[Senate Hearing 105-688]
[From the U.S. Government Publishing Office]
S. Hrg. 105-688
THE YEAR 2000 COMPUTER PROBLEM:
WILL THE HEALTH CARE INDUSTRY BE READY?
=======================================================================
HEARING
before the
SPECIAL COMMITTEE ON THE
YEAR 2000 TECHNOLOGY PROBLEM
UNITED STATES SENATE
ONE HUNDRED FIFTH CONGRESS
SECOND SESSION
on
WHERE THE HEALTH CARE INDUSTRY STANDS IN RELATION TO MEETING THE YEAR
2000 AWARENESS, ASSESSMENT, VALIDATION, AND IMPLEMENTATION
DEADLINES
__________
JULY 23, 1998
__________
Printed for the use of the Committee
Available via the World Wide Web: http://www.access.gpo.gov/congress/senate
U.S. GOVERNMENT PRINTING OFFICE
50-139 CC WASHINGTON : 1998
_______________________________________________________________________
For sale by the Superintendent of Documents, U.S. Government Printing Office
Washington, DC 20402
SPECIAL COMMITTEE ON THE
YEAR 2000 TECHNOLOGY PROBLEM
[Created by S. Res. 208, 105th Cong., 2d Sess. (1998)]
ROBERT F. BENNETT, Utah, Chairman
JON KYL, Arizona CHRISTOPHER J. DODD, Connecticut,
GORDON SMITH, Oregon Vice Chairman
SUSAN M. COLLINS, Maine JEFF BINGAMAN, New Mexico
TED STEVENS, Alaska, Ex Officio DANIEL PATRICK MOYNIHAN, New York
ROBERT C. BYRD, West Virginia, Ex
Officio
Robert Cresanti, Staff Director
Andrew Lowenthal, Acting Minority Staff Director
(ii)
C O N T E N T S
------
STATEMENT BY COMMITTEE MEMBERS
Hon. Robert F. Bennett, a U.S. Senator from Utah, Chairman,
Special Committee on the Year 2000 Technology Problem.......... 1
Hon. Christopher J. Dodd, a U.S. Senator from Connecticut, Vice
Chairman, Special Committee on the Year 2000 Technology Problem 4
PRESENTATION
Andrew Lowenthal, staff, Special Committee on the Year 2000
Technology Problem, Washington, DC............................. 4
CHRONOLOGICAL ORDER OF WITNESSES
Daniel S. Nutkis, chairman, Odin Group........................... 6
Kenneth W. Kizer, M.D., Under Secretary of Veterans Health,
Department of Veterans Affairs................................. 9
Kevin L. Thurm, Deputy Secretary, Department of Health and Human
Services....................................................... 17
Michael A. Friedman, M.D., Acting Commissioner, Food and Drug
Administration, Department of Health and Human Services........ 19
Nancy-Ann Min DeParle, Administrator, Health Care Financing
Administration, Department of Health and Human Services........ 20
Jennifer Jackson, general counsel and vice president, Clinical
Services, Connecticut Hospital Association, representing the
American Hospital Association.................................. 31
Donald J. Palmisano, M.D., member of the board of trustees,
American Medical Association................................... 33
Ramin Mojdeh, Ph.D., director, research and development, Guidant
Corp., representing the Health Industry Manufacturing
Association.................................................... 36
Gil R. Glover, director of Year 2000 Projects and Planning,
Bluecross Blueshield Association............................... 39
Joel M. Ackerman, executive director, Rx 2000 Solutions Institute 41
ALPHABETICAL LISTING AND MATERIAL SUBMITTED
Ackerman, Joel M.:
Statement.................................................... 41
Prepared statement........................................... 53
Bennett, Hon. Robert F.:
Opening statement............................................ 1
Prepared statement........................................... 60
Generic listing of potential date sensitive equipment........ 61
DeParle Min, Nancy-Ann:
Statement.................................................... 20
Prepared statement........................................... 63
Responses to questions submitted by Chairman Bennett......... 68
Responses to questions submitted by Senator Collins.......... 70
Dodd, Hon. Christopher J.:
Opening statement............................................ 4
Prepared statement........................................... 71
Friedman, Michael A.:
Statement.................................................... 19
Prepared statement........................................... 72
Letter to Hon. Christopher Dodd.............................. 76
Responses to questions submitted by Chairman Bennett......... 79
Glover, Gil R.:
Statement.................................................... 39
Prepared statement........................................... 81
Responses to questions submitted by Chairman Bennett......... 84
Jackson, Jennifer:
Statement.................................................... 31
Prepared statement........................................... 85
Responses to questions submitted by Chairman Bennett......... 88
Responses to questions submitted by Senator Collins.......... 90
Kizer, Kenneth W.:
Statement.................................................... 9
Prepared statement........................................... 90
List of medical devices...................................... 98
Kyl, Hon. Jon: Prepared statement................................ 101
Lowenthal, Andrew: Presentation.................................. 4
Mojdeh, Ramin:
Statement.................................................... 36
Prepared statement........................................... 101
Responses to questions submitted by Chairman Bennett......... 105
Nutkis, Daniel S.:
Statement.................................................... 6
Prepared statement........................................... 109
Palmisano, Donald J.:
Statement.................................................... 33
Prepared statement........................................... 114
Thurm, Kevin L.:
Statement.................................................... 17
Prepared statement........................................... 119
Responses to questions submitted by Chairman Bennett......... 125
ADDITIONAL MATERIAL SUBMITTED FOR THE RECORD
Statement of the Medical Device Manufacturers Association........ 134
THE YEAR 2000 COMPUTER PROBLEM: WILL THE HEALTH CARE INDUSTRY BE READY?
----------
THURSDAY, JULY 23, 1998
U.S. Senate,
Special Committee on the Year 2000
Technology Problem,
Washington, DC.
The committee met, pursuant to notice, at 9:55 a.m., in
room SD-192, Dirksen Senate Office Building, Hon. Robert F.
Bennett (chairman of the committee), presiding.
Present: Senators Bennett, Smith, and Dodd.
OPENING STATEMENT OF HON. ROBERT F. BENNETT, A U.S. SENATOR
FROM UTAH, CHAIRMAN, SPECIAL COMMITTEE ON THE YEAR 2000
TECHNOLOGY PROBLEM
Chairman Bennett. The committee will come to order. I
apologize to the witnesses and other visitors for the delay.
Occasionally, the work of the Senate gets in the way of the
work of the Senate. I expect we will have other members of the
committee here shortly, but in the interest of starting the
hearing, we will begin. There is a vote going on on the Senate
floor right now, which is why other Senators have not been
here, and I want to--well, I will wait until Senator Dodd
arrives to express the committee's gratitude to him for his
leadership in getting us focused on the health care issues.
We welcome you to the fourth hearing of the Special
Committee on the Year 2000 Technology Problem. To date, we have
held hearings on the energy utilities and financial services
industries, and we plan hearings, as those of you who follow
this issue know, on telecommunications, transportation, general
government services and general business.
Let me begin today's hearing by saying that health care is
America's largest single industry, generating $1.5 trillion
annually, more than one-seventh of our economy. More
importantly, the quality of life of virtually every American
family is directly impacted if this industry is not ready in
time for the next millennium.
Unfortunately, I have troubling news today. Clearly, the
health care industry is not ready for the Year 2000. If
tonight, when the clock struck midnight, the calendar flipped
to December 31, 1999, large portions of the health care system
would fail. There are some 6,000 American hospitals, 800,000
doctors and 50,000 nursing homes, as well as hundreds of
biomedical equipment manufacturers and suppliers of blood,
pharmaceuticals, linens, bandages, et cetera, along with
insurance payers and others that are not yet prepared.
Today, we want to present a balanced picture of where the
health care industry stands in relation to meeting the Year
2000 awareness, assessment, validation and implementation
deadlines. The committee has been unable to find a central
repository of this kind of information, so I look forward to
the contributions of each of today's witnesses, out of which we
hope will come some kind of consensus.
Since World War II, the United States has undergone one
cultural change after another but probably none as profound as
the one occurring in the health care industry. The very name
health care industry is in sharp contrast to the solo-
practicing doctors which dominated medicine when my father was
a member of the U.S. Senate. So, before we get into discussing
the potential effects of Y2K on health care, I think a quick
view of the changing times in medicine is in order.
Not too many years ago, when you made an appointment to see
your doctor, he would greet you at his office, inquire about
your family and ask the purpose of the visit. When you told
him, he would probably take your blood pressure, test your
lungs and heart with a stethoscope, ask a few more questions,
look at your medical record folder and prescribe treatment.
There is no Y2K in that picture.
Today, when you enter a doctor's office, outpatient clinic,
hospital or HMO, you first encounter medical electronics as you
submit your insurance or Medicare card to the admission clerk.
The data in your card is entered into a desktop computer that
is linked to Medicare or insurance eligibility files,
maintained on a mainframe computer in some distant city. The
same computer will bill the insurance company and you as a co-
payer.
Electronic complexity continues at every step, starting
with computerized medical records. Virtually every diagnostic
and therapy machine is powered by one or more microprocessors.
If a patient requires hospitalization, his physician
electronically schedules a time-specific hospital admission
date as a preparatory step as well as the medical orders. The
hospital computer will generate a letter telling the patient
the medically-necessary tests that will be needed, and every
test uses one or more date-sensitive microprocessors which
automatically feed your biological results into the hospital's
computer-based clinical data system.
This same computer schedules the time, surgical suite
location and staffing levels for your operation as well as a
list of essential medical needs for the surgery. Throughout the
operation, the patient will be connected to life-saving
machines: monitors, ventilators, anesthesia control and
infusion pumps that are all, again, microprocessor operated.
High technology follows the patient into the intensive care
unit to help ensure full recovery. Finally, the patient is
wheeled into a ward and begins receiving food from a computer-
generated dietetics menu. The only thing that has not changed
since my father's day is the taste of that hospital food.
[Laughter.]
In addition, electronic data interchange, EDI, is used for
most of the business transactions of the medical institutions.
These include patient billing and payment systems which are
interconnected, so that a failure at one can reverberate
throughout the entire system. Based on what you will be hearing
from various witnesses today, there is trouble in River City
and most of the rest of the nation, because the health care
industry is lagging behind other industries in making crucial
Y2K fixes.
The Gartner Group says that over 90 percent of the
individual physician practices are not yet aware of their Y2K
problems, and two of our witnesses have equally alarming data
that they will share with us. Finally, if the insurance and
Medicare eligibility process cannot function, doctors' offices
and hospital admission processes would default to paper. That
sounds easy, but the daily output is nearly 4 million Medicare
claims and approximately 27 million pages of medical records.
That is an awful lot of paper. Health care paperwork could back
up like traffic on an interstate highway after a bad accident,
and this could immediately affect a patient's access to quality
health care.
Concurrently, the nation's 1.6 million providers would have
monumental cash flow problems without electronic payment from
insurers and Medicare, which accounts for nearly 50 percent of
health care payments, almost $1 billion a day. The problem is
exacerbated by the lack of a national fix-it program by the
health care industry. I try not to be too harsh, but I find it
hard to understand why the manufacturers of biomedical devices,
represented by the Health Industry Manufacturers Association,
have not provided a central clearinghouse for the data that
only they possess.
The complexity of biomedical products causes me to take the
unusual step of publicly requesting that the health care
industry help solve the Y2K problem which they helped create.
We will hear from them today.
Again I had hoped that Senator Dodd could be here for his
opening statement, but I understand that he is tied up on the
floor. The vote is still on. So, we will go to Senator Dodd and
other members of the committee as they arrive.
We will begin with Andrew Lowenthal and a staff
presentation of the complexities of the health care industry
and how they are susceptible to the Year 2000 problem. Mr.
Lowenthal is Senator Dodd's assistant and has been directly
connected with this right from the beginning. Mr. Dan Nutkis,
president of the Odin Group, which is a consulting group to
major companies in the medical industry will describe the
extensive electronic interrelationships that exist in today's
health care environment. Then, Dr. Kenneth Kiser, the Under
Secretary for Veterans Affairs, who is responsible for the 170-
hospital VA Hospital System and an outstanding emergency room
physician in his own right, will demonstrate the impact of Y2K
on biomedical devices.
Mr. Lowenthal, thank you for your willingness to be the
spokesperson for the staff, and let me thank the entire staff.
This has been an extraordinary experience for me, to see how
quickly this staff has come together, operating under difficult
physical conditions down in the basement of this building, to
do an outstanding job pulling all of this information. Mr.
Lowenthal is the representative of that extraordinary group.
STATEMENT OF ANDREW LOWENTHAL, STAFF, SPECIAL COMMITTEE ON THE
YEAR 2000 TECHNOLOGY PROBLEM, WASHINGTON, DC
Mr. Lowenthal. Thank you very much, Chairman Bennett, and
as you said, I work on the special committee for Vice-Chairman
Dodd, and I am here representing the staff, and I particularly
think it is important to note the contributions of Robert
Cresanti, John Stephenson, and Frank Reilley in putting this
together. I am here on all of their behalfs, but they did
outstanding work, and the success of their presentation is
really much more theirs than mine.
The staff was asked to put together an overview of the
points in the health care delivery system in which there are
Year 2000 implications from the point at which a patient
presents themselves through diagnosis and treatment. In order
to facilitate this and provide the Senators and the committee
with the best possible presentation, two representatives were
selected: Daniel Nutkis, president of the Odin Group will
provide the committee with a broad overview from his vantage
point as head of an organization whose members include
hospitals, other health care providers, insurance companies,
pharmaceutical manufacturers and distributors, and then, Dr.
Kiser, who is the Under Secretary for Veterans Health at the
Department of Veterans Affairs will present an overview that
will focus a little bit more on the particular implications for
hospitals and specifically focusing on medical devices and
diagnostic equipment.
Thank you very much, Mr. Chairman.
Chairman Bennett. Mr. Nutkis, we appreciate your being
here.
Mr. Nutkis. Senator Bennett, Senator Dodd.
Chairman Bennett. Senator Dodd, do you want to make an
opening statement before we get into the panel?
Vice Chairman Dodd. Yes, if you do not mind, just for a
minute or so.
Chairman Bennett. I said nice things about you before you
came.
Vice Chairman Dodd. And I was outside the door listening.
Chairman Bennett. They were all deserved. Senator Dodd is
the one who insisted that we focus early and specifically on
the health care industry. If it had not been for that
insistence, we probably would be getting around to this later
than we are in our schedule. I acknowledge that and acknowledge
that he was absolutely right in his priorities.
OPENING STATEMENT OF HON. CHRISTOPHER J. DODD, A U.S. SENATOR
FROM CONNECTICUT, VICE CHAIRMAN, SPECIAL COMMITTEE ON THE YEAR
2000 TECHNOLOGY PROBLEM
Vice Chairman Dodd. Mr. Chairman, I thank you, and I thank
you immensely for this early hearing on such an important
subject, and there are other subjects that we will no doubt
review, but as we have both come to appreciate, the health care
industry clearly falls into the category of mission critical,
and as we both discovered earlier this week in a visit to a
local hospital, in fact my sense of urgency about it was
heightened even further by some of the things that we heard at
a very fine hospital here in the Greater Washington area.
So, I am deeply appreciative of the effort here this
morning. There is no sense, I suppose, in trying to beat around
the bush. The question that many Americans are asking today, as
they begin to focus on this issue, is are people going to die
as a result of the Year 2000 complications in the medical
industry. My answer is I do not think so at all. We may have
some problems, but I hope that these problems will be of a
limited scope. My goal however, is to heighten awareness and
increase prepuration not to create panic.
But it is entirely possible--it is entirely possible, in my
view, that the millennium conversion could put the health care
industry in intensive care as a result of this problem. The
industry faces significant Year 2000 challenges which could
result in significant disruptions across the country. And as I
said regarding the utility industry, we are no longer talking
about whether there will be any disruptions. We are talking
about how severe those disruptions are going to be.
While I am very hesitant to say that these disruptions will
be life-threatening, there is a reasonable chance that they
will compromise the quality of extended patient care in all
parts of the country. My concerns are based upon three factors,
very briefly, which I want to touch on here in this opening set
of remarks. First, there are serious Year 2000 problems in many
medical devices, from diagnostic tools to dialysis machines,
and I am deeply disturbed by the fact that instead of taking
steps to deal with the problem, the medical device industry as
a whole seems to be exacerbating the problem by refusing to
provide information to either the Food and Drug Administration,
which regulates the device safety, or even to the hospitals and
clinics which use their devices every day.
And just as an aside, Mr. Chairman, we went through the FDA
reform legislation, and I was very active on that issue in the
Labor and Human Resources Committee, and we have significant
medical device companies in my State of Connecticut of which we
are very, very proud; they have done some very innovative work.
But I am deeply concerned about this issue, and for those in
the audience who may be listening who are from this industry,
this is unacceptable, and any industry that comes looking for
protection on liability, in my view, who is lacking in
responsiveness as the medical device industry is, at this
point--do not look to this Senator for any support. You want
support on liability issues; you better get going on this issue
of being responsive to these inquiries, and right now.
So, it is very, very serious. We have 500 days left; no
time to be fooling around in responding to questionnaires when
they come from the FDA and other sources. It is stunningly
short-sighted, in my view, and can only cause harm to both the
makers and the users of these devices.
A secondary concern is that the Medicare system, which
processes nearly a billion claims a year and provides nearly a
billion dollars a day will not be ready. If there are any
disruptions in the Medicare system, and I should also include
state-run Medicaid programs in this area, many health care
providers, some of whom depend on Medicare payments for as much
as 40 percent of their operating budgets, will not be able to
operate.
And last, I am concerned about rural hospitals and
municipal hospitals or other institutions that are strapped for
resources. As I mentioned, the chairman and I saw a hospital
the other day in the area which is a fine, fine institution and
really first class and really working very aggressively to deal
with their issues. Unfortunately, many hospitals do not have
the kind of resources that this facility does, and I am worried
about institutions in our rural areas or inner cities and urban
areas that do not have the resources that some of the more
affluent ones do.
So, again, I think this is a very timely hearing. I am very
grateful to the chairman for placing it as high in the agenda
as he has, and we are very interested in hearing what our
witnesses have to say. We are not going to get all of the
answers we want this morning, but I think we are beginning an
important discussion of what we can do at a governmental level
and how we can encourage and support the private sector in a
sense of cooperation on this issue to see to it that we
minimize the problems on January 1, 2000, that could occur in
the health-related industries.
Thank you, Mr. Chairman.
Chairman Bennett. Thank you very much.
Mr. Nutkis.
STATEMENT OF DANIEL S. NUTKIS, CHAIRMAN, ODIN GROUP
Mr. Nutkis. Senator Bennett, Senator Dodd.
Chairman Bennett. We would ask that you pay attention to
the lights. We have got a lot of witnesses, and if you could
hold your presentation within the time of the lights, we would
appreciate it.
Thank you.
Mr. Nutkis. Earlier this year, Odin Group started a process
of examination of Year 2000 issues in health care, not unlike
the process that the Senate committee is going through now. Our
members were becoming increasingly concerned about the heavy
interdependence of a wide range of trading partners, the fact
that small players still represent the bulk of the entities in
today's health care system, the resource pressures that affect
many of those players, the lack of sophistication regarding
Year 2000 and the need to develop comprehensive contingency
plans and to ease public concerns.
I am not saying anyone will entirely escape disruptions
within their own organizations no matter how well they are
prepared, but the more trading partners you have, the greater
the likelihood that you will feel the disruptions of other
organizations. For these reasons, Odin Group initiated the
Vital Signs 2000 project. Its ultimate objectives are to help
the industry understand these possible disruptions; to
encourage development of contingency plans by individual
organizations and the industry at large and to ensure
continuity of patient care.
While many other parties and studies are focusing on one
segment of the health care industry, Vital Signs 2000 is
focused on the bigger picture. Let me show you one of our high-
level models that we are using to make the complexity of this
industry more understandable and manageable. You can turn to
the first chart attached to my testimony, the one describing
the interaction matrix.
Down the vertical axis, you will see that the players are
categorized into five broad domains: customers, providers,
suppliers, payers----
Chairman Bennett. For the audience, the chart is over here.
Do you want to identify which one it is?
Mr. Nutkis. The chart to the left.
Chairman Bennett. OK.
Mr. Nutkis. Down the vertical axis, you will see the
players are categorized into five broad domains: customers,
providers, suppliers, payers, and regulatory bodies. There is
more detail in my written testimony.
Now, let us overlay this list of domains with a variety of
processes that require intense interaction to deliver patient
services. The matrix shows these processes along the horizontal
axis, grouped into four value chains. Care delivery: this
includes processes that the patient experiences along the
continuum of care; customer management includes all elements of
customer service, accounting, managing benefit plans and
formularies; supply chain management covers the business
processes to receive orders and fulfill orders; and provider
management, which includes claims and reimbursement and
internal management processes.
The point of this interdependence model is to underscore
how complexity drives up risk. Organizations can better handle
failures if they are prepared for them, which is why some
companies in this industry are spending half a billion dollars
on Year 2000 mitigation. But a much greater problem is the
failure you have not thought of until the beeper goes off, and
that is assuming the beeper does go off.
When an individual organization has a Year 2000 failure for
which it is not prepared, it will greatly impact its trading
partners. Those partners, unless properly prepared, will not be
able to support the next level of trading partners. And on it
goes, with each failure piling on top of the last and
everything ultimately piling on the patient. Dr. Kiser is
addressing medical devices, so let me take a different
scenario, the case of a payer organization serving 2,000 group
plans and 1 million employees or dependents. When the systems
malfunction, plan sponsors start seeing inaccurate bills and
premium notices. Payments may be lost or made for services that
are not covered in the plan. The provider starts seeing a
flurry of eligibility denials, claim denials and payment
delays. The doctors may be unable to make specialist referrals.
Meanwhile, failures in the doctor's own offices add to the
snarls, as doctors have trouble accessing patient records,
submitting claims and scheduling appointments. The actual time
the doctor can spend with patients drops from 4 hours a day to
2. Frustrated patients start wondering where else they can go
for medical services, but health care is not as portable as it
used to be.
Health care organizations deal with failures every day. But
what happens when they have to deal with more failures and
longer-lasting failures than they ever have known before?
By now, it is getting clear why an interdependent health
care system requires an integrated approach to the Year 2000
problem and why our central theme should be triage and
contingency planning. We need to answer questions like how
critical is each component and how well prepared; which
failures could cause widespread disruptions; what are the
contingency planning scenarios, including their financial,
operational and technical implications?
Odin Group has spent months studying the complexities and
interrelationships I have just described and the impact on
various failures. Now, we are undertaking a survey involving
all parts of the health care industry to better understand
where failures are likely to occur. Then, we will form working
groups to conduct industry-wide contingency planning.
Researchers, advisors and industry members will work together
to identify, recommend and test industry plans. A final report
will be presented to a gathering of CEO's to make sure the top
industry leadership fully understands what must be done.
Contingency planning must be part of a comprehensive
approach to the Year 2000. The last chart to my testimony
depicts what Smith Kline Beecham is doing. It is the chart to
the right. In the center circle are the internal systems.
Around that is a second ring representing their infrastructure.
This includes telecommunications, lab equipment and process
control. In the next circle are end user systems, on the
desktops of tens of thousands of employees worldwide.
But even if you have got all of that right, you are not
going to make it through January 2000 unless you consider
external relationships with customers, suppliers and anyone you
do business with. In this particular case, the company even
considers involvement in industry groups to be part of its Year
2000 effort, and contingency planning is incorporated
throughout. This chart could have come from any number of
organizations we have studied. If these companies can do it, so
can every player in this industry. A comprehensive Year 2000
methodology has to include awareness of the problem, assessment
of what is required to fix a specific device or system,
prioritization and triage of the most critical issues,
remediation, which may include the repairing, replacing or
retiring of the system, testing, which should also include
critical trading partners and contingency planning.
What can this committee do to help? The health care
industry, like most others, is greatly concerned with issues of
liability concerning Year 2000 comprehensive efforts. It
encompasses antitrust issues but also has to do with whether a
company creates new liabilities for itself by sharing
information which later proves to be wrong or even damaging.
President Clinton's proposal for a Good Samaritan law to cover
such situations is right on track. Odin Group members would be
pleased to work with their Senators and this committee to make
sure the provisions of such a law are appropriate for and
helpful to the health care industry.
I would also ask this committee to be watchful for
regulatory initiatives that add complexity and drain resources
from Year 2000 efforts. Every additional Year 2000 failure has
the potential to make the situation exponentially worse, and
every major new regulatory requirement adds to the complexity
of information systems work being done over the next 17 months.
Odin Group's approach is to leverage the strengths of the
leaders who are preparing well for the Year 2000 to make sure
that everyone in the health care industry prepares as best they
can.
Through Vital Signs 2000, we are producing specific
recommendations regarding contingency planning, including
operational and financial implications, industry-wide
preparedness, and testing. The Government cannot do this job
for industry but can raise awareness.
Mr. Chairman, I would like to officially invite you and
your esteemed colleagues on this committee to attend the Vital
Signs 2000 CEO conference to hear the results firsthand. There
are no excuses for any player in this industry not having a
good plan, and there are no excuses for industry not having a
contingency plan that reaches across the entire expanse of
health care in America.
I wish to thank you for the opportunity to testify on this
matter and hope my testimony contributes in some small way to
helping the health care system.
[The prepared statement of Mr. Nutkis can be found in the
appendix.]
Chairman Bennett. Thank you. What is the date of your
invitation?
Mr. Nutkis. October 27.
Vice Chairman Dodd. Good timing. [Laughter.]
Chairman Bennett. The only thing more important than Y2K is
the reelection of the vice-chairman and the chairman of this
committee. [Laughter.]
We may both be involved on that date.
Vice Chairman Dodd. Teleconference us in.
Chairman Bennett. Yes.
Dr. Kiser.
STATEMENT OF KENNETH W. KIZER, M.D., UNDER SECRETARY OF
VETERANS HEALTH, DEPARTMENT OF VETERANS AFFAIRS
Dr. Kizer. Good morning, Mr. Chairman and members of the
committee. I appreciate the opportunity to brief you on health
care issues posed by the Year 2000 compliance problems. My oral
comments will be directed towards biomedical equipment and
medical devices based, in part, on the experience of the
Veterans health care system to date.
I have included in my written testimony much more detail
about many of the other things the VA is doing in this regard,
and I would ask that that be included in the record.
Chairman Bennett. Without objection.
Dr. Kizer. Technology has been responsible for so many of
the advances and wonders of modern health care, and so, it is
somewhat ironic that this same technology may now present
hazards to patient care when the 21st century begins. I know
that the committee is familiar with the genesis and the
background of the Y2K problem, so I am not going to spend any
time going into that. Suffice it to say that the essence of the
problem from the biomedical technology point of view is the
fact that when the Year 2000 is entered as 00, systems and
devices may not recognize this entry as a correct year, and
thus, programs may fail. They may not perform as designed. They
may reject legitimate entries, or they may yield erroneous
results.
There are thousands of medical devices which may be
affected by one or more of these problems--what I have
collectively called the millennium bug syndrome or MBS. Any
technology-related process that sorts by date or that requires
a comparison by dates; any process that calculates age; or any
other process that performs some date-related task is subject
to the millennium bug syndrome. This includes hospital
information management systems, building systems that control
heating, ventilation and air conditioning, security, the
elevators, billing and accounting, etc.
While many of the problems that have been identified to
date are relatively minor and can be fixed, many health care
institutions across the country simply are not positioned to
accomplish those repairs. More importantly at this time,
though, is that too many health care institutions do not yet
know whether they have a problem or how big of a problem they
have.
There are many aspects to this problem, as Mr. Nutkis and
the chairman have noted already, and as other witnesses will
discuss this morning that I am not going to talk about.
Let me turn my comments to biomedical equipment and
specifically to some of our experience with this at the
Department of Veterans Affairs. As you know, the Veterans
Health Administration in the Department of Veterans Affairs
operates the largest fully-integrated health care system in the
United States. We have a wide range of electronic information
systems, biomedical equipment, facility management systems and
other computer-based system products that are vital to support
services at our over 1,100 sites of care. This includes 171
hospitals, which includes the array from very complex tertiary
and quaternary care facilities to small, rural hospitals. On
average, we estimate that each of these facilities have 7,000
to 8,000 devices per facility. When you add onto that the more
than 600 clinics and outpatient sites we have, the 131 nursing
homes, and the array of other facilities, I think it begins to
paint a picture of how many devices we have and how large this
could be for a system of our size. The inventory of devices
runs the gamut from very general things like suction machines
and blood pressure cuffs to magnetic resonance imaging and
computerized tomographic systems.
We have been working on this problem since 1996. A number
of aspects of this are detailed in my written testimony.
Specifically, with regard to biomedical equipment, beginning
early last summer, we identified about 1,600 manufacturers that
we had purchased equipment from over the years. I think that we
are typical of most hospitals or health care systems in that we
have an array of devices and equipment that has been purchased
over the last two or three decades, in addition to more recent
years. Much of the equipment that has been produced in recent
years is not subject to this MB's, but much of the older
material is.
Now, of those 1,600 manufacturers, which is out of a
universe of about 16,000 manufacturers of medical supplies and
devices, we have surveyed them up to four times to get
information as to whether their devices are compliant. I can
report to you at this time that 694 of those manufacturers have
certified to us that their products are Y2K compliant, and
therefore, at least, per the manufacturer's report, there
should not be any problems with them.
Thirty-four manufacturers that account for a total of 182
models of equipment have reported that their devices are not
compliant and that they are no longer supported by the
manufacturer; these models are considered obsolete and will not
be fixed, even though many of those things are still commonly
used.
Some 102 manufacturers have reported that they produce a
total of 673 models that are currently not compliant but that
they do intend to repair or otherwise fix the device, although
in almost all of these cases, the manufacturer has not stated
exactly how the device is not compliant or exactly what will be
done to fix it.
Likewise, the manner in which they will be providing the
fix ranges across the board as to whether they will charge or
not charge for it; whether they will send a technician to the
facility; whether you have to send the device back to the
facility. These responses are across the board.
Fifty-three manufacturers have reported that they are still
doing analyses on their products, and they cannot tell us if
their products are compliant. For 201 manufacturers we have
gotten return to sender notices, and after four attempts at
trying to identify those manufacturers, we are assuming that we
probably will not ever get information from them.
Some 96 other manufacturers have either gone out of
business or have been acquired and have presented difficulties
in tracking them down.
Finally, 233 manufacturers have not responded to us at all,
despite our multiple inquiries.
Thus, overall, we know at this time that we have 855 models
of devices and equipment that are not Y2K compliant and that
about 20 percent of these will not be made compliant by the
manufacturer. And after four separate queries, we have not been
able to get a response from about 30 percent of manufacturers.
I think it is relevant to note that in interpreting these
figures, you should keep in mind the size of the customer that
VHA is and that there is a business interest on the part of the
manufacturers to be responsive to us. Other than that, we have
no reason to believe that our experience is not, or will not
be, typical of that of other health care providers.
Let me conclude these oral comments by reiterating that the
millennium bug syndrome clearly has implications for every
industry and many households nationwide. It is particularly
critical for health care, since health care today is so
dependent on the use of biomedical equipment and devices that
rely on embedded, date-dependent information technology. We now
know that many medical devices are not compliant, and many of
those are not going to be made compliant. We also know that
when the clock rolls forward to the 21st century about 526 days
from now that about 3.8 million Americans each day will be
receiving health care at hospitals or clinics or nursing homes.
Many more are being treated at home. Each of these patients
will typically have multiple different interactions, sometimes
hundreds of interactions, per day with biomedical equipment,
devices and information technology systems. When you consider
the extraordinary number of interactions that that translates
to, I think it becomes clear how large the potential for
adverse events is, even if the problem involves only a very
small percentage of devices or systems.
The good part of it is that we still have time to ensure
that no patient suffers harm as a result of the millennium bug
syndrome if concerted and very aggressive action is taken in
the months ahead.
I thought it might be useful to the committee to perhaps
demonstrate for you or show you some of the different devices
and the types of problems they have--i.e., how this Y2K bug
might manifest itself in an array of equipment, and let me
just, if I can move up here.
Chairman Bennett. Yes; we have turned off the light for the
show and tell.
Dr. Kizer. Show and tell, OK.
What we have done here is try to present a number of
different devices to demonstrate the different types of
problems.
This one is a defibrillator. It is a relatively simple
problem in that the date will not print out. That is not very
serious if everyone remembers to write the date on the pages.
Conversely, here is another device--this is a monitor that is
used in intensive care units to monitor heart rhythms and other
aspects of patient care.
The problem here is that the software is designed so that
the alarm may not go off when the date doesn't register
correctly. The problem, in essence, is that in the typical ICU
setting, if someone were to develop ventricular fibrillation or
ventricular tachycardia, you may have a matter of only seconds
or a couple of minutes to respond to that. If you do not hear
the alarm, you may not respond in a timely manner, and
therefore, the patient may suffer adverse results as the result
of the alarm not going off.
Let me turn now to a couple of pictures. These devices are
too large to bring into the hearing room. But the one here, a
linear accelerator, which is used in cancer therapy where the
dose is absolutely critical if you are going to do proper
treatment.
Vice Chairman Dodd. Pull that microphone, will you? Because
we can hear you, but they cannot hear you.
Chairman Bennett. We have an overflow room with as many
people in it as are here. So, they are getting it
electronically; hopefully, there is no Y2K bug between here and
there.
Dr. Kizer. Are you sure?
Chairman Bennett. Yes.
Dr. Kizer. This is considered an obsolete unit, and there
is no intent to fix it by the manufacturer. So, here, you get
into replacement costs.
Another aspect, this is a picture of a sterilizer. There is
nothing as basic to operation of a hospital as sterilization,
and this is a time dependent process. This is an example of one
where, despite multiple entreaties to find out its compliance
status we cannot get a response from the manufacturer as to
whether this is going to be compliant or not. It obviously
creates some problems.
Here is another one. This is an infusion pump that is used
to supply medication to patients. The problem here is simply
that you cannot enter a date, and we know that the date is
needed, for example, for preventive maintenance, or if there is
a problem, from a repair point of view. For example,
maintaining the battery is critical. If you are infusing a drug
to a patient, you want to make sure that the device continues
to operate while you are treating the patient. So, preventive
maintenance is critical. But the date will not allow you to
know whether your preventive maintenance is on schedule or not,
because you cannot manually enter the date into it, and the
software is programmed so that it will not recognize the Year
2000. So, this is a particular problem in that it may work, but
as far as maintenance or servicing the machine, we do not know
whether it will work from that perspective.
Here is another example. This is an electrocardiographic
machine where the problem is that it will not print a date. In
interpreting EKG's, it is critical to compare readings from
different dates. What happens in this case is every time the
machine is turned off, and it is meant to be a portable machine
so you can transport it around the hospital to do EKG's.
Because every time you turn it on, you have to recalibrate the
machine so it will print out the date, it may take 10, 15, 20
minutes extra. The machine works OK, but it is just another
example of how Y2K noncompliance may complicate providing care.
Obviously, it will not function as it is intended, so, there
are replacement costs, or you have to find some other way to
use it.
Another example here has to do with CT scanners and SRI
scanners. It is interesting that 2 weeks ago, when we held a
press conference on this subject with the American Medical
Association, the American Hospital Association, the American
Nurses Association, and some other entities, we noted that we
had not been able to get information from the company. We have
in excess of 100 of these CT scanners for about $1.3 million
each. We have 50 or so MRI scanners from this company at about
$1.7 million each. After multiple entreaties, we had not been
able to get information from them. After the press conference,
we did get a call, and interestingly, last night, we got a call
saying that the information has now been put on the Web site.
So, it has been perhaps--shedding some light on it may have
been helpful in getting some information from that company,
which is a very large company, and I would say that some of the
other manufacturers from whom we have not gotten information
are not necessarily small companies. There have been some very
large manufacturers there.
Just a couple of others. There is another defibrillator
here.
Vice Chairman Dodd. I would like to see that list, and I
think we ought to put it in the record.
Dr. Kizer. We can provide this for you.
Vice Chairman Dodd. Good.
[The information requested by Senator Dodd can be found in
the appendix.]
Dr. Kizer. Here is another defibrillator, and it is much
the same problem. This is one in which the clock does not work
on it, so you do not, again, have a date printed out on it.
This is one which the manufacturer will not replace. And each
of these cost about $10,000, so if one is going to have to
replace all of these in a facility, and there may be 10, 20, 30
or 40 or more of these in a facility, there is obviously a
significant cost associated with that.
Vice Chairman Dodd. Could you give us just a quick
assessment of what the costs are of each of these pieces of
equipment are that you have in front of you, just rough
numbers?
Dr. Kizer. Most of these would be in the several thousand
dollar range, but there are also--for example, this pump, at
every bed in an intensive care unit, there would be one. A
typical large hospital might have 20 or 30 intensive care beds.
They have backup units as well. So, while the individual price
is significant but not like a million-dollar CT scanner, the
numbers add up very quickly, and certainly for very small
hospitals, this is very significant.
Just two other things I would mention here. One of them
that we have a photo of is the dental x-ray machine. This is,
again, a common device. The problem here is that we tried
repeatedly to find the manufacturer, and it took some months
before we could find out that this company had been acquired
and changed ownership. It illustrates the difficulty in
tracking down the source of information. Because of the
changes, as the chairman noted earlier, the changes going on in
health care. There has been a lot of consolidation, and the
manufacturer of equipment that you have may not be the one that
is taking care of it today.
And finally, the last piece of equipment I would mention is
a computerized medical system radiation therapy unit that uses
cobalt, but the calculation of the dose is dependent on the
software. It is absolutely critical if you are not going to
overdose the patient with radiation that date-related
calculations are correct. The manufacturer has indicated that
these machines should be discarded. Again, this becomes an
issue of cost. The current replacement cost would be about
$250,000 per machine. We have three of these in operation
today, and there are many others around the country.
Hopefully, this presentation of devices gives you some
sample of the types and the nature of the various ways that
this millennium bug syndrome may manifest itself in biomedical
devices.
Senator Smith. Doctor, can you tell me how are the
manufacturers trying to absolve themselves of litigation or
mitigate damages that can flow from the malfunction of these
pieces of equipment? Are they writing you letters and saying
that they are obsolete, and we have no further obligation; the
burden is yours? What is the MO?
Dr. Kizer. I am not sure I can speak from a real informed
point of view as far as how one mitigates their liability. I
would say that the response of the industry has been across the
whole gamut. We have some manufacturers who have been totally
responsive; they have been absolutely forthcoming, and have
been leading the charge very proactively. Then, we have others,
some very large manufacturers, who, despite multiple letters,
have either not responded or have given us what we characterize
as courtesy responses that contain no information.
Senator Smith. Do you want to offer an opinion? What ought
our response to be on legal liability? Should we do anything
trying to absolve them, or should we see this as a vehicle to
get them to change and to improve their products, update them?
Because, I mean, it seems to me we are talking about life and
death kinds of equipment here.
Dr. Kizer. Well, I think as illustrated by this, the
potential is of that magnitude. The response I have given in
some other settings on this is that this is a completely
preventable problem. No one should have to suffer harm as a
result of this, and it seems to me that the best vaccine
against liability is to be as forthcoming and to be as
proactive as possible in providing information and providing
that information to the users, the health care providers,
hospitals, physician offices, others. That would be the best
way to protect against liability in my opinion.
Senator Smith. I agree.
[The prepared statement of Dr. Kizer can be found in the
appendix.]
Chairman Bennett. Thank you.
Senator Smith, did you have an opening statement?
Senator Smith. No.
Chairman Bennett. OK.
We have put up, Doctor, a list of the kinds of devices
after you took us through some sample examples. This is a list
of categories of devices, and we are dependent, or thankful is
the better word, to the people at INOVA Fairfax Hospital for
this. That is the facility that Senator Dodd and I toured
earlier this week, and they are very forthcoming on the impact
of this on patient care. As we walked through the hospital,
they would say this will not be compliant; this will not be
compliant; this will. This is where we are.
I was impressed--Senator Dodd, before you got there, I said
this is great that you are focusing on patient care and your
internal systems, but you know me; I wanted to go horizontally.
Have you looked at the impact on people outside your hospital?
He said Senator, down to the traffic light controlling people
turning into our property from the freeway to make sure that
it, too, will be Y2K compliant. This is an example of a group
that is doing it right.
Do you want to make any comment about that list? I know we
are springing it on you, so, if you say it is too confusing, we
will----
Dr. Kizer. I think I could be more helpful if I responded
for the record after having a chance to look at the list and
perhaps compare it with our results. I might just add a comment
that is partially responsive to you and to Senator Smith, that
the issue from our perspective really is one of protecting
patients. One of the responses we have gotten from industry is
that they do not want to provide us with the information until
they have provided us with a fix, a technological fix.
And while that may sound OK to some, we do not think it is
really adequate. It is nice to have the fix, and we want that,
but the real issue is we need to know about the problem, so we
can take interventions to protect patients. If we know a device
is not going to work, then, we can fashion some sort of way to
protect the patients ultimately and work about the
technological fix as needed.
Vice Chairman Dodd. It goes to the contingency planning
issue, which----
Dr. Kizer. Exactly.
Vice Chairman Dodd [continuing]. Is absolutely critical. I
mean, you mentioned before and the chairman has, and actually,
I am very glad to hear you, Mr. Nutkis, talk about the
contingency planning. That ought to be moving up on the
priority list of actions that institutions, private and public,
are taking right now in preparation for the difficulty of
compliance as we get further, the clock moves further along.
So, I think that is an all-important consideration.
Dr. Kizer. And let me give you a very specific example of
that. One of the devices, the Space Labs monitor that we talked
about regarding the alarm, the company has indicated that it
will provide a patch, or a fix, but it has to be ordered by
December 15, 1998. If it is not ordered by that time, they will
not be able to supply it. Therefore, obviously, we are going to
have to know about it well before that date, or a facility will
have to know about it well before that if they are going to be
able to order it in time to get the fix.
Chairman Bennett. One other question: this is a lot of
money. Now, let us talk about the VA, because it is the largest
hospital system in the country. Do you have enough money?
