I'm trying to get the successful initial implementation, but I think that's an important other piece that we should be recommending.
Can we move on to the last items here or do people have other comments about the guidance? Marjorie?
MS. GREENBERG: I encourage Russ to come to the meeting tomorrow but I actually I think both of his points are excellent and should be addressed by the Subcommittee.
MR. HOUSTON: I'll preface my comments by the same caveat that was just made which is I may be showing my ignorance here but I think if there is current use of electronic information systems by practices, I would be concerned that to move backwards to a paper chart or fail to move forward to use of electronic systems, may in fact, there may be liability from a standards of care perspective, which I think can't be underestimated and I think it may be beneficial to try to bring up in some fashion. Again, I think we're trying to at the same time not impact delivery of patient care and I think that's what could happen and I think again, I think there could be liability in other sorts, in other fashions, in other ways by people deciding not to move forward or not to continue to use electronic information systems to deliver care.
DR. COHN: It sounds like we'll look forward to seeing you at the Privacy Subcommittee tomorrow morning. I think in the interest of time if it's ok, let's move to the final recommendations. Now we have said you can provide us written additional information as we go along and what we'll be doing similar organization the remainder of the day and into tomorrow. Richard do you want to do 36 through 39?
DR. HARDING: Yes, this is titled Congressional Measures, and there are four recommendations.
Number 36. The Secretary should pursue with Congress and state Medicaid agencies making adjustments to Medicaid reimbursement rates to recognize the costs of complying with HIPAA.
Number 37. The Secretary should recommend to Congress that it fund $42.5 million dollars for technical assistance authorized under the Administrative Simplification Compliance Act, ASCA.
Number 38. Secretary should recommend that Congress fund HIPAA compliance grants for the states.
And 39. Secretary should recommend that Congress provide tax credits for HIPAA compliance at least for a subset of small providers, that is rural providers.
Those were the four recommendations for Congressional Measures.
DR. NEWACHECK: A couple of sort of minor points and then one bigger point. I think that the title of this is really not very descriptive, and some of these do require Congressional approval, but I think this is really about resources, and I would call this section resources needed to implement the privacy rule, because they're all about what resources we need, either given to the providers or to the agencies that are administering it. And in 39, the recommendation that Congress provide tax credits, that's a rather specific recommendation than, there's lots of different mechanisms that could be used, and I would just suggest we say provide tax credits or other mechanisms to encourage HIPAA compliance, so that we're not being too narrow there.
But I think my broader point on this whole thing and in the letter is that it seems to implement all these things, OCR doesn't have even close to the number or the amount of resources that they need to do this, and this is going to take an army to do all the things that are in these 39 recommendations. It seems like we should have at least a paragraph at the end of the letter saying how important it is to marshal the necessary resources and do it very quickly and get them into play because we're only talking five months or something now. The way the federal government moves, it might be five months before we even start to think about these things, so some kind of a stronger statement. I think the letter is really good, it's an alarm bell, but something also about how these resources need to be marshaled immediately and put to work to achieve the recommendations.
DR. COHN: Ok, point well taken. Other comments? I'm actually going to, you can all think about the letter and obviously Richard will be happy to take additional comments as well as Stephanie, off-line, and we'll be working on it tomorrow from 9:00 to 11:00, and hopefully have another version for you all to look at tomorrow.
MR. BLAIR: I just want to indicate that in the last, September, October, and now, productivity, since I'm now off of the Privacy Subcommittee, I don't have a conflict of interest in making this comment. Productivity has been just absolutely tremendous in coming up with these kinds of recommendations.
MS. KAMINSKY: We'll let Mark know that you said so Jeff.
DR. COHN: Stephanie, thank you so much for your help on this one. Ok, why don't we take a break for about ten minutes and we will come back and start on the code sets.
[Brief break.]
Agenda Item: Background Information on Code Sets - Draft Recommendations for Code Sets - Ms. Coltin
DR. COHN: This is the session on code sets and we're, this is going to be a little bit awkward in the sense that we're going breaking for lunch in the middle but I think that this should probably work out ok since some of the issues will at least allow people to have some thoughts over the lunch period. Now as we discussed previously, Kathy Coltin will be chairing the session and it should be a very interesting session. I think part of the intent is to bring the new members up to speed on what has been to put it mildly a relatively contentious issue for the Subcommittee on Standards and Security which I chair, and likely is to become a relatively contentious issue for the full Committee also. With that Kathy do you want to lead off?
MS. COLTIN: Yes. At our last meeting, the Subcommittee on Standards and Security brought to us a draft letter concerning issues and recommendations regarding the transition from ICD-9-CM to ICD-10-CM and ICD-10-PCS and the response of the Committee at that time was that they would actually like to have a briefing on some of the issues before they could consider what was potentially being recommended and also recognizing that there was really a lack of consensus even within the Subcommittee about these recommendations at the time. And so what we are going to be doing today is having a brief overview of the background and some of the broader issues around transitioning from ICD-9-CM and some discussion of the specific issues and pros and cons regarding the transition from ICD-9-CM, vols. 1 and 2 to ICD-10-CM, as well as a separate discussion then on the issues in transitioning from ICD-9-CM, vol. 3, to ICD-10-PCS, and we will probably have our break in between the discussion of the diagnoses code set and the discussion of the procedure code set. So that's the way we're going to proceed and I believe it's Donna Pickett that's going to lead off with providing some background on the issue.
MS. PICKETT: Thank you. In the overview paper that all of you have but may not have had an opportunity to read, I'm going to go over some of the high points of the timeline and the problems that we face currently with ICD-9-CM. The clinical modification of ICD-9 called ICD-9-CM used here in the United States for morbidity applications was implemented in 1979. It was implemented at the same time that ICD-9 was implemented for mortality purposes.
ICD-9-CM the clinical modification is currently used for a variety of purposes including indexing of medical records for statistics and utilization but it's also used for health care claims reporting and is the basis for prospective payment to hospitals and other health facilities.
ICD-9-CM the diagnosis portion, is based on the WHO version of ICD-9. Volume 3 of ICD-9-CD, which is the in-patient procedure section, was developed for use in the United States and implemented at the same time as the diagnosis portion.
Again, it's been used since 1979, it's been used in the DRG system since 1983. Because there have been rapid changes in health care and technology and surgical procedures, ICD-9-CM has struggled to keep pace with those changes in the environment. Though ICD-9-CM was implemented in 1979, we have had an annual update process for ICD-9-CM trying to add new codes that capture information about emerging and new diseases and new technologies and new ways of performing procedures. However we've gotten to a point in ICD-9-CM where we can really no longer adequately capture important health information for multiple purposes.
In 1990, the NCVHS issued a report to the Assistant Secretary for Health indicating that while ICD-9-CM had been responsive to changing technologies and identifying new diseases, there was concern that the ICD might be stressed to a point where the quality of the classification would soon be compromised. In April 1997, when hearings were held to examine initial candidates for adoption under HIPAA, it was very much recognized that something newer than ICD-9-CM should occur but for purposes of HIPAA and the transition period, it was recommended that we stay with the existing code sets, so that was ICD-9-CM and a number of other code sets that are currently in use.
In 1999, the United States implemented the tenth revision of ICD-10 for mortality coding and ICD-10, or clinical modifications of it, are currently being used in other countries and most G7 countries as well.
What I will now walk you through is the timeline for ICD-10-CM and once I've completed that I will walk you through the timeline of development for ICD-10-PCS.
Starting with 1993, the Subcommittee and the full Committee has historically been active in the area of classification, and in 1993 the Subcommittee initiated a letter from the NCVHS to the Assistant Secretary for Health and the Administrative Health Care Financing Administration, recommending that the Department dedicate resources to determine the feasibility of implementing ICD-10 for morbidity applications in the U.S.
Following that recommendation, the NCHS awarded a contract to evaluate ICD-10 for morbidity purposes within the United States. A technical advisory panel was formed representing a variety of health care industry stakeholders. The technical advisory panel concluded that there were compelling reasons for recommending an improved clinical modification of ICD-10 and that would limit some of the problems seen with ICD-10, specifically for morbidity applications. The technical advisory panel also strongly recommended that NCHS proceed with implementation of a revised version, ICD-10-CM.
Between 1995 and 1996, further work on development of ICD-10-CM occurred, collaborating with many medical and surgical specialty groups who are named in your timeline.
In April 1997 was when the Subcommittee convened hearings on the initial candidates for the adoption of medical code sets, and as I indicated earlier, of the 30 organizations that provided testimony, many recognized the need to eventually move to new code sets, however, because of the issues of Y2K and a number of other reasons, it was felt that it would be better to stay with the existing code sets for the initial adoption.
In December 1997 NCHS posted a draft of the ICD-10-CM and invited public comment. We received approximately 1200 comments and that was in addition to all the work that had already been previously done with many of the special groups that we worked with.
May 29, 2002, of this year the Subcommittee held hearings specifically on ICD-10-CM. There is additional material in your packets that detail the presentations that were made regarding ICD-10-CM. With the exception of Blue Cross/Blue Shield Association, testifiers supported migration to ICD-10-CM from ICD-9-CM, vols. 1 and 2 for diagnosis. Blue Cross/Blue Shield Association written testimony urged the Subcommittee to wait until the industry had successfully implemented the initial HIPAA standards and that the NCVHS thoroughly evaluate the impact of migration to ICD-10 on all aspects of the industry by assembling a multi-disciplinary team to provide input before making a recommendation to the Secretary.
A second panel convened on that day was comprised of IT representatives, two from large vendors and two from health care systems, and they provided testimony regarding system changes related to transitions to new code sets. The view was that migration was a challenge but it could be accomplished as long as there was sufficient lead time. The testimonies provided by those organizations are posted on the NCVHS web-site.
NCHS has posted a pre-released version of ICD-10-CM on its NCHS webs-site and the modifications are consistent with the classification, however, we have made some additional expansions to incorporate new knowledge. Some of the modifications that are featured in ICD-10-CM have already been incorporated into clinical modifications that are currently in use in other countries, specifically Australia and Canada.
NCHS as part of the tools that will be made available with 10-CM will have a database version, cross-walks education materials, and the associated coding guidelines.
