INTRODUCTION:
My name is Denny Blaszczynski and I am the Vice-Chairman of the Association for Electronic Health Care Transactions. I am also the Healthcare Solutions Executive for IBM's Global Network Services organization.
I would like to thank you for your invitation to our association to speak on the matters related to Health Data Standards as covered under the Health Insurance Portability and Accountability Act of 1996. I will be responding to the questions you provided in your invitation on behalf of and from the viewpoint of our Value Added Network members.
First let me make a general statement in response to the initiatives forthcoming from this legislation. From a VAN member perspective, we whole heartily support the adoption of standards as provided under the Administrative Simplification provisions of the Act. We feel the enactment of these provisions will do more to foster and encourage the use of electronic healthcare data communications than any other means previously undertaken by the private sector. We believe that the mandatory use of these standards will bring efficiency and cost effective solutions to the electronic exchange of healthcare data.
The Healthcare Industry is finally moving toward a goal of electronic efficiency rather than the maintenance of manual complexity and the high cost associated with this method of handling and processing healthcare data. Over the last several years, this industry has realized the need to move to an electronic media. The problem was that there are so many disparate players with different agendas and reporting requirements, that it has stifled the effective use of communication technology and brought a high degree of costs and complexity to the system.
The Healthcare Industry is just one of many industries who utilize electronic data communications. Unfortunately, it has been lagging behind other industries in the effective use of electronic data handling for two reasons. One has been the lack of investment in the technological communications infrastructure needed beyond the campus or enterprise. The other is the influence and complexity that the multiple adjudicators of the healthcare data community has brought to the current system through the use of numerous proprietary transaction requirements and disparate communication systems. Establishment and mandated use of standards will bring significant improvement through the establishment of consistent methods of handling, reporting and communicating healthcare data. This should provide the jump start this industry needs to catch up in the effective use of electronic commerce.
Although these actions will reduce cost and improve the efficient and effective use of healthcare data, many of the requirements for the submission of healthcare data will continue to require a substantial amount of technical and administrative support. There will continue to exist a requirement, from the provider, for expert services to install, implement and maintain their current and future applications. These applications will both input as well as extract clinical and healthcare encounter information, perform coding, edits, analysis, reports and engage communication protocols to assimilate and transport the data. Therefore the business opportunities will continue to be available to the participants within this industry. Our members will continue to play a key role in the management and handling of healthcare data.
We believe that the constituents of this industry are in a position to respond to these actions and make the investments in technology required to move to the next level of electronic commerce. This will include both the utilization of specific healthcare encounter information as well as populating and providing access to repositories of general healthcare and maintenance information. The real challenge will be for this industry to get MOTIVATED and embrace the idea that they can only achieve efficiency and cost reductions by agreeing to a standard way of assimilating and communicating its healthcare data.
Therefore we applaud the direction and actions being taken by this legislative initiative. However, a downside could be realized should there become an overzealous desire to over protect the movement and handling of healthcare data under the guise of privacy and confidentiality. We must be cognizant of the differentiation between Security and Privacy & Confidentiality. The use of technology in the transport and handling of healthcare data can provide the levels of security needed to provide a highly efficient means of authorized handling of data. To that end, the electronic highways provided by VANs and Network Service Providers to accommodate this next level of information management and access are in place and expanding everyday.
The ability to route EDI transactions based on the message header provides the means to move these messages from authorized trading partner to authorized trading partner. This provides a simple method of extended delivery. Most VANs envelope or encapsulate the transaction and rely on the header information to deliver the message. They do not open the envelope to review or modify the data. In most cases, the VAN does not know what type of data exists within the message thus maintaining a high degree of security in the handling of the data.
Unfortunately, it can not insure that an individual who intends to obtain and misuse the data will be absolutely unable to get to the data. This is especially true for data which begins or departs from the Internet environment. The Internet environment does not currently provide the level of Network Management, Service, Control and Security that you would expect from a secure Intranet environment. These Intranet environments are the Value Add that organizations such as VANs provide to the EDI user communities.
The reality of the situation is that health care encounter data is always available beginning from the time it is documented at the providers location up until such time that it would be totally erased or eliminated by or within any organization(s) that created, opened, stored or reviewed the data. A reasonable requirement for security in the movement and handling of healthcare data should be expected and we support these requirements. As vendors who provide services to the payor and provider community, we are consistently addressing security measures and will continue to enhance these activities as new and better technology come into play.
However, the fact that someone elects to illegally obtain, view and/or use the data, break any security or authorization coding or overtly access a telecommunications line, demonstrates a willful attempt to appropriate and subsequently misuse that data. It is this breech of Privacy & Confidentiality that must be addressed and penalized. Actions must be aimed at adopting strong penalties and disincentives to address any specific actions undertaken for the unauthorized access and use of private and confidential data. Therefore, we look to the laws of the land to control and respond to any illegal, unauthorized access, accumulation or use of data deemed proprietary and confidential. So, it is our hope that a clear distinction is made by the Secretary, on the recommendations that will be provided to address the matter of Security versus Privacy and Confidentiality.
Another area of concern is the general process in which the Secretary will proceed in defining and recommending solutions to respond to the Administrative Simplification provisions of the Act. We highly recommend that the Secretary sponsor a series of workshops designed to engage the numerous vendors associated with the generation, transport and processing of healthcare data. We believe that forums such as the testimony we are able to provide today are of great help to this subcommittee and its charter. However, a clear understanding of the real world activities in the marketplace cannot be addressed in short testimonials and white papers.
AFEHCT has been conducting, in concert with HCFA, several vendor meetings to discuss the subsequent development and move to a new Medicare Transaction System. These meetings have been very enlightening to both HCFA and the vendors in defining the reality of the movement and handling of healthcare data. As we are all aware, the most proficient means of obtaining and moving healthcare data would be for a point to point connection and communication of that data between provider and adjudicator. But as discussed earlier, this is not the reality of this marketplace.
Providers of healthcare desire to practice medicine and not engage in bookkeeping, financial tracking and network communications. They engage third party service vendors to handle many of the computing and network communications tasks that are necessary to stay in business. Therefore, along with the providers, these service vendors play a critical role in the accumulation, processing and transport of healthcare data. They will continue to play the middleman role in our healthcare system. It is through their competitiveness and technological enhancements and investments that we continue to improve on the ability to move to a truly electronic commerce model in healthcare.
Thus, our recommendation is for the Secretary to engage and invite a cross section of these vendor service organizations to participate in workshops which would provide an open forum that could focus on addressing the issues and assist in defining the electronic commerce solutions that the Secretary must recommend to Congress in the time frames required in the legislation. Our industry association stands ready to assist and participate in these activities.
I would like to thank the committee for their invitation and attentiveness to our testimonies today. We look forward to a continuation of this type of dialog and will do all we can to assist the process associated with meeting the provisions of the legislation addressing Administrative Simplification for Healthcare data.