Dr. Kizer. That is a loaded question.
Chairman Bennett. I know; asking any bureaucrat that----
Dr. Kizer. Particularly with Senator Dodd sitting next to
you.
Vice Chairman Dodd. The answer is no.
Chairman Bennett. Yes, yes.
Vice Chairman Dodd. I must say, I should tell you, and Dr.
Kizer very graciously was in Connecticut about a week ago.
Dr. Kizer. A week ago, yes.
Vice Chairman Dodd. On a totally separate set of issues
dealing with the VA in West Haven and did a very, very fine job
meeting with the entire congressional delegation from
Connecticut, which is a rarity, to get an entire delegation
together on an issue, but the doctor was very forthcoming and
went through and explained some of the difficulties, and it is
a financial issue we were talking about in terms of the various
nets of veterans' hospitals.
But I would be remiss in his presence here if I did not
thank him for being in category last week and meeting with us.
We were inaugurating a new outpatient facility at the hospital,
which the doctor was the keynote speaker at, and we appreciate
it very much.
Dr. Kizer. The pleasure was all mine to be there, Senator.
Chairman Bennett. I am told I have misspoken. Columbia HCA
is twice as large as the VA system.
Dr. Kizer. They have more hospitals.
Chairman Bennett. They have more hospitals. [Laughter.]
But the reason I raise this, as you know, we have a unique
situation on this committee in that we have as ex-officio
members the chairman and the ranking member of the Senate
Appropriations Committee, Senator Stevens and Senator Byrd. I
do not want to look back on this problem and say, well, the VA
did not get it solved because of a snarl in the appropriations
process, and the money needed to make these kinds of
replacements was simply not made available by the Congress.
We are going to have enough responsibility for this
problem. I do not want to add to that the responsibility of not
appropriating what is necessary to get this done. So, I am
giving you the kind of dream question that every bureaucrat
would love to have from an appropriator, which is tell us how
much money you think you are going to need.
Dr. Kizer. We actually are trying to get our hands around
this. One of the problems in defining the extent of the
replacement costs is when we do not have a response from 30
percent of the manufacturers, that leaves a big hole. We know
at this point that replacement costs are probably over $50
million.
Chairman Bennett. I am surprised it is that low.
Dr. Kizer. Well, we know it is over $50 million.
Vice Chairman Dodd. Better answer.
Chairman Bennett. Yes. [Laughter.]
All right; thank you both very much.
Vice Chairman Dodd. Very, very helpful.
Chairman Bennett. We appreciate it.
All right; we now welcome the Honorable Kevin L. Thurm,
Deputy Secretary of the Department of Health and Human
Services; the Honorable Michael A. Friedman, M.D., who is
Acting Commissioner of the Food and Drug Administration; and
the Honorable Nancy-Ann Min DeParle who is the Administrator of
HCFA.
Once again, on behalf of the committee, I welcome you all
and thank you for your willingness to testify. Mr. Thurm, we
will start with you.
STATEMENT OF KEVIN L. THURM, DEPUTY SECRETARY, DEPARTMENT OF
HEALTH AND HUMAN SERVICES
Mr. Thurm. Good morning, Mr. Chairman, Vice-Chairman Dodd,
Senator Smith, and thank you for inviting me and my colleagues
here today. I would like to submit a written statement for the
record and offer a brief oral statement summarizing my
testimony.
Chairman Bennett. Without objection, your written statement
will be made part of the record.
Mr. Thurm. I am accompanied today by Dr. John Callahan, who
is our Assistant Secretary for Management and Budget and our
Chief Information Officer at HHS; by Nancy-Ann Min DeParle, the
administrator of the Health Care Financing Administration and
Dr. Michael Friedman, who is the Acting Commissioner of the
Food and Drug Administration.
The American people expect reliable service from their
Government and deserve confidence that critical government
functions will be performed accurately and in a timely manner
in the next millennium. Like other departments and agencies, we
are striving to meet the Year 2000 challenge. The Department is
making progress in correcting computer code for a wide array of
software systems; in modifying the underlying infrastructure on
which these systems operate; in working with our partners with
which we exchange data and with others reliant on our services
and in constructing contingency plans in case our systems or
our partners' systems are not ready on January 1, 2000.
The Secretary and I have declared the Year 2000 issue to be
our highest information technology priority. We have involved
all parts of the Department to ensure that our information
systems are able to recognize the Year 2000. No matter what
else we do and what other initiatives we undertake, we must
ensure that our ability to accomplish the Department's missions
is not impaired.
Of all of the Department's programs, the Medicare program,
administered by HCFA, proves to be our greatest Year 2000
challenge. Payment of health care claims is accomplished by
over 60 external contractors, which operate and maintain a base
of software programs that process nearly 1 billion claims each
year from over 1 million health care providers. Ms. DeParle
will explain these issues in more detail, but let me add that
the Department is fully supportive of her and the agency in
identifying the necessary human and financial resources and in
prioritizing the work of the agency, including delaying
implementation of a number of the Balanced Budget Act
provisions.
We are also addressing the need to develop public
information about the compatibility of systems embedded in
biomedical devices. Because it is imperative, as Dr. Kizer has
already testified and as Dr. Friedman will testify, that
medical equipment continues to function properly in the next
century, the Department and, in particular, the Food and Drug
Administration, is requesting information about the Year 2000
compliance of medical devices and scientific laboratory
equipment manufactured by biomedical equipment manufacturers.
In addition, HHS is working with the Department of Veterans
Affairs to better serve our mutual interests in the Year 2000
compliance of biomedical equipment by merging our efforts. We
have convened a steering committee and have asked the
Department of Defense to participate as well. We will work
through the health care outreach sector and the White House
Year 2000 Conversion Council to enhance our ability to make
this information available to you and the public. Dr. Michael
Friedman will address these issues in depth, but again, the
Department is fully supportive of the agency's efforts.
In response to the Year 2000 issue, the President's Council
on Year 2000 Conversion, led by John Koskinen, has enlisted
agencies to increase awareness of the problem and to facilitate
Year 2000 compliance of public and private sector
organizations. HHS, through our operating divisions, is
currently implementing efforts aimed at both the health care
and human services communities. Outreach efforts have included
speeches, meetings, publications, conferences, developing Web
sites and making Year 2000 compliance a term and condition of
all future grant awards.
HHS still faces substantial challenges in our Year 2000
efforts. However, let me assure you that on behalf of Secretary
Shalala, we will continue to vigorously pursue Year 2000
remediation as our most important information technology
initiative. We recognize our obligation to the American people
to ensure that HHS' programs function properly now and in the
next millennium.
I want to thank the committee for its interest and
oversight on this issue. Thank you, Senator Bennett, as well
for holding hearings with private sector representatives and
encouraging them to work with the Federal Government and for
your support on the Senate Treasury-Post Office Appropriations
bill, which provides for over $3 billion for Year 2000
remediation as emergency funds. I would be happy to answer any
questions that the committee has.
[The prepared statement of Mr. Thurm can be found in the
appendix.]
Chairman Bennett. Thank you very much.
Dr. Friedman.
STATEMENT OF MICHAEL A. FRIEDMAN, M.D., ACTING COMMISSIONER,
FOOD AND DRUG ADMINISTRATION, DEPARTMENT OF HEALTH AND HUMAN
SERVICES
Dr. Friedman. Thank you, sir.
Mr. Chairman, Mr. Vice-Chairman, Senator Smith, I, too, am
pleased to be here today to provide information on the Year
2000 issue as it relates to devices used in the care and
treatment of patients. We recognize that Year 2000 problems
have the potential to cause disruption in many computer systems
and, simply put, the Food and Drug Administration takes this
issue very seriously. The agency believes that if solutions
being developed and offered by manufacturers are properly
implemented, there need be no significant problems to endanger
or discomfort patients, and with your permission, I will
briefly outline the steps that we have taken and that we are
taking and will continue to take to ensure that medical devices
are compliant.
The scope of this problem is potentially large, because
medical devices include over 100,000 products and more than
1,700 product categories. While many devices rely on computer
chips and software to function properly, the Year 2000 bug will
not affect the majority of the medical devices that rely on
computerized control, because they do not require knowledge of
the current date to operate safely and effectively, and you
have heard many examples of those: pacemakers, ventilators, and
so forth.
That is not to say, however, that problems could not arise
when software enhances the operation of a device; for example,
so-called non-embedded software, which may not be integrated
into the medical device itself, might run on a personal
computer or workstation that is connected to the device. If
this secondary software relies on two-digit year format to
operate properly, it may be vulnerable to the Year 2000 bug.
You have heard some examples of that, most significantly with
the cobalt radiation therapy machine that Dr. Kizer described.
Now, medical device systems that use a date relying on the
two-digit format in their algorithm, in their calculations or
record-keeping are at risk, and we estimate that up to 2,700
manufacturers may produce such equipment. Our outreach efforts
for these manufacturers began last June of 1997, when our
Center for Devices sent a letter to 13,407 medical device
manufacturers, both domestic and foreign, addressing this
issue. The letter reminded manufacturers that they have the
responsibility to investigate and correct any problems with
their products.
In January, our Center for Biologics posted specific
guidance for the blood industry software, to alert them to this
concern. This spring, our device center developed a guidance
document describing our expectations of medical device
manufacturers concerning the Year 2000 date problem. Very
helpfully, a second letter was sent from the Department of
Health and Human Services in January 1998 by Deputy Secretary
Thurm. Some 16,000 biomedical equipment manufacturers were
asked to voluntarily provide information on the compliance
status of their products. The response from the manufacturers
so far has been fairly low: only about 1,800 of the
manufacturers contacted in January have provided the requested
information.
To further boost awareness of the need for companies to
report, FDA authored an article for the medical device trade
press, and we have been actively working with the trade
associations. These are potentially important allies in this
regard.
Furthermore, a discussion in this June issue of the Journal
of the American Medical Association had an article from FDA
outlining our concerns in this regard. We have also sent a
medical bulletin to approximately 700,000 health care
professionals this last summer. Three weeks ago, FDA also sent
a followup letter to nearly 3,000 manufacturers, and we are
beginning to receive some responses. While the data are
incomplete, of the 1,800 who did respond, about 1,650 said that
their products either do not use date-related information or
are already Year 2000 compliant. Eighty-eight manufacturers
reported one or more products with date-related problems, and
of this group, 53 have set up Web sites on the Internet that
provide corrective information for their customers.
For the remaining companies, though, the data submitted are
incomplete or unclear in some manner. The great majority of the
problems that we have detected are relatively minor and
typically involve an incorrect display or printing of the date.
There are only a few reported cases where the devices will not
function. These are very important cases, and we take them
seriously, but fortunately, they seem to be only a few.
This information that we are garnering is being posted on a
product database managed by FDA at the request of the
Interagency Biomedical Equipment Working Group. All the
information being garnered is shared and placed on the World
Wide Web, to provide a comprehensive source of information. The
Web site can be found on the FDA Center for Devices and
Radiological Health home page.
In addition, we are working with several Federal and
private organizations, including the Veterans Administration,
the Department of Defense, the American Medical Association and
Hospital Association and others to try and address this problem
more comprehensively.
Let me close by saying that FDA recognizes the import of
this issue. It is a special problem; if you will, a sort of
electronic fin de siecle. At this time, we believe, however,
that vigorously working with partners, both private and public,
with other branches of Government, with our sister agencies and
operating divisions and with the device industry will ensure
the continued safety of medical devices.
I thank you and will be happy to respond to your questions.
[The prepared statement of Dr. Friedman can be found in the
appendix.]
Chairman Bennett. Thank you very much.
Ms. DeParle.
STATEMENT OF NANCY-ANN MIN DE PARLE, ADMINISTRATOR, HEALTH CARE
FINANCING ADMINISTRATION, DEPARTMENT OF HEALTH AND HUMAN
SERVICES
Ms. DeParle. Thank you, Mr. Chairman, for inviting me here
today to discuss my highest priority.
We must ensure that the more than 38 million Medicare
beneficiaries experience no interruption in services because of
the Year 2000 problem. We must also ensure that providers
continue to receive prompt payment, and we must work with the
States to ensure that their Medicaid systems are prepared.
I am committed to doing everything possible to address this
issue, and I am here to report to you today that we are making
some substantial progress. As you know, and as we have
discussed, the Year 2000 especially affects the Health Care
Financing Administration because of our extensive reliance on
multiple computer systems. Medicare and Medicaid use more than
183 systems, and 98 of these systems are considered to be
mission-critical. Medicare, in fact, is the most automated
health care payer in the country. As your opening statement
noted, we process nearly a billion claims every year, and fully
98 percent of the claims that we pay on the Part A side or the
hospital side of the business are processed electronically, and
85 percent of those on the Part B side of Medicare are
processed electronically.
The renovation process is complicated, because each system,
as well as interfaces with state Medicaid programs, banking
institutions and some 1.6 million providers, must be thoroughly
reviewed and renovated by those responsible for each particular
system, and there is a chart here to your right that shows the
process that must be undergone to just process a Medicare claim
and all of the different interfaces that are involved in the
different systems, and it has been attached to my testimony.
For Medicare, Mr. Chairman, that means that we have to
renovate some 50 million lines of code. If we do not succeed,
we are aware that enrollment systems might not function; that
beneficiaries could be denied services because providers might
not be able to confirm eligibility, and we are concerned that
providers would have cash flow problems, as you noted.
We are committed to succeeding, but we are not only working
intensively to renovate and test our systems; we are also
developing detailed contingency plans for business continuation
in all of the different areas where we provide services. After
working on our contingency plans, it is clear to me that our
best option and our only option is to successful complete all
of our renovations on time.
That is why we are requiring contractors to be in full
compliance with all code renovated and fully future date tested
by December 31, 1998. One of the first things that I did when I
came to the agency last fall was to sit down with GAO to talk
to them about this problem. They recommended to me, and we have
negotiated with our contractors, a contract amendment that
articulates Year 2000 requirements. All of the contractors with
whom we have spoken, including the one that you are going to be
hearing from today, indicate that they will sign that
amendment.
Renovations to mission critical internal systems also have
to be completed by December 31, 1998. We expect to complete
end-to-end testing of how claims are processed through our
entire network in the spring. We will then have the remainder
of 1999 to take any additional necessary action. GAO also
recommended to us last year that we hire an independent
contractor to review and assess our work. We did that.
Intermetrics, our independent validation and verification
contractor, is very actively overseeing our work. Because of
their effort and our own increased attention, we now have a
much more accurate assessment of the problem and what must be
done.
This more accurate assessment makes clear that Year 2000
work has to take priority over all other projects. We have to
delay any projects which require complex systems changes or
which would occur during a critical window between October 1999
and April of 2000. And so, for example, Mr. Chairman, we had to
make the difficult decision earlier this year to postpone
transitions to uniform systems for Part B and Part A of
Medicare. We were trying to get it down to one system for each
of those two sides of our business, but we had to postpone
that.
The Intermetrics-IV&V contractor also recommended that we
stop parallel development, which meant to stop giving
contractors additional work to do in addition to renovating the
systems. So, we made the difficult decision to delay
implementation of some of the Balanced Budget Act provisions,
including the prospective payment systems for outpatient
hospital care and home health services.
Also, based on that recommendation, we are looking at the
need to delay provider payment updates during that critical
window of Year 2000 activity. Those updates are not complicated
from a systems perspective, but we have been advised strongly
that making that kind of a systems change at that point of
potential instability not only in our own systems but in the
systems of all of the various providers that we deal with would
be not a good idea.
We want to work with you, with this committee and with the
Congress to ensure that this does not create a hardship for our
providers.
We also will have additional budget needs, and I want to
thank you for your leadership and this committee for its
leadership in this area, and, of course the Secretary recently
reallocated $40 million from other activities in the Department
to devote to Year 2000 efforts at HCFA.
We are making solid and, I think, steady progress now in
preparing for the Year 2000. We have taken steps, with your
assistance, to obtain necessary resources. We are making
difficult decisions to delay other priorities, and we are
making necessary contingency plans. I appreciate this
committee's support and the help that we have gotten from the
General Accounting Office, and I am happy to answer any
questions that you might have.
[The prepared statement of Ms. DeParle can be found in the
appendix.]
Chairman Bennett. Thank you very much. We appreciate the
testimony of all of you.
Administrator DeParle, you made reference to the
independent contractor who came in and assisted you. Let me
understand something. I have heard this somewhat piecemeal. Let
us get it out and give you an opportunity to get it
authoritatively dealt with. I understand that prior to the
independent contractor, you assumed that you had 20 million
lines of code, and the independent contractor discovered that
it was, in fact, 50 million. Do I have those numbers correct?
Ms. DeParle. Yes, sir, I believe that is right.
Chairman Bennett. And this, of course, is a very--what is
the phrase, revolting development, that your problem is 2\1/2\
times bigger than you thought it was, that you discover almost
overnight.
Does that not create a much bigger problem than your
overall testimony seems to indicate? I am not challenging that
you are on top of it. I am not challenging that you are making
it a top priority, but it would seem to me terribly
discouraging to be moving along and suddenly discover your
problem is 2\1/2\ times bigger than you thought. To me that
would put you, in the overall analysis of where you are,
substantially behind where you thought you were when you made
that discovery.
Ms. DeParle. I believe that is correct, and I think that
what you are referring to is a discussion last year with a
different committee that the administrator then had, and at
that point, the agency had been doing its assessment on its own
and had been talking to different contractors around the
country and had the assessment that it was around 20 million
lines of code that needed to be renovated, and I believe at
that very same hearing, Joel Williamson of the General
Accounting Office testified that he thought that HCFA needed to
get an independent assessment of that.
And late last fall, we did get the Intermetrics firm in to
do such an assessment. They have been out to every one of our
contractors, along with our chief information officer, who is
with me today, and that is how we now have the assessment that
the problem is bigger than we thought. So, yes, sir, we do have
a big problem, and the good news is that we learned about it
this spring instead of later this year.
Chairman Bennett. I am told by the staff that the 20
million figure was given to this committee at a briefing on the
7th of July of this year; at least somebody who was briefing
the committee did not have that information as recently as
earlier this month. It was not something that came up in the
spring.
Ms. DeParle. Well, if that is the case, Mr. Chairman, I
apologize to you, but, as I said, the complexity of this
problem has certainly grown, and I am very glad that we got an
independent assessment of it, and I think that we now know that
it is bigger than it was thought to be.
Chairman Bennett. All right; Dr. Friedman, I find a little
bit of a disconnect between your testimony and Dr. Kizer's. The
numbers that you are reporting paint a different picture from
the one we had from Dr. Kizer's admittedly anecdotal trip
through medical devices. If I had the numbers right, you said
there were 1,800 responses to your questionnaire.
Dr. Friedman. That is correct, sir.
Chairman Bennett. And 88 of those 1,800 said they produced
devices that had date-sensitive problems.
Dr. Friedman. No, sir; and I apologize for the series of
numbers. Let me go through it again. I can give you the exact
numbers. I think the larger issue is that we recognize that
somewhere around 2,700 to 3,000 manufacturers probably are
responsible for producing equipment that has microprocessors or
chips embedded and that is the most important group of
manufacturers to target. But we felt it was very important to
cast the net very widely, and therefore, in our initial
mailings sent out to some 16,000 or more, people who may only
make tongue depressors----
Chairman Bennett. Yes.
Dr. Friedman [continuing]. People who may only make, you
know, other things, we sent out this very large mailing to make
sure we tried to capture everybody both domestically and
foreign. We believe that it is some 2,700 manufacturers. From
that subgroup, we have about 500 responses now and are getting
more in daily.
Chairman Bennett. I see; OK, well, on page 10 of your
prepared testimony, I picked up this 88 manufacturers. I
thought OK, the folks who are really involved in this are not
responding, and it is the tongue depressor people who are
coming in, and that is skewing the data.
Dr. Friedman. Well, and we have gotten a large number of
responses from those folks saying no, thank you for asking us,
but we do not have anything.
I think it is more important to recognize that the kind of
data that Dr. Kizer is garnering will be very helpful and
complementary to the data we are getting. He is getting
information about very specific pieces of equipment. We are
getting information from manufacturers about all of the
equipment, and I think that when we have the assistance of the
manufacturers and those associations that represent them plus
the AMA and the AHA, seeing this as a mosaic where we get all
of the information and then post that for public consumption, I
think that serves the public in the very best way.
Chairman Bennett. OK; Senator Dodd?
Vice Chairman Dodd. Thank you, Mr. Chairman, and I am going
to sort of pick up where the chairman was going here. Let me,
if I can, the American Medical Association--I am quoting them
here and talking about medical devices--says unreliable
equipment cannot be used, because virtually any malfunction
could have disastrous consequences. Assessing the current level
of risk attributable specifically to the Year 2000 problem
within the patient care setting remains problematical. We do
know, however, that the risk is present and real. End of quote.
The American Hospital Association calling on Congress and
the FDA to enact mandatory disclosure requirements on the
device manufacturers, clearly because they believe that they
are not getting sufficient information to guarantee patient
care. I just want to come back to this. I read, Secretary
Thurm, your statement and your written testimony. You said that
you see no indications that there will be significant problems
that will place patients at risk, assuming that the
manufacturers are implementing the reported solutions.
And Dr. Friedman, in your testimony, you repeat that
statement almost word-for-word. Now, those statements would be
reassuring, I think, to the chairman and myself if we were
getting something better here. You said 2,700 of these
manufacturers actually producing equipment that appears to be
sensitive to the Y2K issue. Here, we have 526 days to go
between now and January 1, 2000. You have only heard from 500
of these companies out of almost 3,000. That is not reassuring
to me at all. I have got to tell you; I mean, I find that
frightening.
And I--it is important here, because you are the ones who
are going to be dealing with these people every day. I mean, we
have hearings; we have got 20 other things that we are doing in
an hour. We have got to have HHS, and we have got to have the
FDA being a lot more aggressive about this, in my view. I do
not think this is satisfactory. I do not think that 500
responses from 2,700 businesses that produce this equipment
that is highly sensitive and necessary, obviously, to patient
care is a good response at all.
Dr. Friedman. And no, sir; I hope I did not convey that we
felt it was satisfactory. This is fractional. We do believe
that getting all of the information is important. We began----
Vice Chairman Dodd. I know that, but your statement that we
see no indications that there will be significant problems, I
see every indication that there is a significant problem.
Dr. Friedman. The full sentence is if the manufacturers
address it.
Vice Chairman Dodd. Well, they are not. And I agree with:
if they do, then, fine. I am all with you. But you have only
got 500 responses with 500 days to go from almost 3,000
companies. You ought to be banging the table here, in my view,
with all due respect.
Mr. Thurm. Senator, I think that is right, and I think that
the FDA--two pieces. First, the FDA has followed up recently
and comprehensively by narrowing the number of companies that
it has targeted because we have not gotten responses, and your
point and the chairman's point is exactly right.
The second is, in conjunction with the VA, we have the
obligation to coordinate our efforts with what Dr. Kizer has
done through the VA and through what he announced several weeks
ago, the National Patient Safety Partnership, which includes
the American Hospital Association and the American Medical
Association, so that we can provide to you and to the American
public a more comprehensive and authoritative accounting of
that.
Vice Chairman Dodd. I have got you; I hear you. But look at
this: I mean, here is this letter from the Health Industry
Manufacturers Association. Let me quote them. You have got the
same one.
Chairman Bennett. I have got the same letter waiting for
the next witness. But go ahead.
Vice Chairman Dodd. You know, and I am quoting: HIMA's
members understand the Department's interest in this issue.
Nevertheless, we do not agree that a Federal Government
Internet Web site listing Year 2000 compliance status of
various products is an appropriate or necessary step.
That is arrogant. I mean, and they go on to say here,
HIMA's members note that the Department has no legal authority
to require this submission of the Year 2000 information that is
the subject of your January 21 letter. In view of this, HIMA
believes that the statement in the letter that there will be
targeted followup regarding non-respondents is inappropriate.
Well, I do not know--I can get an amendment adopted to
almost any bill in Congress that is floating through here. If
there is a legal problem, I promise we will take care of that
immediately. That is--you should let us know about that.
Mr. Thurm. That is correct.
Vice Chairman Dodd. What is the date of that letter? That
is April 1, that letter.
Mr. Thurm. Well, the point you are making is precisely
right. We need to be more aggressive. HIMA has sent a followup
letter, and your call today, Senator, and the chairman's call
on the private sector, in particular, medical device
manufacturers, assists us in getting them to provide----
Vice Chairman Dodd. I hear you, and I understand that, but
again, you have got these letters. You have got a January
letter that went out on January 21 to the device manufacturers
flatly stating FDA must aggressively pursue responses from the
remaining equipment manufacturers--excuse me, OMB in their
report on 5/15. Your letter went out on January 21. OMB, in its
report on 5/15, says FDA must aggressively pursue responses
from the remaining equipment manufacturers.
Six weeks later, you sent another letter. That is not, in
my view, aggressively pursuing responses. Am I wrong? I mean,
is this not 6 weeks basically, June 29? That is May 15, and it
is the end of June when we send the next letter? You have got
to be much more aggressive than that.
Dr. Friedman. I do understand what you are saying, Senator,
and we have sent out multiple letters. We will continue to do
so. We are not going to be satisfied until we have a complete
data set, and I think you are absolutely right.
Vice Chairman Dodd. I do not know; you have got the clock
on. Am I over my time?
Chairman Bennett. Go ahead. I am loving this. Go ahead.
Vice Chairman Dodd. Well, I mean, this is the kind of
stuff--you guys are on the front line every day. How often do
we have hearings? You know, and I mentioned earlier, look, what
I would like to suggest, this is Thursday, and I said earlier
we ought to publish the lists of people. Why do we not do this?
Maybe before we adjourn, which is maybe, I think, next week,
let me say from my point, I have not talked to the chairman
about this, but I will forego a week before I will go to the
floor of the Senate and publish lists of companies that have
not complied.
Let us use this as a week of an opportunity to respond to
these letters, and by next Thursday, I want the lists of the
people who have not responded.
Dr. Friedman. I cannot tell you how much we appreciate your
stimulus of this. If this brings in responses, it will serve
everyone very well, and we do appreciate----
Vice Chairman Dodd. My goal is not to embarrass anybody.
Dr. Friedman. Of course not.
Vice Chairman Dodd. But it will be.
Dr. Friedman. The goal is to have good information
available for all of the people who need it.
Vice Chairman Dodd. Now, let me get to this quick question
here on this, because I think the chairman raised a very, very
important point, but I think it has to be pursued a bit as well
here to HCFA, and let me just run the chronology here on this
thing for you. You know, you said, publicly stating that it is
almost 70 percent complete on its renovations, on its
assessment of the size of the problem. I appreciate that.
July 7, you submit materials to the special committee that
show that 30 million lines of code required renovations. All
right; now, this is your chart you sent us here. The President
stated that there were 42 million lines of code at HCFA that
needed renovation. Today, Mr. Thurm here stated that there were
49 million lines of code, and last week and again today, you
stated that there are 50 million lines of code.
Now, you can ask the question yourself. You understand the
question I have. How reliable is this 70 percent? Seventy
percent of what? I mean, that is in the space of a few days
here, we go from 30 million to 50 million, almost double the
number.
Ms. DeParle. Well, let me be clear about one thing. The
Deputy Secretary is right. The number is 49 million, and I was
rounding up to say some 50 million to make it easier.
Vice Chairman Dodd. All right?
Ms. DeParle. But your point and the chairman's point about
the changing numbers is certainly fair. I think I can explain
it, and let me try to. Our estimate right now is that there are
around 20 million lines of code that are internal that have to
be changed. Those are systems that we maintain out in Baltimore
primarily; for example, the Medicare managed care system.
Vice Chairman Dodd. Right.
Ms. DeParle. We pay the HMO's ourselves out of Baltimore.
So, that is an internal system. So, for those systems, our
estimate is around 20 million lines of code. I do not know what
the estimate was last May when the total number was 20 million,
but I would assume it was much smaller. So, that estimate was
wrong.
We brought in the independent verification and validation
contractor, who gave us a better view of it. The external lines
of code, we estimate to be around 30 million. When we get the
estimates from the contractors, some of them count, I am sorry
that my chart is probably hard to see, but some of them
counted, when they did their initial assessments, the front-end
systems, the standard systems and the back end systems, and the
standard systems, if they count that as well, that is double-
counting, because we were counting those on another list.
Vice Chairman Dodd. Yes.
Ms. DeParle. So, what we have done now with our IV&V
contractor is try to come up with the best list possible, and I
believe it to be, at this point, Senator, 49 million, but I
understand your point that it has been difficult to get our
arms around this, and that leads you to be concerned about it,
and, of course, that is why it is my top priority, because it
is a major concern.
Vice Chairman Dodd. I appreciate it. And listen, it is the
tendency of every institution, particularly in public settings,
to stand up and put the best face on things. I mean, and that
is true of Congress, true of anybody. So, I understand that.
What I think is so important here is that there be these--in
fact, there is going to be a greater degree of credibility on
the candid, hard assessments. You know, arguably, everybody is
late on this issue. I mean, we got a committee formed here
about a month ago, you know, and we are not--despite the fact
that the chairman tried for months, and we tried. I mean, it is
just hard for people to click onto this issue in a way.
So, we are not sitting up here--you know, we should have
been at this years ago in Congress talking about it. So, we are
not immune from the criticism about this. But I think we serve
the public really well when we lay it out coldly and hardly
where we are here, and too often, institutions, public and
private, come here, and the thrust is we are doing great.
And then, it is these probing kinds of questions; our
statements are written in that regard, and we end up creating
more problems than ought to be the case. So, I just urge you to
insist, when you go back, tell your own people: look, you know,
you want the hard, cold information. You know, someone once
said that the higher up you are in this process, the harder it
is to get at the truth, because people who walk in do not want
to tell the boss things they do not want to hear.
And so, you have got to be tough on your people in terms of
getting this stuff, because you do not want to have to come to
a committee hearing and sit up here and answer the questions
that we are going to ask that we are getting asked, OK?
Ms. DeParle. If I could, too, Senator, I would like to
correct a misunderstanding in the statement you made at the
beginning. My understanding at this point is that we are 77
percent of the way through in renovating our internal systems.
Vice Chairman Dodd. OK.
Ms. DeParle. That is the 25 or so systems that we maintain.
On our external systems, which include the common working file
and the contractor systems at the 60 different locations around
the country, we are only about 40 percent of the way through
there. Five of the six systems that need to be renovated have
been renovated, but the most important phase is yet to begin,
or we are just beginning, which is testing, and we have
followed the GAO recommendations. We have a four-level testing
system, and that will be very intensive, and that is where the
rubber meets the road, as you know.
So, I would not say that we are 70 percent done.
Mr. Thurm. And, Senator, if I can add one thing to your
point, which is exactly right, it is not just that the three of
us do not want to be here answering the questions, but on
January 1, 2000, none of us want to have said on December 31,
1999, oh, no, it is OK, and to ask the hard questions, and I
think we are trying to do that within the Department and the
private sector. We moved money within the Health Care Financing
Administration and we have come up and told you that we are
going to have to delay implementation of certain Balanced
Budget Act provisions. We have said in our 1999 budget we need
more money, and we need it early in fiscal year 1999, because
late in fiscal year 1999, we have a problem.
But your hearings and your oversight help us further ask
the hard questions sooner rather than later and to which, in
our Department, and you all are owed the response sooner rather
than later, so we can do contingency planning in case either
our systems or our partners' systems do not work, so that we
can ensure, as the administrator says, not only end-to-end
within our systems but end-to-end within the whole health care
system, so that providers in rural areas, if they cannot
receive payments because their systems are not renovated, we
have thought about that; they have thought about it, and we
have figured out ways to address it.
And those are the kinds of things we are trying to focus
on, and these hearings are helpful.
Vice Chairman Dodd. I have taken too much time, but I still
have a couple of questions. I would like for you to respond, by
the way, have your legal counsel respond to HIMA's letter to
you in April about the legal authority, and I want to know
immediately whether or not you agree with this letter that you
lack the legal authority, and if you lack the legal authority,
I want you to let us know ASAP on this, and we will find some
means to give you the legal authority to see to it that you can
list on here.
So, I appreciate----
Mr. Thurm. We will certainly do that, Senator.
Vice Chairman Dodd. OK?
I have some questions, but I have taken too much of your
time.
Chairman Bennett. Thank you.
We will move on to the next panel. Let me make a few
concluding observations. I am glad, Administrator DeParle, for
your comment about the 70 percent and the 40 percent and to
help us understand that, because I just could not understand
how you could get a problem that is suddenly twice as big as
you thought it was and still stay at 70 percent remediation.
On your chart, the only point I want to make with respect
to that chart is that if there is a failure in any one of those
components or in any of the connections between components, the
failure runs through the whole system. That is the scary thing
about the chart. We could have everything working there and,
for example, the connection between Social Security and the--
what do they call it--the central processing or central----
Ms. DeParle. Common working file?
Chairman Bennett. The common working file. If the common
working file cannot access Social Security to check
eligibility, the whole thing comes to a grinding halt, and the
same illustration could be made in any other connection on that
chart, and from a point of view of the effect of that on the
whole system, it is really, really scary. In many ways, you
have a bigger burden here than any other governmental official.
As I said, we were at the INOVA Fairfax Hospital, and we
got all of the other information to us and got tremendously
reassured. If I am ill on New Year's Eve, that is the hospital
in the area I want to be in. But I asked the question after
they went through all of the things that they were doing, I
said what would the impact be if HCFA was unable to process
claims, and the answer was a single word: huge.
They can do all of the other things they do. If you fail,
or if any one of the connections that you have on the chart
fails or any one of the components on the chart fails, the
impact on the people who are providing the patient care would
be huge--not to send you out of here with an enormous load on
your shoulders but to remind you of the enormous load that you
already have on your shoulder and to thank you for your
forthrightness here today.
Ms. DeParle. Thank you, Senator.
Vice Chairman Dodd. Let me just ask if they could, on three
questions, but I will not ask you to respond to them here, but
I would like to get some answers to them. One is, and on the
individual care providers, Mr. Thurm, if you could, that would
be important for us to get that. I realize you have got a
complex and huge area. We have talked on the hospitals and a
lot of other areas, but the individual care provider, what is
going on there is something I would be very interested in
hearing from HHS on.
Second, I want to know, if we can, what your contingency
plans are. I am not going to go into it today, but I would like
to have someone give us a brief on what your contingency
planning is. Everyone is saying it now. It is the right thing
to say, but the chairman is absolutely correct. This is one
where we better get a good assessment of a billion dollars of
processing a day to health care providers out here. We need to
have a pretty good sense of what it is to make sure that there
is not a failure in that system, with 40 percent of those
providers relying or I think 40 percent of their resources come
from Medicare and so forth. So, you would have a collapse
there.
And last, Mr. Thurm, I would like to know about the rural
and more urban hospitals and so forth. If the veterans
hospital, you know, with all of the power of the VA, cannot get
responses from manufacturers, we heard from the Fairfax
Hospital how difficult--and I have got some letters here that
they shared with us from manufacturers. They are just downright
rude in some instances in terms of their inquiries about
equipment they have got to use there.
What does the D.C. General, how are they doing? How is a
rural hospital doing when they are trying to get information?
And I would like to get some sense from them in terms of how
responsive they are and also, you know, what sort of costs are
they looking at? And to what extent are we making some
assessment. Again, coming back to the chairman's question, we
have got a very receptive and willing, I think, Congress that
wants to help out in this area. The sooner we know, the better,
and if rural and inner-city hospitals are facing some real
problems here financially, the sooner we know, the better we
are going to be able to step up to the plate and provide some
help to see to it that they are getting the equipment that they
need to serve that population, OK?
Thank you.
Chairman Bennett. Thank you all very much.
Ms. DeParle. Thank you.
Chairman Bennett. We now go to the health industry panel.
These are representatives from hospitals, doctors, biomedical
device manufacturers, insurers, and Y2K consultants. They
individually and collectively have knowledge about how the
health care industry is responding to the medical and financial
challenge facing it in the next 17 months. They may be a little
nervous, having heard the rhetoric of the first two panels.
All right; introducing all of the members of the panel, and
we will hear from you in the order in which you are introduced,
Ms. Jennifer Jackson. Ms. Jackson is general counsel and vice
president for clinical services of the Connecticut Hospital
Association, representing the American Hospital Association. I
wonder why we have someone from Connecticut doing that? No, we
are delighted to have you here.
Dr. Palmisano, Donald Palmisano, is a member of the board
of trustees of the American Medical Association. Mr. Ramin
Mojdeh, Ph.D., he is director of research and development of
the Guidant Corp., and he is here representing the Health
Industry Manufacturers Association. Mr. Gil Glover--is it
Glover or Glover?
Mr. Glover. Glover.
Chairman Bennett. Glover?
Mr. Glover. Glover.
Chairman Bennett. Glover.
Mr. Glover. Glover.
Chairman Bennett. Glover, all right, director of Year 2000
projects and planning for Blue Cross and Blue Shield and Mr.
Joel Ackerman, executive director of Prescription 2000
Solutions Institute.
We welcome you all here. As is always, unfortunately, the
pattern in the Senate, we have run over more from the Senators
than the witnesses, but we make the witnesses pay for it by
asking you to please hold your statements within the 5 minutes
indicated by the lights.
Ms. Jackson, we will start with you.
STATEMENT OF JENNIFER JACKSON, GENERAL COUNSEL AND VICE
PRESIDENT, CLINICAL SERVICES, CONNECTICUT HOSPITAL ASSOCIATION,
REPRESENTING THE AMERICAN HOSPITAL ASSOCIATION
Ms. Jackson. Mr. Chairman, Senator Dodd, I am Jennifer
Jackson, general counsel and vice president of clinical
services at the Connecticut Hospital Association, and I am very
pleased to be here today representing the American Hospital
Association, which represents nearly 5,000 hospitals, health
systems, networks, and other providers of care.
Hospitals and health systems are taking the Year 2000 issue
very seriously. They face the same potential problems as most
other institutions. Their business and communications systems,
their security systems, elevators and other parts of their
physical plant all could be affected by Year 2000 problems.
However, hospitals are unique places that face unique problems
because of our patients' reliance on sophisticated technology
and equipment. In analyzing these problems, our priority is, as
always, the safety of our patients.
The AHA believes that there are several key players who can
help prevent Year 2000 problems from occurring in health care.
They are hospitals and their associations, manufacturers of
medical devices and equipment, the Food and Drug
Administration, the Health Care Financing Administration and
Congress.
AHA and state hospital associations are working together to
ensure that our members know the potential dangers of the
millennium bug and are taking steps to avoid those problems. We
are getting them the latest information on what their
colleagues and other organizations are doing. In fact, in
recent weeks, we sent every member CEO a briefing book called
Y2K, Mission Critical, that is filled with extensive
information from the history of the problem to sample contract
compliance language for use with vendors and suppliers.
When it comes to medical devices and equipment, however,
our efforts alone are not enough. Information about whether
these devices will be affected by the date change must come
from the manufacturers of the equipment. We believe that
existing regulations allow the FDA to require manufacturers to
perform Year 2000 testing and report adverse results. We urge
the FDA to exercise this enforcement authority and ask Congress
to do everything in its power to help the FDA ensure that Year
2000 information on medical devices gets from the manufacturers
to those who need it most, health care providers.
We are relying on the FDA and manufacturers to make this
information available. We ask the FDA to continue to share its
plans describing how the agency is getting needed information
from manufacturers and make sure that those plans are available
to health care providers.
We also need the help of the Health Care Financing
Administration. America's hospitals and health systems receive,
on average, half of their revenues from Government programs
like Medicare. It is critical that the flow of those funds not
be jeopardized by Year 2000 problems.
Of course, unforeseen problems could occur. Therefore, HCFA
should establish a contingency plan. A fail-safe system to
provide periodic interim payments based on past payment levels
is one way to do this. At the same time, we do not believe that
HCFA, as it recently announced, should delay hospitals' fiscal
year 2000 payment update and the implementation of outpatient
and home health prospective payment systems while it works on
its own computers.
Hospitals are already trying to cope with the Balanced
Budget Act's dramatic changes, including severe reduction in
hospital Medicare payments. A delay in the fiscal year 2000 PPS
update adds to this burden and causes unpredictability for them
and for their patients.
Congress also has a key role. Your attention to this issue
through hearings like this one reflects your understanding of
the gravity of the situation, and you can help America's health
care system avoid Year 2000 problems. First, Congress should
appropriate whatever resources, including additional authority
if necessary, the FDA may need to ensure that manufacturers of
medical devices investigate, report and correct Year 2000-
related problems in their products. We also urge Congress to
speak directly to manufacturers on the need and expectations
for prompt, sufficient disclosure.
Second, Congress should enact some form of limitation on
liability for health care providers that have taken steps to
prevent Year 2000 problems from affecting patient care.
Hospitals must rely on manufacturers of medical equipment and
devices to disclose whether a Year 2000 problem may occur and
how to correct the problem. Health care providers should not be
liable for damages related to Year 2000 limitation on those
products, especially when they have made good faith, reasonable
efforts to minimize the risk and obtain information.
One way to approach this liability issue is to broaden the
President's recently-announced good samaritan proposal, which
would shield from liability businesses that, in good faith,
share information on solving the Y2K problem. We suggest also
addressing in that legislative vehicle our concerns about
liability and protect hospitals and health systems from
liability for treating a patient with a medical device that the
manufacturer has reported as Y2K compliant.
Congress should also authorize periodic Medicare payments
and ensure that HCFA has adequate funding to ensure Y2K
compliance. America's hospitals and health systems, their State
associations, the AHA and other national organizations are
working together to prepare for the Year 2000. We encourage
Congress and our Federal agencies to work with us as well so
that together, we can ensure a smooth and healthy transition
into the new millennium.
Thank you.
[The prepared statement of Ms. Jackson can be found in the
appendix.]
Chairman Bennett. Thank you very much.
Dr. Palmisano.
STATEMENT OF DONALD J. PALMISANO, M.D., MEMBER OF THE BOARD OF
TRUSTEES, AMERICAN MEDICAL ASSOCIATION
Dr. Palmisano. Thank you, Senator Bennett, Senator Dodd and
the committee.