And again, that's a brief overview, there's much more detail that was contained in the packets.
For ICD-10-PCS, Health Care Financing Administration, now CMS, began developing a replacement to vol. 3, the in-patient procedures, in 1990, in order to address a number of the limitations that had been identified over time. There are specific examples of the problems that have been encountered and again that information is detailed elsewhere in your packages.
The development of ICD-10-PCS adheres to the criteria that was actually established by the National Committee for a single procedure coding system. The criteria is included in this background material in Appendix I, but the full report from the 1993 National Committee is included in your packets as well.
It should be noted that ICD-10-PCS is not based on an international classification because currently WHO does not have one. The ICD-10-PCS was developed using an open process. The technical advisory panel included representatives from the health care industry including the AMA, Managed Care, the American College of Surgeons, and others that are also included in the list here. Additionally, ICD-10-PCS was sent to approximately 30 specialty groups for their review and comment. And CMS provided on-site presentations at the AMA back in 1997 during the development of PCS.
The issue of changes to the procedure coding system has been discussed by the Committee and by AHA and AMA and CMS since 1986. A task force convened in 1986 found that both vol. 3 of ICD-9-CM and CPT had structural problems. A 1990 report from the National Committee concluded the following: the Subcommittee found structural problems with CPT in vol. 3 and that an ongoing study and evaluation of the feasibility of a uniform procedure code set is necessary. It was also stated that such an evaluation should address CMS' responsibility as a catalyst in determining the efficacy of a single procedure coding system.
Also in 1990, CMS awarded a contract for a pilot project that would review a specific chapter within the existing procedure coding systems and look for standardizing the nomenclature with definitions, recommending a standard format, and developing a cardio-vascular chapter that would replace the CM chapter in vol. 3 as a prototype. Additional funding was also provided for an additional chapter.
In 1993, the Subcommittee held three meetings and three working sessions dedicating a substantial portion of the meetings to developing and reviewing its report to recommend steps to be taken to create a single procedure classification.
The 1993 report had the following conclusions: the single procedure classification system should possess utility as a statistical classification and as an administrative tool. And the NCVHS ought to define characteristics of such a system. There was general resistance to altering existing systems except where changes are considered necessary to reflect current medical trends. Current systems are badly in need of overhaul and consolidation. It also noted that pressures for change arrived not only from end users who must contend with efficiencies of current systems but also from political forces that must address major health care reform. The Committee noted that data sets currently do not have the ability to track patients through the system as they enter and leave various health care settings over the course of an illness or over a long period of time.
The Committee also realized that the recognition of the necessity for the development and implementation of a single procedure classification was only the first step in a difficult and time consuming process. Public and private sector resources would be necessary to achieve successful and timely solutions to the issues addressed in the report.
In the report, commonly cited flaws of both ICD-9 and CPT were noted. For both classifications, lack of space for expansion, overlapping and duplicative codes, inconsistent and non current use of terminology, and lack of codes for preventive services, were major issues identified.
For vol. 3, insufficient specificity in detail was cited as a flaw as well as insufficient structure to capture new technology.
For CPT-4 it was noted that CPT was a non hierarchical structure and that its orientation was physician service and not multi-disciplinary, and that there were poorly defined non discreet coding categories with variable detail.
In 1994 HCVA announced plans to initiate a solicitation for a contract to develop a new procedure coding system. That new procedure coding system again was referred to as ICD-10-PCS.
In 1995 in the proceedings of the NCVHS, it again noted that there should be strong efforts to develop a single procedure coding system for the U.S. to replace vol. 3 in hospitals.
In March of 1995 HCVA awarded the contract to 3-M to develop ICD-10-PCS and again, PCS was developed using an open process.
In May of 1995 the Subcommittee convened hearings whose primary purposes was to discuss data needs of managed care organizations using the proposed criteria for a unified procedure classification. The consistent message in written and oral testimony given to the Subcommittee was that existing coding systems did not meet their needs.
Between 1996 and 1998, training materials, informal testing and training was conducted. There is detail at the end of the background materials in Appendix II that talks about the testing that was done and I know CMS staff is here to respond to any questions for those that would like additional detail.
The final version of ICD-10-PCS was posted in the Spring of 1998. It was also noted during CMS testimony of April 2002 that CMS had awarded a contract to 3-M to undertake any DRG conversion activities that would be required if ICD-10-PCS were to be named as a standard. Information on a conversion and PCS' incorporation into the DRG system would be made available as part of the annual in-patient respective payment system proposed in the final rule of the process.
In May 2001, at the ICD-9-CM Coordination and Maintenance Committee, which was the process used to update ICD-9-CM, testimony was received from 11 organizations regarding whether PCS should be considered a replacement for vol. 3 of ICD-9-CM. Of the 11 organizations, only one organization, the American Medical Association, did not support moving forward with the process that could eventually lead to the implementation of ICD-10-PCS. It was also noted by the presenters that there were issues related to timing and resources that were of concern.
In April 2002, CMS provided an overview of ICD-10-PCS to the Subcommittee and testimony was taken from at least six organizations regarding the need to transition from vol. 3 to ICD-10-PCS. Of those six organizations, one organization, Blue Cross/Blue Shield Association, indicated that NCVHS should thoroughly evaluate the impact of migration before making a recommendation to the Secretary.
In August of 2002 the GAO published a report entitled "HIPAA Standards Dual Code Sets are Acceptable for Reporting Medical Procedures." That full report is included in your packages.
As part of the concluding observations of the report, it was stated that the practical challenges of implementing a single procedure code set, the lack of empirical evidence to either support or disprove the merits of doing so, that the GAO believed that dual code sets for reporting medical procedures are acceptable under HIPAA.
August of 2002, the American Hospital Association sent a letter to Secretary Thompson summarizing their position that ICD-9-CM, both for diagnosis and procedures had outlived its usefulness and that there was a need to move to newer code sets.
August 29th, Blue Cross/Blue Shield Association, HIAA, and Aetna American Association of Health Plans, provided written and oral testimony to the Subcommittee on the possible replacement of ICD-9-CM, vols. 1, 2, and 3. Again, their recommendation was that the National Committee should wait until HIPAA mandates had been successfully implemented and that a thorough impact analysis, including the cause of benefit of migration and/or not migrating should be completed and that other alternatives should be assessed.
Last, in September 23rd of 2002, the AMA sent a letter to the Secretary which summarized their position which was that it was unnecessary and potentially detrimental to replace vol. 3 of ICD-9-CM, stating that it had served its purpose well. The AMA also cited the lack of involvement with organized medicine and the leadership of allied health professional in its development. Lastly, they urged the Department to consider adoption of CPT as a viable workable alternative to ICD-10-PCS.
A letter dated September 24th, 2002, signed by Blue Cross/Blue Shield Association, the American Association of Health Plans Joint Committee, HIAA, and the American Public Human Services Association, National Association of State Medicaid Directors was forwarded to Dr. Lumpkin. The letter urged that a detailed analysis on the impact of the replacement of ICD-9-CM on the entire health care industry be conducted prior to the NCVHS making a recommendation to the Secretary for Health and Human Services.
That is a very quick overview, everything that has happened since 1986.
MS. COLTIN: Ok. And there is more detail in the document that was in your packets for those of you who would like it.
Now what I think we're going to do is move to more specific issues around first, the transition of ICD-9-CM. Vols. 1 and 2 to ICD-10-CM.
DR. COHN: I'll lead that discussion and then Dr. McDonald will deal with the procedure issues as well as other things. I'm going to make a couple of general comments first. First of all I want to apologize to the full Committee, having had the opportunity to review all the literature that was provided, some of which I suggested so to give us sort of a broad overview. I live in California, it's a long way away, and I couldn't make it through all the documentation in my flight out yesterday, and so I think it's understandable if you're all a little confused or feeling a little overwhelmed by the information.
I think the intent here is to try to provide some background documentation that you will also be able to look at at your leisure while we sit here today beginning to give many of you a flavor for sort of the issues and the agonies that the Subcommittee has been dealing with and the lack of sort of consensus that we've sort of have been trying to deal with here.
Now as I said I'm going to talk to about diagnoses. I want to make a couple of comments just to try to sharpen the discussion so that at the end of the discussion at whatever time that is, it will probably be 2:15 or so, that we can actually get some, piece some things out of this.
Now one, I think a point of this conversation is to sort of begin to get acquainted and review some of the issues in the testimony that we've heard around both the diagnosis codes and procedures codes, and sort of some reflection on the lack of consensus that was exhibited within the Subcommittee as well as nationally, when you heard testimony. I will say that there is one thing which we will talk about more specifically, I know Clem will take the lead on this discussion, is I think the Subcommittee came away feeling that there was really a need for a cost-benefit study, and we're going to actually be asking you for some advice and guidance about how wide, where the edges should be, on that cost-benefit study.
And then the final question is, is there anything else that we as a full Committee should be doing in the meantime while were awaiting that, and that includes making recommendations, sending letters, etc. I guess from my view those are things that I think we should try to keep in mind as we move forward.
Now knowing that we have a couple of new members of the full Committee, you're probably wondering why in the heck are we even talking about this? Did I sign on for this particular discussion? And I would remind you that just as a very basic level setting that diagnosis and procedure code sets are medical code sets that are part of the HIPAA administrative transactions, and as part of the Kassebaum-Kennedy bill, the Health Insurance Portability and Accountability Act, we have responsibility for advising the Secretary on changes and modifications to all of that. So this really is within our bailiwick, and it's why the Subcommittee on Standards and Security began to hold hearings on this earlier this year.
Now, why is there so much contention? And let me try to at least describe at least one or two pieces of this just to help you understand why there's been, as I said, the room is full we're all sitting here talking about it and we've had a real problem. There is a fundamental cost here. The transition from ICD-9 to ICD-10 is going to cost a lot.
Now some of us believe that it may cost more than the actual implementation of the administrative and financial transaction rule. Now the truth is that in our testimony, no one, be it the government nor the private sector, was at this point willing to hazard a guess as to the costs of this transition. So we are left in a situation where many of us probably coming from at least some sort of business backgrounds, usually I think of benefits and then costs and make some sort of a decision, and not having any sense at all even after the testimony we did of really the scale of this left many of us uncomfortable. And certainly I think is reflected in some of the quests you see from the industry.