My name is Donald Palmisano. I am a member of the Board of
Trustees of the American Medical Association, a member of the
Board of Directors of the National Patient Safety Foundation,
and the chair of the National Patient Safety Foundation's
Development Committee. I also practice vascular and general
surgery in New Orleans. On behalf of the 300,000 members of the
American Medical Association, I want to thank you for inviting
us to testify about the Year 2000 problem today.
Senator Bennett, I request that our written comments be
entered into the record in view of the time limitations.
The Year 2000 problem will affect virtually all aspects of
physicians' practices, most especially patient care. The good
news is that if we act in a timely fashion, this problem is
solvable. Within a clinical environment, physicians rely
heavily on medical devices to gather or monitor information
about their patients. Some of these devices take images; others
regulate or assist bodily functions; and others simply monitor
different aspects of the patient's condition. All of them are
important and provide essential functions for the physician and
the patient.
Medical equipment has to be completely dependable. Can you
imagine for yourself, for a moment, yourself as the patient?
How would you feel if a device which was monitoring your heart
failed to sound an alarm when your heart slowed to a dangerous
rate or if a digital display incorrectly assigned another
patient's name and all of their medical data to you? Obviously,
these events would alarm you and your physician.
Nevertheless, with the potential for malfunctions due to
Year 2000 bug, there are real risks that have to be anticipated
and corrected, and the physicians who are responsible for
caring for these patients are calling for this problem to be
remedied quickly and effectively. Medical device manufacturers
need to disclose immediately whether their products will
malfunction or not. Only they have that information. End users,
the physicians and the patients, do not have the expertise or
resources to determine what devices may or may not fail.
We have to rely on the manufacturers, the Congress and the
administration to ensure that they promptly disclose this vital
information. We understand that the FDA and the Department of
Veterans Affairs have been trying to obtain this information.
We applaud their efforts to date but believe that more can be
done. In addition to causing serious patient safety concerns,
the Year 2000 problem may also wreak havoc on the medical
community's ability to conduct even the simplest transactions.
Many physicians and medical centers rely on information systems
and, to some degree, maintain medical records through these
electronic methods.
Physicians need to be able to access this information
quickly and reliably. Just as important, it must be accurate
and secure. The software cannot assign incorrect data to
patients.
Another area of physicians' concern that is heavily tech-
dependent concerns electronic billing and claims, and you all
have just gone through that, and I will skip over some of this,
but we are aware of this in part because of an incident that
recently occurred in my home State of Louisiana. As you may
have heard, when the Medicare claims processor for Louisiana
was planning on implementing a new Y2K-compliant computer
system for claims processing, it announced that physicians
could anticipate a 2-week delay. The actual implementation time
was significantly longer. Many physicians had real problems
keeping their doors open to treat patients.
Those physicians who were treating a lot of Medicare
patients had difficulty purchasing supplies and paying their
employees.
Getting back to HCFA, we understand HCFA's concerns and
desire to have physicians and other health care professionals
Y2K compliant. We have absolutely no problem with that. We
believe, though, that HCFA should lead by example and make sure
that its systems are in compliance as soon as possible. This
would allow physicians and HCFA to parallel test their
respective systems well before the Year 2000.
We understand that in an effort to ensure that its own
computer systems are Y2K compliant, HCFA is focusing a lot of
its resources on this problem. We just heard from Administrator
Nancy-Ann Min DeParle that the Y2K bug is HCFA's No. 1
priority. As a result, HCFA has decided that it is not going to
implement some changes required by the Balanced Budget Act of
1997. Instead, HCFA is going to postpone physicians'
reimbursement updates from January 1, 2000, to about April 1,
2000, if not longer.
We understand HCFA's reasoning for this decision. We just
want to highlight our concerns about some of the potential
consequences. First, the Y2K problem has been a known problem
for a long time. It is a soluble problem if addressed in time.
Nevertheless, HCFA is asking others to accept delays in updates
because HCFA has failed to correct this problem. HCFA has told
us they are not asking for this delay to save money for the
Medicare trust funds. They have also said that they want to
make sure providers are fairly reimbursed for the funds they
should have received.
Our concerns regarding updates are fourfold. First, we
wonder whether HCFA is going to be able to devise a solution
that accomplishes all of these goals. Second, we are concerned
that a delay may now affect future calculations of
expenditures. Third, the Year 2000 is a critical year for
implementing BBA-mandated changes in the resource-based
relative value scale, which Medicare uses to determine
payments. This is known as the RBRVS.
Fourth, as you may know, many private insurers and Medicaid
agencies base their fee-for-service reimbursement on the RBRVS.
Delaying the Medicare updates would likely have ramifications
far beyond what is currently anticipated.
You have also asked us to address the current level of
preparedness of the physician community for the Y2K problem. We
have run across a very limited number of studies giving that
assessment. One already mentioned here today, the Gartner
Group, has found what we knew, that physicians and hospitals
rely on thousands and thousands of medical devices which, to a
limited extent, may not be compliant. We are not sure of what
the full extent is, and we need help from the manufacturers.
Medical practices are among the furthest behind in their
survey. Now, what can we do about this, specifically the AMA?
The AMA is focusing on three areas: education, communication
and cooperation. The AMA already has conducted a seminar at our
annual meeting last month and will be holding additional
seminars in the future. The AMA has also launched a national
campaign entitled ``Moving Medicine into the New Millennium,
Meeting the Year 2000 Challenge,'' which focuses on
communication and education.
As part of the campaign, the AMA will be holding a series
of regional seminars to talk about how best to work with
vendors and how to obtain necessary information about devices
that could affect health care. We will also be distributing a
solutions manual to further educate the participants.
To foster greater communication among physicians, we have
put together a special section on our award-winning Web site, a
Y2k section, and we encourage everyone to visit ama-assm.org to
gather information as we put it on that site.
We believe it will serve as an important interactive
resource for physicians by providing regularly-updated
information about the millennium bug and by assisting
physicians in solving their Y2K problems. The AMA is also
promoting cooperation through our involvement with the National
Patient Safety Foundation. The AMA launched this foundation and
works with its partners. It is a separate corporation, and
then, that corporation is now working with the National Patient
Safety Partnership. It is a public-private venture, and Dr.
Kizer, with the Department of Veterans Affairs, is a leader in
this. And so, we are working together with all of these groups.
We would suggest that others communicate to their
constituencies, as we are trying to do. This would be a
cooperative effort.
And the last point, we need to develop a strategy to
properly inform patients who are affected by medical devices of
Y2K compliance or potential risk. The patient has to be our No.
1 concern in all of our Y2K efforts. The clock is ticking. Time
is of the essence.
In conclusion, I wish to thank you very much once again for
inviting me, Mr. Chairman and members of the committee, to
testify. On behalf of the AMA, allow me to offer our services
in working further with Congress to effectively address this
problem. I will be happy to answer any questions. Thank you,
sir.
[The prepared statement of Dr. Palmisano can be found in
the appendix.]
Chairman Bennett. Thank you.
Dr. Mojdeh.
STATEMENT OF RAMIN MOJDEH, PH.D., DIRECTOR, RESEARCH AND
DEVELOPMENT, GUIDANT CORP., REPRESENTING THE HEALTH INDUSTRY
MANUFACTURING ASSOCIATION
Mr. Mojdeh. Mr. Chairman, my name is Ramin Mojdeh. I am a
director of research and development at Guidant Corp., which
designs, manufactures and sells innovative products to improve
the quality of care for people with cardiovascular diseases. We
thank you, Mr. Chairman and Senator Dodd for your leadership in
raising the awareness of this important issue. Thank you also
for the opportunity to testify on behalf of the Health Industry
Manufacturers Association regarding the readiness of this
industry to ensure the safe and reliable operation of medical
devices in the Year 2000 and beyond.
HIMA represents more than 800 manufacturers of medical
devices, diagnostic products, and medical information systems.
Mr. Chairman, I would like to stress three points. First, the
device industry is extremely concerned about the potential
hazards associated with the Year 2000 problem. Second, our
industry has three compelling reasons to address this issue
urgently and seriously. These are humanitarian, business and
regulatory. Third, we recognize that timely access to relevant
information is critical to patient safety, comfort and
confidence.
Today, we give you our assurance that our industry will
continue to work with other concerned organizations and the FDA
to make compliance information relating to devices publicly
available.
The medical industry is quite diverse. Over 50 different
medical specialties use thousands of product lines and
applications throughout the human body. Additionally, the
complexity and sensitivity to the Year 2000 date varies
dramatically among devices. Some devices vital to keeping
patients alive are not date-sensitive. For example, pacemakers
do not use a current date in their operation, and it is
unlikely that ventilators and many other products will be
affected by the date problem.
Other devices may use date information to make calculations
or send data directly to other systems. These devices may be
sensitive to the Year 2000 problem. For these reasons, the
challenge posed by the Year 2000 bug does not, for the medical
device industry, represent a single problem yielding to a
single solution. Rather, each company faces a unique set of
circumstances involving its own technologies.
The FDA has detailed the device industry's regulatory
obligations for Year 2000 compliance. As an FDA-regulated
industry, our member companies are profoundly aware of their
Year 2000 compliance responsibilities and of the penalties of
failing to meet them. HIMA members are taking strong action to
ensure Year 2000 compliance. Some companies with diverse
product lines have posted pages of detailed charts on their Web
sites containing Y2K compliance information. Others have gone
beyond the Internet and contacted their customers directly
regarding the compliance status of their products.
Many small companies, founded within the last 10 years,
understood the Year 2000 problem in advance and have been
designing Y2K compliant products from the start. It has been
said here today that a central clearinghouse be established to
make Year 2000 information publicly available. I want to assure
all concerned that we take our responsibility in this area very
seriously. Remember that we, the people, in this industry are
also our own customers. The lives of many of us, our parents or
our children, as patients, depend on our products.
Every day, we come face to face with co-workers who have,
for example, a pacemaker or have a family member whose life
depends on safe and reliable operation of one of our products.
The sense of responsibility and accountability we live with
every day is enormous. Our commitment to safety and reliability
of our products is renewed in every encounter like this many
times a day, every single day.
So, let me assure you that we share and welcome your
interest in this area. Mr. Chairman, you have our strong
commitment to continue to work with other concerned
organizations and the FDA in making Year 2000 compliance
information publicly available in an appropriate format.
Thank you.
[The prepared statement of Mr. Mojdeh can be found in the
appendix.]
Chairman Bennett. Thank you.
I am going to have to leave and will turn the gavel over to
Senator Dodd, my apologies to the other two witnesses. Let me
just ask a quick question. Do I take it, Dr. Mojdeh, that you
think the FDA request is not an appropriate format? You have
just said you wanted to make this available in an appropriate
format. HIMA's activity with respect to the FDA activities in
the past would indicate its concern with the format
appropriateness. The letter that Senator Dodd quoted from
indicates that you do not think that the FDA has the legal
authority to require it, and you say that that is not an
appropriate or necessary step. Is that correct? You do not
think that what the FDA has tried to do is an appropriate
format?
Mr. Mojdeh. With your permission, Mr. Chairman, I would
like to ask my colleague, Mr. Bernie Lieberman, to respond to
that.
Chairman Bennett. Surely; just identify yourself for the
record, and we are happy to have you respond.
Mr. Liebler. Certainly; my name is Bernie Liebler. I am
director of technology and regulatory affairs at HIMA.
That initial letter was written on advice of our internal
legal counsel. It was our legal counsel's opinion. We have
since, as Mr. Thurm on the previous panel indicated, had
further correspondence with FDA on this matter, and our last
letter was sent yesterday, and it included our offer to work
with other people. It also included with it, as an attachment,
a paper that we have written on that.
Our concern about format is that we believe that the total
diversity of the industry in terms of size, size of company and
resources available to them, may make it difficult for some
companies to accumulate the information for location in one
spot, as some people have requested. We believe that it is best
for us to get together, meet with the organizations that are
requesting information, find out what they need, offer what we
can provide and work out a really optimum format.
Chairman Bennett. Well, I am sure Senator Dodd will pursue
this. Let me just make the comment that we really do not have
any time. That is the primary enemy here, and I understand that
legal advice says do not do this. I go back to an experience in
my own lifetime. I am unburdened with a legal education.
[Laughter.]
Sometimes, that is good; sometimes, that is bad. I know
that there are times when I have been very, very blessed to
have a good lawyer at my side when I have gotten into some
difficulty. But there are times when a CEO has to overrule his
lawyer. I have been involved in those kinds of situations. I
remember a rather terrifying incident; I was a young man in his
thirties sitting before the chairman of the board of a Fortune
500 company where I was working and had the chairman of the
board say to me are you telling me I must disregard the advice
of the general counsel on a legal matter because of your
understanding of the political implications of this? I was then
working as the Washington representative of that company.
I took a deep breath and said yes, I am telling you to
disregard the legal advice of the general counsel of this
corporation plus the Wall Street law firms that are advising
you, because this is not a truly legal issue; this is a
political issue, and that is my area of expertise, and I am
telling you you have to go to Washington and testify, even
though the lawyer is telling you do not do it.
I am not sure I would have the courage to do that if I were
a little bit older. Maybe it was my youth that cost me that
foolishness. He looked at me, and he said I am going to have to
think about that. I am happy to report that he came to
Washington, he testified, he ignored the advice of the lawyer
who would have gotten him in all kinds of trouble and gotten
his industry in all kinds of trouble, because this was not a
legal problem.
And the point I want to make here through you to all of the
lawyers out there who are saying do not disclose this
information: we are faced with a crisis here. And you have
heard the testimony up until now from others. The crisis is not
going to go away unless we get information. We, speaking as a
society now, not necessarily the Congress, although it is true
of the Congress, we are flying blind into this crisis. We do
not know how serious it is.
And I get very, very impatient with people who hide behind
a legal opinion and say, well, the lawyer says we may have
liability at some point down the road, and we want to make sure
that liability does not come to pass, and so, we are not going
to cooperate until we are absolutely sure that all aspects of
liability have been examined by all law firms that we have
retained all the way down the line.
We do not have time for that. And so, I am delighted to
know that an additional letter has been faxed. I find it
interesting that it is on the eve of this hearing, and if I
may, Senator Dodd, I think we can take some credit for having
stimulated that letter by virtue of the hearing and the fact
that you would have a witness here today. But I would take
advantage of your being here to send that message not only to
your lawyers but to all of the other lawyers in all of the
other parts of the Y2K issue who are telling people to not be
forthcoming with information.
That is simply not acceptable. We have a crisis. We are
flying blind toward it, and the only way we can resolve it is
to get the information. And with that, again, my apologies to
the other two witnesses that I will have to leave, but you are
in good hands with the Senator from Connecticut.
Senator Dodd [presiding]. Mr. Glover
STATEMENT OF GIL R. GLOVER, DIRECTOR OF YEAR 2000 PROJECTS AND
PLANNING, BLUECROSS BLUESHIELD ASSOCIATION
Mr. Glover. Thank you, Mr. Chairman.
Mr. Liebler. Senator, may we make the second letter a part
of the record----
Chairman Bennett. Absolutely.
Mr. Liebler [continuing]. Provide it with the paper?
Mr. Glover. Thank you, Mr. Chairman, Senator Dodd. I am Gil
Glover, director of projects and planning and Medicare
operations at Blue Cross and Blue Shield of Texas. Thank you
for the opportunity to testify on behalf of the Blue Cross and
Blue Shield Association on the progress Medicare contractors
are making for becoming Year 2000 compliant.
As a health insurance company, both our Medicare business
and our commercial business face the challenge of becoming Year
2000 compliant. Each independent Blue Cross Blue Shield plan is
actively working to make sure that its information system and
business operation will function properly in the Year 2000 and
beyond. In Medicare, let me assure you that Year 2000
compliance is the top priority for Medicare contractors.
Toward this objective, the Blue Cross Blue Shield
Association worked with HCFA to develop a formal process to
ensure regular communications with HCFA on major Y2K issues. In
response to a Blue Cross Blue Shield recommendation, HCFA
established a steering committee to clarify Year 2000
compliance standards and monitor contractor progress. As a
member of that steering committee, which is composed of
contractors and senior HCFA personnel, I can assure you that
the Blue Cross Blue Shield plans and commercial Medicare
contractors are working collaboratively to assure that claims
will be paid accurately and timely in the Year 2000.
Eight work groups have been established out of the steering
committee to focus on various Year 2000 activities, including
progress measurement, critical path assessment, provider
relations, contingency planning and resource allocation. As a
member of the contingency planning work group, I can report
that the work group has developed a planning protocol, as
supported by a comprehensive planning template applicable to
any risk a Medicare contractor might identify in its
operations.
Use of this template is being piloted by work group
contractor members and is scheduled for release to all
contractors in early August. The work groups' combined input
into the development of this protocol has produced a tool that
can add significant value to this process and can produce
uniform planning documentation. Beyond the specific products of
these work groups, operation of the steering committee has
facilitated very constructive and useful dialog between
contractors and top HCFA management about Year 2000 compliance.
We believe that it is possible to complete basic Year 2000
modifications, testing and implementation by the end of 1998.
However, it is important that changes to the Medicare program
be minimized during the last quarter of 1998 and first months
of 1999. If complex programming changes are made and tested
simultaneously with Year 2000 programming changes, resource
conflicts will arise, and it will be difficult to isolate
whether problems are originating with Year 2000 or with other
programming changes.
After Year 2000 testing is completed, and any other
problems are resolved, any further changes in 1999 will require
retesting and should be kept to an absolute minimum. HCFA is
seeking legislation that would dramatically restructure the
contracting process for Medicare contractors. This legislation
could potentially hurt Medicare contractors' Y2K efforts. HCFA
currently has the authority to terminate a contractor for non-
performance, including non-performance of Year 2000
responsibilities and is exercising extensive oversight of
Medicare contractors' Year 2000 compliance efforts through the
use of its own review teams and an independent verification and
validation contractor.
Most Medicare contractors have already been reviewed for
Year 2000 compliance, with at least two comprehensive on-site
reviews. Many contractors are around three of these reviews. In
addition, both the Office of the Inspector General and the
General Accounting Office are conducting Year 2000 reviews at
Medicare contractor sites. There is ample opportunity for
identifying and correcting any deficiencies or problems in the
Medicare contractor community through these review processes.
Additional legislation to enforce Year 2000 compliance is
unnecessary.
I would also note that adequate funding is very critical to
accomplish this monumental task. We strongly support HCFA's
efforts to secure additional fiscal year 1999 funding for Year
2000 activities.
In summary, let me again emphasize that Medicare
contractors are working diligently to become millennium
compliant by December 31, 1998. We advocate a very careful
approach to structuring the Medicare program change burden
while Year 2000 remediation is in process. Medicare contractors
will continue to work closely and effectively with HCFA to
resolve issues that arise and to ensure compliance.
Mr. Chairman, thank you for the opportunity to express
these views.
[The prepared statement of Mr. Glover can be found in the
appendix.]
Vice Chairman Dodd. Thank you very much.
Mr. Ackerman, thank you.
STATEMENT OF JOEL M. ACKERMAN, EXECUTIVE DIRECTOR, RX 2000
SOLUTIONS INSTITUTE
Mr. Ackerman. Senator Dodd, my name is Joel Ackerman. I am
the executive director of the Rx 2000 Solutions Institute. I am
a former computer programmer, so I am a--actually, I did
double-digit programming many years ago, so I am very
intimately familiar with the issues.
Vice Chairman Dodd. You could get a very good job today.
Mr. Ackerman. There are lots of openings, and I am getting
lots of calls.
But 2\1/2\ years ago, when we founded Rx 2000, we felt like
a voice in the wilderness, and actually, 1\1/2\ years half ago,
we still felt that way. So, we are glad to see that things are
finally changing. Rx 2000 is an independent, nonprofit member
supported organization that is open to all organizations in the
health care community, and we have no conflicting ties to
health care organizations, manufacturers, pharmaceutical
companies or consulting groups. Our sole objective is to help
ensure the survival of health care organizations into the next
millennium and to minimize the impact on patient care. We felt
when we founded this organization that health care needed an
information clearinghouse, and that is exactly what we set out
to do for the Year 2000.
Some of the services we offer include a Web site at
rx2000.org, which has gotten a lot of recognition as a leading
Internet health care Year 2000 Web site as well as a list
server with currently over 1,100 subscribers representing 20
countries in addition to the United States, discussing health
care Year 2000 issues.
We are also currently developing a health care Year 2000
database that includes information submitted by organizations
primarily focusing on field test information, and one of the
things I have heard in the presentations today is a lot of
emphasis on information from suppliers. There has not been
enough emphasis on actual field testing, because we are finding
that information from vendors, while it is very important to
try to get that, and it needs to be as accurate as possible, it
is very unreliable, and we have field examples to support that.
A couple key points. I will skip a lot of what I had
planned on talking about, because it has already been covered
today, but there are some key points I want to make. In health
care, we do not have a big three or a big six driving the
health care industry on Year 2000 issues. Other industries have
that. In health care, we have a very diverse, fragmented
industry with lack of coordination, lack of cooperation between
the payers, providers and other manufacturers and other
organizations.
That is a significant issue for us. We do not have the
coordination and cooperation that is necessary. There is also a
very strong fear of acknowledging and sharing information about
Year 2000. I have talked with payers who do not want to talk
about the issues with their providers, because they are afraid
of incurring additional liability. We have to get around those
kinds of problems. Health care organizations, as it has been
pointed out a couple of times, are very late to the Year 2000
table, and that has resulted in a lack of awareness and
significant denial on the issues.
And it is important to recognize that most organizations
have, at most, one budget cycle left before the Year 2000, and
every organization that we have talked to about budgeting,
estimating, they have significantly underestimated the cost and
effort associated with the Year 2000. That is a key problem.
There is also a lack of consensus in the health care
community as to how to deal with these issues. We are talking
with hospitals and other organizations that are planning on
relying strictly on information from the vendors, the
manufacturers. As we have heard, they are having trouble
getting that, but also, it has not been pointed out strongly
enough that a lot of that is unreliable and cannot be counted
on, and therefore, they need to be doing testing in addition to
that. I wanted to emphasis that strongly, that relying solely
on vendor information is a mistake at this point based upon the
field experience.
We recently held a national meeting of a health care Year
2000 special interest group, and we had organizations from all
over the country participating, and we did a survey of those
organizations at the end of the meeting, and these are the
people in the trenches, actually working on the issues, and
some of the statistics we got were very interesting. Virtually
all of the participants agreed that the Year 2000 issues will
have significant impact on payers, providers, health care
suppliers, and vendors. Ninety-seven percent of the people
responding agreed that health care Year 2000 issues have a
significant potential to negatively impact the quality of care.
Now, again, these are the people in the trenches.
Ninety-four percent of them agreed that the Year 2000
issues have significant potential to lead to unnecessary deaths
in our health care system. Sixty-nine percent agreed that
health care lags behind most other industries in dealing with
these issues, and 62 percent of these organizations said that
they have already experienced Year 2000 failures. So, it is not
something that will hit in December or January of 1999 or 2000.
We have heard about many of the areas of Year 2000 risks.
There are a couple of key things that I want to point out.
There has been emphasis on getting a statement from suppliers.
That is good. But you have to be careful about a single point
in time assessment. What we are finding is that everybody is
learning still. Things are changing. Things we thought were OK
6 months ago, we are finding out that they are not. So, it is
important to have ongoing, continuous monitoring.
There is a significant shortage of personnel, including
biomedical engineers who can deal with issues. I brought with
me today Mr. Dan Forrester of St. Joseph Health System who
heads a group of 12 biomedical engineers in their hospitals in
Texas and California. They are finding currently a 19 percent
failure rate in medical devices, and he would be happy to
answer questions if you wish.
I am running short on time, but in my testimony, there are
some recommendations in there that we obtained both from Rx
2000 Institute as well as from the participants on our
listserver. We asked them what would you like Congress to do
about the Year 2000 issues in health care, and there are some
very key things there, including a couple of things that have
not been addressed, such as providing information to the
patients, the people that are out there. We are starting to get
a lot of questions. Doctors are getting a lot of questions.
There is no place for the patients to go at this point for
information or for health care professionals. There are no
credible, independent and reliable, unbiased sources of
information, and we need to establish that somehow.
I will wrap up. I want to thank you for having me here
today. I want to also emphasize that we are Y2K virgins. None
of us have been through this before. We really do not know what
to expect. So, all we can do is continue preparing and acting
in good faith and not just solicit information from vendors but
also do our testing.
Thank you.
[The prepared statement of Mr. Ackerman can be found in the
appendix.]
Vice Chairman Dodd. Thank you very much, Mr. Ackerman. That
is some very good points you made, I think, and it is a nice
ending here in a sense, having had the--and I appreciate your
responding to things you have heard. Too often, people come
with testimony, and regardless of anything else that has been
said, that is what gotten written, and it is a single point in
time testimony, instead of responding to observations that have
been made.
I should have made note, Ms. Jackson, at the very outset,
of how certainly proud I am to have a resident of my State as a
witness here representing the Hospital Association and, of
course, from the Connecticut Hospital Association, and we thank
you very, very much for coming down from Connecticut to be with
us, and I thank all of our witnesses here.
And I might want to get to your--that 19 percent number, I
may want to come back and have the man you identified share
some thoughts on that. I will try to keep this relatively
brief, and we will keep the record open. Senator Bennett or
other members of the committee may want to address some
questions in writing, and I would urge you, if you could, if
that is the case, to respond, and I will try and go through,
and I may have some additional ones I will ask as well.
And what I would like to do on this, I will ask questions,
and we will try to keep this brief, but if someone feels a need
to want to respond to a question that I have addressed to
someone else, please feel free to do so. I want to get as many
cases for--for those of us here, sometimes, the debate and
discussion between people who are at that table can be very,
very helpful to us, and you may ask questions that we do not
think of that are very important and poignant. So, do not
hesitate. If you have something to say, indicate it to me.
Let me start with you, if I can, Ms. Jackson, and again, I
thank you immensely for being with us here today. It is--
obviously, we are getting a great deal of information about the
seriousness of this issue; again, the panelists here today have
indicated that as well. Limited budgets of hospitals in rural
and urban areas, and I have got a series of questions I could
ask you about this, but I want to get at that, and I want to
know from your assessment, the assessment of the American
Hospital Association, there have been some that said that this
could be a--particularly in these hospitals, it is going to
make it very difficult for them to adequately staff Year 2000
efforts, make it unlikely that they will have the extra
resources necessary to replace equipment and programs where
necessary. I am talking about these rural and inner-city
hospitals. How accurate are those views?
Ms. Jackson. Based on the information that we have, not
just from our hospitals but, as I believe you know, there is a
consortium of state hospital associations in the AHA that is
working together on bringing hospitals together throughout the
country to work on Year 2000 issues and particularly focus on
developing a database on medical equipment and devices, and
what we have heard in talking to the hospitals is that they are
very frustrated, because it is difficult for them to yet
quantify what the costs are.
Their early indications are that this is very expensive.
There is a lot of concern that they will need to replace very
expensive equipment that they do not yet know about, because we
do not have the information, and therefore, they have not been
able to budget for it, even as you point out, if their budgets
would allow for it.
Vice Chairman Dodd. No.
Ms. Jackson. So, there is a great deal of frustration on
that issue, and we do not know the numbers yet.
Vice Chairman Dodd. Well, that statement alone would
indicate to me that it is pretty serious.
Ms. Jackson. Yes.
Vice Chairman Dodd. Because clearly, there is going to be
replacement necessary or renovation.
Ms. Jackson. We believe that there will be some replacement
and a great number of fixes. Even the indication that we are
getting from our database is that although there may not be
widespread, drastic harm to patients, that that may be very
limited, this is a huge problem because of the administrative
burden on assessing all of the equipment, the physical plant--
--
Vice Chairman Dodd. Yes.
Ms. Jackson [continuing]. All of the issues that hospitals
have to deal with.
Vice Chairman Dodd. I hope--you know, as I see it, then,
there may be certain services because of the lack of resources
that less affluent hospitals have that they would end up having
to either stop or curtailing those services for lack of the
equipment: They do not have resources to buy it; late in
applying for it; the waiting lists are long.
Take dialysis: A big issue in urban hospitals, inner-city
hospitals. We looked at, I told you, equipment that was bought
2 years ago that is state of the art stuff. I am sort of
surprised that something 2 years ago was not--the people were
not thinking about whether or not they were going to make it
2000-ready. It seems to me we ought to get some assessment as
to what State, local, and Federal Governments might do to
assist in those rural and urban settings for those hospitals.
And I think it would be very helpful to this committee, through
the American Hospital Association, to share some ideas with us
as to what we might do.
We are 526 days away from a decision of a major urban
hospital, making a decision that they discover that a number of
pieces of equipment which are critical are not compliant, could
cause serious health risks and therefore are obviously going to
shut them down. What do you do with those patients? Where do
they go? Are there plans being made to see to it that other
hospitals will accommodate those people, particularly in life-
threatening situations, where dialysis--a case that comes to
mind immediately. I would be very interested in--people now
talk about contingency plans. What are you thinking about in
this area? And what are the best minds saying, the best advice
you are getting as to how these hospitals that fall into that
area might be able to respond to that?
Ms. Jackson. We have been very intensively studying this
issue and working with our hospitals, and we would be very
pleased to submit additional information.
Vice Chairman Dodd. I appreciate it. It would be very, very
helpful.
Let me jump to HIMA if I can, and again, we thank you very
much for being here today, and you have asked that this July 23
letter--what is today? Ah, timely piece of correspondence. You
have asked that this be in the record, and I will put it in the
record.
Mr. Mojdeh. Thank you.
Vice Chairman Dodd. But let me point out to you here, as I
read down this here, in paragraph two, we continue to maintain
that the important thing is for the right people to get the
right information in time. Fine. We think that each company is
the best judge of which method of communication best fits its
operations. Third paragraph. In the next few months, I expect
the device industry to work with the FDA and other interested
groups to define more clearly the needs of all parties
regarding Year 2000 compliance information.
Let me just say, and I am speaking for myself, and other
members may have a different reaction, but we are getting here
not each company deciding what information it may think is
important. We have got places like the Food and Drug
Administration and HHS that rely on getting that information
out. The company is not going to get that information out to
everybody and sort out what needs to be done, and in the next
few months, you know, this is not a problem that we can sort of
delay.
We all know the day we have got to be kind of ready around
here, and the notion somehow in the next few months, we can get
to this I do not think is a satisfactory response. I will put
this letter in the record, and others may find it to be fine,
but I do not. I think you have got to be--this is not a company
by company decision. This is really not your call in a sense
here in my view. It is going to be others'.
Now, I do not know if anyone wants to comment on this. I
have quoted the letter. Doctor?
Dr. Palmisano. Senator Dodd, I have not read the letter,
but the view of the American Medical Association, in working
through the National Patient Safety Foundation and the National
Patient Safety Partnership, is that we need to have a central
clearinghouse so we can all go that site and look, because if
we wait for the manufacturers to make that decision, as you
point out, I will be very anxious for my patients that they
have a piece of equipment that--if a piece of equipment is
being used on my patients, I do not want to have to rely on
someone saying, well, gee, we failed to get the information; we
did not have the proper address or something like that.
Right now, the FDA site is a voluntary reporting the way we
understand it as we visit the site. Why could it not be a
mandatory reporting to that site, so we could all go there and
look at it and start making plans? We believe there should be a
central clearinghouse. What we are doing, we are taking
questions from physicians and patients and trying to answer
those questions and disseminating the information. We think
information needs to be spread so everyone is aware of the
problem.
But we just do not know what the true significance--I had
the occasion to be on a plane recently on an AMA assignment,
and the gentleman next to me saw me working on the computer,
and we got to talking, and he said he came out of retirement to
work on the Y2K problem. And his quote was, his exact quote,
``this will be the biggest problem since the great plague.''
Now, he is selling his services, and that may be a self-
serving statement, but that causes you to pause a moment and
say, well, wait a minute; we better check this out. And we are
very much concerned. We do not want monitors. I mean, he makes
a statement to us. I do not know if this is correct. I am not
an engineer. We are trying to get people to give us that
information, that certain defibrillators, because they have the
BIOS, it does internal checking, when it checks, when it goes
to 2000, it goes to 00, it says this machine is broken. So,
that portable defibrillator will not work. I do not know if
that is true or not.
Vice Chairman Dodd. Well, let me come back, and I said
earlier we have heard now from the VA, the American Medical
Association, the American Hospital Association--who else have
we got; I do not know if you gentlemen feel likewise, but that
this company, the user, says the system is just not working. I
wonder if we might get some further reassurance of how HIMA is
going to respond to this. Actually, in my view, you ought to be
taking the lead in providing the clearinghouse. This would be a
wonderful role for HIMA to play, in establishing a
clearinghouse, so that a lot of these other organizations,
including the Federal Government agencies, could be looking to
an association as being cooperative, instead of trying to--when
you only get 500 responses to 2,000 or 3,000 manufacturers with
a letter sent in January, this is August with the clock
ticking.
I mean, do you think I am being outrageous when I raise
that? I mean, am I acting irresponsibly when I say to you that,
you know, 6 months later, after a letter, you are only getting
500 responses out of 3,000?
Mr. Mojdeh. Well, Senator, the bottom line here is the
safety and confidence of the patients.
Vice Chairman Dodd. Yes.
Mr. Mojdeh. And the medical community that is responsible
for their safety.
Vice Chairman Dodd. They have to rely on the equipment,
though. I mean, doctors do not--I mean, they maybe do not read
that machine, what it says when it prints something out, but
they are not responsible for how that thing works.
Mr. Mojdeh. And that is why I emphasize confidence, and
that confidence is very important. It is an issue that is
related to the quality of life for the patients, the knowing of
the fact that the devices that they rely on are reliable and
safe and also, the health care community to know that their
patients are safe, and there are many different ways of
communicating that. The clearinghouse is one method, and there
may be other methods that would complement the clearinghouse or
instead of the clearinghouse.
Ultimately, HIMA is after understanding what is the direct
need of the customers and the health care providers and would
act to provide that, and again, I assure you that you have our
commitment to be working diligently on that issue. And if it
turns out in these discussions that the need expressed by the
customers is that, then, HIMA would consider that very, very
seriously.
Vice Chairman Dodd. Well, you have got 233 manufacturers
that have not responded to multiple inquiries from the
Veterans' hospitals of this country. I mean, you know, I said
earlier I will wait a week on this thing, but I am going to get
those names of the companies, and I am going to get on the
floor of the U.S. Senate. I am going to issue a press release.
I am going to do everything I can, if that is what it takes, to
get them to even respond to the VA--our veterans? We have got
veterans of this country lying in hospitals relying on this
equipment, and American companies, I presume, most of them
would not respond to the VA? That is outrageous, absolutely
outrageous, putting lives at risk potentially.
I mean, anybody, but, you know, I hope you take this very
seriously what I am saying here today. You know, we can get to
the mandatory stuff. I will bet you if I go over and offer an
amendment on the floor of the Senate, we will make it mandatory
within an hour. And if you want it to come to that, we can do
that, but I hope it does not come to that. I hope you would
respond to it.
Mr. Mojdeh. Sir, you are pointing out very well the need
for this communication that HIMA is after to understand those
needs and try to provide the best vehicle to get those needs
met. If it happens to be the clearinghouse or other----
Vice Chairman Dodd. You are not responding to a letter.
Come on. You know, I cannot answer you right now; I will get
back to you next week. How about that?
Mr. Mojdeh. We will be happy to do that.
Vice Chairman Dodd. I mean, that is what I am saying, a
letter. Just even responding or assessing it: we do not quite
know yet; we will be in touch; here is a number where you can
call us. This is not brain surgery we are talking about. This
is simple communication, and if it is not happening, then, we
are going to make it happen.
Ms. Jackson. Senator Dodd, I will take you up on your offer
of commenting on other people's questions. I believe that you
have identified a large part of the solution. What we have
found in developing our database is that it is our belief that
many manufacturers are not responding because they do not yet
know what the solutions are. There is a certain amount of
concern, perhaps, from those of us who are burdened with a
legal education, in responding when the answers are not clear.
And your contention--that the Federal Government, the Congress,
should create an atmosphere in which full and timely disclosure
is mandatory--is part of the key here.
We understand that for many manufacturers, from what we
hear, testing and finding out what the problem is with the
devices is very difficult and may not be completed. But this is
your point exactly: If the policy of the Federal Government is:
``Tell us what you know so far; you will not be penalized for
not having the answers,'' that is what we think will help move
this solution along.
Vice Chairman Dodd. I am sure that does, and I appreciate
that. Of course, I will point out that an awful lot of them
have found it, that they can respond, and it may be that they
have identified the problem, but earlier on, I think the point
Mr. Ackerman raised earlier about this, I think I wrote in my
note here, the single point in time issue, and I respect that.
That is probably true. I mean, there are people who are finding
out that their equipment that they thought was going to be OK
and so forth, making that statement, then, they discover, as
more information becomes available; I was told, for instance,
on the embedded chip issue that the manufacturers, in many
cases, are using embedded chips as like a bin, and they will be
sitting there and plugging in the embedded chips, and the
embedded chips could come from any number of different
manufacturers, and they are not necessarily taking them all
from the same source.
So, two pieces of equipment that are sitting next to each
other in two emergency rooms or two operating rooms could have
very different manufacturers of the embedded chips in the exact
same product, exact same--in fact, made on the same day by the
same person who put them in and, yet, relied on different
manufacturers. That is how serious this is. I realize that may
be information that people did not know about until fairly
recently. It does not excuse, in my view, the failure to
communicate with the Veterans Administration and HHS and other
organizations seeking to collect data and information on this.
That is irresponsible, in my view.
Mr. Ackerman. Senator Dodd, yes, if I may.
Vice Chairman Dodd. Yes.
Mr. Ackerman. You bring up a very good point. It is
important that the vendors not only disclose their test results
but also their test processes, so that they can be repeated in
the individual institutions, because there are variations. We
are finding differences in different serial numbers of the same
unit. And so, it is very important that individual
organizations do their own testing if they want to be 100
percent sure, which does not minimize the need for disclosure
of test results but also the test process information.
Vice Chairman Dodd. All right; did you want to comment,
Doctor Palmisano, on the rural-urban issue as well as
physicians in these areas?
Dr. Palmisano. We think it is a very important point. You
have already emphasized that, and we are going to try to
disseminate the information and make sure that every physician
working knows about this, so that they can evaluate the needs
of their patients, and also, we are working with the National
Patient Safety Foundation, National Patient Safety Partnership,
and the American Hospital Association recently contacted us to
see what we could do, working together, to make sure that the
rural areas also have this information.
So, our goal is to disseminate the information, to
cooperate, but we need the information. I mean, I can look at
this little thing, and I know it is 2000-compliant, because
when I came in here, just for curiosity, I went over to 2001
and everything, and it still works. I know this is OK, because
this is not date-stamped, and there is no problem here. But I
do not know. I mean, I hear testimony that the defibrillator is
going to work, and now, you have raised another issue, which is
a very interesting issue, in that the same machine, side-by-
side, made on the same day, they grab in a bin, and certain
things, the BIOS and so on, some may be, and some may not be.
That is another whole dimension.
And we cannot be expected to understand that. So, we need
disclosure. We are not looking for blame. The whole attitude of
the American Medical Association, through the National Patient
Safety Foundation, is to get away from a culture of blame but
to have candor, full disclosure. I mean, the liability system,
which appears to be worrying everybody, I mean, that is another
problem. We have got to address that another day. We know that
is a serious problem, and it needs to be fixed. The present
liability system does not work.
But what we need to do right now is we have got to look at
our patients. We want full disclosure so that we can help our
patients.
Vice Chairman Dodd. Let me ask Mr. Glover a question that
is very important. We have a tendency to talk about equipment
and machinery here, and in a sense, people may understand that
more. When we get into the Medicare system, you can really
glaze over the eyes of even a well-intended listener.
Mr. Glover. Right.
Vice Chairman Dodd. It is a complicated system and so
forth. You point out that there are 4 million Medicare claims
made daily. Currently, 98 percent inpatient and 85 percent of
the outpatient claims are processed by electronic data
interchange, EDI, as it is called. Now, if the Y2K issues are
not resolved, what contingency plans does Blue Cross Blue
Shield have in place or propose to process the staggering
number of claims? What decisions are made? How do you handle
it?
Mr. Glover. We are still----
Vice Chairman Dodd. You mentioned them, but I want to know
what they are.
Mr. Glover. We are developing those contingency plans now,
and I would not say that we have a plan at this point to deal
with a serious degradation to paper claims. It is recognized
throughout the Medicare community--HCFA--that that would be a
serious problem. We think that there is a real payoff to
provider education, and at my own company and other Medicare
contractors, we are engaging in that kind of education to make
sure they understand what the requirements are.
Most, I believe all, Medicare contractors, provide free
software for actually generating a claim. We have renovated
that and have already distributed that out to those who use it.
There is a connection, however, to this whole issue of medical
equipment at hospitals and in doctors' offices and so forth. It
is a little bit, I guess, off the subject in a way, but we feel
like the problem may not be that the provider, the hospital,
the doctor, cannot actually generate the claim format, the
record that he needs to, and send it to us electronically----
Vice Chairman Dodd. Right.
Mr. Glover [continuing]. As much as there is a possibility
that systems behind that, their back office systems, their
administrative systems, might not support the creation of the
claim data. Actually, you know, the information might not be
available.
Vice Chairman Dodd. Yes.
Mr. Glover. And so, that one is a little bit of a concern.
It is along the same line, though, as the biomedical type
issue. There are a lot of different system vendors, equipment
and software vendors who have systems in doctors' offices,
clinics, hospitals. So, it is a very broad area.
Vice Chairman Dodd. OK; I would be very interested, again.
We do not want to add to burdens. We have got enough people. I
want you to get on the contingency plan. I am not worried about
how well informed we in Congress are about the contingency
plan. I am far more interested if you have got one than whether
or not I know about it, specifically.
But I would like to just generally have the committee sort
of be kept abreast to the extent, you know, what are these
contingency plans and how they are going to work, and also, I
would like to know how you are going to test, integrated
testing, because I think that is going to be--you have got Blue
Cross Blue Shield processors, HCFA central working file and
disbursement. And that is going to require integrated testing.