I think in addition, I think that there were many from the industry, and many industry groups and all that that felt that the benefits were not very well defined and perhaps a little speculative.
Now as I say all of this stuff I think there was fairly good consensus that ICD-9 is pretty broken at this point. Though once again I would sort of reflect that there seemed to be a whole variety of different views about the urgency of moving forward, which left the Subcommittee in some sense of confusion. So anyway, with that sort of introduction, let me just run through the ICD-10-CM issues and some of the advantages and disadvantages in issues as we sort of tried to distill them. And just be aware this is certainly not meant to be exhaustive, there's additional pieces that you'll see in the documents that you reviewed, and once again this is really not meant to give an opinion of the right answer but certainly to try to give you at least a view of what we've been dealing with.
Now one question that was certainly asked was has ICD-10-CM, which is the diagnosis piece of ICD-10, been adequately tested? And of course the observation here is that ICD-10, the generic version, has already been implemented internationally. There are other clinical modifications that are different but somewhat similar to what we're talking about that had been implemented in a number of other countries like Australia and Canada, although they are not exactly the same thing. But certainly a counterpoint or question here has to do with how extensively has it been tested with the unique mechanisms of the U.S. health care reimbursement system? And that's one that I think we sort of left, it would be nice to know potentially as part of a cost benefit study.
The next issue is, is the additional detail provided in ICD-10-CM necessary? And certainly the note here is the greater specificity is needed in the performance of a number of activities, including performance measurement, medical necessity and benefits determination. And the observation here that I would make on top of this is that I think there's no question that this would be a very valuable and a very important addition to the whole role of performance measurement. But of some interest and complete confusion was the fact that insurers and others that you would think would be primarily concerned with the issue of medical necessity and benefits determination didn't seem to share the same issues or urgency around that. And that's something that if we're going to do a cost-benefits, we once again need to look into further to make the case about this.
Because we didn't hear private insurers, for example, coming forward and saying boy, this would really be useful for me around these areas, even though conceptually you would think that that would make a lot of sense.
Now in terms of the cons and disadvantages, there's sort of the question of well geez, there's all that additional specificity, but if you're at the end of the day paying and using DRG level information, what are the benefits here? And that's once again something that we felt needed to be looked at further. And sort of the comment that we're seeing here is that the detail added to ICD-10-CM was in many cases added at the request of providers and other groups, but once again hasn't been looked at in quite the way we were just talking about.
Now, next question is, should the U.S. remain with ICD-9-CM, vol. 1 and 2? And certainly there is the observation that as we know, ICD-9 vols. 1 and 2 is widely implemented in the industry. In fact, at least to my knowledge, you can't really submit a bill basically without it. So all billing systems have it, many health care entities, provider groups or whatever, use ICD-9-CM actually in the internal workings of their systems. I think we heard enough testimony and I'm pretty convinced that the issue is that ICD-9-CM is currently broken, it's very old, it's 25 years plus, and we're having obviously problems incorporating new medical knowledge, that language is outdated and you can look at almost any section you want and see that. There's a loss of data, though exactly what that means probably would need to be further elucidated. Certainly ICD-10 has been implemented for mortality already in the United States and there is some disconnect between morbidity and ICD-9, mortality and ICD-10. The impact of that has not been well articulated in terms of the impact either on all the pieces we were looking at, but conceptually you would appreciate that that would be a problem over the long term.
And I guess the final comment, and actually, I have hand written notes here but I can't read them, so I'm going to have to hold that comment. Doctor's writing, there's a reason I got into computers.
Actually I think the one comment or question somebody had asked, are there ways that we could move to ICD-10-CM that might be minimally disruptive to the industry, recognizing the amount of implementation that exists in ICD-9 and the recognition that if we move to ICD-10 it really requires a major changes, upgrade, to all of the systems. And since all of you know the field length is different, it's now a, alpha-numeric code, etc., etc., etc. So once again, something that maybe we could look at in terms of a cost-benefit study, especially if we find the costs of doing one thing are very high, maybe there are some ways to mitigate some of that.
And what is the alternative to ICD-10-CM? Well, the only thing we know about is ICD-9-CM, so in reality, this one is less contentious than procedures, but still a lot of questions remain in terms of fundamental cost benefit, with at least some parts of the industry sort of saying well, show me this one a little more, explain to me the benefits that I'm going to accrue for the costs that I may have to spend on all this.
So are there questions about the diagnosis? I've sort of rambled on a little bit but I wanted to give you a flavor. Clem?
DR. MCDONALD: I have questions or comments. I guess just to clarify, ICD-9-CM is not the same as ICD-10, it's extended. ICD-10, maybe I didn't say that right. Some of the arguments, we want to be ICD-10 like the rest of the world, but ICD-10-CM is not the same, it's expanded, and what I really wanted to know is how much is expanded? How many codes are we talking about in ICD-10-CM versus ICD-10?
DR. COHN: Are you talking about ICD-9-CM or?
DR. MCDONALD: I'm taking about 10. I just don't understand the numerocity(?) of the code. My understanding is that it's mostly expanded in the injury area and that it really is very similar in the other area.
MS. PICKETT: No, there are actually some other expansions in other areas of the classification. The WHO basic version is an alpha-numeric four digit code. The 10-CM is an alpha-numeric six digit code with extensions for certain chapters.
DR. MCDONALD: But is it 14,000 to 20 million or is it 12,000?
MS. PICKETT: It's certainly not 20 million.
DR. MCDONALD: Well, that's something we might want to have to pay some attention to. The second thing is in some of the comments it was pointed out that there are terms in actually 9-CM that are not in 10-CM because of the phase differences from when they were developed. And so some of the testifiers said they please want to make sure you get the new CM terms, 9-CM terms, in 10-CM before we release it. And are there many of those? Are there 100's of those?
MS. PICKETT: There are some but there are not many. Many of the things that have been added to 9-CM have already been included in 10-CM, in fact if we had moved to 10-CM we wouldn't have had to worry about some of these updates. But the things that have been added to 9-CM that are not in 10-CM won't migrate into 10-CM.
DR. MCDONALD: One of the concerns that some people have about all these coding issues is because of the tight tie between coding and fraud and abuse, which depends on which side your on. Sometimes its like you can trip off, you stumble over something you don't understand and all of a sudden you're a criminal. Would that increase with more code granularity or decrease? Or will it go away?
MS. PICKETT: If one is looking at a code in ICD-9-CM, which is not very specific, if you're just looking at the code and not obtaining additional documentation, there is some potential for fraud and abuse, which in a 10-CM environment one would think that that would be reduced because the codes are more clinically specific and should reduce the instances of --
DR. MCDONALD: Well, I wasn't trying, my consciousness is not that we want to avoid fraud and abuse because I don't think there's much of it. I think it's really easy to make mistakes and get converted into, that is the more complex the picture gets, the more likely it is you get mal-accused. Some physicians view that it's just a game, trying to reject bills, I don't know if that's true or not, but there is that sentiment out and about, and some of this seems like it's a trick to catch in some simple mistake and so the complexity, if it gets more complex, a lot more granular there could be more opportunity to make those mistakes and it may be appreciated negatively by the clinical community.
I don't bill that much so I guess it doesn't matter to me but I do feel the pain.
MS. PICKETT: Dr. McDonald, also just as a point, the clinical detail that's been added to the classification actually came as a result of some of the medical specialty groups working with us so that we didn't add additional detail for the sake of adding additional detail, it was added by request and as a result of the years of use of ICD-9-CM and the identified adequacies and limitations of ICD-9-CM.
DR. MCDONALD: I can't express it well but there's very, very tight bindings between these coding systems billing payment remuneration and then the new game of don't make a mistake or you'll go to jail. I just want to bring that up because some of the motivation for these splits is also billing motivation, not a clinical judgment motivation, they want to distinguish a bigger job from a lesser job. I don't understand the full complexity of it but there are some deep and complicated realities there.
The last comment I want to make is I think ICD-9-CM has the same hierarchical built-in structure as 10. Is that right? And with the same limitations that you run out of space or something as you would in 10.
MS. PICKETT: It certainly could run out of space, however, the alpha-numeric way WHO set it up has allowed for better expansion than what could be done with a complete numeric system as it was in ICD-9.
DR. MCDONALD: Just to get on the record, at least some people in the informatics community have described ideal code systems, which don’t include such structure to avoid that problem forever, and they testified at various things. I think we should at least be conscious of the fact that we're going to continue to get sort of talk about something being broken when there's no reason for it to break, there's always one more number. There's a lot of them out there, but it's the structure that creates the brokenness, or makes these things get broken.
MS. BEREK: Judy Berek from CMS. The first three years I was in CMS I was responsible for program integrity so let me just comment on that. I think if we get more information in the code set, first of all we will be requesting fewer medical records, and it is actually a request for medical records convinces people there's a fraud investigation going on, which is not in fact necessarily true. But the more information we get from the coded information the less we would have to be requesting medical records and further information, the fewer cases of what we could even call false positives. We would have less inclination because we would have more information from the automated system to have to go in and do research. So I think in fact more detailed code sets, although there might be more room for error, there is more information which is going to make it less likely to create what appear to be fraud investigations that are in fact not fraud investigations. We're just to gather information, so I think in fact it will have the opposite effect, rather than increasing investigations it will decrease.
MS. STARFIELD: I think there's a figure in here, 22,000, I can't find it now, but it's somewhere in there. Right now in ICD-9-CM we've got almost 20,000, so it's not a huge increase.
DR. MCDONALD: One last thing is about there's some complicated, weird I'll actually call them, rules in ICD-9-CM which I'd be pleased if I heard they went away in 10, which has to do with the fact you can't write a diagnosis that would be telling you a lot of truth writing another diagnosis as what looks like to be part of a silly rule. For example you can't just say I have diabetes nephropathy without also saying they have diabetes, because that's, it's just weird, because it all says it by implication. And that I think as with the billing rules and the checking rules, those same structures exist in 10, and I guess I wanted to know if we could change the rules about how you had to report them, because it really makes it hard for computer systems and extra work for providers and check-outers and all the rest. Can anybody respond to that?
MS. PICKET: Are you referring to the hierarchical rules for diabetes, the diabetes code has to be principle diagnosis and the manifestation is secondary? What we've done in ICD-10-CM, we've not done it necessarily across the board, but conditions that have proved to be most vexing to a number of people, we actually have combination codes in ICD-10-CM that actually link within one code the concepts that you're describing. So in some instances, specifically in diabetes, it's no longer having to report necessarily two or three codes, but there may be an opportunity to present just one code.
DR. MCDONALD: Well, if there is further thought given to this, get rid of that crazy appendices one, the leaf code says it, it says diabetic nephropathy, but somehow you're doing something wrong if you don't also say diabetes.
MS. PICKETT: I understand your concern but the conventions that you're describing are WHO conventions that are internally used. For us to subvert that has the potential for rendering U.S. data non comparable to the international community.
DR. MCDONALD: I bet you we could get a medical informatics fellow to write the program for your statistical purpose that would give you the correction and not have to get the billing tangles built into it, built into the billing thing. It really is not noxious. That's enough on that.
MS. PICKETT: The classification is used for more purposes than reimbursement. I understand that reimbursement issues are extremely important, but so are the public health and vital and health statistic issues for which the classification is also used for.
DR. HARDING: Maybe Simon could clarify just on the second page of the handout, you said something about this Simon and if you could just help me. You said that greater specificity is needed in the performance and so forth, and then given that the information is rolled up in the DRG's, it sounds like the payers aren't asking for this. Who uses the specificity that is being asked for or would be available? Who are the users?
DR. COHN: Without trying to answer the question I think I was asking some of the same questions which I think we needed to get down to the cost-benefit. There's no question that for performance measurement, this would be wonderful. I mean indeed look at the specificity of geez, follow-up, orthopedic fracture visit for non-union, which is a code in ICD-10-CM, this stuff could be like a gold-mine. I guess I had expected and was somewhat surprised when we heard testimony from the insurers, now this is not necessarily CMS, but this is other insurers, that didn't seem, that seemed unconvinced about this, even though to me it sort of makes intuitive sense, and maybe it's something we need to sort of show them that there's value here. But they came in being somewhat skeptical that there was really going to be a lot of value to this, so rather than giving you the answer I shrug my shoulders and somewhat share the question with you.
DR. HARDING: But the speculation is public health wouldn't be able to, is that?
MS. COLTIN: I just wanted to weigh in on this. I think there's often a tendency when you look at these codes because of the focus sometimes on the in-patient setting to ignore the fact that these codes are also used in the out-patient setting. So while the procedure coding systems diverge, the diagnosis coding system is the same regardless of where care is taking place. And DRG's are only really used in the in-patient setting. And so for hospital out-patient services, or for services that may be provided in a skilled nursing facility or other settings, the specific diagnosis codes are used for reimbursement by many payers.
MS. BEREK: And in Medicare, the codes are what leads us to the DRG so that in fact the codes are very important for the DRG.
MS. COLTIN: Anyone else?
DR. MCDONALD: Just to press on the issue of specificity, the DRG's there's 360 or 390 DRG's, which is not very specific, so if we're going to a more specific set, to still get back to the same less specific set, that doesn't seem like it's good, I mean that can't be the justification in the context of hospitals. I think what you were saying is we need more specificity in the out-patient, I didn't hear that, say it out loud if that's what --
MS. COLTIN: I did say that, that is what I said. Ok, are there any other comments? Then do we want to break for lunch now before the procedure? So we'll come back at 1:30 and discuss procedure coding.
[Whereupon, at 12:45 p.m., the meeting was recessed, to reconvene at 1:45 p.m., the same afternoon, November 10, 2002.]
DR. COHN: Back into the code set issues we have a couple of presentations here.
MS. GREENBERG: Unfortunately Simon's microphone is falling apart here. Actually the moral of this story is that if you stay on the Committee long enough you get a really cool certificate because I think these are really the nicest ones I have seen and we are very happy to present them to some of the nicest members we've ever had. Very hard working and long suffering. These are folks who have really contributed tremendously and it's been an honor to be able to participate in making these awards. I'm going to read the letters, each letter and Jim is going to, these are letters from the Secretary, they haven't been on quite that long.
This one is to Kathy Coltin. Dear Ms. Coltin: It gives me pleasure to award you this certificate of appreciation for your eight years of service to the Department of Health and Human Services as a member of the National Committee on Vital and Health Statistics.
This Committee is one of the oldest and most prestigious advisory groups serving the Department. It's recommendations have helped shape health statistics, health data standards, health information policy and epidemiology for our nation, and has had a profound impact on new legislation.
Your knowledge, expertise and experience have contributed greatly to the excellent work of this committee. We wish particularly to commend you for the time, effort, leadership and council you provided as a member and as chair of the Workgroup on Quality and as a member on the Subcommittee on Populations and the Executive Subcommittee.
Only the very best are asked to serve and we are proud to have had the opportunity to associate with you in this endeavor. Should the occasion arise, we would like to feel free to call upon you for further assistance.
Sincerely, Tommy G. Thompson
MS. COLTIN: Thank you very much. It's been a pleasure.
MS. GREENBERG: The next letter goes to Daniel Friedman. Dear Dr. Friedman: It gives me pleasure to award you this certificate of appreciation for your five years of service to the Department of Health and Human services as a member of the National Committee on Vital and Health Statistics.
The Committee is one of the oldest and most prestigious advisory groups serving the Department, etc.
Your knowledge, expertise and experience have contributed greatly to the excellent work of this committee. We wish particularly to commend you for the time, effort, leadership and council you provided as a member and chair on the Workgroup on Health Statistics for the 21st Century and as a member on the Subcommittee on Populations, the Workgroup on NHII and the Executive Subcommittee.
Only the very best are asked to serve and we are proud to have had the opportunity to associate with you in this endeavor. Should the occasion arise, we would like to feel free to call upon you for further assistance.
Sincerely, Tommy G. Thompson
Please come forward and get your certificate.
Paul Newacheck. Dear Dr. Newacheck: It gives me pleasure to award you this certificate of appreciation for your five years of service to the Department of Health and Human Services as a member of the National Committee on Vital and Health Statistics.
It seems longer than that to you I know.
This Committee is one of the oldest and most prestigious advisory groups serving the Department.
I don't know if the new members know this Committee does go back to 1949, so in fact that is a very true statement. It precedes the Department in fact.
Your knowledge, expertise and experience have contributed greatly to the excellent work of this committee. We wish particularly to commend you for the time, effort, leadership and council you provided as a member of the Subcommittee on Populations and the Workgroup on Health Statistics for the 21st Century.
Only the very best are asked to serve and we are proud to have had the opportunity to associate with you in this endeavor. Should the occasion arise, we would like to feel free to call upon you for further assistance and your phone number is in our rolodex.
And last but certainly not least, Dr. Barbara Starfield. To whom it gives me pleasure to award you this certificate of appreciation for your eight years of service to the Department of Health and Human Services as a member of the National Committee on Vital and Health Statistics.
As we know how old and prestigious this advisory group is.
Your knowledge, expertise and experience have contributed greatly to the excellent work of this committee. We wish particularly to commend you for the time, effort, leadership and council you provided as a member of the Subcommittee on Populations, the Executive Subcommittee and the Workgroup on Health Statistics for the 21st Century and the NHII Workgroup --
DR. STARFIELD: And Standards and Security.
MS. GREENBERG: And Standards and Security. Yes, we will, fortunately these letters have not yet been signed, so this is what they call a dry run, and probably when we re-do your letter Dan we can even put the J. in.
Only the very best are asked to serve and we are proud to have had the opportunity to associate with you in this endeavor. Should the occasion arise, we would like to feel free to call upon you for further assistance.
MS. COLTIN: Ok, so now we're going to get back to the agenda and pick up where we left off just before lunch which was to hear about issues in transitioning from ICD-9 vol. 3 to ICD-10-PCS.
DR. HUFF: I realized when we got into the history of this that I have a potential conflict of interest in this area so I'll recuse myself from this particular part of the discussion.
MS. COLTIN: Alright thank you.
DR. MCDONALD: I'm going to have trouble repeating the great job Simon did, on kind of laying out the land. But I think, there are certainly two sides to the, there's strong forces that would like to see ICD-10-PCS be installed as quickly as possible and the letter I think we got from AHA maybe states this most clearly, that they would like to see ICD-10-PCS replace ICD-9 vol. 3 at the same time, as fast as possible and at the same time as the ICD-9 would be replaced by CM. And they also assert in this that they would not want to have CPT be an in-patient coding system.
We have a table I think that people handed out about various issues, the ICD-10-CM issues and then going for about five pages, six pages, ICD-10-PCS issues. And I'm not going to try to go through these all one at a time because you all can read it. I do want to lay out some of the dimension that I had concern about, or at least the dimensions of the differences.
There were roughly 3,000 codes in a space of 10,000, or 9,999 in ICD-9-CM, vol. 3. And there are 194,000 codes in ICD-10-PCS. These are tongue twisters. From a space of maybe a billion, it's a big space, because there's alpha-characters in the space. But the ICD-9-CM is used only for in hospitals and is used only for basically medical procedure billing, or medical procedure recording. There are codes in there for laboratory and maybe radiology but very few. ICD-10-PCS is also intended for use primarily or maybe only for medical procedures, medical health procedures billing. I'm not saying right, but it's not intended to be used for laboratory or not being promoted for use in laboratory or radiology, and hospitals don't currently code those things that way. Is that a correct statement? But it does have this bigger breadth.
The pilot project we heard discussion of, and I just wanted to describe the studies that were done and put it in context. There was 2500 charts, I think there were two different contractors of CMS, were chosen. These were the contractors who were doing regular work for CMS for other kinds of things, I think mostly quality assurance or the PRO sort of stuff. Is that right? Is that the kind of work they were doing? And the two of them were selected to special studies of IC and PCS and I think each, I may be wrong about that, took 2500 charts, selected for a nice distribution and relatively randomly, to see, it was a formative study, to see how it worked and got feedback back to 3-M to correct and adjust errors and help with the tooling.