Mr. Glover. Yes, sir.
Vice Chairman Dodd. And I would be curious again. I do not
know if you have any specific comment on that this morning,
this afternoon. Do you have anything you can share with us,
something on that?
Mr. Glover. The testing picture, it is complicated.
Vice Chairman Dodd. Yes.
Mr. Glover. And they are very extensive, but each Medicare
contractor has systems that they actually maintain in-house for
themselves. They also have--they operate systems that are
maintained by other HCFA system maintainer contractors, if you
will: the major Part A processing system, the major Part B
processing system and the common working file system. So,
individual Medicare contractors have to renovate their own in-
house code----
Vice Chairman Dodd. Right.
Mr. Glover [continuing]. Wait for or schedule the
introduction of these other renovated software pieces----
Vice Chairman Dodd. Right.
Mr. Glover [continuing]. Into their environments and do
some testing up to certain points before those major pieces
come online but are really reliant on that for what is called
end-to-end testing, where you would go from the very front
end----
Vice Chairman Dodd. How soon are you going to be doing
that? I mean, I gather that based on people I am talking to
that you ought to be testing very quickly on this. Am I right
on that?
Mr. Glover. Well, we are testing at our location things
that we are renovating ourselves.
Vice Chairman Dodd. Yes, OK.
Mr. Glover. However, the full end-to-end testing of the
Part A processing system, the Part B processing system and CWF
will occur mostly in the September through December timeframe
of this year.
Vice Chairman Dodd. Of this year.
Mr. Glover. Of this year.
Vice Chairman Dodd. Of this year.
Mr. Glover. Yes, sir.
Vice Chairman Dodd. We have got a vote going on, and I do
not want to have you sit around while I go out for a vote and
come back. So, let me--who is the gentleman, Mr. Ackerman, you
said has been doing some testing on the devices themselves?
Mr. Ackerman. Dan Forrester.
Vice Chairman Dodd. Dan, why do you not step up here very
quickly? That number kind of slipped out of me a little bit,
the 19 percent number. Why do you not share that microphone?
Tell me what you are finding here very quickly. What is your
name, again, for the record?
Mr. Forrester. I am Dan Forrester, representing St. Joseph
Health System in Orange, CA.
Vice Chairman Dodd. OK.
Mr. Forrester. We have an enterprise responsible for 16
facilities, and I am in charge of the biomedical equipment
discipline of our Year 2000 project. We started testing in
early spring. We are physically, hands-on, changing the dates
of medical equipment that we can get to on our mission
critical, and we have experienced a 19 percent failure rate of
mission critical. The failures range from minimal, such as date
printout issues like this to total failure, and to reinforce
what Mr. Ackerman, my colleague here, had said, we have had
letters of compliance from a manufacturer on some significant
chemistry analyzers, had the letter in hand, performed the
test, and the unit crashed.
Star Wars, and it took about 3\1/2\ hours to revive the
machine. As we speak today, there is a blood gas analyzer in
northern California that has been rebooting for about 3\1/2\
months.
Vice Chairman Dodd. Been what?
Mr. Forrester. Been rebooting.
Vice Chairman Dodd. What the hell is that? What the heck is
that? [Laughter.]
Mr. Forrester. Cannot find its BIOS, reinitializing its
configuration. It cannot find its BIOS.
Vice Chairman Dodd. Ah.
Mr. Forrester. And that particular manufacturer, quite
frankly, has no solution. So, the only letter from a vendor
that our system will accept is a letter of noncompliance. All
other letters, we put on the record for further litigation
purposes, but we are physically testing each piece.
Vice Chairman Dodd. That is encouraging.
Nineteen percent; are you surprised by that number?
Mr. Forrester. No, sir, because hospitals have not had the
luxury of replacing equipment every 2 to 3 years. So, there is
lots of old equipment out there.
Vice Chairman Dodd. Is my concern about rural, urban,
inner-city hospitals versus more ones that have greater
resource capacity----
Mr. Forrester. That is a genuine concern, Senator.
Vice Chairman Dodd. Yes; are you showing much higher rates
of failure depending on where equipment is coming from?
Mr. Forrester. Yes, sir; typically, the smaller and rural
hospitals do not have the luxury of buying new equipment,
although just 2 days ago, I tested a product that was 2 months
old, and it failed.
Vice Chairman Dodd. Well, we may want to get--have you got
some--I think you indicated, Mr. Ackerman, that you had a
report that Mr. Forrester had done on this. Have you done an
interim report on this?
Mr. Ackerman. No, I do not have a report. The information
that they are gathering, as well as the information other
organizations are gathering, the field test data, is being put
in our database, and it is being made available to the health
care community.
Vice Chairman Dodd. OK; that would be very helpful maybe
for the staff on the committee, since we are wrapping up. Maybe
we ought to sit down before you leave or take off. I would be
very interested to have the staff talk to you a bit more and
the kinds of questions that we ought to be asking or that HHS
and FDA ought to be asking, so that maybe you can help us frame
that so we can get more reliable information here.
Mr. Ackerman. I think that would be very good, because we
see a lot of the wrong questions being asked.
Vice Chairman Dodd. I apologize to all of you, because you
want to eat and have lunch, I suppose. I am fascinated by what
you have to say. You have been tremendously helpful,
tremendously helpful. And let me say to HIMA, too, I have
worked very closely with HIMA on a lot of issues, and my
concern here is I want us to get up and moving on this stuff. I
see that clock ticking, and every day we waste and do not get
on this thing, it is just--the problem does not get less; it
gets worse. So, I hope you will follow up with us on some of
these idea and requests.
And with that, on behalf of Senator Bennett, it was very
dangerous of him to give me a gavel. I am the only Democrat on
Capitol Hill who has been called Mr. Chairman, probably, in the
last 6 months, so I appreciate that.
But I should quickly point out this committee has
absolutely no legislative authority, so there is no risk
whatsoever that I misuse it.
The committee stands adjourned, and thank you all.
[Whereupon, at 12:42 p.m., the committee adjourned.]
A P P E N D I X
------
ALPHABETICAL LISTING AND MATERIAL SUBMITTED
------
Prepared Statement of Joel M. Ackerman
introduction
Senator Bennett, Senator Dodd and members of the U.S. Senate
Special Committee on the Year 2000 Technology Problem, it is my
pleasure to be here today to offer this testimony on the Year 2000
technology problem and its implications for the American health care
community.
I will begin by briefly telling you about myself and the Rx2000
Solutions Institute. I will follow this with a description of some of
the significant patient care and business risks to the U.S. health care
community posed by potential Year 2000 failures. I will close with some
recommendations for what assistance Congress might offer to help health
care institutions prepare for and survive the Year 2000 changeover.
presenter: joel m. ackerman, founder & executive director, rx2000
solutions institute
I have a confession to make. I am a former computer programmer who
used two digits instead of four to denote the year. Granted this was
more than twenty years ago, but even then I was aware of the anomaly
posed by the year 2000. When I expressed this concern to my supervisor,
he laughed and told me not to worry. ``There's no way,'' he said,
``that we'll be using these programs twenty years from now.''
You can imagine my dismay when I learned less than a year ago, that
this government contractor was indeed still using the programs I had
worked on which, by the way, were used to control avionics and defense
engineering and manufacturing projects.
Over the years my career has take me from programmer to systems
executive working for:
--Honeywell, Inc. as a programmer, systems analyst, project manager
and management scientist
--GE Capital, Inc. as an Information Center manager and a manager of
systems development
--EDI Solutions, Inc. (software vendor) as Director of Product
Development,
--and most recently for United HealthCare Corporation as its Vice
President for International Information Systems and Director of
Advanced Technologies.
I've chaired several advisory groups including:
--The Workgroup for Electronic Data Interchange created by former
Secretary Sullivan of Health and Human Services: Trends &
Technologies, Health I.D. Cards and Monitoring
--The ANSI ASC X12 development of health care eligibility and EDI
transactions
Throughout my career I have expressed misgivings about using the
two digit year. And while my colleagues have understood my concerns, it
has only been within the past 3-4 years that replacing this programming
practice with four digit years has been widely accepted as a critical
issue for systems development.
rx2000 solutions institute: health care's year 2000 information
clearinghouse
Long before most hospital and medical associations and other
industry groups, the Rx2000 Solutions Institute was a determined voice
in the health care community, raising the alarm about the Year 2000
changeover and the possibilities of significant harm to patient care
and institutional survival Organized in early 1996, the Rx2000
Solutions Institute is an independent, non-profit, member-supported
organization with no conflicting ties to health care organizations,
manufacturers, pharmaceutical companies or consulting groups. The
Institute's sole objective is to help ensure the survival of health
care organizations into the next millennium with minimal impact on
patient care.
The Rx2000 Solutions Institute's initial funding came from its
founders and early users of its services. The Institute has recently
become a membership organization. Members and users of Institute
services come from large and small health care organizations including:
Aetna/U.S. Healthcare, Hartford, Connecticut
Mayo Foundation, Rochester, Minnesota
Allina Health System, Minneapolis, Minnesota
Medical College of Georgia, Atlanta, Georgia
St. Joseph Health Care System, Orange, California
Phycor, Nashville, Tennessee
Vanderbilt University, Nashville, Tennessee
HIP of New York
Texas Health Resources, Dallas, Texas
George Washington Medical Center, Washington, DC
University of Virginia Hospital System, Charlottesville,
Virginia
Bellin Hospitals System, Green Bay, Wisconsin
Several state hospital associations
And more upon request.
The Institute provides services in three areas:
--Year 2000 education and awareness,
--Year 2000 information sharing,
--external organizations monitoring and reporting
Rx2000's Web site at http://www.rx2000.org as the leading Internet
source for health care Year 2000 information.
The Rx2000 List Server & Discussion Forum has more than 1,100
members discussing a broad range of health care Year 2000 issues
online. This includes participants from at least twenty other
countries.
Rx2000's Year 2000 Solutions Vendor & Matching Service helps health
care organizations efficiently locate appropriate sources of tools or
assistance.
Rx2000 is developing the definitive International Health care Year
2000 Products Database of manufacturer and user product test results
and compliance information for medical devices, software, and other
products used in health care.
Other services include a Health care Year 2000 Electronic
Newsletter, health care Year 2000 Special Interest Group meetings, a
speakers bureau, supplier, provider, and customer reporting/monitoring
services.
experiences and observations about the year 2000 crisis in u.s. health
care
We are convinced the American health care community is in deeply
serious trouble due to anticipated problems of the Year 2000
changeover. Rx2000 believes that patient care and indeed, patient lives
are at stake.
Why? The reasons are rooted in the very nature of our health care
system.
1. The health care community has a heavy dependence on computing
technology including:
--Date sensitive information systems and electronic medical records
--medical devices and other equipment containing date-sensitive
embedded chips
--information intensive outsourced services.
2. The industry is almost totally dependent upon the electronic
exchange of information with insurers and claims processors, physician
practices, laboratories and affiliated institutions.
3. The U.S. health care community is a fragmented, diverse industry
with no ``Big 3'' or ``Big 6'' to drive activity. There has been little
or no coordination of Year 2000 activities and significant duplication
of Year 2000 efforts.
4. There has been little or no Year 2000 cooperation between
segments of health care including payers, providers and vendors.
5. There is fear of acknowledging Year 2000 issues and offering
information or assistance due to concerns over who will ultimately be
liable for Year 2000 failures.
6. The U.S. health care community, like many other focused
industries, struggles with the concurrent problems of rapid industry
change (consolidation, cost containment, etc.) and rapid technology
change (medical and information technologies)
7. Even more so than other industries, the health care community is
late coming to the Year 2000 table. Because of this there has been a
lack of awareness of the breadth and depth of year 2000 issues coupled
with a denial and minimization of problems.
8. Year 2000 problems can come from both internal and external
sources and are likely to threaten the whole institution. If they are
not fixed, Year 2000 failures could compromise patient care, interrupt
core practice continuity and create substantial liability exposure.
9. Small, rural health care providers lack the necessary project
management, technical and financial resources for Year 2000
preparation.
10. Organizations have, at most, one budget cycle remaining before
January 1, 2000. Every organization we have talked with has, in their
initial projections, significantly underestimated the costs and level
of effort needed.
11. There is a significant shortage of qualified personnel,
particularly biomedical engineers.
12. There continues to be significant denial regarding the severity
of the Year 2000 problem. Even at this late date, many health care
professionals are hoping for the ``silver bullet'' or for Bill Gates to
``fix'' the problem.
13. There is a potentially catastrophic lack of consensus in health
care regarding the best and most effective practices for resolving the
problems associated with the Year 2000 changeover. Some health care
institutions, for example, intend to rely almost entirely on vendor
assurances of compliance, even though experience has proven these to be
unreliable.
14. There are often dramatic differences among health care
institutions regarding testing protocols. Some systems are aggressively
testing for operational compliance. Some are performing minimal tests
solely for developing a trail of due diligence. Others are simply
collecting compliance letters from manufacturers.
But these reasons are almost too generic for our use today. What is
more telling is some of the input we've received from participants in
Rx2000 Solutions Institute activities. These include the Special
Interest Group (SIG) meetings we host around the country.
survey results from the april rx2000 health care year 2000 users group
meeting
Participants representing 55 health care organizations with most
actively working in health care Year 2000 issues (i.e., ``in the
trenches'') responded to our survey with the following outcomes.
--Agree that Year 2000 issues will have significant impact on: Payers
(100 percent), Hospitals (100 percent), Multi-Specialty Clinics
(100 percent), Small Provider Offices (97 percent), Health care
Suppliers/Vendors (100 percent)
--97 percent agree that Year 2000 issues have significant potential
to negatively impact the quality of health care
--94 percent agree that Year 2000 issues have significant potential
to create errors that lead to unnecessary deaths in health care
--69 percent agree that health care lags behind most other industries
in addressing Year 2000 issues
--62 percent have already experienced Year 2000 failures in their
organizations
observations on the evolution of health care's year 2000 activity since
the creation of the rx2000 solutions institute
Two years ago there was:
--Little or no significant activity (except among payers).
--A primary focus on internal information systems.
--A significant lack of awareness of:
--supply chain issues
--embedded systems issues
One year ago, we observed:
--Large, leading hospitals and hospital groups were initiating
projects.
--A quickly-growing awareness (almost a panic) about medical device
and supply chain issues.
As recently as six months ago:
--Approximately 25 percent of hospitals we addressed had even an
awareness effort underway.
--There was still no significant activity among small & rural health
care providers.
And today:
--There has been a significant increase in awareness of basic Year
2000 issues primarily due, we believe, to media coverage and
internal awareness of potential legal exposure.
--Although most health care organizations have at most one budget
cycle left before 1/1/2000, almost every organization we've
spoken with has significantly underestimated the costs and
level of effort needed.
confusion and misinformation are rife within the health care community
Following are some of the areas about which participants in our
Rx2000 List Serve have had questions or have expressed concern:
--Internal information systems
--Administrative
--Clinical
--Embedded systems
--Medical devices (e.g. 18 percent failure rate observed by a
large health care system doing extensive testing)
--Facilities
--Business systems
--Transportation (ambulances, helicopters, etc.)
--Supplier & vendor issues
--Suppliers of goods
--Food service, linen service
--Medical supplies, pharmaceuticals
--Medical gases, blood banks
--Services
--Laboratories
--Claims clearinghouses, EDI networks
--Police, fire, 911
--Utilities
--Power
--Water
--Communications
--Inadequacy of a ``single point in time'' supplier/vendor
assessment
--Trading partner issues (customers, contracted providers, suppliers,
regulatory agencies, etc.)--potential for interruptions in
payment and information flows
--Under-addressed risk areas:
--Personnel
--Shortages
--Retention
--Burnout (noticeable increase!)
--Who is going to talk to the patients about health care Year
2000 issues?
--There's a notable and growing concern among patients
who are asking hard questions about health care's Year
2000 readiness.
--Year 2000 concerns may lead to patients avoiding
needed care.
--Home health care issues are a particular issue,
especially among the senior and disabled population,
and include the potential for medical device failures,
interruption in the availability of pharmaceuticals,
transportation, communications, etc.
a disconnect exists
It's obvious that there is a significant disconnect between public
messages of readiness and the feelings and beliefs of those
professionals who are working in the trenches. Following are just a few
of the thousands of messages the Institute has received on its Year
2000 List Serve.
Biomedical Devices
A few of us have been deeply ``embedded'' in testing. I am a
Director of Technology Management (Biomedical Engineering) tasked with
identifying the risks within our system of ten acute care facilities
and numerous clinics and home health entities. My team is, quite
frankly, horrified at the risks within the laboratories. A few of the
manufacturers have told us to not test their product with a date roll-
over, for fear that it will experience catastrophic failure.
You know what? They are right. We have had significant hard crashes
with chemistry analyzers, hematology analyzers and urine analyzers,
coagulation profilers, and immuno-assay analyzers. A technology cousin
most usually found in Respiratory Care Departments, the blood gas
analyzer, is also quite risky. And, of course, in terms of risk
assessment here in the United States, most of our surgical procedures
rely on blood gas analyses once the patient is anesthetized. And the
imaging devices that our physicians rely on to see inside the body are
not in real good shape either. Many of the imaging manufacturers have
outsourced their programming through the years while they developed the
illustrious million-dollar hardware, so remedy is not imminent. So, at
last we are able to substantiate those fears that have been identified
as hype and chicken-little! My colleagues, I shall not be a frequent
web-buddie, simply because time does not permit me to sit in my hotel
room and chat. My advice is to get off our laurels, quit inquiring
about who is doing what, forget the presentations, quit chasing the
soothsayers and prophets of doom, and get to work!
In biomedical equipment we found that we need to test all of them.
Manufacturer's model and serial numbers may be alike, but the chips and
boards inside test with different responses. Some work and some ail.
Also the manufacturers know about this.
Count us in! We have 20,000 devises, some date sensitive, some not.
We have just begun to assess Y2K compliance for embedded devices * * *
had one device already certified by the vendor as compliant which
failed the leap year test!
Budgeting
FYI * * * we just found out that FSB has stated new equipment can
be capitalized but consultant fees and upgrades cannot. We did a rough
estimate of computers, software and clinical devices to extrapolate the
dollar costs. Hardest part was consultant costs. We just guessed on
that one.
At ``C'' we have not prepared a detailed budget for TOTAL cost.
Without an inventory and without vendor status I don't think we can. We
have prepared a budget for corporate staff, consultant costs,
inventory.
The important point here is that you need however much money you
need! Do your best to budget based on what you know and the help you
can get from people on this listserve. But do not let the budget
committee think they have heard from you for the last time. The odds
are HUGE that you will have to go back to them and this is a
contingency for which they must be prepared. Y2K budgeting does not fit
into the annual cycle model. Any attempt to make it do so at this state
could be disastrous.
Drug Availability
I've discussed this subject with my pharmacist and the answer is
``YES'', that the drug supply problems could be a major impact of Y2K.
Currently they are dealing with shortages of blood by-products under
normal operations. Throw Y2K computer problems into the mix and certain
products may nearly ``disappear'' from the market.
I am a bit confused as to why there would be a shortage. I could
see the possibility that the pharmacy may not be able to dispense with
the meds due to a Y2K failure on the computer end, but they should have
a contingency plan in place, due to the fact that the computer could
fail now with a power failure or a system crash.
A response from another listserve participant
The real issue is in moving back up the supply chain. The
possibility exists that the manufacturer may not be able to make or
ship the product. Then the middle man that distributes the product may
not be able to inventory, pick, pack or ship the product. You may not
be able to create or send the order to the middle man through EDI or
the middle man may not be able to receive and process the transmission.
The chain is where the problem may exist and not in the ability of the
pharmacy to dispense the product.
recommendations
We asked members of the Rx2000 listserve to suggest ways the
federal government might help the healthcare community prepare for the
Year 2000 changeover. The following summarizes the Institute's and its
listserve participants' recommendations.
The federal government and health care community should:
1. aggressively maintain this critical sense of urgency. Given the
short amount of time available, this urgency coupled with a sense of
responsibility toward patients' well being and safety, will help give
health care professionals and business managers the will to persevere
in the face of negative publicity, aggressive head hunters and a loss
of hope as the century change becomes more imminent.
2. accept the fact that we will not be able to eliminate the risk,
but we can continue to work to minimize it.
3. aggressively build awareness through existing networks.
4. place more emphasis on medium, small and rural health care
providers.
5. be prepared to respond to patient fears, especially as the Year
2000 draws closer. What should patients do, where can they get
information? Who will answer their specific concerns?
6. increase national & international health care Year 2000
information sharing.
This means removing the fear of sharing product test
information. The Rx2000 Institute has experienced this as a
significant problem as it develops its Year 2000 International
Health Care Products Database. Several health care
organizations, for example, have been hesitant to share their
test information. This is due to:
--fear of legal liability and litigation from vendors
and others.
--concerns over customer loss of confidence
--fear of interference and oversight from regulatory
agencies
--concerns over staff retention
Concerns about information sharing can only result in
significant duplication of efforts, increased costs and the
potential for failure due to lack of testing time etc.
7. provide assistance in the form of low interest loans or other
financial mechanisms to help smaller health care organizations do what
needs to be done.
8. support the rapid expansion of comprehensive Year 2000 services
provided by private organizations such as the Rx2000 Solutions
Institute and government agencies. Services should include:
--education and training
--information sharing
--vendor, customer and provider monitoring and reporting services
9. strongly support continuing efforts by HCFA to assist Medicare
and Medicaid intermediaries in their year 2000 compliance efforts. We
also encourage HCFA to develop a contingency plan for use with any
unforeseen problems.
Additionally, the Rx2000 Solutions Institute strongly urges
Congress to authorize a interim payment for the Medicare program which
can ensure the uninterrupted delivery of quality health care.
10. very, very carefully consider requests for limitations on Year
2000 liability. Some in the industry have compared limitations to
liability or ``safe harbor'' legislation to a ``license to kill''. We
believe that any limitation to liability should provide relief only to
those organizations which have demonstrated responsible behavior as
defined by stringent standards of due diligence. We need to keep
serious pressure on all organizations in health care to act responsibly
in preparing for the Year 2000.
11. Support the creation of two national hot lines to provide
informed, credible and responsible answers to Year 2000 questions and
concerns from patients and health care professionals.
conclusion
I want to thank Senator Bennett, Senator Dodd and members of this
committee and its staff for inviting me to be here today. We are all
Year 2000 virgins. No one has lived through the Year 2000 before and we
can only make calculated guesses about the extent and severity of
problems related to the millennium change. The Year 2000 is not
``somebody else's responsibility. Working together we can reduce the
risks of failure and increase hope for the professionals and patients
in global health care community.
The Rx2000 Solutions Institute is and shall remain unalterably
committed to serving the health care community ``until the dust
settles'' past January 1, 2000.
We shall bring our database of product test results to broad
American & international health care audience.
We shall continue our aggressive monitoring of the Year 2000
readiness of health care suppliers, customers and contracted providers.
We shall continue operating our web site, list server, user group
meetings as our contribution towards enhancing information sharing.
Thank you.
Rx2000 Solutions Institute Board of Advisors
Mr. Alan Abramson,
Vice President, Information Services, Allina Health System,
Minneapolis, MN
Mr. James P. Bradley,
President, ABATON.COM (former CIO, United HealthCare Corporation),
Bloomington, MN
Ms. Elizabeth Clifford, M.P.H., Ph.D. (cand),
Senior Consultant, Columbia University School of Public Health (former
Publisher, Business & Health, former President and CEO, American
Association of Preferred Provider Organizations), New York, NY
Mr. Patrick J. Davitt,
Director, Information Services, Information Architecture and
Technology, Mayo Foundation, Rochester, MN
Scott W. Erickson, Ph.D.,
Vice President, Research, Strategy, and Policy, Pharmacia & Upjohn,
Windsor, Berkshire, UK
Mr. Donald E. Gerhardt,
CEO, The Vermont Health Plan, Colchester, VT
Mr. Gary Holland,
President, I.D. Division, Fargo Electronics, Inc., Eden Prairie, MN
Mr. Sean Sullivan,
President and C.E.O., Institute for Health and Productivity Management
(former CEO, National Business Coalition on Health), Dallas, TX
Rx2000 Solutions Institute Legal Advisory Board
Paul H. Arne, Esq.,
Morris, Manning & Martin, Atlanta, GA
William F. Baron, Esq.,
Garvey, Schubert & Barer, Seattle, WA
Michael R. Cashman, Esq.,
Zelle & Larson, Minneapolis, MN
Bradley S. Davis, Esq.,
Blackwell Sanders Matheny Weary & Lombardi LLP, Kansas City, MO
Mark F. Foley, Esq.,
Foley & Lardner, Milwaukee, WI
Steven H. Goldberg, Esq.,
Cosgrove, Eisenberg & Kiley, P.C., Boston, MA
James Kalyvas, Esq.,
Foley, Lardner, Weissburg & Aronson, Los Angeles, CA
Keith Lind, Esq.,
McKenna & Cuneo, Washington DC
John B. Massopust, Esq.,
Zelle & Larson, Minneapolis, MN
Charles Merrill, Esq.,
McCarter & English, Newark, NJ
Dean A. Morehous, Jr., Esq.,
Thelen, Marrin, Johnson & Bridges, LLP, San Francisco, CA
Jacob Pankowski, Esq.,
McKenna & Cuneo, LLP, Washington, DC
Vito Peraino, Esq.,
Hancock Rothert & Bunshoft LLP, Los Angeles, CA
Joel Rothman, Esq.,
Stephens, Lynn, Klein & McNichols, West Palm Beach, FL
James D. Troxell, Esq.,
Squire, Sanders & Dempsey LLP, Cleveland, OH
Alex W. Zabrosky, Esq.,
Gardner, Carton & Douglas, Chicago, IL
Partial List of Organizations Working with Rx2000 or Participating in
Rx2000 Healthcare Year 2000 Special Interest Group (SIG)
Aetna Year 2000 Projects
Allina Health System
American Continental Insurance Co.
AnswerThink Group
Anthem, Inc.
Aon Risk Services
Bellin Hospital
BES Medical Claim Service
Blue Cross & Blue Shield Association
Blue Cross Blue Shield of Illinois
Blue Cross Blue Shield of Minnesota
Carle Clinic Association
CDHS
Central Dupage Hospital
Cerner Corporation
Clark Information Services
Cleveland Clinic Foundation
CNA HealthPro
CNA Insurance
Columbia Wesley Medical Center
Columbia/HCA
Comdisco Healthcare Group
Crow Consulting Group. Inc.
CSC
Detroit Medical Center
Fairview Health System
Family Health Systems
Fedota, Childers & Rocca, P.C.
G.J. Sullivan Company
Gardner, Carton & Douglas
George Washington University Med. Ctr.
Giga Information Group
Gillette Children's Specialty Healthcare
Glencoe Area Health Center
Guident-CPI
Hancock Rothert & Bunshoft
Harvard Pilgrim Health Care
Healthpartners
HealthSytem Minnesota
Hexaware Technologies, Inc.
HIP Plans, Inc.
Holy Cross Health System
Humana, Inc.
IBM Global Services
IKON
Jacquard Systems Research
JCAHO
Kanabec Hospital
KARE Computing
KPMG Peat Marwick
Lake View Memorial Hospital
Litton Enterprise Solutions
Lutheran Health Systems
MacNeal Hospital
Manitoba Health
Martin, Clearwater & Bell
Mayo Foundation
McGladrey & Pullen
Medical Center at Princeton
Memorial Health System
Mercy Health Services
Mercy Hospital of Pittsburgh
Metropolitan Health Plan
Michael Reese Hospital
Miller Christerson McNaboe & Cortner
Ministry of Health, British Columbia
MN Hospital & Healthcare Partnership
Modern Healthcare Magazine
Monterey Bay Group
Naval Medical Logistics Command
NCH Healthcare System
Noridian Mutual Insurance Company
North Memorial HealthCare
NRC-GIG
Oakwood Healthcare System
OHA: Assoc. for Hospitals & Health System
PhvCor
Price Waterhouse
PROMINA Health System
Provena Health
Regence BCBS of Oregon/Regence HMO
RHEMA Association, Inc.
Rider, Bennett, Egan & Arundel, LLP
Rockford Health System
Rush North Shore Medical Center
Rush Presbyterian St. Luke's Med. Ctr.
Rx2000 Solutions Institute
SafeNet Consulting
Salina Regional Health Center (SRHC)
Scott & White Hospital
Sierra Health Services
SSM Health Care
St. Joseph Health System
St. Jude Medical Center
The Toronto Hospital
U.S.NRC
University Medical Center Arizona
University of Virginia Hospital System
Vanderbilt University Medical Center
Y2Kplus
Zelle & Larson
__________
Prepared Statement of Chairman Robert F. Bennett
Good morning, and welcome to the fourth hearing of the Special
Committee on the Year 2000 Technology Problem. To date, we have held
hearings on the energy utilities and financial services industries.
Subsequent hearings will include telecommunications, transportation,
general government services, and general business.
Let me begin today's hearing by saying that health care is
America's largest industry generating $1.5 trillion annually, more than
one-seventh of our nation's economy. More importantly, the quality of
life of virtually every American family is directly impacted if this
industry is not ready in time for the next millennium.
Unfortunately, I have troubling news today. Clearly, the health
care industry is not yet ready for the Year 2000. If tonight when the
clock struck midnight the calendar flipped to December 31, 1999, large
portions of the health care system would fail. There are some 6,000
American hospitals, 800,000 doctors, and 50,000 nursing homes, as well
as hundreds of biomedical equipment manufacturers and suppliers of
blood, pharmaceuticals, linens, bandages, etc., insurance payers, and
others that are not yet prepared.
Today, we want to present a balanced picture of where the health
care industry stands in relation to meeting the Year 2000 awareness,
assessment, validation and implementation deadlines. The Committee has
been unable to find a central repository for this kind of information
so I look forward to hearing the contributions of each of today's
witnesses.
Since World War II, the United States has undergone one cultural
change after another, probably none as profound as the one occurring in
the health care industry. The very name ``health care industry'' is in
sharp contrast to the solo-practicing doctors which dominated medicine
when my father was a member of the Senate. Before we get into
discussing the potential effects of Y2K on health care, a quick view of
the changing times in medicine.
Not too many years ago when you made an appointment to see your
doctor, he would greet you at his office, inquire about your family and
ask the purpose of the visit. When you told him, he would probably take
your blood pressure, test your lungs and heart with a stethoscope, ask
a few more questions, look at your medical record folder, and prescribe
treatment. No Y2K problem in that picture.
Today, when you enter a doctor's office, outpatient clinic,
hospital or HMO you first encounter medical electronics as you submit
your insurance or Medicare card to the admission clerk. The data in
your card is entered into a desktop computer that is linked to Medicare
or insurance eligibility files maintained on a mainframe computer in
some distant city. This same computer will bill the insurance company
and you as a co-payer.
Electronic complexity continues at every step, starting with
computerized medical records. Virtually every diagnostic and therapy
machine is powered by one or more microprocessors. If a patient
requires hospitalization, his physician electronically schedules a
time-specific hospital admission date as a preparatory step, as well as
medical orders. The hospital computer will generate a letter telling
the patient the medically necessary tests that will be needed. Every
test uses one or more date sensitive microprocessors, which
automatically feed your biological results into the hospital's computer
based clinical data system.
This same computer schedules the time, surgical suite location and
staffing levels for your operation as well as a list of essential
medical needs for the surgery. Throughout the operation the patient
will be connected to life saving machines--monitors, ventilators,
anesthesia control, and infusion pumps that are microprocessor
operated. High technology follows the patient into the Intensive Care
Unit to help ensure full recovery. Finally, the patient is wheeled into
a ward and begins receiving food from a computer-generated dietetics
menu. The only thing that has not changed since my father's day is the
taste of that hospital food.
In addition, electronic data interchange (EDI) is used for most of
the business transactions of medical institutions. These include;
patient billing and payment systems, which are interconnected, so that
failure at one can reverberate throughout.
Based on what you will be hearing from various witnesses today,
there is trouble in River City and most of the rest of the nation
because the health care industry is lagging behind other industries in
making critical Y2K fixes. The Gartner group says that over 90 percent
of the individual physician practices are not yet aware of their Y2K
problems. Two of our witnesses, Mr. Nutkis and Dr. Palmisano, have
equally alarming data.
Finally, if the insurance and Medicare eligibility process cannot
function, doctor's offices and hospital admission processes would
default to paper. Their daily output is nearly 4 million Medicare
claims and approximately 27 million pages of medical records. Health
care paperwork could backup like traffic on an interstate highway after
a bad accident. This could immediately affect a patient's access to
quality health care. Concurrently, the nation's 1.6 million providers
would have monumental cash flow problems without electronic payment
from insurers and Medicare, which accounts for nearly 50 percent of
health care payments--almost $1 billion per day.
The problem is exacerbated by the lack of a national ``fix it''
program by the health care industry. I find it hard to understand why
the manufacturers of biomedical devices, represented by the Health
Industry Manufacturers Association, have not provided a central
clearinghouse for the data that only they possess. The complexity of
biomedical products causes me to take the unusual step of publicly
requesting the industry to help solve the Y2K problem which they helped
create, and we will hear from them today.
______
Generic Listing of Potential Date Sensitive Equipment
Aerator, Ethylene Oxide
Anesthesia Unit
Anesthesia Unit Ventilator
Anesthesia Unit, Monitoring System
Angioscope
Apheresis Unit
Apnea Monitor
Arthroscopic Shaver System
Aspirator, Emergency
Audiometer
Automatic Implantable Defibrillator Function
Battery Conditioner/Charger
Bed, Electric
Biofeedback System
Blood Cell Processor
Blood Gas/pH Analyzer
Blood-Flow Detector, Ultrasonic
Breath Analyzer, Alcohol
Camera, Gamma
Camera, Identification
Camera, Microscope
Camera, Video
Carbon Dioxide Analyzer
Carbon Dioxide Monitor, Exhaled Gas
Cardiac Output Unit, Thermal Dilution
Cardiodynameter
Cataract Extraction Unit, Phacoemulsification
Catheter, Cardiac Ablation
Centrifuge
Chloridometer
Chromatography Equipment
Circulatory Assist Unit, Intra-Aortic Balloon
Circulatory Assist Unit, Ventricular
Clinical Chemistry Analyzer
Coagulation Analyzer
Compressor, Medical Air
Computer
Computer, ECG Interpretation
Computer, Nuclear Medicine
Computer, Pulmonary Function
Continuous Positive Airway Pressure Unit
Cystic Fibrosis Screening Device
Data Analysis System, Ultrasound, Cardiac
Date-Time Stamp
Defibrillator
Dialysate Delivery System, Single-Patent
Disinfecting Unit, Liquid, Flexible Endoscope
ECG Monitor
Electrocardiograph
Electroconvulsive Therapy Unit
Electroencephalograph
Electrolyte Analyzer
Electromyograph
Electrosurgical Unit
Emission Control System, Ethylene Oxide
Enzyme Immunoassay Analyzer
Ethylene Oxide Monitor
Evoked Potential Unit
External Pacemaker Analyzer
Film Digitizer
Flowmeter, Blood, Ultrasonic
Fluoroescence Immunoassay Analyzer
Gastrointestinal Motility Analyzer
Heart Rate Monitor
Hematology Analyzer
Hemodialysis Unit
Hemofiltration Unit
Hemoglobinometer
Hyperthermia Unit, Circulating-Air
Hypo/Hyperthermia Unit
Immunofluorescence Equipment
Incubator, Laboratory, Thermocycling
Information Storage Unit, Magnetic Disk
Infusion Controller
Infusion Pump
Injector Contrast Media Angiography
Irradiator, Blood
Irrigation/Distention System, Arthroscopic
Laser
Laser Imager
Lensometer
Light, Examination
Line Isolation Monitor
Linear Accelerator
Lithotripter
Magnetic Resonance Imaging (MRI) Unit
Microbiological System
Monitor, Fetal
Monitor, Physiological
Monitoring System Arrhythmia Computer
Monitoring System Central Station Recorder
Multiple Medical Gas Monitor, Respired/Ane
Nephelometer
Network Communication Gateway
Nurse Call System
Osmometer
Oximeter
Oximeter, Pulse
Oxygen Analyzer, Sampling
Oxygen Monitor
Oxygen Monitor, Transcutaneous
Pacemaker Analyzer
Pacemaker Programmer
Pacemaker, Cardiac
Peritoneal Dialysis Unit
pH Meter
Photometer
Physiologic Monitoring System, Neonatal
Physiologic Monitoring System, Stress Exerci
Physiologic Recording System
Platelet Aggregation Analyzer
Plethysmograph
Polygraph
Polysomnography Analyzer, Computerized
Positron Emission Tomography (PET) System
Pressure Infusor
Pressure Monitor, Airway
Pressure Monitor, Blood, General/Invasive
Printer, Video
Pulmonary Function Analyzer
Pump, Circulating-Fluid, Localized Heat
Pump, Enteral Feeding
Pump, Extracorporeal Perfusion
Radiographic Systems
Recorder, Chart
Recorder, Long-Term, ECG, Portable
Recorder, Video Tape
Regulator, Line-Voltage
Respiration Monitor
Scanner, Computed Tomography
Scanner, Long-Term Recording, ECG
Scanner, Ultrasonic
Spectrophotometer, UV/Visible
Speed Control/Selector, Treadmill
Sphygmomanometer, Electronic Automatic
Stereotactic Radiosurgical System, Linear Acc
Sterilizing Unit
Synchronizer, Gamma Camera
Telemetric Monitoring System
Television Monitor
Thermometer, Electronic
Tissue Embedding Equipment
Tissue Processor
Trainers, Auditory
Transmitter/Receiver System, Telephone. EC
Ultrasonic Cleaning System
Unit-Dose Dispenser, Tablet, Electronic
Urinometer
Urodynamic Measurement System
Uroflowmeters
Ventilation Monitor
Ventilator
Video Image Processor
Visual Function Analyzer
Vital Signs Monitor
Warmer, Blood/Solution
Washer, Flexible Endoscope
Washer/Decontaminator
Washer/Sterilizing Unit
X-ray Control Panel
X-ray Film Processor, Automatic, Sheet-Film
X-ray Image Recorders
Xenon System
__________
Prepared Statement of Nancy-Ann Min DeParle
Chairman Bennett, Vice Chairman Dodd, distinguished committee
members, thank you for inviting me here today to discuss my highest
priority. We must assure that the more than 70 million Medicare and
Medicaid beneficiaries experience no interruption in services because
of the Year 2000 computer problem. We also must assure that the
approximately 1.6 million Medicare and Medicaid providers continue to
receive prompt and efficient payment for their services.
progress
I am committed to doing everything possible to address this issue,
and we are making substantial progress in addressing the Year 2000
problem. Since I became HCFA Administrator in November we have:
--completed renovation of five of our six standard systems;
--completed renovation of 24 of our 37 most critical internal
systems;
--initiated testing of renovated systems;
--conducted at least one site visit to every claims processing
contractor, and at least two site visits to every systems
maintainer for independent verification and validation;
--provided clear instructions to contractors on everything they must
do to be Year 2000 compliant, and made sure they assessed their
status based on those instructions;
--negotiated a contract that makes clear the responsibility Medicare
claims processing contractors have in ensuring that their
systems are Year 2000 compliant;
--developed more realistic cost estimates for Year 2000 work after
contractors reassessed their workload based on the instructions
we provided;
--conducted outreach to states, providers, and other health care
entities; and
--gathered data from states on Medicaid system Year 2000 status.
scope
The Year 2000 especially affects Medicare because of our extensive
reliance on multiple computer systems. More than 183 systems are used
in administering the Medicare and Medicaid programs, and 98 of these
are considered ``mission critical'' for establishing beneficiary
eligibility and making payments to providers, plans, and states.
Medicare is the most automated health care payer in the country. We
process nearly one billion claims each year, or about 17 million
transactions each week. Fully 98 percent of inpatient hospital and
other Medicare Part A claims are processed electronically, as are 85
percent of physician and other Medicare Part B claims.
The renovation process is complicated because each system used by
Medicare and by its 60-plus claims processing contractors, as well as
interfaces with State Medicaid programs, banking institutions and some
1.6 million providers all must be thoroughly reviewed and renovated by
those responsible for each particular system. They must be tested, both
alone and for the complicated interfaces among them. To fix Medicare
systems alone, nearly 50 million lines of internal and external systems
code must go through the renovation process. We must renovate all
Medicare-specific software, and work with new versions of vendor-
supplied software, including operating systems that drive the hardware
we use. Some hardware must be upgraded, and our telecommunications
equipment and software must be compliant. We must assure that all data
exchanges with thousands of partners are compliant. I have attached a
chart to my testimony which depicts the systems that must interface to
process Medicare claims.
Testing of Year 2000 changes presents a far greater burden than
testing of routine system changes because we must test multiple times
on a range of different dates. For example, we must test February 29,
2000 and March 1, 2000 because 2000 is a leap year. Normally we would
never consider so much change and testing at one time, but we have ho
choice.
If we do not fix all information systems that might have Year 2000
problems, enrollment systems might not function, beneficiaries could be
denied services because providers may not be able to confirm
eligibility, and providers could have cash flow problems because of
delayed payments.
Processing paper claims by hand is one contingency if we fail.
Given the nearly one billion Medicare claims we process each year, it
is a possibility that strongly motivates us to succeed. Paying
providers prospectively, based on previous payments to them, is another
option, which would be a considerable endeavor itself. Clearly our best
option is to successfully complete all of our Year 2000 renovations.
That is why we are requiring contractors to be in full compliance
with Year 2000 requirements, with all code renovated and fully future
date tested, by December 31, 1998. Renovations to mission critical
internal systems also must be complete by December 31, 1998. We expect
to complete end-to-end testing of how claims are processed through our
entire network of renovated systems in the Spring, and then have the
rest of 1999 to fix any remaining glitches and take any additional
corrective action that might be necessary.