Then they did a serious study and I think each of them did this with a 100 cases. There were four coders in each case. I think in one instance the coders had many, many years of experience, the other instance maybe four years of experience. The coders in both cases had worked in the 2500 so they'd gotten some experience. And what I had kind of fussed about before was we had no real numbers but in this latest report, this package is very informative for those of you who haven't browsed through it, and the document I think that's most informative is the one that's called the Overview of ICD-9-CM and the Development of ICD-10-CM and ICD-10-PCS. And in this document, one of the group says there was no significant difference in the coding with ICD-9, the 100 charts they did both with ICD-9-CM and with ICD-10-PCS. And one of the groups reported their results as there was no significant difference in the coding time between the two and made some comments about the training issues.
The other one gave a little more detail and they said it's 1.93 minutes for ICD-9 and it's 3.6 minutes for ICD-10-PCS for these 100 cases. So that was some data but there was no statistics on it. Four coders were the ones who did it who had had a fair amount of experience. They did make a couple of comments that were a little more sharper. They said, if I can read my own writing, learning a new coding system that changes as drastically as ICD-10-PCS will be difficult for all involved. And there was some other comments that suggested this might not be a roll in the park.
There were also some criticisms at that time which I presume are corrected of the index, they more or less said the index stunk and they didn't use it, I'm paraphrasing.
So what we heard in terms, we heard sort of the pros in terms of really strong support for moving rapidly to ICD-10-PCS. The cons mostly came from the insurance carriers who were real worried about it. It's a bigger field, it was mapped to any of the tools that they were already using, they didn't know how it was all going to work out. So they were quite concerned about it and didn't know what good would come out of it.
Now the arguments for it and I'm going to try to articulate them from the hospital side and I don't quite get it so I'm not going to do it well so someone else should chime in, was that the ICD-10-PCS, ICD-9 vol. 3 is just not enough, it's too skinny, there aren't enough codes in it, and then 3 is in trouble because you can't put codes in certain place, although there are actually literally another 7,000 codes left. I want to remind people this is used principally for surgical and medical procedures, if not exclusively, that CPT was not of any use of any kind. But I also remind people that to the best of my knowledge, all those same procedures get codes as CPT at least in the environment of the hospital if not by the hospital. In our hospital the surgery log has CPT codes in it and so that, and I know there's a lot of discomfort between these groups about CPT having to do maybe with what it's charged for or maybe some other stuff, I don't quite understand. Maybe how things are tied into the DRG's, which is why maybe CPT, but I don't see for medical procedures a difference with it to be that specialized. Because in one case it's a medical procedure done in a hospital in another case it's a medical procedure done in a hospital by a physician. Or maybe another health provider who, dentists, I'm sure, I don't know which class of providers who uses CPT.
So, my major issue really was we got 100 cases studied to find out what this, how good it is, and people said it's good, and it just didn't seem like enough study to feel good about saying we as an expert community say the country is ready for this.
Now this is in the light of our previous proposal to use NDC codes as a coding system, which we thought made sense and we all just agreed to it and then we got kind of slammed over the back side of the head by the communities who said we can't use it for certain environments. We can't use it for the in-patient setting. So I just didn't want to repeat that, I'm a little worried about repeating that same course of action without being sure that this will really be liked by everybody and it will be easy to use.
Now a positive on my side, it is no cost, I think that's a major plus. It is a structure built in the code but it has some significant sense to it and many parts of it. It's like eight axis code, so that might make it easier to use in some ways. With that I guess we open it to discussion and if people want to get into the very specific pros and cons in this document that's ok, too.
MS. COLTIN: Would people like to walk through the specific questions and issues that are listed on the matrix as we did for diagnosis? I think that may be worth doing.
DR. MCDONALD: Page two, has ICD-10-PCS been adequately tested? And I described the testing, there has been testing done, and I think that's probably adequately discussed. Are we going to discuss these or just kind of lay them out and see if people want to jump in?
MS. COLTIN: Just lay them out at this point.
DR. MCDONALD: Is additional detail provided in ICD-10-PCS necessary? The advantages are greater specificity could reduce fraud and abuse investigations, greater specificity could facilitate outcome analysis. And the cons, given that the information is rolled up into DRG's, what's the value of having more specific data? I'm just reading this, I didn't write this. Comments?
Physician groups, Congress, industrial representatives have requested additional detail. That I guess, I don’t know how to represent that because at the testimony the physician groups weren't asking for it. The comment says physician groups, Congress and industrial representatives have requested additional detail. The physician group demand didn't come out in the testimony for additional detail.
Page three, should U.S. remain with ICD-9-CM vol. 3? The advantages, currently included in a number of systems, public health, reimbursement, performance measurements, medical necessity benefits, etc. Disadvantages, cannot adequately accommodate new technology.
The next line, is there an urgent need to transition to ICD-10-PCS. The pros, stakeholders and BIPA 2000, what is BIPA?
MS. PICKETT: BIPA is the Benefits Improvement and Protections Act of 2000.
DR. MCDONALD: Concern about inability to capture data. Cons, disadvantages, concerns it's a major change from ICD-9 and many testifiers recommend moving forward. Payers did not have a sense of urgency as related to this. Actually, the way I hear them, they were kind of negative about it. I didn't hear a consensus. The four of the six, two were against, four were for at the one testimony in terms of the comments.
On page four, issues, should there be a single procedure coding system? NCVHS in 1993 recommended moving toward a single procedure class system. The cons, disadvantage, NCVHS and GAO reports that neither of the two coding systems suffice as a single procedure code set. GAO has said that implementing a single set would involve a significant cost and time regardless of the set-up adopted. GAO reported that more study is needed to examine the possible benefits of a single code system. I don't read those as disadvantages, I just, worries I'd say.
Comments. AHA does not support adoption of a single procedure classification for all services. This issue has been a long-standing issue and has been contentious.
Page five. What are the alternatives to ICD-10-PCS and should they be explored? And we don't have pros and cons here but the comments are ICD-9-CM vol. 3, and I think another obvious alternative is CPT but there's people that are definitely against it, and there's procedure classification which have been developed in other countries and I don't think they've been explored carefully by any of the parties involved in this. If they have we ought to hear about them. What's laid out as a comment is that there are some other classification systems, Canada and Australia have them, do we know, does anyone know about them? Are these serious?
MS. GREENBERG: Donna has some familiarity with them but they certainly haven't been systematically looked at by the Committee.
DR. MCDONALD: Should these be looked at in a review, if we do a study, are they contenders or are they little bitty things?
MS. GREENBERG: If a study were done, because we're the only country that uses two procedure classifications, I think if a study were done on single procedure classification you might want to look at what some other countries are doing. The World Health Organization at its collaborating centers are actually looking at possibly developing an international classification but primarily for those countries that don't have a current procedure classification system, which I think includes us, but anyway, it seems, it's unlikely that countries that have their own are going to adopt this international version.
DR. MCDONALD: Page six. Is there a need to conduct cost benefit analysis? We don't have a pro or con. I'll state one, the pro would be that we'd know more and could make a better decision, the con, it will take longer. Those are probably the trade-offs on that choice. And the comments are that Blue Cross/Blue Shield Health Insurance Association of American, American Public Human Services Association, National Association of State Medicaid Directors, Joint Commission on Accreditation of Health Care Organizations, in a letter to Secretary Thompson, express need to have analysis performed before moving to an NPRM. In the Subcommittee on Standards and Security, plans to commission a cost-benefit impact analysis, so I guess if we plan to do it, why are we talking about it? We were supportive of that idea, this is to be, that we decided here.
Page seven. Should the NCVHS recommend that the Department begin work on the development of an NPRM prior to completion of cost-benefit analysis? The pros, advantages, waiting until completion, well I think this is the same thing. It will take longer if we do that, we won't have the knowledge to make the judgment if we don't, forgive my paraphrasing. Fortunately this is big print so it's not taking as long to read it as otherwise it might.
Comments, in either case, cost-benefit analysis will inform the impact analysis section of NPRM and no one in the government or industry appears to have a comprehensive understanding of the costs of implementation.
Next line, should cost benefit analysis include costs and benefits of using CPT-4 as a replacement of vol. 3? The pros, advantages, well what's written here, this has been suggested by some testifiers. And the cons, this is viewed by others as a separate issue. I don't know that they're really, those are really valid pros and cons but I can't make one up on the fly here.
Page eight. Should ICD-10-CM and ICD-10-PCS be implemented simultaneously? Pros, advantages, reduced implementation costs, limits transition period when disruption of data quality, coding accuracy and coding productivity, significant burden to stakeholder to update all software and reimbursement systems on different schedules. Cons, there is more agreement on replacing ICD-9-CM than the PCS. And given the amount of controversy related to ICD-10-PCS trying to do both may delay implementation of the former.
The comments, simultaneous implementation supported by stakeholders that have provided testimony before the Subcommittee on Standards and Security, AHA, AHEMA(?) and FHA, the vendor panel was softer on that I thought.
That's it.
MS. COLTIN: Ok, we need questions regarding the issues or other issues that people would like to bring up. Jeff?
MR. BLAIR: I don't really have a question, what I do have is some suggestions relating to the cost-benefit study. Did you want to entertain these comments now or later on?
MS. COLTIN: Well I think we'd like to get all the issues on the table first and then discuss sort of what the next steps are and I think that that clearly is one of the next steps that we'll want to discuss.
DR. MCDONALD: Well, I know another person at the table had some comments, I don't know if they want to contribute or not. Does anyone else have any heartfelt thoughts on this matter?
DR. FITZMAURICE: I've got a clarifying question and that is the different between CPT-4 and ICD-10-PCS or CM for procedures, is there a difference in that sometimes in a hospital, somebody other than a physician might do a procedure, is that an issue or in every case if it requires a physician than a physician does it and the coding would be the same. That is, would you choose system because it allows you more flexibility in who does the procedure than the other coding system?
DR. MCDONALD: Let me just guess --
MR. BEBEE: Michael Bebee with the American Medical Association. CPT does not specify who needs to do the procedure, whether it's a physician or a non physician health professional, or indeed the type of training required by the physician.
MS. LEON-CHISEN: Nellie Leon-Chisen, American Hospital Association. While what Michael just said is true that in the majority of the cases the code does not specify who performs the procedure, there are differences in how the codes are applied. Where in some instances, very few instances, there are cases where the code may say be performed by a physician and for the facility, it may mean that the procedure needs to be performed by a physician but the facility can't still use that code to report that procedure while it's done in the hospital. But in other instances, depending on different payers application, it may mean that a payer will say no, you cannot use that code, because for a hospital we really want a different code.
And one of the problems for us is that won't the CPT codes, a lot of the decisions are made based on how much physician work is involved so that if there's very little difference in the amount of physician work, it may not have a separate code or may be bundled into an existing code, but there may be differences in facility resources in terms of maybe supplies, devices that are used, technical and support staff, whether there's a nurse involved or any technical, in the departments of radiology and so forth.
DR. STARFIELD: I don't see how we as a country can go along and do things that don't meet international standards. Our costs are so high because we do so many procedures, not really anything else. Population doesn't use services more, we're not hospitalized more because we do more. And to understand that, I mean I think we have to be compatible with the rest of the world so I'd appreciate hearing from Marjorie or anyone else who can tell me how fast WHO is moving, whether we can be in on those discussions right from the beginning at least to think about the issues that are being raised and the way they're going to go about it. My druthers are to wait for something that's internationally compatible even though I'd love to have it right now.
MS. GREENBERG: I think given resources at WHO, which is very small, that this is not going to happen any time soon. What is happening fairly, has actually happened, is that the Australian interventions classification has been adapted for international use for countries that do not currently have their own procedure classification. It's actually been streamlined quite a bit because these countries that don't have their own current classification tend to have a much less complex health care system and also are more in need of less probably highly technical interventions, etc. The full Australian classification could be looked at as for use in the U.S. particularly if we were going to look at a single procedure classification, I think you might want to look at the other international classifications.
But the current thinking among most of the countries that have these classification systems such as the United Kingdom, Canada, Australia, Germany, others, is that even if an international classification were developed for use by countries that do not have their own classifications, these countries that have their own are unlikely to adopt this other classification. And what we're looking at, although I must say there are some who think it would be nice if everyone, for the exact reasons that Barbara has stated, the thought is that probably what we need to be working towards at a minimum is mapping to a single set of sentinel procedures or another way in which we could group like procedures so that outcome studies and utilization and all of that can be looked at. Because this is a growing interest internationally and at WHO so I think the current thinking is that it would not require everyone to use the same classification system but we would want any classification system used by a country, procedure classification, to be able to map to some comparative framework. And we are working on that and I believe there may even be an expert group established to look at that.
MS. COLTIN: I think also it is important to recognize that these systems are used for more than just reimbursement. Particularly in the hospital setting where they're used a lot to support research, quality assessment, and other functions that there are differences between a coding system and a coding and classification system and the structure of the system itself can make it better or worse in terms of it's usefulness in supporting these other purposes besides reimbursement. Something to consider. Jeff?
MR. BLAIR: This is actually a question. Have we done any exploration, we, Pat Brooks, maybe, by 2006 which would probably be the earliest time if we go forward aggressively with ICD-10-CM and ICD-10-PCS, at that point, what portion of the coding would be manually and what portion of it would be done by computer systems? Do we have any idea? Because I'm wondering if that changes the dynamic somewhat in terms of how we construct a cost-benefit.
DR. BROOKS: I'm Pat Brooks. I think probably Nellie and Sue probably could address the number of people who use in coders if that's what you're saying about use computers. Currently probably over half of the coders I believe, I can say that number safely, probably have software packages that assist in arriving at the correct code as opposed to just using paper books. It seems to be growing every year and they would probably be better at answering that question.
If I could just say one thing though while I have you here, it concerns me somewhat people talking or expressing some concern about the number of codes we have and then in the same sentence we talk about improving data and maybe even go to electronic records. The two don't seem to go together. If you're for better data then you can handle these systems, then you look towards the future and you expand, and reducing the number of codes and worrying about a computer handling doesn't seem to be the way we want to move in this country. If you do car repairs today we don't worry about how many codes are listed for parts, you have parts for the specific thing you need, and I think that's where our technology should go and where users and hospitals want to go is if I do something, I want to have an option to capture it and classify it, and that's what we when we envision developing a new procedure coding system, that's what we were thinking about, not just saying well, we better not go more than 20,000 or all the computers will break. We said let's design it logically so it doesn't overlap and so that we have enough codes so that when we give you a code you know precisely what was done and that you have the ability to expand, and I think that's what 10-PCS is all about. I'll let Sue or Donna talk about the users, they're more day to day in touch with that.
MS. PROPHET-BOWMAN: Sue Prophet-Bowman with the American Health Information Management Association. Pat is definitely correct, we see a growing use of end coders and other electronic systems to facilitate the process of coding. However, the concept of auto coding, which is what I think the question may have been, a point towards we see as probably well off in the future. There are some limited applications out there right now for areas where it's very specific and limited uses of codes, for example, radiology in the emergency room. But with all of the complexities in our health care system, reimbursement system, rules, analyzing documentation to develop the correct codes applicable to a particular episode of care, the concept of true auto coding without any or very little human intervention in the assignment of codes we see well off into the future. Certainly not by 2006.
MS. GREENBERG: Just on that line, I think that one observation that could be made and again I know Sue has done some work with this related to ICD-10-CM, I'm not sure if she's also done it for 10-PCS, but that the mapping from a specific clinical vocabulary to a classification I think would be much easier and richer to a more detailed classification such as either 10-CM or 10-PCS in that not as many unlike things are grouped together in the newer classifications, the terminology is more current in the new classifications, etc., so that the assumption is that even with clinical vocabulary you are going to need to map for a number of purposes to classifications. But either Sue or Nellie I know have done some work in this area.
MS. LEON-CHISEN: Actually, I was going to address the issue. I just wanted to get back to the point that Sue Prophet-Bowman was talking about in terms of the auto coders that even if they would be here today or tomorrow, keep in mind just like you heard earlier in relation to the privacy hearings, there are still smaller providers, especially like in the rural hospitals that they are not able to afford big computers. So although the majority of the large facilities and probably all of the big hospital university facilities are using the end coders, the smaller ones are still working with the books. So one of the reasons that we like ICD-10-PCS was that it had the capability to work with computers but also you could just use a book. It may be a slightly bigger book then what you're seeing today but you can work with that and you can follow a grid and manually identify what the codes should be and make sense out of it.
MS. COLTIN: Any other questions or issues?
DR. MCDONALD: Well this is a response to the idea, I don't think, coding is currently, interest, in terms of human efforts, that is humans have to go through and figure stuff out, make judgments, and then pick from the whole list of choices. At any place that's been studied, the longer the menu the harder it is to pick the right one. I'm neutral about that per se. What I worry about is the idea that we're going to shoe-horn all the medical knowledge into some massive coding system when the truth is the whole thing about this diabetic and the in control out of control, which is a bunch of hooey, we should just report the Hemoglobin A1C which we can get out of a machine now without any humans involved and do better analyses and make better judgments and do better outcomes than we'll ever get out of these coding things. So I just worry about an overly hypertified(?) coding system that may inhibit, let's get the real data and make these judgments with logistic aggression and other kind of tools.
MS. COLTIN: Would Tom Gustafson like to make any comments on this issue?
DR. GUSTAFSON: I can't avoid the opportunity presented so politely. Thank you very much. I'm Tom Gustafson. I'm the Director of the Hospital and Ambulatory Policy Group within the Centers for Medicare and Medicaid Services. So my group writes the payment regulations that govern the payment for hospitals and for physicians, so we are familiar with both coding systems that have been discussed and have Brooks as part of my staff and he tells me what I need to know about this subject in general.
I hadn't prepared any remarks or anything but the general posture of the agency is that we feel as a payer very constrained by the existing ICD-9 system and feel that a replacement is inevitable. We can argue at some length and I think we should argue at some length about exactly what the timing of that is, how it proceeds. And we have obviously placed a great deal of investment in ICD-10, a belief it has a great deal of technological superiority over the ICD-9 coding system. So that I believe, although we have not vetted this up the line yet, that our recommendation to the Secretary will be to move to ICD-10 and to move to that with a reasonable degree of speed and a reasonable degree of flexibility attached to that. We will be watching the Committee's deliberations on this with great care.
MS. GREENBERG: Could I just ask you Tom and you can or you cannot, but if you could comment on since the issue has been raised and it's covered in here about whether CPT could, the issues has been raised about whether CPT could be used in the in-patient environment to replace 9-CM, vol. 3, and I just wondered if you could comment on that.
DR. GUSTAFSON: I will. That's another very complex subject, one we've wrestled with a bit ourselves. I think the short story on that is to basically understand that CPT is a procedure based coding system as is either of the ICD systems, ICD-9 or ICD-10. So that the discussion earlier about how they sort of covered the same landscape, and you might think that gee, wouldn't one do in both circumstances. That is an issue that has been vetted before this Committee for over a decade, and the conclusion has repeatedly been as I understand it, although I've certainly not been present as long as some of these people receiving plaques today, that it didn't quite work as well as one might hope. This might be the holy grail to have a common coding system that could work in all circumstances, but it is not something that is available to us really right at the moment. Basically my response would be that the ICD systems are designed for use in paying facilities, remember we view these as payers as how do we pay the right amount, appropriate amount for services that are delivered in a facility. CPT is designed for use in paying for physicians and we actually use the CPT system for paying the physician for the services he provides, he or she provides, in the hospitals, so the two are not completely on different planets or something of that sort. But the differentiation, the degree of granularity differs within the two systems depending on what we're interested in dealing with so that for instance in the physician area, it may make no difference to a physician whether he performs a particular service with or without a particular device, or there are codes that are described with or without. And in terms of the physician work, it doesn't matter materially.
In terms of the resources available to the hospital, it may matter very greatly, because somebody has to pay for that device and it's the hospital we're paying for the device. Or similarly the coding in CPT may not differentiate between open and laparoscopic procedures I understand in some circumstances because there's been a desire to compress and make sure that the coding is the same and hence that the payment would be the same for those two services. But again, in the hospital setting, the resources caring for a patient that has had an open procedure would obviously be much greater than for a laparoscopic procedure, we have to respect that.