Year 2000 compliance for the Medicare program is considered a
mission critical activity and as such, is being closely scrutinized and
monitored by many sources, including the Office of Management and
Budget, General Accounting Office, Office of the Inspector General and
the Department of Health and Human Services Chief Information Officer,
the Assistant Secretary of Management and Budget.
commitment
I have committed significant staff and other resources to this
priority. Actions taken include:
--setting up special teams of employees whose sole responsibility is
making Year 2000 fixes;
--hiring retired federal programmers to assist with Year 2000
efforts;
--hiring Intermetrics, a special Independent Validation and
Verification contractor, to make sure Year 2000 fixes are done
right;
--hiring Seta Corp. to independently test systems after we and our
contractors conclude renovation and testing to make sure they
work properly;
--negotiating contract amendments with the more than 60 Medicare
fiscal intermediaries and carriers to ensure that they use
information technology that is Year 2000 compliant;
--closely tracking contractor progress to ensure that work is on
schedule;
--creating a special contingency planning unit to make sure
disruptions do not result from any unexpected problems;
--working with the Congress to redirect $62 million within the Agency
and Department to this effort for fiscal year 1998; and,
--working with Congress to obtain an additional $62 million for
fiscal year 1999.
Intermetrics is now very actively providing comprehensive oversight
of contractors, with more site visits for those with high volumes of
claims or evidence that they are behind schedule. Intermetrics is
monitoring contractors' Year 2000 resources, quality assurance, test
plans, use of commercial software, and progress in non-Medicare systems
in order to fully assess their Year 2000 status. Because of their
efforts and our own increased attention to this problem, we now have a
much more accurate assessment of what must be done and how it should be
accomplished.
necessary postponements
This more accurate assessment makes clear that, because of the Year
2000 imperative, related work must take precedence over other projects
that require systems changes. Many other private and public
organizations, including most major insurance companies, have reached
the same conclusion and are halting other projects involving
information technology changes to clear the decks for the Year 2000.
Intermetrics advises that we must clear the decks of projects that
could interfere with Year 2000 work. Intermetrics specifically advised
us to ``seek necessary relief from Congressional mandates, system
transitions and version releases to allow near-term, focused attention
to achieving Y2K compliant systems.'' This includes projects that are
complex, or which would occur during a critical window between October
1999 and March 2000. Otherwise, they warned, ``many of your most
critical system renovations have risk of significant schedule
slippage.''
Most of the more than 300 provisions affecting HCFA in the Balanced
Budget Act of 1997 do not have to be delayed. That is because they are
already complete, or can be completed before major systems must be
frozen for the critical Year 2000 transition period.
Projects affected by the Year 2000 include both Balanced Budget Act
provisions and other Agency priorities. For example, in April, we made
the difficult decision to postpone final transitions to uniform systems
for Part A and Part B contractors. Over the past two years we have
whittled the number of different computer systems used by our
contractors down to six from nine. Uniform systems will go a long way
in helping us to streamline Agency operations and provide better access
to program data. But the delay is essential if our contractors are to
renovate and test systems before our December 31, 1998 deadline.
Postponing this activity allowed us to redirect both valuable
programmer time and $20 million in fiscal year 1998 appropriated funds
to Year 2000 work.
At present, Balanced Budget Act provisions whose implementation we
believe must be postponed include:
--prospective payment systems for outpatient hospital care and home
health services;
--consolidated billing for physician and other Medicare Part B
services in nursing homes; and,
--a new fee schedule for ambulance services.
These activities must be postponed because they involve complex
systems changes and interactions with other systems that would
interfere with critical Year 2000 work. Our claims processing
contractors concur with the decision to postpone these activities; a
July 7, 1998 letter expressing their support is attached to my
testimony.
We may also need to delay some activities that are not complicated
but which involve changes that could create an unstable environment
during a critical window of Year 2000 activity, such as provider
payment updates. We will work with Congress and providers to evaluate
our options and ensure that any necessary delays in provider updates do
not create a hardship.
If Year 2000 system renovations are completed ahead of schedule, we
will make every effort to put these provisions back on their original
schedule. But at this time it appears that postponing some projects is
necessary to focus resources and freeze systems so essential Year 2000
work can be done, and thereby avoid complicating factors in the
critical months right before and after the new year.
contractor amendment
As mentioned above, we have developed with our claims processing
contractors an amendment to their contracts articulating the
requirement that they be Year 2000 compliant by December 31, 1998. It
includes a clear definition of Year 2000 compliance, a clear statement
that contractors will not be held accountable for factors beyond their
control, and expressly states that Year 2000 activities are functions
under the contract for which the Indemnification and Limitation of
Liability provisions will apply. It also acknowledges our
responsibility to provide adequate funding. All contractors with whom
we have spoken about this indicate that they will sign the amendment.
budget
HCFA began funding millennium efforts to renovate both its internal
and external systems in fiscal year 1996. The Agency spent $7.6 million
in fiscal year 1996 and $14.5 million in fiscal year 1997 on millennium
related activities.
The continually evolving definition of what is required to meet
millennium requirements has a significant impact on the budget process.
This year, we recognized that the fiscal year 1998 funding of $45
million we had allocated was not enough to support millennium efforts
at our claims processing contractors. We reallocated $62.1 million in
additional funds from within the Agency and the Department to fund
these essential activities. We have already spent approximately $53.4
million of the $107.1 million we have budgeted for millennium
activities in fiscal year 1998.
The constantly evolving definition of millennium compliance also
impacts our fiscal year 1999 budget estimate. The President's budget
requests $37.5 million to support millennium activities. We are working
with Congress to acquire an additional $61.5 million, which would
provide a total of $99 million to continue millennium code renovation
and other millennium related activities. It is also likely that we will
need additional funding in fiscal year 1999 and fiscal year 2000 to be
prepared for the possibility that not all our remediation efforts will
be completely successful. As we continually reassess our millennium
compliance funding needs, we will work with Congress to ensure that
funding will be available to support this critical project.
conclusion
We are making solid, steady progress in preparing for the Year
2000. We have taken steps to obtain and direct necessary resources. We
have made difficult decisions to delay other priorities in order to
clear the decks for necessary Year 2000 work. We are closely monitoring
our own efforts and those of our contractors to ensure that we are on
track. And we are making necessary contingency plans to prepare for any
unexpected problems. We appreciate this committee's support, and I am
happy to answer any questions you might have.
______
July 7, 1998.
Nancy-Ann Min DeParle, Administrator,
Health Care Financing Administration, 7500 Security Boulevard
Baltimore, MD.
Dear Ms. DeParle: We are writing in our capacities as the
contractor members of the Joint HCFA/Contractor Y2K Steering Committee
to comment upon the ``HCFA Year 2000 Fact Sheet'' which describes the
priorities HCFA has established to balance the resource requirements
demanded by:
--Y2K modifications to the numerous inter related systems;
--Testing the systems against one another to assure Y2K readiness;
and
--Managing the numerous program, HIPAA change requirements and
initiatives which will be implemented while these Y2K
modifications and testing are occurring.
As you know, we have been working with senior HCFA management to
help develop the HCFA/Contractor collaboration which will assure that
fee for service Medicare claims will be processed timely and accurately
on January 1, 2000.
A substantial portion of our advisory work with HCFA has been
devoted to examining the critical processes in assuring Y2K readiness.
We concluded, and recommended to HCFA, that as many non Y2K system
changes as possible should be removed from contractor workloads so that
technical resources could be devoted to assuring Y2K readiness. Non Y2K
systems development work should be added back only after HCFA is
satisfied that the contractors' and HCFA's systems are certified Y2K
ready. We also recommended that no material system changes be
introduced between October 1, 1999 and February 1, 2000.
The priorities described in the HCFA Year 2000 Fact Sheet are
consistent with advice from our technical experts that resources must
be focused on the Y2K effort. We believe that prioritization
established by HCFA is an aggressive but feasible workload that is
consistent with the availability of systems technicians and Medicare
``subject matter experts.'' However, there is little doubt that even
these priorities will require HCFA and its Medicare contractors to
manage resources to very high levels of productivity. Also, additional
funding for contractors will be necessary to assure that sufficient
resources can be acquired, and we appreciate the progress HCFA has made
in acquiring that funding.
We appreciate the difficult decisions involved in HCFA's
prioritization effort and look forward to a collaborative and intensive
working relationship to assure that claims are paid accurately and
timely in the Year 2000.
Sincerely,
Bruce A. Davidson,
Blue Cross & Blue Shield of
Florida.
Barbara Gagel,
Administar Federal, Inc.
George Garcia,
Transamerica Occidental Life
Insurance Company.
Harvey Friedman,
Blue Cross & Blue Shield
Association.
Gil R. Glover,
Blue Cross & Blue Shield of
Texas.
Edward Burrell,
CIGNA.
[GRAPHIC] [TIFF OMITTED] T3JL98G.001
Processing a Medicare Claim
a systems perspective
(1) Providers or their billing agents submit claims.
(2) ``Front End'' Systems at each local contractor collect, format,
and edit claims data.
(3) Standard Systems--two for Part A, three for Part B, and one
that is a combined Part B/Durable Medical Equipment system--validate
claims data, put claims through medical review screens, make sure
claims are not duplicates, validate services, check for fraud and
abuse, assign payment rates, and compute any patient financial
liability.
(4) HCFA-furnished Software is integrated into the claims process
at each operating site to address provider codes, service groupings,
payment rates and fee schedules, and reimbursement statistics.
(5) The Common Working File (CWF) maintains information about
Medicare beneficiary entitlement, eligibility, deductibles, payment
limits for specific services, whether they have other insurance that
has to pay before Medicare does, hospice enrollment, end-stage renal
disease status, and managed care enrollment status.
(6) HCFA Internal Systems collect information from the CWF and the
contractors' systems when the processes are completed. (7) HCFA
Enrollment Systems interface with Social Security for new enrollees,
changes in beneficiary data, and billing of beneficiaries and states,
and they track managed care enrollments.
(8) ``Back End'' Systems at each local contractor issue payments,
explain benefits to beneficiaries, settle provider cost reports,
coordinate with other insurers, maintain history files, and perform
interim rate reviews and payment adjustments.
______
Responses of Nancy-Ann Min DeParle to Questions Submitted by
Chairman Bennett
Question. Lines of Code
What do the different numbers on lines of code to be renovated--30
million, 42 million, 50 million--mean? Is the Y2K problem growing 40
percent weekly?
Answer. HCFA has approximately 49 million lines of code that must
be reviewed to see if they need renovation. The estimated number has
increased as we and our independent verification and validation
contractor have conducted more thorough assessments of the situation.
Question. IV&V Reports
Submit for the record reports by our IV&V contractor that display
the status of the Y2K Medicare renovation, including the 64 fiscal
intermediaries, carriers, and Central Working File?
Answer. A hard copy of the most recent monthly status report is
attached.\1\ All IV&V reports on fiscal intermediaries, carriers and
standard system maintainers are shared with the General Accounting
Office (GAO) as they are received. If the committee wishes to have
earlier reports, HCFA will be happy to provide them.
---------------------------------------------------------------------------
\1\ The copy of the status report has been retained in committee
files.
---------------------------------------------------------------------------
Question. Year 2000 Workload Implications
What are the Medicare Y2K remediation and testing workload
implications, including meeting deadlines, staffing, and budget?
Answer. Our Year 2000 effort will likely be the single most
extensive and expensive information systems effort since the inception
of the Medicare program. It has required us to postpone many other
information system initiatives because we must keep systems changes to
an absolute minimum so Year 2000 work can be done on time. We have
taken the unprecedented step of rehiring several federal retirees,
without reducing their retirement pay, to ensure that we have
sufficient staff to complete Year 2000 work on time. We have
transferred funds and staff from the Medicare standard systems
transition project in order to add resources to the Year 2000 effort.
We reallocated a total of $62.1 million in additional funds from within
the Agency and the Department so we have a total of $107.1 million to
fund these essential activities this fiscal year. The continually
evolving definition of what is required to meet millennium requirements
has a significant impact on the budget process. The President's fiscal
year 1999 budget requests $37.5 million to support millennium
activities. Since the hearing in July, we have estimated an additional
$204.1 million will be needed in fiscal year 1999 to support our Y2K
efforts. It is also likely that we will need additional funding in
fiscal year 2000 to be prepared for the possibility that not all our
remediation efforts will be completely successful. As we continually
reassess our millennium compliance funding needs, we will work with
Congress to ensure that funding will be available to support this
critical project.
Question. Common Working File Software
What are the problems for HCFA to monitor the status of Y2K
renovation if there are multiple versions of CWF software throughout
the payment system? Does HCFA have any plans to standardize on a single
controlled version of CWF prior to the Year 2000 in order to assure
reliability of Y2K performance?
Answer. There is only one version of the Common Working File system
in use. It does not present any special problem for monitoring
renovation. The most recent version, installed in July, has been
renovated for Y2K and will be installed in test mode at the four CWF
test Host sites for shared systems and contractors to self-certify Y2K
compliance. This version includes the most complex of the Balanced
Budget Act changes. It will be installed in test mode at our four CWF
test sites. All claims processing centers will use it to verify that
shared systems and local processing systems are Year 2000 compliant.
Question. IV&V Monitoring
How does the IV&V contractor effectively monitor the status of Y2K
renovation at all the disparate sites (CWF, shared systems, 64
contractors) when the Medicare payment systems appear to lack
standardization or uniformity?
Answer. Intermetrics performed a Criticality Analysis and Risk
Assessment (CARA) of all standard systems maintainers and claims
processing contractors. The CARA results were used to determine the
level of IV&V attention for each site. Sites with the highest scores
require the most or ``comprehensive'' IV&V attention, sites with scores
in the middle range receive ``focused'' IV&V scrutiny and sites with
the lowest scores receive ``limited'' IV&V scrutiny.
Regardless of the level of IV&V attention, each site is assessed
using a standardized site visit protocol and agenda. The agenda is
designed to obtain answers to the questions from the Intermetrics risk
assessment database. The risk assessment answers from each site visit
are reviewed by the same panel of Intermetrics staff in order to obtain
risk assessment scores. Risk scores are updated following each site
visit.
Question. Credibility of Compliance Reports
On a scale of 1 to 10, rate the level of credibility on reports of
Y2K compliance meeting the time deadline?
Answer. Review by our independent validation and verification
contractor indicates that the reports of progress in systems renovation
are credible. Testing to confirm Year 2000 compliance is just getting
under way. Problems in meeting deadlines are possible. However, they
would result from the complexity of the problem and would not be a
reflection on the credibility of current reporting.
Question. Renovation Completion
By what date does your IV&V contractor estimate that all systems
will be renovated?
Answer. The Y2K status reports as of August 25, 1998 show that
renovation of all internal mission-critical systems will be completed
by September 30, 1998. Renovation is already completed for 20 of these
25 systems. All external mission-critical systems will be renovated by
December 31, 1998. Renovation is already completed for 30 of these 78
systems. However, our IV&V contractor cautions that some test plans are
incomplete and that other test plans concentrate a great deal of work
in a short time frame, thereby increasing the risk that some systems
may not be certified by December 31, 1998.
Question. Testing Renovated Systems
How will HCFA test the renovated Medicare payment systems,
considering the diversity of 64 sites and 6 shared systems and the CWF?
Answer. We are requiring claims processing contractors, including
maintainers of shared systems and the Common Working File, to self-
certify each of their systems. They must use a compliance definition
and testing guidelines approved by our IV&V contractor. All systems
will be subject to repeated testing by both us and our independent
testing contractor, the SETA Corporation. We also are establishing an
independent telecommunications network that mirrors key components of
the normal Medicare network to allow us to test all pieces of our
operation in a future date environment.
Question. Integrated Testing with Providers
How will HCFA contractors conduct integrated testing with
providers, the 6 shared systems and CWF to ensure that all Y2K changes
are correct and that the payment system works?
Answer. From September through December of this year, each
contractor will identify applicable test data cases and test those
cases to validate that information will flow properly on renovated
systems from the providers' initial submission of a claim through their
entire payment system.
Question. Contingency Plans
What are your contingency plans for eligibility determination and
medical payments in the event that one or more of the 64 contractors
cannot function Jan. 1, 2000?
Answer. Eligibility is determined by HCFA and the Social Security
Administration and is not dependent upon Medicare contractors. However,
possible contingencies for claims processing include making estimated
payments based on historical payments to individual providers, or
routing claims to another contractor that is able to process payments.
On August 13, 1998, HCFA sent a draft program memorandum to all
Medicare intermediaries and carriers detailing the requirements for
contingency planning. This draft was shared with Committee staff.
HCFA's Chief Information Officer, Gary Christoph, and other HCFA staff
briefed the Committee's staff on contingency planning efforts on August
24, 1998. We will continue to keep the staff apprised of our efforts
and have committed to meet with them again in 6 to 8 weeks.
Question. Preventing Fraud and Abuse
Has the HHS Inspector General conducted any analysis on HCFA's
ability to prevent flagrant Medicare fraud and abuse during the period
of Y2K vulnerability?
Answer. We are not aware of any Y2K Medicare fraud and abuse
initiatives planned by the HHS Inspector General. Our greatest
vulnerability would occur if we have to issue payments to providers
outside of normal payment systems. HCFA's Director of Program
Integrity, Penny Thompson, is developing a strategy to address
potential vulnerabilities. Contingency plans for issuing provider
payments will assure that providers are accurately identified and
payment information properly recorded before payments are issued thus
minimizing the potential for fraud and abuse.
______
Responses of Nancy-Ann Min DeParle to Questions Submitted by
Senator Collins
Question. Lines of Code
How many lines of code does HCFA have to renovate?
Answer. HCFA has approximately 49 million lines of code that must
be reviewed to see if they need renovation. The estimated number has
increased as we and our independent verification and validation
contractor have conducted more thorough assessments of the situation.
Question. Progress to Date
How far along is your agency in this process?
We have:
--completed renovation of five of our six standard contractor claims
processing systems;
--completed renovation of 20 of our 25 most critical internal
systems;
--initiated testing of renovated systems;
--conducted at least one site visit to every claims processing
contractor, and at least two site visits to every systems
maintainer for Independent Verification and Validation (IV&V);
--provided clear instructions to contractors on everything they must
do to be Year 2000 compliant, and made sure they assessed their
status based on those instructions;
--negotiated a contract that makes clear the responsibility Medicare
claims processing contractors have in ensuring that their
systems are Year 2000 compliant;
--developed more realistic cost estimates for Year 2000 work after
contractors reassessed their workload based on the instructions
we provided;
--conducted outreach to States, providers, and other health care
entities; and
--gathered data from States on Medicaid system Year 2000 status.
Question. Expected Completion Date
How long do you estimate it will take your agency to complete the
Y2K remediation and testing process?
Answer. We are requiring contractors to be in full compliance with
Year 2000 requirements, with all code renovated and fully future date
tested, by December 31, 1998. Renovations to mission critical internal
systems also must be complete by December 31, 1998. We expect to
complete end-to-end testing of how claims are processed through our
entire network of renovated systems in the Spring, and then have the
rest of 1999 to fix any remaining glitches and take any additional
corrective action that might be necessary.
Question. Home Health Agencies
In your estimate, what percent of home health agencies will not be
able to stay in business if the prospective payment system is not
implemented on October 1, 1999?
Answer. We are working with Congress to address concerns raised by
providers about the interim payment system and ensure that they can
continue providing appropriate care.
Question. Provider Payment
Will HCFA's efforts to solve its Y2K problems jeopardize or delay
physician, home health agency, or hospital payments? If so, how will
that affect patient care?
Answer. Our Year 2000 renovation, testing and certification process
will not affect provider payments. Provider payments would be
jeopardized only if we do not succeed in renovating claims processing
systems. However, Year 2000 work is delaying changes in how providers
are paid that were enacted in the Balanced Budget Act. These include
prospective payment systems for outpatient hospital care and home
health services, consolidated billing for physician and other Medicare
Part B services in nursing homes, and a new fee schedule for ambulance
services. These activities are being postponed because they involve
complex systems changes and interactions with other systems at the very
time such activity would interfere with critical Year 2000 work. Year
2000 work may also require use to delay updates to provider payments
during a critical window of Year 2000 work from October 1999 through
April 2000.
Question. Cost Estimate
What is your cost estimate for Y2K? Do you believe the agency has
sufficient funding to resolve the problem?
Answer. We spent $7.6 million in fiscal year 1996 and $14.5 million
in fiscal year 1997 on millennium related activities. The continually
evolving definition of what is required to meet millennium requirements
has a significant impact on the budget process. This year, we
recognized that the fiscal year 1998 funding of $45 million we had
allocated was not enough to support millennium efforts at our claims
processing contractors. We reallocated $62.1 million in additional
funds from within the Agency and the Department to fund these essential
activities. We have already spent approximately $53.4 million of the
$107.1 million we have budgeted for millennium activities in fiscal
year 1998. The President's fiscal year 1999 budget requests $37.5
million to support millennium activities. Since the hearing in July, we
have estimated an additional $204.1 million will be needed in fiscal
year 1999 to support our Y2K efforts. This increased request results
from better information about the size of the Year 2000 task,
especially the testing effort, and also because the cost of resources
continues to rise. It is also likely that we will need additional
funding in fiscal year 2000 to be prepared for the possibility that not
all our remediation efforts will be completely successful. As we
continually reassess our millennium compliance funding needs, we will
work with Congress to ensure that funding will be available to support
this critical project.
__________
Prepared Statement of Vice Chairman Christopher J. Dodd
Thank you Mr. Chairman. I believe that this is a very important
hearing and I appreciate that you've scheduled it early in the special
committee's oversight of the readiness of the Nation to meet the Year
2000 challenge.
There's no sense in beating around the bush: The question that
everyone wants answered is:
``Are people going to die as a result of Year 2000 complications in
the medical industry?''
To be honest, I don't think so.
But its entirely possible that millennium conversion could put the
health care industry into intensive care.
The health care industry faces significant Year 2000 challenges,
which could result in significant disruptions in medical service across
the Nation.
As I said at our hearing on the utility industry, we're no longer
talking about whether there will be any disruptions, but we are talking
about how severe those disruptions will be.
While I am very hesitant to say that these disruptions will be
life-threatening, there is a reasonable chance that they will
compromise the quality and extent of patient care in all parts the
country.
My concerns are based upon three factors that I hope will be
addressed in some detail today:
First, there is a serious Year 2000 problem for all sorts of
medical devices, from diagnostic tools to dialysis machines.
I am deeply disturbed by the fact that instead of taking steps to
deal with this problem, the medical device industry, as a whole, seems
to be exacerbating the problem by refusing to provide information
either to the FDA, which regulates device safety, or even to the
hospitals and clinics which use the devices every day.
This attitude is stunningly short-sighted and can only cause harm
to both the makers and users of these devices.
My second area of concern is that the Medicare system--which
process nearly a billion claims a year and pays health providers nearly
a billion dollars a day--won't be ready.
If there are disruptions in the Medicare system--and I should also
include the state-run Medicaid programs in this area--many health care
providers, some of whom depend on Medicare payments for as much as 40
percent of their operating budget, will not be able to operate.
Lastly, I am deeply concerned that rural hospitals, municipal
hospitals, or other institutions that are strapped for resources, will
not be able to undertake renovations or replacements necessary to fix
the year 2000 problem, even if they have the time and funds to make a
comprehensive assessment in the first place.
Senator Bennett and I toured a large, well-equipped and well-funded
hospital in the DC suburbs on Tuesday morning.
While I was very impressed by the steps the hospital was taking to
deal with the Year 2000 problem, like replacing or renovating 35
percent of their medical devices, I couldn't help but wonder how
hospitals that are already stretched to the limits are dealing with
this problem.
For example, the hospital that we were touring is planning to
replace its kidney-dialysis machines, bought just 2 years ago at a cost
of $14,000 per machine, because those machines are not y2k compliant.
But can an inner city hospital afford to do that? Can a hospital
serving rural communities in South Dakota afford to do that? Or will
those hospitals be forced to stop providing those services dependent on
high-technology machines until their budget allows them to purchase
compliant equipment?
The possible answers to those questions are chilling.
These are just a few of the critical areas that I expect to begin
addressing here today; and while I don't expect comprehensive answers
yet, I hope that will get a blueprint of where the committee needs to
go from here on this significant issue.
Again, Chairman Bennett, I thank you for devoting the time and
resources to bring this hearing about in such an expeditious manner.
__________
Prepared Statement of Michael A. Friedman
introduction
Good morning, my name is Michael A. Friedman, M.D., Acting
Commissioner, Food and Drug Administration (FDA). I am pleased to be
here today to provide information on the Year 2000 date issue as it
relates to medical devices. This is an important issue and FDA has
taken a number of steps to ensure that medical devices are Year 2000
compliant and I will describe those steps to you today.
what is a medical device?
According to the definition in the Federal Food, Drug, and Cosmetic
(FD&C) Act, a ``device'' is:
an instrument, apparatus, implement, machine, contrivance,
implant, in vitro reagent, or other similar or related article,
including any component, part or accessory, which is intended
for use in the diagnosis of disease or other conditions, or in
the cure, mitigation, treatment, or prevention of disease, in
man or other animals, or intended to affect the structure or
any function of the body and which does not achieve its primary
intended purposes through chemical action and which is not
dependent upon being metabolized for the achievement of its
primary intended purposes.
As this definition suggests, many different types of products are
properly regulated as medical devices. Medical devices include over
100,000 products in more than 1,700 categories. The products regulated
by FDA as medical devices range from simple everyday articles, such as
thermometers, tongue depressors, and heating pads, to the more complex
devices, such as pacemakers, intrauterine devices, fetal stents, and
kidney dialysis machines.
FDA is responsible for promoting and protecting public health by
helping to ensure that medical devices are safe and effective. FDA
carries out its mission by evaluating new products before they are
marketed; assuring quality control in manufacture through inspection
and compliance activities; and monitoring adverse events in already
marketed products, taking action, when necessary, to prevent injury or
death. A device manufacturer must comply with all the requirements of
the FD&C Act, including: establishment registration and device listing,
premarket review, use of good manufacturing practices (GMPs), reporting
adverse events, and others.
As diverse as medical devices are, so are the range and complexity
of problems which can arise from their use. These problems include
mechanical failure, faulty design, poor manufacturing quality, adverse
effects of materials implanted in the body, improper maintenance/
specifications, user error, compromised sterility/shelf life, and
electromagnetic interference among devices.
computer software
Any computer software which meets the legal definition of a medical
device is subject to applicable FDA regulations. Medical devices which
use computers or software can take several forms including: embedded
microchips which are part of, or components of, devices; non-embedded
software used with, or to control, devices or record data from devices;
or individual software programs which use or process patient data to
reach a diagnosis, aid in therapy, or track donors and products.
Embedded software
Computer software frequently is embedded as a ``component'' of
devices, i.e., software contained on a microchip to control device
operation. Examples of such common, important devices are: pacemakers,
infusion pumps and ventilators. The majority of these products would
not be impacted by the Year 2000 problem since almost none of them
require knowledge of the current date to operate safely and
effectively. For example, pacemakers do not use the current date in
their operation.
Non-embedded software
Non-embedded software is intended to be operated on a separate
computer, often a personal computer or work station. Such software
devices may be used to enhance the operation of another device or
devices and, further, may use the two-digit year format. It is possible
that non-embedded software devices may rely on the current date for
proper operation and might be affected by the Year 2000 date change.
An example of non-embedded software is a computer program used to
plan radiation therapy treatments delivered using radioactive isotopes
as the radiation source (teletherapy or brachytherapy). These
treatments possibly could be affected if the computer program that
calculates the radiation dose parameters uses only a two-digit year
representation. The calculation of the length of time since the source
was last calibrated could be in error and thus lead to an incorrect
treatment prescription.
Other examples of non-embedded software devices include: conversion
of pacemaker telemetry data; conversion, transmission, or storage of
medical images; off-line analysis of ECG data; digital analysis and
graphical presentation of ECG data; calculation of rate response for a
cardiac pacemaker; perfusion calculations for cardiopulmonary bypass;
and calculation of bone fracture risk from bone densitometry data.
Since there is a chance that the two-digit format may affect the
performance of these software devices, we believe that the Year 2000
risk needs to be mitigated through proactively working with
manufacturers.
potential impact of the year 2000
An issue which has been identified as warranting review is the
impact of the Year 2000 on some medical device computer systems and
software applications. These products could be impacted by the Year
2000 date problem if they use a date in their algorithm or
calculations, in record keeping or in the computer's operating system
and system clocks; and a two-digit year format was used in their
design. Manufacturers of such products are the only reliable source of
information as to the details of the methods used in the programming
and whether these two conditions are met.
Letter to medical device manufacturers
In light of the review of the impact of the Year 2000 on some
medical device computer systems and software applications, FDA sent a
letter dated June 25, 1997, to 13,407 medical device manufacturers
(8,322 domestic and 5,085 foreign) to ensure that manufacturers address
this issue and review both embedded and non-embedded software products.
We reminded manufacturers that, in addition to potentially affecting
the functioning of some devices, the two-digit year format also could
affect computer-controlled design, production, or quality control
processes. We requested that the manufacturers review the software used
to determine if there is any risk.
FDA recommended specific actions to ensure the continued safety and
effectiveness of these devices. For currently manufactured medical
devices, manufacturers should conduct hazard and safety analyses to
determine whether device performance could be affected by the Year 2000
date change. If these analyses show that device safety or effectiveness
could be affected, then appropriate steps should be taken to correct
current production and to assist customers who have purchased such
devices. For computer-controlled design, production, and quality
control processes, manufacturers should assure that two-digit date
formats or computations do not cause problems beginning January 1,
2000.
In our letter to industry, we reminded manufacturers that under the
GMP regulation and the current Quality System Regulation (which
incorporates a set of checks and balances in manufacturers' design
processes to assure a safe, effective finished product), they must
investigate and correct problems with medical devices. This includes
devices which fail to operate according to their specifications because
of inaccurate date recording and/or calculations.
We expect manufacturers who identify products which have a date-
related problem which can pose a significant risk to the patient to
take the necessary action to remedy the problem. This might include
notification of device purchasers so that their device can be
appropriately modified before the Year 2000.
Manufacturers who discover a significant risk presented by a date
problem are required to notify FDA and take appropriate action. Again,
we do not anticipate any significant problems with individual medical
devices provided appropriate corrections are made, however, we want to
ensure the continued safety and effectiveness of these devices.
For future medical device premarket submissions, manufacturers of
devices whose safe operation could be affected by the Year 2000 date
change will be required to demonstrate that the products can perform
date recording and computations properly, i.e., Year 2000 compliant.
data collection and establishment of the world wide web site
In a letter dated January 21, 1998, Department of Health and Human
Services (DHHS) Deputy Secretary Kevin Thurm, asked approximately
16,000 biomedical equipment manufacturers to voluntarily provide
information on the Year 2000 compliance status of their products.
Included in the mailing were all registered manufacturers irrespective
of the specific kind of device produced, even though only about 2,700
manufacturers are believed to produce computerized products which might
be sensitive to Year 2000 problems. Approximately 3,000 of the
manufacturers included in the mailing are not regulated by FDA; for
example, scientific instrument manufacturers. The letter gave
instructions on ways to submit the data and explained that to be Year
2000 compliant products must function as intended regardless of the
date. Manufacturers also were given the opportunity to certify that
their products are not affected, if that is the case, or certify that
none of their products use computers or date information.
The product database was established and is being maintained by FDA
on its World Wide Web site at the request of the Interagency Biomedical
Equipment Working Group. This Working Group was organized under the
Chief Information Officer's Councils' Subcommittee on the Year 2000.
The web site is intended to give the general public, government
agencies, and the healthcare and research communities one comprehensive
source of information about this issue. The web site is found at:
http://www.fda.gov/cdrh/yr2000/year2000.html. Manufacturers also may
establish a World Wide Web link to their own web site where the
requested information is provided to the public, if they so choose.
So far, the overall response from manufacturers has been
incomplete. As indicated above, FDA believe that approximately 2,700
manufacturers may produce equipment that may be impacted by the Year
2000 problem. We believe approximately 500 of that 2,700 have
responded. To date, approximately 10 percent of the total 16,000
manufacturers (many of which do not produce medical devices which could
be affected by a Year 2000 problem) contacted through the January 21
letter have provided the information requested. We know, however, that
there are companies still in the process of assessing their devices,
and we requested that complete information be submitted. While
manufacturers may report that specific products have not been assessed,
we expect that some companies prefer to complete assessment before
reporting.
FDA's Center for Devices and Radiological Health's (CDRH) Division
of Small Manufacturers Assistance recently provided an article entitled
``Biomedical Equipment Manufacturers Urged to Share Year 2000
Information'' to 12 Medical Device Trade Press contacts and to 65
United States and 35 foreign medical device trade associations in order
to facilitate the dissemination of information to their members
regarding the web site database and to encourage the posting of data by
manufacturers.
In addition, the web site and database are mentioned in the FDA
Column of the June 3, 1998, Journal of the American Medical Association
and in an article in FDA's Medical Bulletin that was sent to
approximately 700,000 healthcare practitioners this summer.
In addition to the informational efforts, FDA issued a targeted,
follow up letter to about 2,732 specific manufacturers of computerized
devices urging that they respond to the January 21 request to submit
product data. This letter was sent out on June 29, 1998, and is another
request for voluntary submission of data. FDA will continue to work
with manufacturers to obtain product data.
what is the data telling us thus far?
As of July 16, FDA has received 1,790 responses from manufacturers.
Of these, data from 1,782 manufacturers had been entered into the
database served on the FDA web site. These numbers change daily as data
is entered, corrected or even removed at the request of manufacturers.
Of the manufacturers, 1,649 have reported that their products do not
use date-related data or are compliant. Of the 1,649, 392 manufacturers
have reported that all of their products are compliant. Eighty-eight
manufacturers have reported one or more products with date-related
problems. Fifty-three manufacturers have provided World Wide Web links
(URLs) to data provided on their own manufacturer-operated Web Sites.
There are submissions for which the data submitted were incomplete or
unclear in some manner. We are communicating with these manufacturers
to obtain clarification before entering the data into the database.
With regard to the data submitted, the great majority of the
problems described are of minor importance, typically involving
incorrect display or printing of a date. There are a few reported
instances where the device will not function or operate at all unless
the date problem is corrected. There are also a number of reports which
indicate that the device will function correctly, provided the personal
computer (PC) with which it is used is compliant. For many of these
PCs, the correction required to correct the date is a rather
straightforward operation. In general, manufacturers are indicating
that currently or recently produced products will be corrected at no
cost. For devices produced some years ago, the response is quite
varied, i.e., free upgrades, upgrades at a cost, or no upgrade or
solution being offered.
In reviewing the data received from the manufacturers so far, we
see no indications that there will be significant problems which will
place patients at risk, assuming the solutions being developed and
offered by manufacturers are implemented. Of course, we can not make
assurances about manufacturers who have not reported product status to
us. We believe that the data received to date confirm our original
expectations that the Year 2000 problems with medical devices are not
significant or widespread problems, although there will be specific
problems which need correction. With only a 10 percent response rate,
however, it is not possible to draw definitive conclusions at this
point. We will continue to emphasize to manufacturers the importance of
reporting and have taken additional steps to boost the response rate.
Healthcare facilities need information from all manufacturers to
properly prepare and plan for any actions they need to take to assure
their devices needing corrections or updates receive these well before
the Year 2000.
other initiatives
In January 1998, FDA's Center for Biologics Evaluation and Research
(CBER) posted a guidance for industry entitled ``Year 2000 Date Change
for Computer Systems and Software Applications Used in the Manufacture
of Blood Products'' on the FDA web site. The guidance provided specific
recommendations to assist industry in its evaluation of computer and
software systems used in the manufacture of blood products and to
assist in evaluating the impact of potential Year 2000 problems. In the
Spring of 1998, CDRH developed a Guidance Document on the Agency's
expectations of medical device manufacturers, concerning the Year 2000
date problem. The guidance already has been made public and is
available on the FDA web site. The guidance also was published in the
Federal Register on June 24, for greater dissemination. The guidance
re-emphasizes the requirements in existing regulations that require
manufacturers to address any date problems which may present a
significant risk to public health.
FDA staff organized, with the staff of the Emergency Care Research
Institute, a half-day session on the Year 2000 date problem at the June
2, 1998 annual meeting of the Association for the Advancement of
Medical Instrumentation. This meeting was attended by hospital clinical
engineers, representing the device purchasers and users, medical device
researchers and developers, and device manufacturers. The session
permitted an exchange of information on all aspects of the Year 2000
problem as it relates to medical devices and the actions healthcare
facilities should be taking to address this issue.
A video teleconference on the Year 2000 issue for device
manufacturers is planned for September 1998.
conclusion
Thank you, for the opportunity to update you about the issue of the
Year 2000 and medical devices. Let me assure you, we at FDA take this
issue very seriously as we do all problems which could affect the
public health. We are committed to a scientifically sound regulatory
environment which will provide Americans with the best medical care. In
the public interest, FDA's commitment to industry must be coupled with
a reciprocal commitment: that medical device firms will meet high
standards in the design, manufacture, and evaluation of their products.
We recognize that this can only be attained through a collaborative
effort--between FDA and industry--grounded in mutual respect and
responsibility. The protections afforded the American consumer, and the
benefits provided the medical device industry, cannot be
underestimated.
FDA's role is to assure that medical devices are safe and effective
and manufactured in accordance with their specifications. The Agency,
of course, will provide any assistance it can to address any specific
problem any other agency, such as the Department of Veterans Affairs,
identifies. FDA also is working with other agencies, patient groups,
medical associations and industry to optimize data collection and
information sharing. FDA also will continue urging manufacturers to
ensure the continued safety and effectiveness of their medical devices
by ensuring that their devices can perform date recording and
computations that will be unaffected by the Year 2000 date change.
Thank you for the opportunity to testify.
______
Department of Health & Human Services,
Food and Drug Administration,
Rockville MD.
Hon. Christopher Dodd,
Vice Chairman, Special Committee on the Year 2000 Technology Problem,
U.S. Senate,
Washington, DC.
Dear Vice Chairman Dodd: Thank you for the opportunity to testify
before your Committee at the July 23 hearing on the impact of Year 2000
computer problems on health care issues. You asked important questions
concerning the preparedness of the health care system, particularly
with respect to the need for information from medical device
manufacturers on Year 2000 compliance. This letter responds to the
particular question you posed concerning the extent of the legal
authority the Food and Drug Administration (FDA or Agency) has to
require responses from medical device manufacturers on Year 2000
compliance of medical devices. You referenced the enclosed April 1,
1998, letter from the Health Industry Manufacturers Association
asserting that FDA had no legal authority to require such submissions
(Tab A).
Enclosed is a list of manufacturers who have not responded to FDA
as of July 20, 1998, with information on Year 2000 compliance (Tab
B(1)).\1\ A cover sheet also is provided with Tab B which explains the
data presently available on the FDA Year 2000 web site. The list of
non-responders is compiled from those manufacturers which were sent
FDA's letter mailed on June 29, 1998, a follow-up to the January 21,
1998, letter from the Department of Health and Human Services
requesting information on Year 2000 compliance status of medical
devices. At Tab B(2) \1\ is the list of manufacturers to whom the FDA
follow-up letter was mailed. Also attached at Tab B(3) \1\ is a listing
of all the manufacturers who have responded to FDA and are listed on
the FDA Year 2000 web site.
---------------------------------------------------------------------------
\1\ Retained in committee files.
---------------------------------------------------------------------------
Please be assured that FDA is working with the Department of
Veterans Affairs and others to compare and coordinate information
received from all sources so that the web site can include all know
information on the compliance status of medical devices. We are also
working with other executive branch agencies, manufacturers, trade
associations and others to obtain information from more companies and
on more medical devices. Your hearing helped publicize the lack of
response from the industry and we believe it will encourage additional
cooperation from the manufacturers who have the information on the Year
2000 status of their medical devices.
fda legal authority
Under its current regulations, FDA does not have the authority to
require all device manufacturers to submit reports on whether their
devices are Year 2000 compliant.
FDA's Quality System Regulation (QSR) does impose a continuing
requirement on manufacturers to identify, investigate, and correct
problems or potential problems with devices covered by the regulation.
21 CFR Part 820. Devices automated with computer software are subject
to all requirements of 21 CFR Part 820 unless expressly exempted by
regulation. Under the QSR, manufacturers must document and correct
problems with covered devices, including problems arising from the use
of two digits to represent the year. 21 CFR Sec. 820.100. Manufacturers
must make records of such corrective actions available to FDA during
facility inspections. Manufacturers are required to report recalls and
corrective actions they have undertaken to reduce a risk to health or
prevent a violation of the Act that may present a risk to health.
Manufacturers that have corrected a Year 2000 problem with their device
that, if not corrected, could present a risk to health must report the
correction to FDA. When we receive such information, we will include it
on our web site.
FDA does not have explicit statutory authority to order all device
manufacturers to submit information immediately on Year 2000 compliance
status for all medical devices. The Agency does have general statutory
authority to require reporting and recordkeeping for medical devices
under section 519(a) of the Food, Drug, and Cosmetic Act (FD&C Act).
The Agency may implement this statutory authority, however, only by
regulation. Appropriate implementing regulations setting forth a Year
2000 reporting requirement have not been promulgated. The Agency has
promulgated regulations using the reporting authority under section
519(a) in only limited circumstances in which adverse events have
already occurred. To have any regulation in effect concerning the
submission of information on Year 2000 compliance status in time for
the reports to be of value to the Agency and the public, FDA would need
to establish that complying with the Administrative procedure Act's
requirements for prior notice and comment would be impractical,
unnecessary, or contrary to the public interest.
Moreover, even if the threshold for waiving prior notice and
comment could be met, section 519(a)(4) requires that any regulation
promulgated under it may not impose unduly burdensome requirements on
the regulated industry, taking into account the cost of complying, the
need for protection of the public health, and the implementation of the
FD&C Act. The legislative history of section 519(a) expresses a
particular concern that regulatory agencies not impose industry wide
requirements for reporting when the requirement pertains to only a
segment of the industry. Hence, FDA would either need to demonstrate
that the public health risk of Year 2000 compliance justified a
reporting requirement on the entire industry, or the Agency would need
to develop reliable criteria for narrowing the population of
manufacturers and devices to those likely to be affected by the Year
2000 issue. Identifying only the affected segment of industry has been
difficult since device information already provided to FDA under the
medical device review process does not always contain specific data
which would allow identification of all devices that might be impacted
by the Year 2000 date change.
FDA believes section 519(a) provides statutory authority to require
(through implementing regulations) device reports in the absence of
adverse events. The device industry, however, might challenge in court
FDA's promulgation of regulations under this authority to require
reports of Year 2000 compliance for all medical devices because of the
strong concern on the part of some in the industry about the burdensome
nature of such reporting requirements. Such a challenge could delay
significantly, and thereby reduce the effectiveness of, the subject
reporting requirement.
Finally, even if FDA were able to develop a regulation that could
meet the standards of section 519(a), FDA would still have the burden
to demonstrate that the regulation met other statutory requirements,
such as the Paperwork Reduction Act and Regulatory Flexibility Act
requirements.
resources
Finally, requesting, receiving, analyzing and posting information
on Year 2000 compliance on a significant number of devices and
manufacturers is resource intensive. We are working with the Department
of Health and Human Services and the Administration to identify those
resources necessary to ensure the completeness of the Year 2000 effort.
We hope this information is helpful. We will be glad to work with
you in addressing this issue. A similar letter has been sent to Senator
Robert F. Bennett.
Sincerely,
Michael A. Friedman, M.D.,
Acting Commissioner of Food and Drugs.
Enclosures.
______
James S. Benson,
Executive Vice President, Technology and Regulatory
Affairs, HIMA,
April 1, 1998.
Mr. Kevin Thurm,
Deputy Secretary, Health and Human Services,
Hubert H. Humphrey Building,
200 Independence Avenue, S.W. Room 606G,
Washington, DC.
Dear Mr. Thurm: On behalf of the members of the Health Industry
Manufacturers Association, I am writing in response to the January 21,
1998 ``Dear Biomedical Equipment Manufacturer'' letter that you sent
regarding Year 2000 computer issues. As you know, HIMA is a Washington,
D.C.-based trade association and the largest medical technology
association in the world. HIMA represents more than 800 manufacturers
of medical devices, diagnostic products, and medical information
systems.
HIMA's members share the Department's goal of providing quality
health care services without significant interruption caused by Year
2000 computer limitations. To that end, manufacturers are diligently
working to ensure that medical device products will operate safely and
effectively in the Year 2000 (and beyond). Due to the diversity of the
medical device manufacturing industry, one approach will not fit all
products. Each manufacturer will need to develop its own plan to
evaluate the systems in current use and determine the actions to be
taken to negotiate Year 2000 requirements.
HIMA's members understand the Department's interest in this issue.
Nevertheless, we do not agree that a federal government Internet web
site listing Year 2000 compliance status of various products is an
appropriate or necessary step. Instead, manufacturers should be
encouraged to address Year 2000 issues with customers (including the
federal government) directly, in one-on-one interactions discussing
particular products. This type of interaction is the hallmark of
quality business practices that are a traditional part of our free
enterprise economic system in the United States. Such direct
interactions ensure that customers receive adequate and complete
information, and have an opportunity actively to ask questions and
receive responses. Indeed, many medical device manufacturers have
Internet web sites of their own that are a source of Year 2000
information and encourage direct interaction with customers.
HIMA's members note that the Department has no legal authority to
require the submission of the Year 2000 information that is the subject
of your January 21, 1998 letter. This is also obvious from the fact
that the Department's letter is ``requesting'' this information. In
view of this, HIMA believes that the statement in the letter that
``there will be targeted follow-up regarding non-respondents'' is
inappropriate.
Even if ``requesting'' this information for listing on an Internet
web site to be operated by the federal government were a good idea, the
sixty-day time limit given in the letter is not nearly sufficient and
does not further a sense of goodwill and cooperative interaction
between industry and government. As stated above, manufacturers are
currently engaged in determining whether their products will face Year
2000 computer issues and developing appropriate solutions. Therefore,
much of the information requested by the January 21, 1998 letter will
not be available in a sixty-day time frame, or even in the near future.
As you may know, the Internet web site maintained by the FDA's
Center for Devices and Radiological Health (CDRH) also contains some
information and requests on Year 2000 issues. These do not seem to be
coordinated with the items specified in the Department's January 21,
1998 letter. Accordingly, manufacturers are confused by the
inconsistency and the Department should work with CDRH to resolve these
differences.
In conclusion, HIMA's members view the Year 2000 issues as vitally
important to pursue in order to continue to provide safe and effective
products to promote the public health. While we agree with the concern
that the Department expresses to ensure that appropriate activities are
undertaken to develop ``Year 2000 compliant'' products, we do not agree
with the method described in the January 21, 1998 letter. Instead,
HIMA's members will continue to develop, on a company-by-company basis,
appropriate implementation plans to address the Year 2000 issues. In
addition, companies will continue to provide customers directly with
information on their products, including the Year 2000 issues, through
traditional business interactions on a company-by-company basis.
HIMA would be willing to meet with the Department and CDRH to
discuss Year 2000 issues. Please feel free to contact me if you would
like to arrange such a meeting.
Sincerely,
James S. Benson.
______
Explanation of Food and Drug Administration Data
The testimony provided by the Food and Drug Administration
contained approximate figures concerning the number of manufacturers
who had received a mailing from FDA on June 29, 1998 and the number of
response received. In reviewing the data, accurate numbers were
determined and are provided in this explanation.
MANUFACTURERS DETERMINED BY FDA TO BE MOST LIKELY TO HAVE MEDICAL
DEVICES THAT COULD BE AFFECTED BY THE YEAR 2000 DATE CHANGE
------------------------------------------------------------------------
2,232.................. Addressees of June 29, 1998 FDA letter
requesting Year 2000 compliance
information.\1\
297.................... Duplicate addressees.
1,935.................. Distinct addresses used for the June 29, 1998
letter.
------------------------------------------------------------------------
\1\ It should be noted that FDA has received approximately 50 returned,
non-deliverable letters from the June 29, 1998 mailing. These returns
are reflected in the ``no responses'' list.
As of July 20, the total data in the FDA Year 2000 database
reflects the following information:
----------------------------------------------------------------------------------------------------------------
93........................................................... Total number reporting Year 2000 date related
problems.
(58)......................................................... (Addressees of June 29, 1998 mailing.)
423.......................................................... Total reporting products are compliant.
(150)........................................................ (Addresses of June 29, 1998 mailing.)
63........................................................... Total providing Web Links.\1\
(48)......................................................... (Addressees of June 29, 1998 mailing.)
1,287........................................................ Total indicating no date or computer used in
product.
176.......................................................... (Addresses of June 29, 1998 mailing.)
----------------------------------------------------------------------------------------------------------------
\1\ The 63 manufacturers providing WEB links may also be included in the other database categories, as some have
provided both product data and a WEB link.
______
Responses of Michael A. Friedman to Questions Submitted by Chairman
Bennett
Question. Mr. Commissioner, FDA waited until January 1998 to ask
the industry for non mandatory Y2K compliance data for biomedical
devices.
--FDA is usually very assertive in following up on patient safety and
regulatory programs. Why has FDA been so passive in its follow-
up on the biomedical Y2K issue?
Answer. In order to ensure Year 2000 (Y2K) compliance of medical
devices that use computer software, FDA sent a letter dated June 25,
1997, to 13,407 medical device manufacturers to ensure that
manufacturers reviewed this issue and reviewed both embedded and non-
embedded software products. FDA recommended specific actions to ensure
the continued safety and effectiveness of these devices and to remind
manufacturers of their responsibility to ensure that their products
will not be affected by the century change.
Because we must assist medical providers and physicians avoid
injuries from medical devices with embedded microchips which may not
function at the turn of the century, the Department of Health and Human
Services (HHS) also has been involved in the effort to ensure the
compliance of biomedical equipment (includes medical devices regulated
by FDA and other medical equipment not regulated by FDA). On January
21, 1998, Deputy Secretary Kevin Thurm issued a letter to 13,000
manufacturers of medical devices and, working through professional
associations, approximately 3,000 manufacturers of scientific
laboratory equipment. This letter asked the manufacturers to provide
information concerning the compliance status of their products.
In addition, on June 29, 1998, Dr. D. Bruce Burlington, Director of
the Food and Drug Administration's (FDA) Center for Devices and
Radiological Health (CDRH) issued a follow-up letter to approximately
1,935 manufacturers. This letter was targeted to manufacturers of
computerized devices urging again that they respond to the January 21
request to submit product data. The Agency will continue to
periodically remind manufacturers of this program.
Finally, on September 2 Dr. Michael Friedman sent a letter to the
Health Industry Manufacturers Association (HIMA) to get their input on
how to eliminate the disincentives so that manufacturers will be more
forthcoming with product status information and urges HIMA to develop a
plan of specific actions to increase progress by industry.
FDA's Center for Devices and Radiological Health's (CDRH) Division
of Small Manufacturer's Assistance recently provided an article
entitled ``Biomedical Equipment Manufacturers Urged to Share Year 2000
Information'' to 12 Medical Device Trade press contacts and to 65 U.S.
and 35 foreign medical device trade associations in order to facilitate
the dissemination of information to their members regarding the web
site database to encourage the posting of data by manufacturers. In
addition, the web site and database are mentioned in the FDA Column of
the June 3, 1998, Journal of the American Medical Association and in an
article in FDA's Medical Bulletin that was sent to approximately
700,000 health care practitioners this summer.
FDA's objective remains the provision of a comprehensive,
centralized national source of information on the Y2K compliance status
of medical devices used in the United States and to make this
information publicly available through its web site. Our joint efforts
with the VHA and OASD/HA are designed to better leverage our collective
information and influence. We are already working together to enhance
the existing web site to be the national biomedical equipment
clearinghouse by adding equipment inventories from other organizations
and by conducting additional follow-up activities. These activities
include checking whether a medical device manufacturer has met a
planned date for availability of a compliant product version, and
inspecting records relating to the Y2K compliance of computerized
medical devices during FDA medical device facility inspections.
We believe that this series of actions demonstrates FDA's
commitment to ensuring that adequate public information becomes
available to the public on a timely basis.
Question. Mr. Commissioner, the Committee is concerned with the
safety of patients dependent on Y2K compliant medical devices. We know
there are millions of these devices in current use. We are concerned
that the FDA biomedical device web site for the Center for (Medical)
Devices and Radiological Health (CDRH) is incomplete (only 1,000
companies) and has inadequate data to assist potential users.
--Do you have any plans to establish a complete database for all
biomedical devices with product descriptions, ID numbers, and
software versions?
Answer. Many different types of products are regulated as medical
devices. Medical devices include over 100,000 products in more than
1,700 categories. Most of these have no microprocessors, software, or
computer linkage. We do not believe that listing all compliant products
is either necessary or cost-effective. We do not believe anyone could
reasonably want information on Y2K compliance on such products as:
crutches, hip implants, sutures, or a dip stick test for pregnancy. In
addition, even for potentially Y2K vulnerable products, the FDA web
site already includes a certification statement assuring total
compliance from those manufacturers who report all of their products
are compliant. FDA believes information at the individual model level
is needed for non-compliant products only. If a manufacturer's entire
product line is compliant, users of the clearinghouse would receive no
additional benefit from the model-level information, which would be
quite expensive to obtain and enter into the database. Furthermore,
manufacturers also may establish a World Wide Web link to their own web
site where the requested information is provided to the public, if they
so choose.
HHS and the Veterans Administration already are working as a
Federal partnership to develop a single data clearinghouse. Our private
sector associates, mostly professional associations such as the
American Medical Association, the American Hospital Association, and
the Joint Commission on Health Care Accreditation, will provide advice
and assistance as requested. It would be useful to provide an
indication of whether a particular manufacturer has or has not provided
information on Y2K compliance for manufacturers of electronic products
that are susceptible to Y2K concerns. To that end, FDA will post on the
web site the identity of manufacturers who have not provided compliance
certification.
--Do you require legislative assistance to acquire the data from
manufacturers or budget help to promptly establish and maintain
the biomedical database until after Y2K?
Answer. Under its current regulations, FDA does not have the
authority to require all device manufacturers to submit reports on
whether their devices are Year 2000 compliant. FDA's Quality System
Regulation (QSR) does impose a continuing requirement on manufacturers
to identify, investigate, and correct problems or potential problems
with devices covered by the regulation (21 CFR Part 820). Devices
automated with computer software are subject to all requirements of 21
CFR Part 820 unless expressly exempted by regulation. Under the QSR,
manufacturers must document and correct problems with covered devices,
including problems arising from the use of two digits to represent the
year. Manufacturers must make records of such corrective actions
available to FDA during facility inspections. Manufacturers are
required to report recalls and corrective actions they have undertaken
to reduce risk to health or prevent a violation of the Act that may
present a risk to health. Manufacturers that have corrected a Year 2000
problem with their device that, if not corrected, could present a risk
to health must report the correction to FDA. When FDA receives such
information, FDA will include it on the web site. FDA sent a letter to
the Committee on July 31, 1998, and provided a more detailed response
regarding the full extent of the legal authority FDA has to require
responses from medical device manufacturers on Y2K compliance of
medical devices. FDA has been providing technical assistance to the
Committee regarding possible legislation, and will gladly continue to
provide assistance if the Committee determines that legislative
assistance is necessary.
Requesting, receiving, analyzing and posting information on Y2K
compliance on a significant number of devices and manufacturers is
resource intensive. We are working with the Department of Health and
Human Services and the Administration to identify those resources
necessary to ensure the completeness of the Y2K effort.
Let me assure you, we at FDA take this issue very seriously as we
do all problems which could affect the public health. We are committed
to continue working with the Committee to urge manufacturers to ensure
the continued safety of their medical devices by ensuring that their
devices can perform date recording and computations that will be
unaffected by the Y2K date change.
__________
Prepared Statement of Gil R. Glover
Mr. Chairman and members of the committee, I am Gil Glover,
Director for Projects and Planning in Medicare Operations for Blue
Cross and Blue Shield (BCBS) of Texas. I am testifying on behalf of the
Blue Cross and Blue Shield Association, the organization representing
54 independent Blue Cross and Blue Shield Plans throughout the nation.
Each independent Blue Cross and Blue Shield Plan is actively
working to ensure that its information system and business operation
will function properly in the Year 2000 and beyond. One of the
strengths of the Blue Cross and Blue Shield system is the ability of
these independent Plans to inter-operate in support of local, national
and international customers. Therefore, the Year 2000 readiness of the
information systems that support inter-Plan transactions is a top
priority for the Blue Cross and Blue Shield system.
The Blue Cross and Blue Shield system is a major presence in the
Medicare program. Blue Cross and Blue Shield Plans process 85 percent
of Medicare Part A claims and about two-thirds of all Part B claims.
Blue Cross and Blue Shield Plans also provide Medicare HMO coverage to
more than three-quarters of a million Medicare beneficiaries, which
makes the Blue Cross and Blue Shield system the second largest Medicare
HMO provider in the country. At BCBS of Texas, we process about 7.7
million Part A claims and 47.6 million Part B claims a year.
Like any other health insurance company, our Medicare business and
our commercial business face the challenge of becoming Year 2000
compliant. I appreciate the opportunity to testify before the committee
today on the progress Medicare contractors have made toward becoming
Year 2000 compliant.
medicare contractors' commitment to becoming millenium compliant
Since its inception, the traditional Medicare fee-for-service
program has been administered through a successful partnership between
private industry and the Health Care Financing Administration (HCFA).
Blue Cross and Blue Shield Plans and commercial insurers contract with
HCFA to handle much of the day-to-day work of paying Medicare claims
accurately and in a timely manner.
Medicare contractors have successfully met many significant
challenges over this thirty-three year partnership with HCFA. These
include:
--Handling a dramatic increase in workload that has grown from 61
million claims in 1970 to 889 million in 1998.
--Quickly implementing major programmatic changes under extremely
tight time frames, such as the institution and refinement of
the Medicare prospective payment system for hospitals and the
physician resource-based relative value payment system.
We are very proud of our role as Medicare administrators and our
record of efficiency and cost effectiveness.
One of our next major challenges is to assure that Year 2000
computer adjustments are made accurately and in accordance with the
timetable set out by HCFA. There are three specific points I would like
to make today:
1. Year 2000 compliance is a top priority for Medicare contractors.
2. New contracting legislation is unnecessary, and actions arising
out of such changes could actually make Year 2000 compliance more
difficult.
3. Stable and adequate funding for Medicare contractors is critical
to administering the traditional Medicare program efficiently and
effectively through the Year 2000 readiness phase and beyond.
Year 2000 compliance is a top priority
Year 2000 compliance is a top priority for Medicare contractors.
Despite the significant challenges, let me assure you that Medicare
contractors are working toward becoming compliant on a timetable that
will meet HCFA's deadline of December 31, 1998, which is two months
earlier than the government-wide target date set by the Office of
Management and Budget (OMB).
Medicare contractors will make every effort to meet this challenge
just as they have successfully met other challenges in the past. It is
in everyone's interest--Blue Cross and Blue Shield Plans, the
government, providers and beneficiaries--for contractors to become
millenium compliant on time. For Blue Cross and Blue Shield Plans, both
their Medicare and private business depend on meeting this challenge.
I want to state clearly that Medicare contractors are committed to
Year 2000 compliance. In recent congressional hearings and press
reports, it has been suggested that contractors are not being diligent
in their efforts to meet this requirement and that HCFA needs
additional authority to assure compliance. Nothing could be further
from the truth.
The Blue Cross and Blue Shield Association and Medicare contractors
have been working closely with HCFA on compliance issues. As part of
this process, BCBSA has been working with HCFA to find an agreeable
contract amendment related to Year 2000 compliance. Last fall, HCFA
sent all Medicare contractors a contract amendment intended to assure
Year 2000 compliance. BCBSA had several concerns with the amendment,
including concerns that it would have required contractors to assume
liability for compliance of all vendors (e.g., financial institutions,
facilities managers who control elevator programming, etc.) or face
civil monetary penalties. HCFA acknowledged that it had drafted the
amendment too broadly and agreed to work with contractors to rewrite
the amendment. I am happy to report that three weeks ago, HCFA and
BCBSA developed a contract amendment agreeable to both parties.
In addition to the work on the contract amendment, BCBSA has worked
with HCFA on developing a regular, formal process to assure regular
communication with HCFA. In response to a BCBSA recommendation, HCFA
established a steering committee chaired by HCFA's chief operating
officer and vice-chaired by BCBSA. The role of the steering committee
is to:
--Clarify Year 2000 compliance standards, time lines, and reporting
requirements;
--Monitor progress; and
--Facilitate coordination, cooperation, and communication among HCFA
and its contractors.
I serve as the technical project management advisor to the steering
committee. Let me briefly describe the accomplishments of the
committee. The committee established eight working groups that are
meeting to address the following areas:
1. Progress Measurement--Monitors the progress of individual
contractors and contractors as a whole.
2. Critical Path--Identifies necessary activities, risk points, and
key assumptions for Year 2000 compliance.
3. Priorities--Evaluates competing program priorities, including
standard system transitions, Balanced Budget Act (BBA) implementation,
and Health Insurance Portability and Accountability Act (HIPAA)
administrative simplification.
4. Provider Relations--Informs providers about Year 2000 issues and
provides training.
5. Common Testing Protocols--Develops testing procedures.
6. Common Efforts--Identifies areas of common interest and concern
to contractors and looks for efficiencies.
7. Contingency Planning--Determines processes and time frames for
paying providers if systems are not Year 2000 compliant.
8. Resource Allocation--Defines standard definitions for Year 2000
activities and estimate costs.
Very good progress is being made in these workgroups. As an
example, the Contingency Planning group has developed a protocol that
is supported by a comprehensive planning template applicable to any
risk a Medicare contractor might identify in its operations. Use of the
template is being piloted by work group contractor members, and is
scheduled for release to all contractors in early August. While
contractors are already performing contingency planning exercises, the
work group's combined input into development of this protocol has
produced a tool that can add significant value to this process and
produce uniform planning documentation.
Beyond the specific products of these work groups, operation of the
steering committee has facilitated very constructive and useful
dialogue between contractors and HCFA about Year 2000 compliance. The
committee has met with the HCFA administrator, and meets regularly with
many of the agency's key directors and other top management staff. We
look forward to continuing these cooperative efforts with HCFA.
In reviewing the issues related to Year 2000 compliance, the
committee should be aware of four additional issues that have made Year
2000 compliance activities even more challenging:
--Significant Change in Direction.--Originally, many of the system
changes that were necessary for compliance would have been
accomplished by the conversion of all Medicare contractors to
the Medicare Transaction System (MTS). As you know, the MTS
initiative was dropped last year. As a result, contractors have
been required to make significant changes that, in the absence
of the MTS initiative, they would have been working on for a
long time.
--Transition to New Standard Systems.--Instead of converting to the
MTS system, HCFA has directed contractors to transition to a
new single Part A and a new single Part B system. In some
cases, this conversion to different systems has complicated
efforts to focus on millenium compliance activities. As a
result, several contractors requested HCFA to delay transition
requirements so they could focus on Year 2000 issues. We are
very pleased that HCFA recently agreed to delay transitions for
some Medicare contractors.
--Adequate Funding is Absolutely Critical.--We anticipate Year 2000
compliance to be very costly. We were very pleased that
Congress reprogrammed $20 million in the fiscal year 1998
supplemental appropriations bill to cover contractor millenium
costs. We also understand that HHS has taken administrative
actions to allocate another $41 million to cover Year 2000
costs. However, to date, contractors have received less then
the total amount allocated. We look forward to receiving full
funding.
--Numerous and Broad Programmatic Demands.--Numerous initiatives
(e.g., HIPAA requirements and BBA) will be implemented while
Year 2000 modifications and testing are occurring. HCFA has
already said that it will not be able to implement all of the
BBA requirements because of the need to concentrate on Year
2000 efforts. We recommended to HCFA that as many non-Year 2000
system changes as possible should be removed from contractor
workloads so that technical resources could be devoted to
assuring Year 2000 readiness.
Contractor reform is not necessary and would jeopardize year 2000
efforts and BBA implementation
HCFA is seeking legislation that would dramatically restructure the
contracting process for Medicare intermediaries and carriers. It has
been argued that contractor reform is necessary to assure Year 2000
compliance. BCBSA believes that, in fact, contractor reform would not
improve the Year 2000 problem, and could make it more difficult.
Contractor transitions are significant technical projects in their
own right, and add risk to Medicare processing stability even without
Year 2000 factors. New contractors would have to learn Medicare's
extremely complex and intricate rules and regulations while
simultaneously working to achieve millenium compliance.
HCFA is exercising extensive oversight of Medicare contractors'
Year 2000 compliance efforts through the use of its own review teams
and an independent verification and validation contractor. Most
Medicare contractors have already been reviewed for Year 2000
compliance progress with at least two comprehensive on-site reviews--
many contractors are at round three of these reviews. In addition, both
the Office of the Inspector General (OIG) and the General Accounting
Office (GAO) are conducting Year 2000 reviews at Medicare contractor
sites. There is ample opportunity for identifying and correcting any
deficiencies or problems in the Medicare contractor community through
these processes.
Moreover, contractor reform is not necessary to replace contractors
that are not millenium compliant. HCFA currently has broad authority to
sanction, replace, or terminate contractors that are not in compliance.
Success in Medicare claims administration requires that HCFA and
the contractors work together toward their mutual goal of accurate and
timely claims payment. BCBSA does not believe these legislative changes
are necessary to assure efficiency and high performance levels.
Stable and adequate funding is critical
We strongly support HCFA's efforts to secure additional funding for
Year 2000 activities in fiscal year 1999. While Medicare contractors
must be Year 2000 compliant by the end of this calendar year,
contingency planning and risk mitigation actions must continue
throughout 1999 to ensure rapid, effective response to any problems
actually encountered in calendar year 2000. Contingency plans that can
not be deployed in 1999 may have little value if they must be started
from scratch in 2000. Additionally, there is significant on-going
system testing that must occur throughout 1999 even after Year 2000
compliant systems have been implemented. This ``regression testing'' is
essential to ensure that essential changes implemented in 1999 do not
adversely effect Year 2000 readiness.
Medicare contractors also need stable and adequate funding to
fulfill the critical role as the program's first line of defense
against fraud and abuse. We urge the committee to support the Medicare
contractor funding level proposed in the fiscal year 1999 President's
budget and approved by the House Appropriations Committee. The
Committee recommended appropriating $1.27 billion, without the user
fees proposed in the President's budget. We fully support this funding
level without the user fees.
conclusion
The Year 2000 compliance issue poses monumental challenges. Blue
Cross and Blue Shield Plans and commercial contractors are committed to
meeting these challenges just as they have done in the past.
Let me reiterate that Medicare contractors are working diligently
to become millenium compliant by December 31, 1998. We will continue to
work with HCFA to resolve issues that arise and to ensure compliance. A
cooperative approach between contractors and HCFA will achieve the best
results. BCBSA feels that proposed contractor reform legislation raises
fundamental issues and implications for the Medicare program that work
against the cooperative effort needed at this critical time when
experience and focus are so essential. The keys to Year 2000 compliance
in the Medicare contractor community are stable, adequate funding for
the required resources and consistent prioritization of Year 2000
activities over any other potential changes in the Medicare program.
Thank you for the opportunity to speak with you on these important
issues.
______
Responses of Gil R. Glover to Questions Submitted by Chairman Bennett
Question 1. What is the status of Y2K discovery and renovation
action?
Answer. Year 2000 readiness status is gathered from contractors
regularly by HCFA. In addition to their own analysis and feedback
actions with contractors, HCFA regularly reports Y2K status to OMB, GAO
and Congress. The Blue Cross and Blue Shield Association (BCBSA) does
not independently collect readiness status from the Medicare
contractors.
Question 2. What is the BCBSA's plans for integrated testing?
Answer. Integrated testing with providers is part of each
contractor's Y2K Readiness Project Plan. All such project plans have
been filed with HCFA and are a part of the formal Medicare Agreement
between HCFA and its contractors. Integrated testing protocols will
vary depending on the provider's choice of electronic media, the
standard claims processing system in use for Medicare and the corporate
front-end hardware/software configuration used for electronic data
interchange.
Question 3. What is the contingency plan if the providers can't do
EDI?
Answer. Contingency planning is being considered nationally by HCFA
to insure that standardized responses and actions will be in place for
all contractors in the event that some providers are not able to
achieve Y2K readiness timely. It should be emphasized, however, that
achieving Y2K readiness for billing Medicare claims is a provider
responsibility.
Question 4. What is the status of the BCBSA Y2K?
Answer. The BCBSA is an association of 54 independent licensees.
BCBSA itself is not an insurance company, and therefore does not
process health claims. The Association is working to ensure that its
inter-Plan programs, e.g., FEP, BlueCard, will function properly with
respect to dates beyond December 31, 1999. Individual Plan management
and boards of directors are responsible for ensuring Y2K readiness of
their respective local Plan operations.
__________
Prepared Statement of Jennifer Jackson
Mr. Chairman, I am Jennifer Jackson, General Counsel and Vice
President, Clinical Services, at the Connecticut Hospital Association.
I am here on behalf of the American Hospital Association (AHA), which
represents 5,000 hospitals, health systems, networks, and other
providers of care.
We appreciate this opportunity to present our views on an issue
that is of critical importance to our members and the patients they
care for: the potential for the ``millennium bug''--the inability of
computer chips to recognize the Year 2000--to interrupt the smooth
delivery of high-quality health care. The AHA and its members are
committed to taking whatever steps may be necessary to prevent
potential Year 2000 problems from affecting patient care.
Hospitals and health systems operate 7 days a week, 24 hours a day.
Their doors are always open because the people they serve trust that
they will be there whenever the need arises. Our number one concern is
the health and safety of our patients, and that is why I am here.
Hospitals and health systems face the same potential problems as
most other institutions. Cellular phones, pagers, security systems,
elevators--all could be affected by Year 2000 problems. However,
hospitals are special places that also rely daily upon unique medical
devices and equipment. We are concerned about the potential impact of
Year 2000 computer problems on patient safety--and hospitals, health
care providers and their associations cannot reduce, let alone
eliminate, that risk by themselves. We need your help and cooperation,
and that of the federal agencies that regulate the health care field:
namely, the Food and Drug Administration (FDA) and the Health Care
Financing Administration (HCFA).
In particular, we need the federal government to exercise its
authority in this area--now. We need the federal government to create
an atmosphere in which everyone involved in the health care field will
view the full and timely disclosure of Year 2000 computer problems not
only as diligent and prudent behavior--the right thing to do--but also
as mandatory conduct.
In fact, our belief that medical device manufacturers, health care
providers, consumers and the government must work together to solve
this problem is one reason why we have joined the National Patient
Safety Partnership, a voluntary public-private partnership of national
health care organizations. The partnership, in a press conference just
last week, called for a national clearinghouse for information about
the Year 2000 compliance status of medical devices. The organizations
also called for:
--Medical device manufacturers to identify and provide Year 2000
compliance information about their devices to their health care
provider customers and the public;
--Health care practitioners to become familiar with Year 2000 issues
and take steps to mitigate risks and inform the people they
serve; and
--Health care consumers to become familiar with Year 2000 issues and
seek advice about equipment in personal and home use.
One of the AHA's primary concerns has to do with potentially non-
compliant medical devices and equipment. Microchips (or
microprocessors) that use date-sensitive logic are embedded in many
medical devices, and we need to find out whether those devices will be
affected by the date change to the Year 2000, and, if so, how we can
fix them to avoid an interruption or other malfunction. The
manufacturers of these devices are the best and, in some cases, the
only source of this information. Assuming that prudent medical device
and equipment manufacturers are engaging in Year 2000 testing, we need
to know what they are discovering, especially if they are uncovering
problems. Here lies the heart of our concern.
While we as health care providers can ask manufacturers to disclose
Year 2000 information to us, we cannot force them to do so. We do not
have the legislative or regulatory authority to compel disclosure. We
believe that is a job for Congress and the FDA.
the role of aha and state hospital associations
Hospitals and health systems are doing their part. Across the
nation, hospitals are preparing for the date change, and making a
commitment to take appropriate steps to avoid any disruption in patient
care. Continuing a tradition of partnership in addressing issues that
affect our mutual members, the AHA and the nation's state hospital
associations are working together to inform and educate hospitals and
health systems about the Year 2000 issue.
We are committed to informing our members of the dangers of the
millennium bug. We are making sure they have the latest information on
what their colleagues and other organizations are doing to address the
problem. And we are helping them learn about potential solutions.
Our State Issues Forum, which tracks state-level legislative and
advocacy activities, is hosting biweekly conference calls dedicated
entirely to the Year 2000 issue. On these calls, state and AHA staff
share information. A special AHA task force on the Year 2000 problem
has been drawing up time lines for action to make sure our members get
the latest information and know where to turn for help.
Articles are appearing regularly in AHA News, our national
newspaper, in Hospitals and Health Networks, our national magazine for
hospital CEO's, in Trustee, our national magazine for volunteer
hospital leadership, and in several other national publications that
are published by various AHA membership societies. Several of these
societies, such as the American Society for Healthcare Engineering and
the American Society for Healthcare Risk Management, are deeply
involved in helping their members attack the millennium bug in their
hospitals.
In addition, the AHA Web site has become an important clearinghouse
of information on the Year 2000 issue, including links to other sites
with information that can help our members.
the role of the food and drug administration
When it comes to medical devices, however, our efforts are not
going to be sufficient to solve the problem, unless the manufacturers
cooperate fully and quickly. While we anticipate that the number of
devices that are affected may be limited, it is critical that accurate
and thorough information be available from manufacturers. While health
care providers can inventory their thousands of devices and pieces of
equipment, the information about whether these devices are Year 2000-
compliant--that is, whether or not they will be affected by the date
change--must come from the manufacturers. Several organizations, both
public and private, have undertaken concerted efforts to collect this
information. Key among them are the Veterans Administration, the FDA,
and a consortium of state hospital associations and the AHA, through
the Security Third Millennium product.
The FDA has an especially key role to play in this area. The Center
for Devices and Radiological Health (CDRH), the arm of FDA responsible
for regulating the safety and effectiveness of medical devices, has
taken a number of steps to ensure that manufacturers of medical devices
address potential Year 2000 problems. We commend the center for its
actions. Dr. Thomas Shope, who is heading FDA's efforts, has been very
receptive to our concerns. We urge the FDA to work with other public
and private parties in maintaining a national clearinghouse. Congress
should provide the FDA with adequate resources to sustain and maintain
this important effort.
We believe that current regulations allow the FDA to require
manufacturers of medical devices to perform Year 2000 testing and
report adverse results. We urge Congress to speak directly to
manufacturers on the need and expectation for prompt, sufficient
disclosure. Congress also should provide FDA with the resources
necessary to ensure timely reporting of Y2K compliance--including
additional authority, if needed.
the role of the health care financing administration
On average, America's hospitals and health systems receive roughly
half of their revenues from government programs like Medicare and
Medicaid. If that much revenue were to be suddenly cut off, hospitals
could not survive, and patient care could be jeopardized. Hospitals
would not be able to pay vendors. They would not be able to purchase
food, supplies, laundry services, maintain medical equipment--in short,
they would not be able to do the job their communities expect of them.
All this would occur even as hospitals and health systems faced the
substantial costs of addressing their own Year 2000 system needs--costs
that are not recognized in the calculation of current Medicare payment
updates.
We applaud HCFA's recognition that the Y2K issue must be dealt
with. We urge the agency to take the steps necessary to also ensure
that state Medicaid programs are Y2K compliant.
With regard to Medicare, we are concerned about the agency's
decision to delay the routine Year 2000 Medicare payment update while
it works on its computers and those of its contractors. In addition,
the agency has not yet committed to any provision to pay interest for
that period. Hospitals are already trying to cope with the BBA's
dramatic changes, including significant spending reductions. A delay in
the Year 2000 update adds to their burden and causes unpredictability
for them and their patients.
HCFA's actions could affect hospitals' ability to provide the
highest-quality care possible not just to Medicare beneficiaries, but
to our other patients as well. Hospitals still must pay the bills
associated with providing that care, and those bills will keep coming
throughout HCFA's effort to update its computers. Routine updates in
current PPS payments are not complex. However, if they cannot be
provided as scheduled, then HCFA must quickly create an alternate
payment method that ensures the smooth flow of funds even as it updates
its computer systems, including paying hospitals prospectively.
HCFA also must make sure its contractors--including Medicare+Choice
plans--take steps to ensure that their performance will not be
interrupted by Year 2000 problems caused by the millennium bug. HCFA
should make readily available its work plan, and progress reports, for
bringing the contractors and Medicare+Choice plans into compliance and
monitor their efforts. Letting providers know what changes may be
required of them is also important. This would allow providers,
contractors and plans to prepare simultaneously and ensure that their
systems are compatible.
Even if HCFA and its contractors express confidence that their
payment mechanisms will not be affected by the millennium bug,
unforeseen problems could crop up. Therefore, it is imperative that
HCFA establish a fail-safe contingency plan in case HCFA or its
contractors' payment mechanisms somehow fail at the turn of the
century. We would like to work with HCFA to ensure that these short-and
long-term concerns about the Year 2000 are adequately addressed.
Medicare beneficiaries' health care needs will remain constant,
regardless of how well we are prepared for Year 2000 problems. If
carrier and fiscal intermediary payment systems are clogged up by the
millennium bug, hospitals' ability to continue providing high-quality
health care could be severely affected. A system to provide periodic
payments, based on past payment levels, is one way that this could be
done. It would ensure that hospitals have the resources necessary to
care for Medicare patients. We urge Congress to enact legislation to
authorize such a system, and require that HCFA subject such contingency
plans to public comment.
the role of congress
As I have described, health care providers and the associations
that represent them are devoting significant time, resources and energy
to preventing potential Year 2000 problems from affecting patient
safety. It is essential that we all look for ways to help prepare
America's health care system for the turn of the century, and Congress
can play an important role. Your attention to this issue, through
hearings such as this, reflects your understanding of the gravity of
the situation.
We ask you to help America's health care system avoid Year 2000
problems by taking several steps:
--Congress should speak directly to manufacturers on the need and
expectation for prompt, sufficient disclosure of their medical
devices' Y2K compliance, and provide FDA with any additional
authority and support needed for the public/private Y2K
assessment effort to be a success.
--Congress should enact some form of limitation on liability for
health care providers that have taken steps to prevent Year
2000 problems from affecting patient care. To a great extent,
hospitals must rely on manufacturers of medical equipment and
devices--and on vendors providing other systems and products--
to disclose whether a Year 2000 problem may arise, and how to
correct the problem. In addition, some products and systems may
have been purchased by hospitals years ago, before the Year
2000 date change became a consideration. Providers should not
be liable for damages for the Year 2000 limitations of those
products and systems, especially when they have taken good
faith, reasonable steps to minimize the risk.
--One way to approach this liability issue is to broaden the
president's recently announced ``Good Samaritan'' proposal. The
aim of the proposal is to shield from liability businesses
that, in good faith, share information on solving the Y2K
problem. First, we suggest also addressing in that legislative
vehicle our concerns about liability mentioned above. In
addition, protecting hospitals and health systems from
liability for treating a patient with a medical device that the
manufacturer has assured us is Y2K compliant, but turns out to
have caused harm because it is not compliant, is also
necessary.
--Congress should authorize periodic payments under Medicare. These
payments, based on past payment levels, should be implemented
to ensure adequate cash flow for providers in case carrier and
fiscal intermediary payment systems fail due to the date
change. Congress also should ensure that HCFA has adequate
funding to ensure Y2K compliance, including the testing needed
to demonstrate that the claims processing and payment systems
work for the government, providers, contractors, and
beneficiaries alike.
Mr. Chairman, the Year 2000 issue will affect every aspect of
American life, but few, if any, are as important as health care.
America's hospitals and health systems, their state associations, and
the AHA are partners in the effort to prepare for the Year 2000. We
encourage Congress and our federal agencies to work with us as well.
Together, we can ensure a smooth--and healthy--transition into the new
millennium.
______
Responses of Jennifer Jackson to Questions Submitted by Chairman
Bennett
Question 1. [Status of biomedical device discovery, remediation,
and testing in hospitals]
Ms. Jackson, your testimony points out the potential patient safety
problems with noncompliant Y2K biomedical devices, and you call for a
national clearinghouse for information about compliant Year 2000
biomedical products. As you stated, only the manufacturers of the
devices have this Y2K data.
--How do you recommend establishing and operating this clearinghouse?
--What specific recommendations can you make to hospitals which may
be behind in their Y2K efforts or struggling to understand the
scope of biomedical devices?
Answer. The emphasis should be on a public-private partnership.
There are currently a number of data bases, including the FDA's, the
Veteran Administration's, and the one developed by a consortium of
state hospital associations and the AHA, the Security Third Millennium
product, that can serve as a base for this effort. AHA plans to follow-
up with the FDA and others to explore the potential for sharing
information and any legal or other impediments. Any clearinghouse
effort, however, will be dependent on getting the needed information
from the manufacturers. If the FDA believes it does not have the
authority to mandate disclosure, we urge Congress to enact self-
implementing legislation that would mandate disclosure by the
manufacturers.
AHA offers a range of services through which members can access
relevant literature, vendors and products, and be connected with their
peers to exchange information about their experiences in addressing Y2K
issues. A briefing book developed for members, Y2K: Mission Critical,
provides a framework for approaching the full range of Y2K issues,
starting with an inventory and assessment of what potentially may be
affected. (A copy of this book has been shared with staff of the
Special Committee and an additional copy will also be forwarded with
this letter.) A hospital can either assign someone the responsibility
to develop a plan based on the many resources available, or subscribe
to a service that will bring together the specific information an
individual hospital needs, like Security Third Millennium.
Question 2. [Rural hospitals]
Ms. Jackson, the Committee keeps hearing about potentially serious
Y2K problems with hospitals serving rural populations. Reports to our
staff indicate that the limited budgets of small hospitals make it
difficult for them to adequately staff Y2K efforts. In addition, the
fact that there may not be an alternative health care facility for many
miles makes their situation even more dire.
--Are these reports accurate? If so, what suggestions would you have
for small hospitals?
--Do you see a role for the federal, state, or local government?
Answer. Preliminary information from a survey conducted by AHA that
accompanied the Y2K: Mission Critical briefing book, suggests that
rural hospitals are not significantly different from others with
respect to the issues they have been examining and the steps they are
taking to become Y2K compliant. While rural hospitals do not have the
staff and other resources available to larger hospitals, they also do
not have the same scale of operation, nor the same high-tech equipment
demands as larger hospitals. However, it is still too early to know
what the ultimate cost or resource requirements will be. Small and
rural hospitals that are part of larger systems will have the benefit
of the system's expertise and resources. Coalitions of smaller entities
are also being formed to share information.
Small and rural hospitals are particularly concerned about the Y2K
readiness of others upon whom they must depend and over whom they have
no control. The uninterrupted flow of payments from Medicare, Medicaid
and other payers is a top priority. All levels of government have a
role to play in making sure that government programs pay on time, and
have adequate contingency plans to ensure that this happens. In
addition, the government can ensure that the basic services that help
support the operation of hospitals is not interrupted (e.g. water,
power, communications).
Question 3. [Contingency Plans for Y2K hospital operations and
Medicare payments]
Ms. Jackson, your testimony raises the issues of Y2K contingency
planning. Could you please share your thoughts on two specific ``What
if something goes wrong?'' scenarios.
--If Y2K disruptions prevent hospitals from being able to medically
function, what kind of contingency planning does AHA recommend?
For example, how would a hospital evacuate patients and where
would they take them?
--What if HCFA cannot promptly pay Medicare health claims? What is
the recommendation of AHA on how the government should pay
Medicare health claims while protecting the fund against fraud
and abuse?
Answer. Hospitals are routinely required to have disaster and
contingency plans. The Joint Commission on Accreditation of Health Care
Organizations also addresses the need for contingency plans. Y2K
contingency planning would supplement what already exists. The
specifics of a Y2K plan will vary depending on the Y2K compliance of
the hospital and the readiness of its community. Hospitals need to be
actively engaged with their public safety and public health partners.