Similarly working the other way, CPT differentiates on the basis of what physicians do, some of which relates to office services that the hospital would have no knowledge of, no need to know about. So that attempting to use the same system in both places raises difficulties because you would have to have a universe of granularity that was similar in the two circumstances.
Putting this differently, in replacing I-9, we needed to go to something that's better. I-10 is a candidate that is available. CPT I submit to you is not ready for that activity. CPT could replace I-9 but only if CPT were significantly adapted to fit within the hospital setting so that it would need homework, it might take a while to do that, coding systems don't necessarily spring up over night and so forth. So if the Committee wanted to preserve that as a choice I think they should recognize that that would increase the time lag involved in moving to a new system.
DR. STARFIELD: I just want to clarify, so when you recommend the ICD-10 procedure, you're recommending it for both facilities and physicians, in your mind you are, no?
DR. GUSTAFSON: No, we've been only interested in replacing for facilities, and I'd like to underline that very clearly. That I-10, just as I said CPT is not ready to move into the in-patient setting, at least in our view, I-10 is not ready to move into a physician environment, it simply doesn't have the sufficient codes, particularly on evaluation and management kinds of codes, the bread and butter office visits aren't coded in the hospital setting, and so they're not there in this code set. It would require homework in order to make it ready to use in that environment, and we are not currently in that line of development, at least at present.
DR. FITZMAURICE: Tom I've got a puzzle that I'd like you to try to solve but I'm not sure that it can be solved. On the one hand we hear perhaps the largest and aggregate private health insurers saying we think we need to slow down, we don't want to rush into ICD-10-PCS or ICD-10, we're not sure that we need it, maybe we can get along with what we have for quite a while longer. And on the other hand, probably the largest health insurer in the nation, the Medicare program, says we're ready to move to ICD-10-PCS, we're ready to go to ICD-10, we think there are advantages to it. So the puzzle is how can there be advantages to a health plan that's run by the government when the privacy sector doesn't see those health advantages? Why the difference between the two largest insurance organizations coming down on different sides of this?
DR. GUSTAFSON: I'm actually, I'm not sure I can provide you the full picture because I'm not entirely sure of all of what's motivating the privacy insurers thinking on the subject. I believe that in no small amount that their concern relates to transition questions and the costs involved in that transition and I think we all need to acknowledge that those are there and they need to be looked at. We need to, we don't want to walk off this pier without knowing that there's water there to fall into or whatever. I think we are conscious of the need to move forward with advancing medical technology, by which I mean both differentiation in terms of what kinds of procedures may be being performed as physicians learn new and different ways to do things to our bodies. But also in terms of reflecting the increased use and rapidly increasing pace of medical technological change in the hospital setting, that's true in other settings as well but it's binding, the code system binds us in this area.
What I'm speaking about there is use of medical devices, use of high powered drugs, things that weren't even dreamed of when this system was set up in the first place. So this year for instance, just to give you one example, we received information indicating that drug alluding stents were going to be an extremely important issue for hospitals and our payment for hospitals within this fiscal year. That is a substantial innovation, a breakthrough innovation in terms of stenting technology for cardiac use and the FDA has the approval of that before it right at the moment. We're anticipating that that approval will be favorable and we would be in a circumstance where hospitals would be moving towards using these stents which are significantly more expensive than the regular stents, and we would be stuck at ground zero not having any particular way to pay any more for that.
So what we did this year was create special codes, special DRG's for those stents, so that we will now have DRG's for basically garden-variety stent operations and those with drug alluding stents. In order to do that, we needed to have ICD-9 codes established for the drug alluding stents because the ICD-9 codes progress upward to the DRG's as was discussed earlier but it becomes very important to know exactly which ICD-9 codes you have in which bundle. So this is one where if you have the drug alluding stent code, you map to one DRG and if you have a non-drug alluding stent code you map to another one and it will make this a thousand dollar difference in the payment to the hospital.
So we feel that we need to step up to the plate in terms of being able to recognize flexibly those advances in technology. I've given you one example where we had to move this year, that took up two of our spots if you will in the coding system. There is space in the coding system as it is but it's constrained, it's not necessarily where you want it. The metaphor I'd use is it's like we're looking at a book-case and some shelves are full, others have spaces in them, so we added 26 ICD-9 codes in this years final rule, 11 of those fit in the shelves, there was room for them where they needed to go. 15 of them had to be shunted off to a vacant shelf, where they are out of sequence and the vacant shelf only has a hundred spots on it, so we've used up 15 of those slots in this years rule.
We're on a path where there aren't going to be those slots and we either have to replace the payment system or we're going to have to degrade, start to degrade significantly its hierarchical aspects and start to stuff in place where you don't really want it to go, so that's at least, I can speak to sort of our side of the concern there and we may be in a more visible situation to come back to your question, Mike, we may be in a more visible situation in terms of our need to attend to these technology advances than some of the private payers are, they tend to follow our lead on some this stuff. But we feel we really need to be able to move in that area.
MS. COLTIN: I'm going to cut-off issues and questions at this point due to the time. One issue that we have before us is that the Subcommittee would like to move ahead with initiating a cost-benefit study that would enable them to make what they feel would be better, more informed recommendations on these issues. And the issue that they will be, or two issues that they will be collecting information about will be the transition, both for diagnostic coding, which across all care settings and the transition for procedure coding which is limited to facility based settings. Therefore, the question that came up was if they are going to go ahead and implement a cost-benefit study, should it be limited to looking at systems that are already ready to go in those two contexts? So in the case of ICD-10-CM, it is the only alternative available so clearly that is the one that would be looked at. In the case of procedure coding for facility based settings, what we're hearing is the only one that actually is today ready to go would be PCS. So the question did come up in the document about whether this cost-benefit analysis should look at CPT. What we've heard is that CPT as it stands right now would not be ready to go without adaptation. So that's the question on the table, should we go ahead with a cost-benefit analysis or study that looks at only PCS or basically a coding system that's ready to go or should it also look at CPT? Do people want to weigh in with opinions? The Subcommittee is clearly able to define the scope as they see fit, they were merely looking for recommendations from this Committee as to how they might proceed.
DR. STARFIELD: I think you ought to focus on the one that goes across settings and practitioners, the one system rather than a, just for facility.
MS. COLTIN: None of them do, just facility.
DR. STARFIELD: No, not just for facility.
MS. COLTIN: There is no option that's ready to go.
DR. STARFIELD: That's ready to go, so could you state again what the two options are?
MS. COLTIN: I'm saying that in the case of the procedure coding, there is one system, PCS, that is ready to go for facility based setting, and it is the only one that's ready to go for facility based settings. Should the study also encompass looking at CPT, including what it would take to adapt it to a facility based setting? What is not on the table is looking at what should happen for non-facility based because we already have a coding system in place that's working there right now. This is not a project or a cross benefit analysis to look at the benefits and costs of a single procedure coding system, it is simply to look at what we should do about accommodating needs for coding in facility based settings.
DR. STARFIELD: I go back to what I said before. I think we need to get to a system that's compatible the way Marjorie said it with the international system, and I think it's a waste of time to try to find anything for a few years. Do the least we can do in terms of getting people paid and leave it for a good system.
MS. COLTIN: Any other advice?
MS. BEREK: I think that, and Tom sort of laid out the impassioned please from CMS which is that we need to get moving and that we will run out of codes and as you talk about the problems and errors in codes, if in fact we start pulling codes out of left field where we have space, give codes that are out of sequence, we increase the possibility of error, we make it harder for researchers because things don't match, and we will create a really difficult chaotic system. So I think from the point of view of our agency, what we would like to see is for you to do the cost benefit study on what is available now and we would like to simultaneously begin the rulemaking process and use your study to inform the rulemaking process so that we can get these moving. I think, I've been in CMS almost nine years, this process actually predates my having been in the agency, and so I think we've all talked long enough about this. I don't want it to move any faster than we have to make it move, I sit on the body that programs, decides how we would program our computers in sequence, and I know what our waiting list is to program change. I can tell you if you came up with a new coding system tomorrow morning it would have a wait before it got on-line to actually get programmed. But if we don't start this process so that we know what we need to program, then we have time in the queue, I think we are going to end up making a huge mistake, so if I could recommend as whatever my advisory role is to this Committee that you do the study on the system that we can do now and that way we can have it for the formal rulemaking process.
DR. HARDING: If we're doing a study on a system that we have now, and it's the only system that we're going to study, why --
MS. COLTIN: It's being compared to what's in place now, what's currently in place, so transitioning to this new system. Status quo.
DR. HARDING: Status quo, but still, it would be a better study to have different things being looked at, it would seem that it would be a better process to have two different things being looked at to compare to the status quo as opposed to one other.
MS. BICKFORD: Carole Bickford from the American Nurses Association. Whatever study that you plan on doing for your cost benefit analysis needs to be taking a look at some key items that have not been addressed in today's discussion. One is taking a look at non-physician providers, including the population health experts. It also has to take a look at the usability of this product to support wellness and health promotion, going towards our HealthePeople 2010, not only looking at the pathology, it has to be looked at from the standpoint of its ability to support an evolving health care system, not where we've been and what we've always done. It also has to be able to be evaluated and looked at from the cost benefit perspective of looking at outcomes. Can we do the diagnosis, the interventions, and the outcomes, can we determine that the nurses are making the difference on their survival for the stent patients. What are we looking for when we want to get this product in place? Will this system support the increasing requirements for coding for the pharmaceuticals and biologics, the cam products? Will those be included in the evaluation studies in looking at the cost benefit piece?
MS. COLTIN: Alright, I think we're going to leave --
DR. NEWACHECK: Kathy, I have a question. Who would actually do the cost benefit analysis?
MS. COLTIN: I think the Subcommittee is talking about bringing in an independent contractor to do that.
DR. NEWACHECK: I would just caution you to think about who that would be and what leeway they would be given because cost benefit analysis results often depend on the perspective that's taken, the assumptions that are made, what's counted as a cost, what's counted as a benefit, how they're valued, and if they're looking into the future, what discount rate is used, that sort of thing, so it could have a profound impact on the analysis.