It is likely that hospital contingency plans will evolve as more and
better information becomes known about the extent to which their own
operation is Y2K compliant, as well as that of others within their
community.
HCFA should establish a fail-safe contingency plan to address
potential noncompliance at all stages in the claims payment process.
Advance periodic payments, based on past payment levels, is an
important component of a contingency plan. AHA recognizes that the use
of past payment levels could result in underpayments based on actual
services delivered, as well as overpayments. Records would have to be
maintained and a reconciliation would ultimately occur, based on the
same standards as would otherwise apply. At the same time, many
hospitals and health care organizations have established formal
compliance programs designed to achieve the best possible compliance
with the complex billing requirements and regulations of the Medicare
program.
Question 4. [Medicare Payments]
Ms. Jackson, you stated that the Health Care Financing
Administration will not meet some of the Balanced Budget Act of 1997
changes in Medicare formulas and rates due to Y2K renovation and
testing activities. Has AHA estimated how much the BBA delays will
affect the hospital industry, and what do you propose as a solution?
Answer. Because of its Y2K preparations, HCFA has proposed delaying
both routine FY 2000 inpatient hospital Prospective Payment System
(PPS) updates as well as implementation of PPS for outpatient hospital
and home health payments. Each of these presents specific difficulties
for hospitals.
By our estimates, the proposed six-month delay in routine updates
to Medicare hospital payments would total approximately $300 million,
with an additional $40-$50 million accruing in interest owed to
hospitals over this period. HCFA's Y2K efforts should be substantially
complete by October 1, 1999. Moreover, AHA believes that HCFA should
have no difficulty making these routine adjustments to a 15-year-old
system of hospital payment. If in fact, they cannot, in the interim the
current (FY99) standardized amount should be increased by the FY2000
updates. Other required adjustments could be made retrospectively. This
will help avoid causing cash flow problems in hospitals across the
country.
Home health presents a different set of problems. With PPS
scheduled to take effect in FY2000, home health providers are being
paid under an interim system that has produced very serious unintended
consequences for efficient providers. Congress is currently struggling
to refine this interim system during this legislative year, a task made
much harder if that fix must cover a 3 or 4 year time frame, instead of
2 years. AHA supports the solution embodied in H.R. 4252, introduced by
Reps. English (R-PA) and Neal (D-MA).
Hospitals supported the creation of PPS for outpatient payment in
hopes of bringing predictability and simplicity to a very fragmented
and confusing payment system. Until PPS is finally implemented, we
would ask HCFA not to worsen our situation by requiring us to make
further changes--such as implementing the new Ambulatory Surgery Center
methodology--without the promised simplification. In addition, contrary
to what Congress intended, hospital outpatient payments will be
negatively affected by revisions to the physician payment. The best
interim solution for outpatient payment is to freeze the system until
PPS can be adopted.
Question 5. [Strategic Risk Management]
At what point should hospitals begin to determine whether or not
they should refrain from scheduling routine procedures and elective
surgeries during the first week of January 2000?
Answer. Contingency planning will be an on-going process. Hospitals
will want to minimize the demands on their systems while they begin
actual operations in 2000. Their decisions about when to begin business
as usual will depend on their own preparations, as well as the
readiness of those on whom they must depend. It is certainly the goal
of our members that they will not need to make scheduling changes for
routine procedures and elective surgery.
Question 6. [Information sharing]
Are you aware of any large health organizations which are working
to mitigate Y2K problems in concert with others in the private sector?
If so do you know of any plans to share this information with smaller
hospitals which may be struggling to afford Y2K programs?
Answer. AHA and its state hospital and health care associations are
working to assure that members have access to the information needed to
meet the Y2K challenge. This ranges from culling relevant literature
and sponsoring educational programs, to connecting hospitals with their
peers to exchange expertise and information. Hospitals are getting
together to seek information from vendors, as well those who would be
interested in volunteering some of their staff to smaller organizations
if their liability issues are addressed. The Y2K: Mission Critical book
also provides samples of the variety of tools organizations are using
to address Y2K issues.
______
Responses of Jennifer Jackson to Questions Submitted by Senator Collins
Question. In your estimate, how much will it cost rural hospitals
to become Y2K compliant?
Answer. It is still too early to know what will be the ultimate
cost for Y2K compliance. Anecdotal information indicates that however
reasonable preliminary estimates may be, the actual amount will exceed
those estimates. Rural hospitals will be in a better position to make
informed estimates as information becomes available from the
manufacturers and vendors about the Y2K status of their products and
services, and the options for bringing those that are noncompliant into
compliance.
Question. What is your primary concern for rural hospitals?
Answer. The primary Y2K concern related to rural hospitals is that
they receive information from their vendors and others on which they
depend for basic infrastructure support, early enough to permit them to
obtain any needed financial resources to carry out their Y2K compliance
plans. For the rural hospitals, assuring that there is no interruption
in payments for health care services from the government or private
payers is also of critical importance.
__________
Prepared Statement of Kenneth W. Kizer
introduction
Good morning Mr. Chairman and members of the Committee. I
appreciate the opportunity to testify before you on the healthcare
issues and on the potential risks to patient safety that are posed by
Year 2000 (Y2K) technology compliance problems. My comments are
especially directed toward biomedical equipment and medical devices,
and are based on the experience of the veterans healthcare system in
defining the extent of the Y2K problem for hospitals and healthcare
systems.
background
Technology has been responsible for many of the advances of modern
healthcare, so it is ironic that this same technology now may present
hazards to patient care when the 21st century begins.
Most medical devices, like other information technologies, were
designed when there was little concern about how year references were
reflected in hardware or software. Historically, most dates programmed
in computers and medical devices have been based on a two-digit year--
i.e., ``97'' rather than ``1997.'' This was done in the early days of
computing because of the high cost of data storage, and the practice
was continued until relatively recently.
The essence of the current Y2K problem stems from the fact that
when the year ``2000'' is entered as ``00,'' systems and devices may
not recognize this entry as a correct year, and thus, programs may
fail, they may not perform as designed, they may reject legitimate
entries or they may yield erroneous results. Thousands of medical
devices may be affected by one or more of these problems that
constitute what I have called the ``Millenium Bug Syndrome'' or
``MBS''.
The MBS may occur with technology-related processes that sort by
date or that require a comparison by dates, processes that calculate
age or processes that perform other date-related tasks. For example, an
incorrect date or time sequence in the output of a blood gas analyzer
could cause confusion when interpreting the sequential results, causing
errors in diagnosis and treatment. Likewise, an incorrect age
calculation which is stamped on an automated chest X-ray could prompt
unnecessary further testing or even cause a misdiagnosis.
Hospital information management systems; building systems
controlling heating, ventilation and air conditioning, security, and
elevators; and billing and accounting systems also are all subject to
the MBS. All such systems and devices must be thoroughly checked, and
repaired or replaced, as required, before January 1, 2000.
While most of the problems identified to date are relatively minor
and can be repaired, many healthcare institutions across the country
are not positioned to accomplish these needed repairs. More
importantly, though, is that at this time too many healthcare
institutions do not yet know whether they have a problem, or how big of
a problem they have.
general healthcare y2k issues
For the healthcare industry, the inability of many computers to
process date information later than December 31, 1999, is more than
just a computer or information management problem. For hospitals and
healthcare systems, Year 2000 problems originating from both internal
and external sources may, if left unattended, threaten the whole
institution, not just those departments that are concerned directly
with information technology. Uncorrected Year 2000 problems could
compromise patient care, disrupt core business functions and create
substantial liability exposure.
I believe the healthcare industry is at greater risk than many of
the other industries that are also grappling with the Y2K problem
because there are so many information systems in hospitals--from
admissions to discharges, transfers, medical records, inventory
control, clinical informatics and billing--which may be affected by Y2K
problems and which may have both direct and indirect effects. For
example, delays in payments from third-party payers could be crippling
if cash-flow problems result in staffing shortages. Similarly, if a
Year 2000-induced error causes a piece of laboratory equipment to skip
a function, or perform a function twice, a patient could get the lab
results of the patient who preceded or succeeded him or her, with
potentially adverse consequences. Likewise, without proper dating
systems, inventory reorder dates will be impacted with the consequent
risk of running out of needed supplies. This could be particularly
problematic for hospitals, since they typically maintain a minimal
depth of inventory for perishable items such as sutures and blood
products.
Further, modern healthcare depends on many external information
technology systems, so simply fixing a hospital's in-house systems and
biomedical equipment will not necessarily guarantee a smooth transition
into the new millennium. For example, every healthcare system depends
upon suppliers for goods and services. What if the linen service, food
suppliers, ambulance services, power management systems, oxygen
suppliers and reference labs, to name some, have problems in their
systems that make it difficult or impossible to take orders, to manage
inventory and to deliver what a hospital and its ancillary systems
need? Failure or malfunction of any of these systems could potentially
disrupt patient care.
vha's approach to the y2k problem
VHA size and scope
Within U.S. Department of Veterans Affairs (VA), the Veterans
Health Administration (VHA) operates the largest fully integrated
healthcare system in the United States. A wide range of electronic
information systems, biomedical equipment, facility management systems
and other computer-based system products provide vital support to the
delivery of healthcare and other services to veterans at over 1,100
sites of care delivery. (VA medical care assets include 171 hospitals,
over 600 ambulatory and community-based clinics, 133 nursing homes, 40
domiciliaries, 206 counseling centers and 73 home health programs, as
well as various contract treatment programs.)
VHA currently has an installed inventory of over 125,000 models of
medical devices with an acquisition value of several billion dollars.
The inventory is diverse and ranges from the most general, such as
suction machines and sphygmomanometers to the more complex, such as
magnetic resonance imaging systems and extracorporeal lithotripters.
VHA's diverse systems and equipment inventory includes hospital
information systems and applications, corporate information systems and
databases, commercial off-the-shelf (COTS) hardware and software,
communications systems and networks, biomedical equipment, laboratory
and research systems and other computer-controlled facility equipment.
There are many data interfaces among the systems and thousands of types
of equipment and devices in this extensive inventory. At the core of
VHA's systems environment is the Veterans Health Information Systems
and Technology Architecture (VISTA). VISTA is a critical element of the
total systems environment that provides information management support
to VHA healthcare facilities. It is continually being developed and
enhanced.
VHA approach
To address potential Y2K problems, VHA established a Year 2000
Project Office in 1996. The Project Office prepared The VHA Year 2000
Compliance Plan in April 1997, which included a structured compliance
plan for all categories of VHA's systems and equipment inventory,
assigned responsibilities for all actions and provided performance
tracking and reporting requirements.
To ensure coverage of all affected VHA medical devices, systems and
software, we prepared plans tailored to specific classes of products,
as follows:
VISTA software applications.--The Veterans Health Information
Systems and Technology Architecture (VISTA) is the heart of VA medical
facilities information resource management activities. VHA's VISTA
application development requirements in effect since 1984 dictate a
standard method of storing and deriving date information through the
use of a pre-existing database management system known as VA File
Manager.
VA File Manager uses a seven digit date field that has three digits
for the year (rather than the common two-digit year field in most
legacy systems) and two digits each for the month and day (date format
is YYYMMDD). The year is specified according to the number of years
from the year 1700.
Because of the decision to use the VA File Manager date standard,
the core VHA application systems were expected to be able to support
date information through the year 2699. This expectation was confirmed
in our assessment phase. Our programming approach eliminated most of
the two versus four digit year issues for the majority of software
applications at VHA medical facilities. The databases used by and
linked to these applications, interfaces between these applications and
other systems and equipment, and other system products that do not use
the VA File Manager date format, have been carefully assessed for Year
2000 compliance. VISTA is a vital part of the total computer systems
environment that provides information resources and support at VHA
healthcare facilities.
VHA in-house staff assessed, repaired, tested and are now
installing needed repairs at our hospitals. Assessment, repair and
testing were done centrally, while implementation is being done
locally.
Local software applications.--Many special purpose programs have
been developed in VHA. These have been written by local Information
Resource Management staff or other system users on-site, or they have
been imported from other VA medical centers. These programs generally
meet a local need or extend the functionality of nationally released
software. These software applications have more non-compliant code, but
have fewer users and less mission and financial impact. Such programs
are being assessed and repaired at the local level, and many of these
local applications have been discarded as a result of the Y2K analysis.
VHA corporate systems.--These systems and databases involve a wider
range of programming languages (including OS/VS COBOL, COBOL II, and
ALC) than the VISTA application suite. VHA defines corporate systems as
applications that gather information from one or more field facilities,
and the supported database(s). An example would be the National Mental
Health Database System, which runs on a PC at the Pittsburgh (Highland
Drive) VA Medical Center. This system is used for performance
measurement purposes, and it is updated weekly by 97 substance abuse
treatment programs and 73 post-traumatic stress disorder (PTSD)
programs that are located at 120 medical centers. These types of
corporate systems are being assessed by their sponsors and repaired
either by in-house staff or contractors.
COTS software.--There are over 3,000 COTS software packages in use
at VHA facilities. These include various versions of PC operating
systems, office automation products, communications software, desktop
publishing software and project management software. There are also
clinical software packages for such applications as intensive care unit
monitoring or nurse scheduling. In addition, there are server operating
systems and utilities, Internet services packages, network management
tools, database and software development environment tools, and
operating systems utilities. While we have done some testing of these
software packages ourselves, because of the number of such products,
VHA, like other healthcare organizations, is dependent on manufacturers
to disclose the Y2K compliance status of such products.
Databases and data archives.--There may be as many database files
as there are application programs in the VHA inventory. Today's
relational database structures encourage large numbers of interrelated
files. If any file has a two-digit year field, then it must be
thoroughly assessed. If one database must be changed in order to be
made Year 2000 compliant, then databases and programs linked to it may
also need to be changed. Data archives might have to be converted if
the databases to which they refer are upgraded for Year 2000
compliance. Local owners of databases and files are responsible for
their assessment and repair.
Computer and communications hardware.--In addition to personal
computers on employees' desks, there are servers for printer and file
sharing, automated phone systems, voice mail and fax back services,
computers for electronic mail, computers in fax machines and in-network
hubs and switches, and computers that monitor system activity. These
systems are often highly interlinked and interdependent.
Assessment of said equipment has been done through testing and from
information from manufacturers. Repair and replacement is a local
business decision.
Facilities-related systems and equipment.--Facilities-related
equipment systems are vitally important to VHA in providing quality
healthcare service. These include those systems that control elevators;
heating, ventilating, and air conditioning equipment; lighting;
security; and disaster recovery. Staff from engineering, information
resources, facilities management, acquisition and administration are
being involved to ensure that facility-related equipment will be Year
2000 compliant.
Biomedical equipment.--Biomedical equipment includes a myriad array
of devices that record, process, analyze, display and transmit medical
data. Examples of such equipment and devices include computerized
tomographic (CT) and nuclear magnetic resonance imaging (MRI) systems,
cardiac monitoring systems, tissue and blood gas analyzers, cardiac
defibrillators and various laboratory analyzers, to name a few. Some
devices interface and exchange data with VISTA application systems and
other VHA system products. In addition to the medical devices used in
clinical care, those devices and equipment used in medical research
facilities also are being inventoried and assessed for Year 2000
compliance.
The Safe Medical Devices Act of 1990 requires manufacturers of
medical devices to track and resolve problems with medical equipment
that may threaten a patient's well being. As a result, most recently
manufactured medical devices should be unaffected by the Year 2000
problem. However, most hospitals and healthcare systems utilize a wide
range of devices that have been manufactured over the past two or three
decades. In an effort to define the extent of VHA's potential problem
with biomedical equipment, early last summer, we identified over 1,600
manufacturers from whom we had purchased equipment or devices over the
years; this is out of a universe of over 16,000 medical supply and
device manufacturers. Over the past 10 months, we have solicited data
from these manufacturers as many as four times (depending on the
manufacturer's response). The dialogue continues with manufacturers
whom we have not heard from or who have advised us that their product
is noncompliant.
VHA has established multi-disciplinary oversight teams to
investigate medical devices for compliance at each VA medical center.
These Medical Devices Integrated Product Teams include a radiologist, a
pathologist, a cardiologist, a surgeon, a nuclear medicine physician,
engineers, acquisition specialists and administrative personnel.
VHA has developed a process for identifying, inventorying,
assessing, and evaluating VHA medical devices at risk for the millenium
change. We have also developed a Year 2000 patch for the VISTA software
module used in inventory and our preventive maintenance programs. The
software patch for Y2K compliance provides additional fields needed to
conduct assessment, track the status and complete necessary compliance
reports for Y2K activities
VHA results
VHA is currently on target to achieve Year 2000 compliance for its
mission-critical systems within the schedule imposed by the Office of
Management and Budget (OMB). This includes complete renovation of both
VISTA and Corporate Systems, with implementation scheduled for March
1999. The renovation of all VISTA and Corporate Systems applications is
projected to cost less than $2 million.
The results of VHA's assessment revealed that approximately 8
percent of the total VISTA code required renovation to achieve
compliance. Renovation was contained in 66 applications, with none of
the renovation work being categorized as more than minor repair;
renovation is now 100 percent complete. Hospitals are currently
averaging 72 percent implementation of the 61 enhancement or
modification patches released to bring VISTA applications into
compliance.
In the biomedical equipment and medical device area we can now
report that:
--694 manufacturers have certified to us that their products are Y2K
compliant, meaning that there should be no problems because the
device does not rely on date coding or they have already
addressed the issue. (Many of these devices are items
manufactured in recent years.)
--34 manufacturers have reported that a total of 182 models of
equipment or devices are not Y2K compliant and are no longer
supported by the manufacturer. These models are considered
obsolete and will not be fixed by the manufacturer, even though
in many cases the device is still functional and commonly used.
--102 manufacturers have reported that they produce a total of 673
models that currently are not Y2K compliant, but that they
intend to repair or otherwise fix the device. In most cases,
though, the manufacturer has not stated how the Y2K
noncompliance will affect the function of the device or exactly
what will be done to fix it. The manner in which the
manufacturers will be providing the fix--e.g., whether they
will charge for it, send a repair technician to the facility or
require the product be sent back, etc.--varies widely among the
manufacturers.
--53 manufacturers reported they are still doing analyses of their
products and, thus, we don't know what to expect from them.
--Inquiries to 201 manufacturers were returned to VHA marked ``Return
to Sender.'' After four tries over a 10-month period, we are
assuming, at this point, that we will never know about the
devices produced by these manufacturers.
--We have also identified 96 manufacturers who we believe have gone
out of business or have been acquired by another entity since
we initially acquired their products.
--The remaining 233 manufacturers have not responded to us despite
our multiple inquiries.
Thus, overall, we know at this time that we have 855 models of
devices and equipment that are not compliant, and about 20 percent of
these will not be made compliant by the manufacturer. And even after
four separate queries, we have not been able to get a response from
about 30 percent of manufacturers. In interpreting these figures,
please keep in mind the size of customer that VHA is and, thus, the
business interest of the manufacturers to be responsive to us. Other
than that, we have no reason to believe that our experience is not, or
will not be, typical of other healthcare providers.
other efforts
VHA is working closely with the Office of the Assistant Secretary
of Defense for Health Affairs to optimize the sharing of information
with the DOD healthcare system. VA is also working closely with the
National Institutes of Health, Centers for Disease Control, and Food
and Drug Administration within the Department of Health and Human
Services, who share common Year 2000 problems in the areas of
biomedical and clinical equipment and laboratory facilities.
VHA has participated in national meetings and made presentations on
our activities to the Association for Advancement of Medical
Instrumentation, the American Society of Healthcare Engineers, and the
Joint Commission on Accreditation of Healthcare Organizations' (JCAHO)
Seminars on Y2K Compliance Activities.
More recently, VHA has been working with other members of the
National Patient Safety Partnership (NPSP) to increase awareness of the
Millenium Bug Syndrome within the healthcare industry. For example, two
weeks ago, we joined with the American Hospital Association, the
American Medical Association, the American Nurses Association and JCAHO
in calling on the nation's medical equipment manufacturers, medical
equipment sales and retail industry, retail pharmacies and other
organizations that place medical devices in use to join in the effort
to identify and address potential patient safety problems resulting
from Y2K problems.
At the press conference 2 weeks ago the NPSP called for four
things.
First, the Partnership called on all healthcare practitioners and
medical treatment facilities to survey their equipment and seek
information from their relevant medical equipment, devices or systems
manufacturers about their products' Y2K compatibility.
Second, the Partnership called on all healthcare consumers who use
medical devices at home to check with the healthcare provider about the
product's Y2K compatibility. As you know, a very large amount of
healthcare is now provided at home.
Third, the Partnership called upon the nation's medical equipment
manufacturers to take immediate action--if they have not done so
already--to identify their devices' compliance. We urge in the
strongest possible terms that equipment and device manufacturers
provide this information no later than January 31, 1999, so that there
will be ample time to address identified problems.
And fourth, the Partnership calls for the establishment of a
single, national clearinghouse from which this information can be
readily accessed by anyone.
conclusion
In closing, let me reiterate that while the Millenium Bug Syndrome
has implications for nearly every industry and many households
nationwide, it is particularly critical for healthcare, since
healthcare today is so dependent on the use of biomedical equipment and
medical devices that rely on embedded, date-dependent information
technology. Moreover, we now know that many medical devices are not
Year 2000 compliant, and a significant number of these will not be made
compliant by their manufacturers.
We also know that when the clock rolls forward to the 21st century,
526 days from today, about 3.8 million Americans each day will receive
healthcare at hospitals, clinics and nursing homes, with many more
being treated at home; each of these patients will typically have
multiple different interactions--sometimes hundreds--with equipment,
devices and/or information technology systems. When you consider the
extraordinary number of such interactions with technology, then it
begins to become clear how large is the potential for adverse events to
occur, even if the problem involves only a small percentage of devices
or systems. Fortunately, we still have time to ensure that no patient
suffers harm as a result of the Millenium Bug Syndrome if concerted and
aggressive action is taken in the months ahead.
We thank the Committee for its assistance in helping to resolve
this technological problem.
______
Year 2000 and Medical Devices: Demonstration Items
1. zoll defibrillator (model pd 1200)
--Preliminary results indicate that functionality of the
defibrillator will not be affected
--Date stamp 00, thus requiring manual dating and the attendant
increased opportunities for errors
--Manufacturer has responded with a courtesy reply that they will get
back to VA, and so we characterize the compliance status of
this device as ``unknown''
2. spacelabs patient monitor (model pc express 90308)
--Cardiac monitor used in critical settings such as ICUs; 50,000
monitors of some type is probably a conservative estimate
--Alarm will not sound unless a software problem is addressed
--As part of a patient monitoring system connected via a local area
network, clinicians will not be able to correctly determine
when a patient alarm situation has occurred, dramatically
affecting care when a response measured in minutes is necessary
--Company reports to VA that a patch will be available in January
1999, hence we characterize the device as ``conditional
compliant''
--Company current states that the patch (free) must be ordered by
December 15, 1998; manufacturer's current policy as stated to
VA is requests after 12/15/98 will not be filled. Thus,
institutions need to be aware of the problem, survey their
equipment, and contact the manufacturer by the deadline
3. varian linear accelerator (model clinac 18, software version 5.2)
--Used in cancer therapy; designed to destroy tissue, so precision is
critical and under dosage or over dosage is not acceptable
--Although Varian considers this an older, obsolete unit, the
manufacturer reports it will supply a patch at no charge--i.e.,
the status currently is conditional compliant pending receipt
of patch and manufacturer's assurance that it addresses the
problem
4. vernitron steam sterilizer (model r1626rpyi)
--Sterilizers affect the whole operation of a facility, but VA
currently has no information as to the Y2K compliance status of
this equipment
--Sterilizers were not part of the initial national oversight survey,
but have been added
--VA (local facility) has made several attempts at contact the
company with no response to date
5. alaris infusion pump (model gemini pc4)
--Subtle, but significant Y2K problem. Proper service diagnostics
can't be performed on this pump. Since a valid date cannot be
entered following service activity or battery replacement,
proper and complete routine or emergency maintenance on the
device is not possible. This could then lead the device to
malfunction and result in patients getting improper doses of
medications and/or fluids. In other words, when someone
``fixes'' or checks the device for routine ``maintenance'',
there will be uncertainty as to whether it has been ``fixed''
or ``maintained'' correctly.
--VA currently characterizes the document as conditional compliant
6. marquette medical system electrocardiograph (model mac 12)
--An error code is printed on the statement instead of a date.
Illustrates the problem of the lack of date stamp contributing
to a time-consuming, ``hassle factor'' for healthcare personnel
--When the operator turns the machine off at the end of the day or
after use on a patient, the next time the equipment is turned
on the entire machine must be recalibrated before using the
device because the machine ``thinks'' it is new and resets its
internal clock to 1980
--Recalibration (10-15 minutes) wastes valuable time, and the date
still won't print even after recalibration
--Additionally, some devices in this model line are Y2K compliant and
will work without the upgrade--compliance depends on when the
device came off the assemby line. However, since some models
won't work without the upgrade, all machines will need to be
checked
--Conditional compliant; company says patch will be available
7. picker international, inc. ct scanner (model pq2000) picker
international, inc. mri system (model edge 1.5t)
--Compliance had been unknown for these devices and models, although
Picker had been contacted by VA several times and even though
VA is a significant customer. VA has >100 Picker CT scanners
($1.3 million per scanner) and dozens of MRIs at
approximately $1.7 million per unit.
--The day after VA highlighted Picker's non-responsiveness at a press
conference, the manufacturer contacted us that it would soon be
providing VA with information about the Y2K compliance status
of these items. Then, the evening before the Senate hearing,
Picker informed VA it had a Web site and that its devices would
be compliant.
8. physio-control defibrillator (model life pak 7)
--Unlike the Zoll defibrillator, VA has identified this product as
non-compliant based on information provided by the
manufacturer. The model is more than 9 years old and no longer
produced, though still in use
--The defibrillator is equipped with a real-time clock feature that
does not support the change to the Year 2000 and no
modifications are planned
--Depending on the device, it either won't print a date or will print
an erroneous date, which could lead to subsequent treatment or
interpretation errors
--Replacement cost is $10,000 per unit, and a typical VA
facility might have 10-30+
9. densply/gendex dental x-ray (models 770 and 900)
--Illustrates the difficulties in tracking down company information
due to the rapid changes in the industry--i.e., mergers,
acquisitions and bankruptcies
--Original letter was sent to Gendex, but returned as unknown
addressee. Only after 10 months of repeated follow-up and
investigations was it learned that Gendex had merged with
Densply, which VA is now in the process of contacting for Y2K
compliance and assistance. Such follow-up would be difficult
for most small systems or individual providers
--Compliance of this particular device is currently unknown
--There will be, without doubt, devices for which compliance will
remain unknown on December 31, 1999, necessitating contingency
planning for those items
10. computerized medical system radiation therapy treatment planning
device (model cms modulex rtp system)
--Used in radiation therapy (Cobalt 50), but manufacturer considers
this particular model obsolete and does not intend to provide a
patch; device is non-compliant
--Manufacturer has been open and forthcoming, stating that VA should
``turn this device off'' and not use it. After December 31,
1999, the device poses a harm to a patient because too much, or
too little, radiation could be delivered. Specifically: (i) an
incorrect date stamp indicating when the patient received
radiation therapy could affect the treatment plan for the
individual; and/or (ii) these units involve the use of a
``live'' radioactive source to treat the patient. Such sources
lose their strength, i.e., decay, over time. Since information
affecting the strength of the source is entered into the system
and tracked by date, the calculation for a particular dosage
for an individual patient would be affected and an incorrect
dosage delivered
--VA has 3 of these units, which originally cost
$150,000; replacement cost $200,000 to $250,000
VHA Y2K PROJECT OFFICE LIST OF MEDICAL DEVICE MANUFACTURERS WITH NO RESPONSE TO ALL 4 LETTERS
--------------------------------------------------------------------------------------------------------------------------------------------------------
Received
Name of manufacturer Street address response City State ZIP
--------------------------------------------------------------------------------------------------------------------------------------------------------
ABTOX INC......................................... 104 Terrace Drive............ ........ Mundelein......................... IL............. 60060
ACCUTOME.......................................... 490 Lancaster Avenue......... ........ Frazer............................ PA............. 19355
AEQUITRON MEDICAL................................. 14800 28th Avenue North...... ........ Minneapolis....................... MN............. 55447
ALLERGAN INC...................................... 92525 Dupont Drive, P.O. Box ........ Irvine............................ CA............. 92713
19534.
ALTEC............................................. 1515 S. Manchester Ave....... ........ Anaheim........................... CA............. 92803
AMEDCO HEALTH CARE DIV. HEALTHCARE PRODUCTS INC... 739 Goddard Ave.............. ........ Chesterfield...................... MO............. 63005
AMERICAN ELECTROMEDICS............................ 13 Columbia Dr. Suite 18..... ........ Amherst........................... NH............. 03031
ANGUS ELECTRONICS CO.............................. P.O. Box 24000............... ........ Indianapolis...................... IN............. 46224
APEC.............................................. 83 Pine Street............... ........ Peabody........................... MA............. 01960
API-LIRCO......................................... 118 Starlite Street.......... ........ South San Francisco............... CA............. 94080
ARNDORFER INC..................................... 5656 Grove Terrace........... ........ Greendale......................... WI............. 53129
ASPECT MEDICAL SYSTEMS............................ 2 Vision Drive............... ........ Natick............................ MA............. 01760
AUTOMATED PRESCRIPTION............................ 4333 Shreveport Highway...... ........ Pineville......................... LA............. 71360
BALDOR ELECTRIC................................... P.O. Box 2400................ ........ Fort Smith........................ AR............. 72901
BALLARD MEDICAL PRODUCTS.......................... 12050 Lone Peak Parkway...... ........ Draper............................ UT............. 84020
BARRAMUNDI CORP................................... P.O. Drawer 4259............. ........ Homosassa Spring.................. FL............. 34447
BAXA CORPORATION.................................. 13760 East Arapahoe Road..... ........ Englewood......................... CO............. 80112
BAYLOR BIOMEDICAL SERVICES........................ 2625 Elm St. Suite 102....... ........ Dallas............................ TX............. 75226
BETA TECHNOLOGY INC............................... 151 Harvey West Blvd......... ........ Santa Cruz........................ CA............. 95060
BIOMARINE INCORPORATED............................ 131 Wallace Avenue, Suite 3.. ........ Downingtown....................... PA............. 19335
BURKE INC/BED DIV................................. 1800 Marriam Lane............ ........ Mission........................... KS............. 66106
CARDIOVISTA SYSTEMS INC........................... 2691 Picker Ave., Suite 115.. ........ Irvine............................ CA............. 92714
CASCADE X-RAY SPECIALTIES......................... P.O. Box 1605................ ........ Yakima............................ WA............. 98907
CEMAX-ICON INC.................................... 47281 Mission Falls Ct....... ........ Fremont........................... CA............. 94539
CHIRON DIAGNOSTICS CORPORATION/CRITICAL CARE DIV.. 115 Norwood Park South....... ........ Medfield.......................... MA............. 02052
CLINICAL DYNAMICS CORP............................ 12 Beaumont Road............. ........ Wallingford....................... CT............. 06492
CODONICS INC...................................... 17991 Englewood Drive........ ........ Middleburg Heights................ OH............. 44130
CORDIS CORP A JOHNSON & JOHNSON CO................ P.O. Box 025700.............. ........ Miami............................. FL............. 33102
CORPAK............................................ 100 Chaddick Drive........... ........ Wheeling.......................... IL............. 60090
CWE............................................... 25 St. Paul Road............. ........ Ardmore........................... PA............. 19003
DEBUSK TECHNOLOGY CORPORATION..................... 300 DeBusk Lane.............. ........ Powell............................ TN............. 37849
DIAGNOSTIC SONAR INC.............................. P.O. Box 456................. ........ Cambridge......................... OH............. 43725
DIGIVISION INC.................................... 5626 Oberlin Drive........... ........ San Diego......................... CA............. 92121
DYNAMIC ENGINEERING CORP.......................... 2575 West Beltline Highway... ........ Middleton......................... WI............. 53562
ECONOMICS LAB/ECON SYS............................ 3508 Tchulahoma Road......... ........ Memphis........................... TN............. 38118
ELCONAP........................................... 413 Market Street............ ........ Newark............................ NJ............. 07105
ERIS MEDICAL TECHNOLOGY........................... 10 Summit Avenue............. ........ Berkeley Heights.................. NJ............. 07922
FAIRBANKS SCALE................................... 1616 Toal Street............. ........ Charlotte......................... NC............. 28206
FISONS INSTRUMENTS INC............................ 55 Cherry Hill Dr............ ........ Beverly........................... MA............. 01951
FITNESS EQUIPMENT CORPORATION..................... P.O. Box 167................. ........ Clanton........................... AL............. 35045
FOREDOM ELECTRIC.................................. Route 6 Stony Hill........... ........ Bethel............................ CT............. 06801
FRANTZ IMAGING INC. (FRANTZ MEDICAL).............. 595 Madison Avenue........... ........ New York.......................... NY............. 10022
GRASEBY MEDICAL INC............................... 3796 N. Dunlap Avenue........ ........ Arden Hills....................... MN............. 55112
HARVARD BIOSCIENCE................................ 22 Pleasant Street........... ........ South Natick...................... MA............. 01760
HEALTHWATCH INC., CAMBRIDGE MEDICAL DIV........... 2445 Cades Way............... ........ Vista............................. CA............. 92083
HOME DIAGNOSTICS INC.............................. 2300 NW 55 Ct................ ........ Ft. Lauderdale.................... FL............. 33309
HOSPEX FIBER OPTICS............................... P.O. Box 353................. ........ Chestnut Hill..................... MA............. 02167
ISELL DIVERSATRONICS.............................. 2430 Boulevard of the ........ Norristown........................ PA............. 19403
Generals.
JFM ENGINEERING................................... 7880 N.W. 56 St.............. ........ Miami............................. FL............. 33166
KASON INDUSTRIES.................................. 57 Amlajack Blvd............. ........ Shenandoah........................ GA............. 30265
KOWA OPTIMED...................................... 20001 S. Vemmont Avenue...... ........ Torrance.......................... CA............. 90502
LIFELINE INSTS INC................................ 3830F Charter Park Dr........ ........ San Jose.......................... CA............. 95136
LIONHART TECHNOLOGIES............................. P.O. Box 1925................ ........ Carson City....................... NV............. 89701
LUMEX INC......................................... 81 Spence Street............. ........ Bay Shore......................... NY............. 11706
MAC BETH DIV. INSTRUMENTS......................... 405 Little Britain Rd........ ........ New Windsor....................... NY............. 12553
MANGUM SICKLES IND................................ 1200 North Sickles Drive..... ........ Tempe............................. AZ............. 85281
MC KESSON AUTOMATED HEALTHCARE.................... 261 Kappa Drive.............. ........ Pittsburgh........................ PA............. 15238
MEDICAL GRAPHICS.................................. 350 Oak Grove Parkway........ ........ St. Paul.......................... MN............. 55127
MEDIMEX........................................... P.O. Box 14.................. ........ West Hempstead.................... NY............. 11552
MEDSCO COMFORT POUCH.............................. 185 N Park Blvd., Suite 262.. ........ Lake Orion........................ MI............. 48362
MESA INDUSTRIES................................... 143 South Jackson Street..... ........ Elkhorn........................... WI............. 53121
METERTECH INC..................................... 63-2 Cheng Kong Rd. Sec. 1... ........ Nan Kang.......................... Taipei.........
MODERN ENGINEERING................................ 3500 Bernard Street.......... ........ St. Louis......................... MO............. 63178
MODULAR INSTRUMENTS INC........................... 81 Great Valley Pkwy......... ........ Malvern........................... PA............. 19355
NICHOLS INSTITUTE DIAGNOSTICS..................... 33608 Ortega Highway......... ........ San Juan Capistran................ CA............. 92690
NORLAND MEDICAL SYS. INC.......................... 106 Corporate Park Dr., Suite ........ White Plains...................... NY............. 10604
106.
NOVA HEALTH SYSTEMS INC........................... 1001 Lower Landing Road, ........ Blackwood......................... NJ............. 08012
Suite 103.
NOVA MEDICAL INC.................................. 150 Eaton Street............. ........ St. Paul.......................... MN............. 55107
OMEGA ENGNEERING INC.............................. P.O. Box 4047................ ........ Stamford.......................... CT............. 06907
OMRON HEALTHCARE/BUFFALO MEDICAL.................. 300 Lakeview Parkway......... ........ Vernon Hills...................... IL............. 60061
ONCOR INC......................................... 209 Perry Parkway............ ........ Gaithersburg...................... MD............. 20877
ORTHO-KINETICS INC................................ P.O. Box 1647................ ........ Waukesha.......................... WI............. 53187
OXFORD MEDICAL.................................... 11526 53rd Street North...... ........ Clearwater........................ FL............. 34620
PHYSITEMP INSTRUMENTS INC......................... 154 Huron Avenue............. ........ Cliflon........................... NJ............. 07013
PIONEER MEDICAL SYS. INC.......................... 37 Washington Street......... ........ Melrose........................... MA............. 02176
RADIONICS INC..................................... 22 Terry Avenue.............. ........ Burlington........................ MA............. 01803
ROECO MANUFACTURING SERVICE....................... P.O. Box 357................. ........ Monterey Park..................... CA............. 91754
ROGERS MACHINERY COMPANY.......................... P.O. Box 23279............... ........ Portland.......................... OR............. 97223
SS WHITE BURS INC................................. 1145 Towbin.................. ........ Lakewood.......................... NJ............. 08701
SENTEC............................................ 1218 Combermer............... ........ Troy.............................. MI............. 48083
SIMS FORT MEYERS (INTERTECH)...................... 5100 Tice Street............. ........ Fort Meyers....................... FL............. 33905
SOLOMAT A NEOTRONIC CO............................ The Waterside Bldg, 26 Pearl ........ Norwalk........................... CT............. 06850
Street.
SONY ELECTRONICS INC. MEDICAL SYS. INC............ 3 Paragon Dr. Mail Drop S200. ........ Montvale.......................... NJ............. 07645
STER-O-LIZER MANUFACTURING........................ P.O. Box 27488............... ........ Salt Lake City.................... UT............. 84127
STROM CORP........................................ P.O. Box 109................. ........ Seroggins......................... TX............. 75480
SUN MICRO SYSTEMS................................. 2550 Garcia Avenue........... ........ Mountain View..................... CA............. 94043
SWAN TECHNOLOGIES................................. 3075 Research Drive.......... ........ State College..................... PA............. 16801
SYNNEX INFORMATION TECHNOLOGIES................... 3797 Spinnaker Court......... ........ Fremont........................... CA............. 94538
TEK MARKETING..................................... 98 Railroad Drive............ ........ Warminster........................ PA............. 18974
TEKNIKA ELECTRONIC................................ 333 Route 46 Gothic Plaza.... ........ Fairfield......................... NJ............. 07006
THOMSON CONSUMER ELECTRONICS...................... 600 N. Sherman Drive......... ........ Indianapolis...................... IN............. 46201
TOMTEC IMAGING SYSTEMS INC........................ 4775 Walnut Street, Suite C.. ........ Boulder........................... CO............. 80301
TRIONIX RESREACH LABORATORY INC................... 8037 Bavaria Rd.............. ........ Twinsburg......................... OH............. 44087
TUNTURI INC....................................... P.O. Box 97047............... ........ Redmond........................... WA............. 98073
UNITED ELECTRONICS & CONTROL...................... 1177 McCarter Highway........ ........ Newark............................ NJ............. 07104
UROHEALTH SYSTEMS INC............................. 5 Civic Plaza, Suite 100..... ........ Newport Beach..................... CA............. 92660
VOTRAX............................................ 1394 Rankin.................. ........ Troy.............................. MI............. 48083
WALLACH SURGICAL DEVICES.......................... 291 Pepe's Farm Road......... ........ Milford........................... CT............. 06460
WESTERN ELECTRIC.................................. Guilford Center P.O. Box ........ Greensboro........................ NC............. 27420
20046.
TOTAL = 99
--------------------------------------------------------------------------------------------------------------------------------------------------------
Prepared Statement of Senator Jon Kyl
I would like to thank the Chairman and the Vice Chairman for their
continued leadership on the Year 2000 Technology problem (Y2K). I would
also like to thank our distinguished panel for attending and sharing
their insight into the critical healthcare infrastructure.
Arizona's healthcare and research facilities are among the best in
the nation and include specialties in cancer research, cardiovascular
treatment, respiratory treatment and geriatric care. Arizona maintains
a world class healthcare system excelling in both care and
accessibility. Arizona's large and small facilities maintain a standard
of excellence and sophistication that is the envy of healthcare
facilities across the U.S. Overall, our healthcare facilities comprise
a mix of outstanding privately owned facilities and those serving our
nation's veterans.
But all of this may be put in jeopardy, if the vital information
systems, supporting this excellent medical care infrastructure, are
disrupted through Y2K failures. Arizona's healthcare system like many
other states is a labyrinth of interdependent information systems.
Having worked with some of the largest health organizations Arizona, I
know first hand the complex process of ensuring patient safety,
confidentiality, payment and quality assurance. As we focus on the
condition of the healthcare industry today, we will try to develop an
understanding of the scope and severity with which Y2K could impact
healthcare operations. I would like to stress that the very possibility
of a Y2K problem causing serious disruptions in hospitals and medical
systems, should capture the full and immediate attention of the entire
healthcare industry.
We must also make every effort to ensure that fears of litigation
do not impede the exchange of Y2K information needed to fix critical
systems and develop contingency plans.
I think it is important to remember that the Y2K problem is not a
``bug'', like a 24 hour flu which arrives unexpectedly and departs
quickly. Y2K is a serious affliction which has the potential to reek
long term consequences on the healthcare industry. The only defense
against Y2K is a strong preventive maintenance plan. Preventing Y2K-
related problems is a lot like preventing heart disease; it requires an
informed and disciplined regimen to succeed.