MS. COLTIN: I agree. And I think also there were two issues that were brought up in the context of the questions. One is whether it was implemented, these two systems were implemented simultaneously versus separately because that certainly will have an impact on both costs and benefits. And so I think that was one that I thought was particularly important to make sure was included. The other was the piece of not simply looking at costs and benefits but who is incurring the costs and who is accruing the benefits. Because you're going to need to speak to the business case for this I think to meet the needs of the types of organizations that were testifying here.
MR. SONDIK: Just a word along the lines of what Paul said. I think one has to be careful in using terms like cost benefit study because what could happen is a study that focuses too narrowly, so maybe the Subcommittee could consider something like an analytic study, words like that or a decision analytic study, something along those lines. Cost benefit studies have a habit of turning out to be very narrow, but you don't know how narrow until the study is actually done. And I'm impressed with the range of factors that everyone has talked about in a very articulate manner. I think the real challenge is trying to get a framework here for analyzing this let alone going out and getting the benefits, the costs, and understanding what difference the coding system will actually make in the system. We're talking about it in terms of there are costs and we can aggregate them if you will. There are benefits, but the system itself, the change in coding system or systems, will have an affect on the health care system, and that's a tricky thing to try to get a hold of but I think someone needs to be able to present that or some alternatives, some ideas along those lines, to this Committee.
DR. MCDONALD: I guess I'm not sure what we're supposed to decide today, but I'd like to make a pitch for something more sensible and systematic then what we may be heading for. And I also would make a pitch that we do the study that someone could explain all these undercurrents, there's undercurrents, I don’t care what you call them, I can't figure out that there's economic forces, there's whatever it is, but something isn't quite right in the sense that you've got these, I don't mean it's bad or evil, but just, we have the hospitals, they don't, these two organizations I don't think they struggle together in some ways, and I won't name the two organizations. If they would just get together in a room we maybe could come up with a one thing that would be better, that's one thought.
The other one is that you hear that we can't get by with this 3,000 codes but by golly we're not going to use the 25,000 for CPT that are already coded right down the hall with the same procedures. I just don't understand why there's such adverseness to the richer codes that are sort of in systems right now in surgery logs and that kind of thing. So if the study could get at the heart of why this is such a struggle and has been, and what really comes up is no one wants their team to lose. So we get caught in the middle of that. It seems like we could come up with something better, and this idea of having trees, that's good, it's bad, we're going to run out of space, get rid of the damn tree, you'll be way better off. There's powerful computer systems can handle that, everywhere else in the world you have a pointer and you can then have your tree in that cable. So I don't think that should be deciding everything. That's sort of a rambling, I don't know what I'm asking for, but better things in the future.
MR. BEBEE: Michael Bebee, American Medical Association. I guess I'm on one of the teams. The issue has come up several times in the editorial panel, indeed in 1998 when the MA started the CPT-5 project, we had a workgroup that specifically tasked with looking at the issue of coding at different sites of service and in-patient coding was one of the issues we looked at. And since 1998 the panel has worked very diligently to be sure that the in-patient side, the code will be used for in-patients. And Sue and Nellie both know that the panel often tries to resolve these problems and does struggle with these issues. So I think that a full vetting, a full study of what system is best would examine what changes are needed in CPT. Indeed, how many changes, what kind of changes, how long that would take, since the panel has been trying to accomplish it since '98, we've probably done something in that time, we maybe didn't do everything, but I think that a full vetting would look at these issues. Thank you.
MS. GREENBERG: Just a few comments. I think, first of all I think the cautions about a cost benefit analysis and I think we've called it kind of an impact analysis, maybe Ed's terminology is better. I think one thing we have to recognize is that if an NPRM is developed in our lifetime on this subject, it will have to include a impact analysis, that just goes with the territory and so the Committee's thinking I think was at this point, particularly in light of some of the testimony and some of the letters that it's received, that an independent study which would probably use one of the contractors on the ASPE task order, so we could get to them quite quickly and they have, some of them have a lot of experience in some of these areas so, probably nobody has enough experience in all of the issues, would be helpful to the impact analysis that has to be done in any event for an NPRM plus it would respond to those who have asked that no decision be made about issuing an NPRM until such a study is done. I can point out, although obviously we're in a very different environment here, but the other countries which as Donna said is most of the other G7, G8 countries, as well as quite a few others, all transitioned from 9-CM to, or 9 to 10 or 10-CM for diagnosis without any cost benefit analysis because it was understood that the systems are changed, it used to be every ten years now it's been over more than 25 years, so that although in the short term cost less to stay with what you have it is not the decision that most other country's have made.
I think we're talking though about two different, in a sense two different studies here. One is the potential NPRM that would recommend moving at some point from, with a date to be determined, from 9-CM to 10-CM for diagnosis and from 9-CM vol. 3 to 10-PCS for procedures. There is a cost benefit impact analysis that could support that and I think although it's challenging there should be an effort to try to quantify benefits, opportunity costs, other things of that nature, as well as the actual cost of transition. There's sort of, if that NPRM were going to instead lay out alternatives for replacing 9-CM vol. 3, then you would probably have to do an impact analysis that looked at all the alternatives. It may be that a separate study is needed although several have been done in the past and have not been conclusive or have not led to resolution, a separate study on moving to a single procedure classification, what would have to be done to 10-PCS what would have to be done to CPT or whether we could adopt one of these or adapt one of these international classification to make us more compatible internationally. That may be a separate study.
I am concerned about trying to put all of that into a study that would support transition from 9-CM to those as Kathy said, those alternatives that currently exist that have been developed for the purpose of replacing 9-CM vols. 1, 2, and 3. So although I'm very sympathetic to those who like a single procedure classification system, I think that we will definitely delay this process perhaps indefinitely if we try to combine them.
MS. COLTIN: Ok, this is the last comment, we are running very late.
MS. SERKES: Ok, I'm Kathryn Serkes for the Association for American Physicians and Surgeons, and probably nobody wants us on their team, so that's where we're coming from. I think at this point we're probably going to support moving ahead with the, surprisingly moving ahead with the NPRM, but I think there are a couple of questions that haven't been asked yet, and I don't know if these are appropriate questions to be studies or not. Number one would be that I was thinking about is, if you're going to do a cost analysis, how much of the costs would be allocated to general changes and how much would be allocated to HIPAA compliance? If there is a change in coding, would there be any costs that would be different to be directly attributed to the cost of HIPAA compliance because of a change in coding, change of a coding system? And I see by your puzzled looks that maybe you haven't thought about it that way, maybe it's something, think about, I'm asking the question, I have no idea if there is a question, whether some costs should be attributed to HIPAA compliance or specifically HIPAA compliance.
MR. BLAIR: What is the utility of our being able to answer the question?
MS. SERKES: Pardon me?
MR. BLAIR: If we knew the answer, what portion of it could be attributed to HIPAA compliance, whatever that definition is --
MS. SERKES: Well the reason I'm raising the issue is that part of the accountability regarding HIPAA is the cost associated with it. And so that may be something that might be included in that. Second is, as we move to a much more detailed coding set with a bigger set and many more, we're moving up to the 200,000 universe, and as Dr. McDonald said we start to get much more specific about what's in that medical record, so what I'm wondering is if it would be a viable issue or an applicable to consider what will be the impact of moving to these much more specific codes, the impact of the minimum necessary provision of the privacy regulations. I don't know, suggestion that that might be a factor that should be considered.
MS. COLTIN: Thank you. So I am going to suggest that the Subcommittee take into account the suggestions and information raised in our discussion today. Simon do you want to?
DR. COHN: Yes, I was actually trying to think of how, do you want to summarize your view of what? First of all I'd ask the Committee members, only the Committee members, raise your hand if you're more confused now than when we started the conversation. That's being facetious, perhaps you could give me I think what your thoughts are in terms of this new, and obviously this is just advisory to the Subcommittee, but what are your take-home conclusions from all of this stuff, because I have heard a wide variety of things that still would, in other words, we've heard a lot of information but I don't know that I've felt it through that we've reached any conclusions on anything.
MS. COLTIN: No, I don't think we've reached any conclusions either. I think what is fairly clear, at least from what we've heard, is that it would make sense to go ahead and look at the, I don't know if I want to call them cost benefit or decision issues, decision analytic issues associated with transitioning from ICD-9-CM, vols. 1 and 2 to ICD-10-CM, there seems to be far less contention about that and moving ahead with looking at what are the issues, cost and benefit and other with that transition. In the area of transitioning from ICD-9 vol. 3 to ICD-10-PCS, I think Marjorie brought really I think the issues up quite clearly. Are we talking about what needs to be done to solve the problem for coding for facilities or are we talking about what it would take to move to a single procedure classification and coding system?
And it's really how you want to define the issue that you want to address and I had assumed that it was the first issue, how do we deal with what's required under HIPAA, which doesn't require a single procedure coding system, it simply requires that we have a system that's in place that will meet the needs for coding and facilities and therefore to limit this study to looking at that particular issue.
DR. COHN: Ok, so it's a confirmation of scope.
MS. COLTIN: I think at this point we are scheduled to break for Subcommittee meetings.
DR. MCDONALD: I'm just wondering whether we couldn't get some sense, I know the answer is probably no, some sense of the full Committee's thoughts on the direction the Subcommittee should go.
DR. COHN: Clem, I think that probably what ought to happen since we have some time devoted at the Subcommittee to a discussion of this, let's think about what we've heard, see if it in any way changes our plan and then we can hopefully tomorrow come back and explain what it is that we're thinking about doing in greater detail. A lot of this still remains to be fleshed out and we'll look towards Ed Sondik and Marjorie and others to assist us with some of the work here.
Now, as you know that at the beginning of the day I sort of said geez, we're going to spend 20 minutes now talking about population and health issues. As you all know, we have run late enough that that is indeed not going to happen at this point. Instead what we're going to do is to squeeze that in during the day tomorrow, probably during the Subcommittee report outs or some such. And my apologies, but I warned everybody that the minute that you start talking about these issues it becomes almost impossible to contain the conversation. So I actually want to thank Kathy Coltin for doing a superb job of moving this forward.
Now the question is where are the Subcommittee's meetings?
[Whereupon, the meeting was recessed at 3:00 p.m., to reconvene the following day, Wednesday, November 20, 2002, at 11:00 a.m.]