At this point, the readiness of the healthcare industry is largely
unknown. Y2K disruptions could easily damage the complex medical
payment process or even cause medical equipment to unexpectedly fail.
The complexity of the Y2K problem exponentially increases with the
number of interfaces and electronic data exchanges. Even if a hospital
succeeds in solving its internal Y2K problems, it could still suffer
unexpected Y2K problems from an unprepared source such as medicaid,
equipment suppliers or a public utility. We must ensure that those who
are in need of care such as the elderly, sick children and those in
need of emergency services are not forced to deal with the consequences
of a congenital but, very treatable computer problem.
I am continuing to examine the liability issues wich impede the
exchange of technical information between medical equipment
manufacturers and the end users, such as hospitals and private
physicians. Hospitals are struggling to identify and replace equipment
which may not function because of the inability to process certain
dates. On the other hand, manufacturers are reluctant to share
information on products until they are certain of a Y2K solution.
I look forward to today's testimony for there are far too many
unanswered questions about the healthcare industry and the impact of
Y2K.
__________
Prepared Statement of Ramin Mojdeh
Mr. Chairman, my name is Ramin Mojdeh. I am director of research &
development for the cardiac rhythm management group of Guidant
Corporation. Headquartered in Indianapolis, Indiana, Guidant
Corporation designs, manufactures and sells innovative products and
technologies that improve the quality of care for persons with
cardiovascular diseases. Guidant's lifesaving and life enhancing
devices are manufactured in Minnesota, California and Puerto Rico and
used by persons around the world.
I want to thank you and the members of the committee for the
opportunity to speak today on behalf of the Health Industry
Manufacturers Association. HIMA is a Washington, DC-based trade
association that represents Guidant and more than 800 other
manufacturers of medical devices, diagnostic products, and medical
information systems. HIMA's members make nearly 90 percent of the $58
billion of health care technology products purchased annually in the
United States, and more than 50 percent of the $137 billion purchased
annually around the world. HIMA is the largest medical technology
association in the world.
We welcome this opportunity to provide information regarding both
the impact of the Year 2000 computer problem on the medical device
industry and the general readiness of this industry to ensure the safe
and reliable operation of medical devices in the Year 2000 and beyond.
The medical device industry recognizes and shares the concerns of
health care providers, patients, and the public regarding the possible
effects of the Year 2000 computer date problem. Affected medical device
companies are devoting significant resources to bring their devices
into Year 2000 compliance. The health and safety of patients constitute
the paramount concerns of our industry. That is what we are about in
both the business and the humanitarian senses.
In my appearance here today, I want to make three points for the
committee:
1. The medical device industry is extremely concerned about the
potential hazards associated with the Year 2000 problem and has put
substantial effort into ensuring that medical devices function properly
and safely after the century change.
2. HIMA believes that the industry as a whole is taking the
necessary steps to address the Year 2000 issues related to our
products.
3. HIMA members recognize that timely access to Year 2000
compliance information about individual companies' products is an
integral part of the solution to the overall Year 2000 problem. Today,
we give you our assurance that the industry will continue to work with
other concerned organizations and the FDA to make Year 2000 compliance
information relating to medical devices publicly available in an
appropriate format.
I also want to take this opportunity to applaud the interest of the
Congress and the Administration in proposing legislation in this area.
The President's recent proposal, which would allow for sharing of
information, may benefit a broad section of the economy in confronting
challenges posed by the Year 2000 bug. Unfortunately, it would appear
to be of less help to the medical device industry because of this
industry's wide spectrum of technologies, products, and company
resources. In our diverse industry, it's doubtful that what works for
one medical device company can be shared and adopted by others as the
President's proposal envisions even if the companies make devices with
similar functions.
the diversity of the industry
For the majority of cases in our industry, solutions to the Year
2000 problem developed by one company likely will not be applicable to,
or feasible for, others. Our industry's products range from tongue
depressors and hypodermic syringes, to sophisticated analytical
instruments used in medical laboratories, to medical imaging equipment.
The industry encompasses a full spectrum of companies from large,
international corporations with multiple product lines to small,
entrepreneurial businesses manufacturing one or two products.
More than 50 scientific and engineering disciplines including such
diverse fields as solid state physics and holography are involved in
the development of our products. Hundreds of different basic materials
are utilized, singly and together, in our manufacturing. Over 50
different medical specialties, such as orthopedic surgery, cardiology,
and ophthalmology, utilize the industry's products in applications
throughout the human body. There are more than 3,000 distinct, major
product lines, and approximately 84,000 individual products. Most are
sold in small, niche medical markets.
The universe of FDA-registered medical device companies is more
than 18,000, and about 7,700 of these manufacture products in the
United States. However, nearly 80 percent are relatively small
companies with fewer than 50 workers and annual revenues of less than
$20 million. Only about 150 companies, or divisions of major companies,
have worldwide sales greater than $100 million.
the complexity of the problem
It its role as a facilitator in bringing together manufacturers of
similar products to search for common solutions, HIMA has found that
the challenge posed by the Year 2000 bug does not represent a single
problem that will yield to a single solution. Rather, each company
faces a unique set of circumstances involving its own technologies for
the functioning and manufacture of its products. Moreover, these
technologies have evolved quickly, because of rapid advances in many
scientific fields. Solutions that a company can adopt for a device it
manufactures today may be entirely inappropriate for an earlier model
of the device that it made only 18 months ago.
Another complicating factor is the degree to which the Year 2000
bug will affect individual companies. Some, but not all, medical device
computer systems and software applications will be affected. HIMA
members manufacture electrical medical devices that perform functions
ranging from measuring physiological parameters and pumping liquids to
duplicating or simulating physiological functions to performing
chemical analyses. Many of these devices are either life supporting or
life sustaining. In addition to differing in function, these devices
also differ significantly in size and complexity.
The number of electrical medical devices containing software to
control some or all of their operation has been rising as the cost of
microprocessors has been falling. Consequently, almost all electrical
devices now contain software. However, the complexity and sensitivity
to the Year 2000 date change vary dramatically among devices. Many of
the highest risk devices that are vital to keeping patients alive and
that utilize embedded software are not date sensitive. For example,
pacemakers do not use a current date in their operation, and it is
unlikely that ventilators, infusion pumps and many other products will
be affected by the date problem.
Other devices perform less life-critical functions, yet they may
perform calculations or send data directly to another device that
performs calculations requiring accurate date information. Clearly,
these devices may be quite sensitive to the Year 2000 problem.
the role of the fda
The FDA has defined in great detail its expectations for the
medical device industry in several documents regarding regulatory
obligations for Year 2000 compliance. These documents describe how the
agency interprets its regulations regarding manufacturers'
responsibilities to determine the effect of the Year 2000 date problem
on their devices and to correct any safety-related problems that are
revealed. Operating within an FDA-regulated industry, our member
companies are profoundly aware of their Year 2000 compliance
responsibilities under the law and of the penalties for failing to meet
them.
Ultimately, manufacturers must examine all their software-driven
processes, products to determine whether they are date dependent, and
if they are, they must determine whether the date dependency is
sensitive to the century change.
industry's response
HIMA members are taking strong action to ensure their Year 2000
compliance. The association specifically advises members to:
--Comply with FDA expectations for identifying and resolving any Year
2000 date-related problems with their devices
--Provide information about the status of their Year 2000 compliance
to their customers and others who need it in the most
appropriate manner and in a reasonable time frame; and
--Work individually with customers who have specially manufactured
devices or who require unique, compliance fixes.
Guidant Corporation's actions
My own company has committed to a strategy that will ensure the
Year 2000 date change and leap year do not adversely impact our
products, services or business operations. Guidant has had an active
effort underway since the first half of 1997. This project has a full
time Project Coordinator assigned and multiple support teams organized
within each business unit and significant geographic location.
Executive management within Guidant is sponsoring this Project and a
cross-functional steering committee including systems, legal, auditing
and regulatory compliance has been charged with its oversight.
As of today, Guidant has completed a thorough review of the product
offerings from all of our divisions, including Cardiac Rhythm
Management (CRM), Vascular Intervention (VI) and Cardiac & Vascular
Surgery (CVS), with respect to the Year 2000 issue.
We are very confident that Year 2000 will create no adverse effects
for our products. Guidant will fully warrant that the products it sells
will be free of defects attributable to the Year 2000 date change.
Guidant is taking all reasonable steps necessary to confirm that
its business systems, software, and equipment that consider and process
date-related information will continue to function properly after
December 31, 1999. In doing so, Guidant is paying particular attention
to ensuring compliance with all regulatory guidelines regarding Year
2000 issues. Our commitment is to provide our customers with
uninterrupted service and continued quality.
We began the inventory/assessment of equipment and software in
1997, and we are currently working on the limited number of corrections
that have been identified as necessary. Guidant, as a corporation
formed in late 1994, is fortunate to rely upon many relatively new
systems, including our enterprise-wide operational support system (the
widely used SAP), which has already been certified Year 2000 compliant.
As such, the 1998 focus is on assessing manufacturing equipment,
facilities infrastructures, and business partners. Based upon this
assessment, Guidant will take the necessary actions to correct
identified problems. Guidant has a goal of completing all assessment
and remediation in the equipment and infrastructure area by mid year
1999. This will allow for internal auditing and testing, as well as any
fine-tuning, of these systems to take place in the latter half of 1999.
Our efforts in confirming the readiness of our various business
partners, while ongoing, will continue up to, and through, January 1,
2000.
Other HIMA members' actions
In providing compliance information to their customers and the
public, member companies have found the Internet to be an excellent
medium. Many members have posted compliance information on their own
Web sites and the FDA's Web site. Examples of HIMA member company
actions in this area include, but are not limited to, the following.
--At least one company with a diverse range of products has posted
pages of detailed charts on its Web site containing compliance
information about each of its devices.
--Another company has posted a short list of only those devices it
manufactures that still do not conform to Year 2000 compliance
standards.
--A third company has posted compliance information about its
products on its Web site and is soliciting e-mail inquiries
from its customers.
--Other members have gone beyond the Internet and contacted their
customers directly regarding the compliance status of their
products. In addition, some have established toll-free
telephone numbers for their customers inquiries regarding Year
2000 issues.
--A number of small companies, founded within the last ten years, say
that they anticipated the Year 2000 problem and have been
compliant from their first day of operation. Similarly, many
larger, established companies have designed recent products to
be Year 2000 compliant.
--Many companies have developed internal, cross-functional teams or
program offices to address Year 2000 product compatibility
issues.
As you can see, there is no one way that is the right way for
medical device companies to get the information out.
A number of groups, including the National Patient Safety
Partnership and its members, including the Department of Veterans
Affairs, the American Medical Association and the American Hospital
Association, have suggested that a central clearinghouse be established
to make Year 2000 information publicly available. I would like to
emphasize that making timely compliance information available to the
people who need it is also our industry's goal, and we share the
concerns of these organizations. HIMA believes that access to such
information through appropriate mechanisms is an integral part of the
solution to the overall Year 2000 problem.
Mr. Chairman, you have our strong commitment here today to continue
to work with other concerned organizations and the FDA in making Year
2000-compliance information publicly available in appropriate formats.
I want to assure the concerned groups and individuals that have spoken
out on Year 2000 safety issues that we understand and welcome your keen
interest in this area, and we share your sense of urgency. Simply put,
we must work together.
conclusion
In closing, I would like to say again that the Year 2000 problem
for our diverse industry cannot be resolved with an easy, one-size-
fits-all solution. Each company faces its own unique technical
challenge in this area, and while solutions for each company may
differ, we believe that timely access to information about compliance
of medical devices is important to health care organizations and
practitioners. We have committed ourselves here today to working to
achieve this goal with all other concerned parties and to provide the
information publicly in a reasonable time frame.
We are confident that by working together, we can achieve an
appropriate and mutually satisfactory format or formats for information
dissemination. And we will continue our intensive efforts to ensure
that on January 1 in the Year 2000, the medical technologies on which
millions of patients depend continue to function safely and
effectively. We want the patients that we serve as an industry to have
that confidence in us. And we will do whatever we must to deserve their
trust.
Thank you.
______
Responses of Mr. Mojdeh to Questions Submitted by Chairman Bennett
health industry manufacturers association
Question 1. [Dearth of information on Y2K compliance data for
biomedical devices]
Mr. Mojdeh, the Committee has explored many publicly posted data
2YK compliance for biomedical devices, and with a few exceptions, finds
it seriously wanting. You indicate in your testimony that the Health
Industry Manufacturers Association wants to seek a solution to the Y2K
problems and assist all parties that use biomedical devices. The
American Hospital Association and the Veterans Administration have
demonstrated a willingness today to work with national Y2K clearing
house on biomedical devices.
--Will HIMA take the lead in promptly establishing and operating such
a national clearinghouse for the health care industry?
Answer. HIMA will take the lead in meeting with concerned parties,
including, but not limited to, the National Patient Safety Partnership
(NPSP), National Electrical Manufacturers Association, (NEMA) and the
Food and Drug Administration (FDA) to develop cooperatively the most
efficient mechanism for making Y2K compliance information available
publicly. The NPSP includes, among others, the Department of Veterans
Affairs (DVA), American Nurses Association (ANA), American Medical
Association (AMA), Association of American Medical Colleges (AAMC), and
the Joint Commission on the Accreditation of Hospital Organizations
(JCAHO). Furthermore, the Association believes that Y2K compliance is
of the highest priority and has sent the enclosed memo to all of our
members and to approximately 6,000 non-members strongly encouraging
them to provide information on the Y2K status of their products via the
FDA Website and other means. (Attachment A)
Question 2a. [Patient protection versus corporate protection]
Mr. Mojdeh, President Clinton proposed, and this Committee supports
safe harbor legislation on limiting corporate liability in sharing Y2K
data. However, in your testimony you say such legislation would not be
useful to HIMA.
--Why does HIMA take the position that the sharing of Y2K data
between companies is not useful in solving the problem when
every health care industry user tells the Committee it is
critical?
Answer. The medical device industry is unusually diverse. Medical
devices using software range from electronic thermometers that
calculate internal body temperature based on infrared radiation to MRIs
and CT scanners. Because of this diversity of products and the large
number of medical device companies (several thousand), the software
used in many, if not most, devices is unique to the device. This
uniqueness raises two separate issues:
--Y2K solutions effective for one manufacturer may simply not be
useful to another manufacturer. Although their devices may
appear similar, and even belonging to the same generic family
(i.e., be described with the same general name), the software
driving the devices may not use the same algorithms or
structure. Because of these differing functional modes, it
would be difficult to determine which manufacturer's
information would be valuable to which other manufacturer. When
one considers that each manufacturer is generally the leading
expert on the software in its own devices, the best investment
for each manufacturer will be to work directly on solving its
own software problems.
--As described in the previous paragraph, much software is unique to
the device in which it is used; therefore, much of it is
regarded as proprietary commercial information that is a
``trade secret.'' To share software-specific Y2K ``solutions''
could well require manufacturers also to share some of this
proprietary information. Because this is a highly competitive
industry, we foresee the sharing of any proprietary information
as problematic.
Question 2b. Is HIMA satisfied with the 10 percent response to the
FDA call for biomedical manufacturers to disclose Y2K problems and
solutions? If not what has HIMA done about getting the response rate up
to 90 percent to 100 percent on devices where failure can have serious
consequences?
Answer. As we noted in our answer to Question 1, we have
communicated not only with our members, but we have gone beyond our
membership to communicate our strong recommendation that medical device
companies, including those companies whose products are not affected by
Y2K, share information via the FDA Website.
Question 3. [Y2K Contingency Plans for HIMA to produce and publish]
Mr. Mojdeh, your association represents manufacturers that produce
millions of biomedical devices annually. What kind of contingency plans
do HIMA member companies have to provide emergency assistance to user
organizations when Y2K problems occur on January 1, 2000?
Answer. HIMA agrees that contingency planning for companies to
provide assistance to customers in the event that problems arise is an
important concept for manufacturers to consider in their Y2K planning.
HIMA will communicate this message to its members.
Question 4a. [HIMA Letter Discouraging Cooperation with FDA]
Mr. Mojdeh, HIMA in an April 1, 1998 letter to Kevin Thurm, Deputy
Secretary of HHS, seemed to be discouraging its members from
cooperating with FDA's efforts to build a database of Year 2000
information on big-medical equipment.
--Why did HIMA take this position?
Answer. The April letter was specifically directed to HHS. HIMA was
concerned that the wording of the January 23, 1998 letter from HHS to
medical device manufacturers contained an implied threat of regulatory
action against companies who did not respond to the request for
information for the FDA Website. In retrospect, it is probably the case
that the language in both letters was unfortunate and that it produced
more misunderstanding than cooperation. We have subsequently
communicated our willingness to work with FDA and our members to make
more Y2K information available on the FDA Website. This communication
is attachment B.
HIMA encourages its members to communicate to users and the
interested public information regarding the Y2K status of their
products, even those products that are not subject to the problem. We
also believe that the FDA Website may prove to be the most effective
central communications vehicle for this purpose.
Question 4b. Doesn't HIMA believe that it would be more efficient
and time saving to share Y2K data on medical devices rather than have
each customer request the same information in writing over and over
again?
Answer 4. We support the Committee's interest in efficiency. We
believe that the most efficient approach is for the interested parties,
particularly the NPSP, HIMA, and FDA to meet and develop an appropriate
information set that will address their concerns adequately. These data
can then be transferred through a variety of means, including the FDA
Website.
______
Priority Memorandum
To: HIMA members.
From: Alan H. Magazine.
Date: August 3, 1998.
Subject: The Year 2000 Computer Problem
Congress has delivered a message to our industry that we have heard
loud and clear. At a hearing July 23, Senators Robert Bennett (R-UT)
and Christopher Dodd (D-CT) spoke out strongly regarding their concern
that our industry should be doing more to address patient safety issues
arising from the year 2000 computer problem. Senator Bennett, who is
chairman of the Senate special committee with jurisdiction on this
issue, charged that medical device companies are refusing to
acknowledge computer problems associated with the century change
because of their product liability concerns.
Senator Dodd was equally direct. ``I am deeply disturbed by the
fact that instead of taking steps to deal with this problem, the
medical device industry, as a whole, seems to be exacerbating the
problem by refusing to provide information, either to the FDA, which
regulates device safety, or to the hospitals and clinics, which use the
devices every day,'' he said. During the hearing, Senator Dodd
indicated his intent to go to the Senate floor to publicize the names
of companies that failed to respond to efforts by the FDA and the
Department of Veterans Affairs to collect information on their year
2000 compliance status. Of special concern to the senators was the
industry's poor response to recent surveys by the FDA and the
Department of Veterans Affairs.
In a subsequent July 29 meeting requested by Senators Bennett and
Dodd, Senator Dodd indicated that he has received a list from FDA and
the VA of companies that have failed to reply to their inquiries. In
response to a HIMA action agenda (see page two of this memo) he
indicated that he would delay introduction of legislation requiring
disclosure by device companies. He also said he would delay the public
announcement of the names of companies that have failed to reply to the
FDA and the VA. However, he refused to commit to how long such a delay
would last.
the challenge to industry
These are respected lawmakers who have shown their friendship to
our industry on several occasions. Their concern is real, and it
represents an immediate challenge and an urgent call to action for our
industry.
As the year 2000 approaches, we are seeing increased attention by
health care organizations, medical professionals, patients, and members
of Congress to the possibility that medical devices that are critical
to the health and lives of countless patients might malfunction because
of flawed computer programming. For example, at a recent press
conference, the National Patient Safety Partnership (NPSP), a coalition
that includes, among others, the American Medical Association, the
American Hospital Association, and the Veterans Affairs Department,
called for creation of a national clearinghouse for medical device
compliance information.
In response to this increased scrutiny of our industry, our answer
must be twofold:
industry's response
First, we must make certain that medical devices are year 2000
compliant. We must ensure that on January 1 in the year 2000, the
medical technologies on which millions of patients depend continue to
function safely and effectively. We want the patients that we serve as
an industry to have confidence in us, and we must do whatever is
necessary to preserve their trust.
Second, we must make every effort to ensure that information about
the year 2000 compliance status of medical devices is available to the
health care providers who use our products. Our industry has a
fundamental responsibility to provide information about the safety of
medical technology that people rely upon. It is natural that patients
and medical professionals have questions about the year 2000 status of
essential medical technology, and we must do our best to provide
answers in a forthright and timely manner.
hima's year 2000 program
HIMA is acting immediately to:
--Organize a working group that will advise on and oversee the
Association's efforts to successfully address year 2000 issues.
--Initiate a meeting with representatives of the National Safety
Prevention Coalition, its constituent groups (including the
American Medical Association, American Hospital Association,
and the U.S. Department of Veterans Affairs), and the FDA to
discuss a mutually satisfactory and appropriate mechanism for
dissemination of company compliance information.
--Work closely with lawmakers on Capitol Hill to apprise them of our
industry's progress.
fda's role
The FDA has defined in great detail its year 2000 compliance
expectations for the industry in several documents. The FDA expects
manufacturers to examine all their software-driven processes and
products to determine whether they are date dependent, and if they are,
they must determine whether the date dependency is sensitive to the
century change. The relevant FDA documents include:
--A letter to manufacturers, dated June 25, 1997, posted on the FDA's
Web site at www.fda.gov/cdrh/yr2000.html.
--Guidance on FDA's Expectations of Medical Device Manufacturers
Concerning the Year 2000 Date Problem, posted on the FDA's Web
site at www.fda.gov/cdrh/yr2000/y2kguide.html.
--Information Paper on FDA Activities Related to the Year 2000 Date
Problem and Medical Devices, posted at www.fda.gov/cdrh/yr2000/
ipyr2000.html.
In hearings before Congress, and in its communications with
industry, the FDA has invited the industry to cooperatively address the
challenges of year 2000 compliance and information dissemination. Many
member companies are implementing programs to ensure that they are year
2000 compliant. Many have dedicated sections of their company Web sites
to the disclosure of compliance information about their products, while
others have been contacting their customers directly about their year
2000 status. For those devices that aren't affected by year 2000
problems but whose users might have concerns, it is important that
manufacturers reassure them of the continued performance and safety of
their devices. In addition to these efforts, HIMA members are strongly
encouraged to consider the benefits of utilizing the FDA World Wide Web
site for dissemination of compliance information about their products.
As you may recall, the Department of Health and Human Services sent
a letter to device manufacturers on January 21, 1998, requesting
information about products affected by the year 2000 date problem. A
second, follow-up letter was mailed by CDRH in June. These letters
outlined an opportunity for manufacturers to identify specific products
that will be affected and to share this information with interested
parties through the FDA's World Wide Web site. Instructions about how
to use the FDA Web site to disseminate your company's year 2000
compliance status can be found at www.fda.gov/cdrh yr2000/
year2000.html. Company information that is placed on the FDA Web site
will assist health care facilities and medical professionals in
identifying affected products and in planning and taking remedial
actions. Companies may submit information that none of their products
are affected or information describing all affected products.
Alternatively, a company may also submit a Web address for the
compliance information that it maintains on its own Web site. The
information may be submitted electronically or in writing.
Please do not hesitate to contact me with any questions or concerns
you may have regarding year 2000 compliance. Members also can contact
Bernie Liebler at HIMA for additional information at (202) 434-7230 or
[email protected].
We will continue to apprise you of developments as they occur.
______
July 23, 1998.
Mr. Kevin Thurm,
Deputy Secretary, Health and Human Services,
Hubert H. Humphrey Building,
200 Independence Avenue, SW Room 606G,
Washington, DC.
Dear Mr. Thurm: I am writing in response to your reply to my April
letter. I appreciate your efforts to clarify the Department's intent
vis-a-vis its request for industry input to the FDA Year 2000 Website.
I believe that since I wrote that first letter there has been much
movement to align the industry and the agency more closely on this
issue.
Many HIMA companies are now using the World Wide Web to provide
information to their customers and as an interactive medium for
providing such information. For example, many company Websites contain
a great deal of detailed information regarding the Year 2000 Compliance
status of that company's products. Furthermore, a number of HIMA member
companies have provided information for the FDA Year 2000 Website. Some
have done both. However, for some other companies, direct
correspondence with their customers may be the most efficient and cost-
effective means of dealing with the issue. We continue to maintain that
the important thing is for the right people to get the right
information on time. We think that each company is the best judge of
which method of communication best fits its operations.
HIMA believes that maintaining the safe functioning of medical
devices through and beyond January 1, 2000 is extremely important. HIMA
members are also committed to providing timely information to their
customers and device users regarding that functionality. These ideas
are described well in the attachments to this letter: HIMA Testimony
before the Senate Special Committee on the Year 2000 and a HIMA paper
entitled, Medical Devices and the Year 2000.
In the next few months, I expect the device industry to work with
FDA and other interested groups to define more clearly the needs of all
parties regarding Year 2000 Compliance information. If we work
together, I anticipate that the appropriate information will reach
those who need it when they need it.
If you would like any further information, please contact either me
or Bernie Liebler, who is handling this issue. You can reach Mr.
Liebler at 202-434-7230 or [email protected].
Sincerely,
James S. Benson.
__________
Prepared Statement of Daniel S. Nutkis
introduction
Mr. Chairman, my name is Daniel Nutkis. I am president and director
of research for Odin Group, a research and advisory service dedicated
to information technology issues in the health care industry. Our
members include distinguished organizations across all segments of the
industry, including health care providers, payors, pharmaceutical
manufacturers and distributors. This unique make-up allows Odin to act
as an industry collaborative, sponsored and driven by our members to
tackle the most critical information technology issues facing today's
leading health care organizations.
Earlier this year, because of concerns raised by members, Odin
Group started a process of examination not unlike the process this
Senate committee is going through now. Our members were becoming
increasingly concerned about:
--the heavy interdependence of a wide range of partners;
--the fact that, consolidations notwithstanding, small players still
represent the bulk of the entities in today's health care
industry;
--the resource pressures that affect many of those players today,
along with the overall lack of sophistication with regard to
Year 2000 issues;
--and the need to develop comprehensive contingency plans and to ease
public concerns over the level of preparedness.
I'm not saying that anyone will entirely escape disruptions within
their own organizations, no matter how well prepared they are. But the
more trading partners you have, the greater the likelihood that you
will also feel the disruptions of other organizations. For these
reasons, Odin Group initiated the VitalSigns 2000 project. Its ultimate
objectives are to help the industry understand these possible
disruptions; to encourage development of contingency plans by
individual organizations and the industry at large; and to ensure the
continuity of patient care.
how complexity increases risk of failure
While many other parties and studies are focusing on one segment of
the health care industry, VitalSigns 2000 is focused on the bigger
picture. Let me show you one of the models that we are using to make
the complexity of this industry more understandable and more
manageable.
The first chart appended to my testimony is an interaction matrix.
Down the vertical axis of the matrix, you will see that the players are
categorized into five broad domains.
--First, customers.--This means patients, of course, but customers
can also be plan sponsors who buy health care services for
their employees or members.
--Providers.--including doctors, clinics, institutions providing
acute or ambulatory care, laboratories, testing services, blood
banks and pharmacies.
--Suppliers.--pharmaceutical and life sciences companies, medical
device manufacturers, upstream partners who supply the
suppliers, and downstream partners who distribute medicine and
equipment to the point of care.
--Payors.--including insurance companies and managed care
organizations.
--And regulatory bodies, state and federal.
Now, let's overlay this list of domains with a variety of processes
that require intense interaction to deliver patient services. The
matrix shows these processes along the horizontal axis, grouped into
four ``value chains.''
--Care delivery encompasses processes that the patient experiences
along the care continuum, as well as the management of clinical
trial data and adverse event reporting.
--Customer management includes all elements of customer service and
accounting, managing benefit plans and formularies, sales and
marketing.
--Supply chain management covers the business processes to receive
orders, fulfill orders, administer payment and manage the next
level of suppliers.
--Provider management includes claims and reimbursement, and internal
management processes.
some likely failures, and patient impact
The point of this interdependence model is to underscore how
complexity drives up risk. Organizations can better handle failures if
they have prepared for them--which is why some companies in this
industry are spending half a billion dollars to get ready for Year
2000. But a much greater problem is the failure you haven't thought
about until your beeper goes off--and that's assuming that the beeper
does go off!
When an individual organization has Year 2000 failures for which it
hasn't prepared, it will negatively impact its trading partners. Those
partners will then be less able to support the next level of trading
partners. And on it goes, with each failure piling on top of the last,
and everything ultimately piling onto the patient.
Let's take one example from one value chain--the case of a payor
organization serving 2,000 group plans, each of which has an average of
500 employees or dependents. That's one million covered lives, and at
least one billion dollars worth of health care services. When the
system malfunctions, plan sponsors start seeing inaccurate bills and
premium notices. Payments may be lost, or made for services that are
not covered in the plan. The provider starts seeing a flurry of
eligibility denials, claim denials, and payment delays. Doctors are
even unable to make specialist referrals.
Meanwhile, failures in their own offices add to the snarls, as
doctors have trouble accessing patient records and scheduling
appointments. The actual time the doctor can spend with patients drops
from five hours a day to perhaps two. Frustrated patients start
wondering where else they can go for medical services, but health care
isn't as portable as it used to be. Even if patients go to the
emergency room, how are they going to verify eligibility for Medicare
or any other benefits program if the payor's systems aren't working?
Health care systems deal with failures every day. But what happens
when they have to deal with more failures in one day than they have
ever known before?
triage and contingency planning
By now, it is getting clear:
--why an interdependent health care system requires an integrated
approach to the Year 2000 problem;
--why the central themes of the VitalSigns 2000 initiative are
``triage'' and ``contingency planning.''
The health care industry's insurance policy against Year 2000
collapse must start with a proper assessment of which components
represent the greatest risk to the system overall. How critical is each
component, and how well prepared? Which failures could cause widespread
damage to the overall health care system? What are the financial and
operational issues, as well as the technological ones, of each
contingency planning scenario?
Odin Group has spent months understanding the complexities and
interrelationships I have just described, and the impact of various
failures and scenarios on individual organizations and the industry as
a whole. We have developed models like the one I showed you a moment
ago. Now, we are seeking to develop more information through a survey
involving all parts of the health care industry.
After Odin researchers have digested this information, we will
convene working groups to conduct industry-wide contingency planning.
Together we will answer the toughest ``what if'' and ``what then''
questions. Researchers, advisors and industry members will work
together to identify, recommend and test industry plans.
Finally, in October, we will convene a gathering of CEO's to make
sure that the top leadership of the industry fully shares an
understanding of what must be done to protect health care in America.
Contingency planning must be part of a comprehensive approach to
Year 2000. Let me show you a graphic that depicts the methodology used
by SmithKline Beecham. In the center circle are the internal systems.
Around that is a second ring representing the infrastructure--site
facilities, telecommunications, lab equipment and manufacturing process
control. In the next circle are end-user systems, on the desks of tens
of thousands of employees. But even if you've got all that right,
you're not going to make it through January 2000 unless you consider
external relationships with customers, suppliers, and anyone you do
business with. In this particular case, the company even considers its
involvement in industry groups to be part of the Year 2000 effort.
This methodology could come from any number of major providers,
payors, pharmaceutical manufacturers or distributors--Aetna, UPMC
Health System in Pittsburgh, Eli Lilly and Company, or Columbia/HCA
Healthcare Corporation. My point is simple. If these companies can do
it, so can every player in this industry. Comprehensive Year 2000
methodology has to include:
--Awareness of the problem.
--Assessment of what's required to fix a specific system or device.
--Prioritization and triage of the most critical issues.
--Remediation--implementing fixes recommended by the vendor,
reprogramming, or replacing the system.
--Testing with suppliers, payors, providers and regulators.
--And contingency planning.
call to action
What can this committee do to help?
The health care industry, like most others, is greatly concerned
with issues of liability concerning Year 2000 cooperative efforts. It
encompasses antitrust concerns, to be sure, as to whether certain
information can be legally shared. But it also has to do with whether a
company creates new liabilities for itself by sharing information which
later proves to be wrong or even damaging.
President Clinton's proposal for a ``good Samaritan'' law to cover
such situations is on the right track. Odin Group members would be
pleased to work with their Senators and this committee to make sure the
provisions of such a law are appropriate for and helpful to the health
care industry. Clearly, it is time for all companies to participate in
sharing and joint planning in every way, putting all possible resources
against this problem.
I would also ask this committee to be watchful of regulatory
initiatives that add complexity and drain resources from Year 2000
efforts. This is not just another case of industry complaining. The
facts are that, in an industry as complex as this, every additional
Year 2000 failure has the potential to make the situation exponentially
worse. And every major new regulatory requirement adds to the
complexity of the information systems work being done over the next 18
months. This Committee, the US Congress, and for that matter, the
entire government cannot do this job for industry. But you can raise
awareness. Mr. Chairman, I would like to officially invite you and your
esteemed colleagues on this committee to attend the VitalSigns 2000 CEO
conference in October.
Odin Group's approach is to leverage the strengths of the leaders
who are preparing well for the Year 2000, and to try to make sure that
everyone in the health care industry has prepared as best they can.
Through VitalSigns 2000, we will produce specific recommendations--
regarding contingency planning, operational and financial issues,
industry-wide preparedness and testing, stockpiling key materials and
devices, and regulatory support.
There are no excuses for any player in this industry not having a
good plan. And there are no excuses for the industry not having a
contingency plan that reaches across the entire expanse of health care
in America.
[GRAPHIC] [TIFF OMITTED] T3JL98G.002
Model Overview--Key Processes
Care Delivery
Care Management
--Health status assessment
--Population segmentation
--Disease management
--Wellness & prevention program development
--Member/patient care planning
--Demand management
Care Delivery
--Enterprise-wide scheduling
--Diagnostics
--Treatments, therapies and interventions
--Charting/documentation
--Order management
Clinical Resource Management
--Precertification
--Preauthorization
--Utilization tracking
Clinical Information Mgmt. & Reporting
--Clinical information capture
--Clinical information presentation
--Clinical results/outcomes analysis
--Outcomes reporting
Clinical Trial Management
--Clinical information capture (case report forms)
--Clinical data scrubbing
--CANDA compilation
--Statistical analysis
Event Reporting/Recalls
--Adverse reaction/event monitoring (Phase 4)
--Analysis of events and adverse reactions
--FDA reporting
--Lot control and recall of product
Supply Chain Management
Order Initiation
--Order submission
--Order verification
--Order tracking
--Order pricing
Order Fulfillment
--Forecasting
--Order processing
--Special packaging
--Distribution and logistics
Production Management
--MRP/inventory management
--Production
--Process control
--Laboratory information management
--Quality assurance
Payment Administration
--Billing/AR/AP
--Payment receipt and posting
--Collections
--Cash management
--Chargebacks and rebates
--Contractual allowances
--General pricing and discounts
Supplier Management
--Supplier evaluation
--Supplier certification
--Contracting
Provider/Network Management
Provider Management
--Creation and maintenance of provider files
--Provider credentialing
--Provider profiling
--Network development and management
--Provider contracting
--Creation and maintenance of risk pools
--Provider and network management reporting
Claims and Reimbursement
--Claims entry
--Claims interface support
--Claims adjudication
--Benefits coordination
--Claims auditing
--Printing and mailing of EOB's
--Management reporting
--Chargeback reconciliation
--Rebate validation
Customer Management
Sales and Marketing
--Health plan sales
--Market research
--Advertising
--Product development
--Broker support
--Contracting
--Actuarial/underwriting/pricing
Benefit Plans/Formulary
--Establishment of benefits
--Plan maintenance
--Formulary management
Group Administration
--Establishment of group contracts
--Provision modification
--Demographic information maintenance
--Direct pay contract support
--Administration of flexible benefit plans
--Broker commission management
--Premium billing
--Third-party payments
Membership Support
--Member enrollment and file maintenance
--Eligibility tracking
--Processing of terminations and conversions
--Membership communications
--ID card generation and mailing
--Health status assessment data maintenance
--Member data analysis and reporting
--Plan participation
Customer Service/Account Management
--Customer inquiry, analysis, and reports
--Customer correspondence
--On-line customer assistance
--Customer satisfaction surveys
Regulatory Reporting
--Regulatory and legal affairs
--Compliance reporting
[GRAPHIC] [TIFF OMITTED] T3JL98G.003
__________
Prepared Statement of Donald J. Palmisano
re: impact of the year 2000 problem on physician practices
Mr. Chairman and members of the Committee, my name is Donald J.
Palmisano, MD, JD. I am a member of the Board of Trustees of the
American Medical Association (AMA), a Board of Directors member of the
National Patient Safety Foundation (NPSF) and the Chair of the
Development Committee for the same foundation. I also practice vascular
and general surgery in New Orleans, Louisiana. On behalf of the three
hundred thousand physician and medical student members of the AMA, I
appreciate the chance to comment on the issue of the year 2000 problem
and its anticipated effect on physicians.
introduction
As all of us know, the year 2000 problem exists because a vast
number of computer systems and software were created to read only the
last two digits of the ``year'' field of date data, while the first two
digits were implied to be ``19.'' When data requires the entry of a
date in or after the year 2000, these systems and software will be
incapable of processing the data properly.
Currently, virtually all industries are in some manner dependent on
information technology, and the medical industry is no exception. As
technology advances and its contributions mount, that dependency and
our consequent vulnerability become more and more evident. The year
2000 problem is revealing to us that vulnerability.
By the nature of its work, the medical industry relies tremendously
on technology--on computer systems, both hardware and software, as well
as medical devices that have embedded microchips. Virtually every
aspect of the medical profession depends in some way on these systems--
for treating patients, handling administrative office functions, and
conducting transactions. For some industries, software glitches or even
system failures, can, at best, cause inconvenience, and at worst, can
cripple the business. In medicine, those same software or systems
malfunctions can, much more seriously, cause patient injuries and
deaths.
potential impact on the health care sector
The medical profession and the health care industry, in general,
rely on information technology for a broad spectrum of services and
products, from electronic data interchange for patient records, medical
research, and billing, to medical devices in the surgical theater.
Clinical operations, patient care, business operations, communications,
and even building maintenance are all affected by this technology.
patient care
Providing medical care frequently requires the ability to access,
monitor, and interpret information. Some applications include imaging,
laboratory, pharmacy, and respiratory devices, cardiology measurement
and support devices, telemetry and endoscopy equipment and IV pumps,
operating room equipment, and emergency room devices. Nearly every
piece of medical monitoring and regulating equipment relies in some way
on information technology. Physicians and other health care providers
must be able to rely implicitly on the medical equipment they use.
Unreliable equipment cannot be used, because virtually any malfunction
could have disastrous consequences.
Assessing the current level of risk attributable specifically to
the year 2000 problem within the patient care setting remains
problematic. We do know, however, that the risk is present and it is
real. Consider for a minute what would occur if a monitor failed to
sound an alarm when a patient's heart stopped beating. Or if a
respirator delivered ``unscheduled breaths'' to a respirator-dependent
patient. Or even if a digital display were to attribute the name of one
patient to medical data from another patient. Are these scenarios
hypothetical, based on conjecture? No. Software problems have caused
each one of these medical devices to malfunction with potentially fatal
consequences.\1\ The potential danger is present.
---------------------------------------------------------------------------
\1\ Anthes, Gary H., ``Killer Apps; People are Being Killed and
Injured by Software and Embedded Systems,'' Computerworld, July 7,
1997.
---------------------------------------------------------------------------
The risk is also real. Since 1986, the FDA has received 450 reports
identifying software defects--not related to the year 2000--in medical
devices. Consider one instance--when software error caused a radiation
machine to deliver excessive doses to six cancer patients; for three of
them the software error was fatal.\2\ We can anticipate that, left
unresolved, medical device software malfunctions due to the millenium
bug would be prevalent and could be serious.
---------------------------------------------------------------------------
\2\ Id.
---------------------------------------------------------------------------
Medical device manufacturers must immediately disclose to the
public whether their products are Y2K compliant. Physicians and other
health care providers do not have the expertise or resources to
determine reliably whether the medical equipment they possess will
function properly in the year 2000. Only the manufacturers have the
necessary in-depth knowledge of the devices they have sold.
Nevertheless, medical device manufacturers have not always been
willing to assist end-users in determining whether their products are
year 2000 compliant. Earlier this year, FDA spokesperson Sharon Snider
said that the agency has only received Y2K compliance information from
about 11 percent of the 16,000 medical devices manufacturers worldwide.
Even when vendors do respond, their responses have frequently not been
helpful. The Department of Veterans Affairs recently reported that of
more than 1,600 medical device manufacturers it has contacted in the
past year, 233 manufacturers did not even reply and another 187 vendors
said they were not responsible for alterations because they had merged,
were purchased by another company, or were no longer in business. One
hundred two companies reported a total of 673 models that are not
compliant but should be repaired or updated this year.\3\ As an aside,
we applaud the federal government's initiative in seeking to obtain Y2K
information from manufacturers.
---------------------------------------------------------------------------
\3\ Morrissey, John, and Weissenstein, Eric, ``What's Bugging
Providers,'' Modern Healthcare, July 13, 1998, p. 14.
---------------------------------------------------------------------------
administrative
Many physicians and medical centers are also increasingly relying
on information systems for conducting medical transactions, such as
communicating referrals and electronically transmitting prescriptions,
as well as maintaining medical records. Many physician and medical
center networks have even begun creating large clinical data
repositories and master person indices to maintain, consolidate and
manipulate clinical information, to increase efficiency and ultimately
to improve patient care. If these information systems malfunction,
critical data may be lost, or worse--unintentionally and incorrectly
modified. Even an inability to access critical data when needed can
seriously jeopardize patient safety.
Other administrative aspects of the Y2K problem involve Medicare
coding and billing transactions. HCFA had issued instructions through
its contractors to physicians and other health care professionals that
until just last week would have required that electronic and paper
claims must meet Y2K compliance criteria by October 1, 1998. We were
particularly pleased that HCFA last week announced that it would
provide all health care providers an additional three months (until
January 1, 1999) to alter their claims processing data formats to
accommodate the necessary eight digit birth date. Additional time will
apparently be granted physicians by HCFA for reasonable good faith
exceptions. Well in advance of the year 2000, both physicians and HCFA
will need to make sure that their respective data processing systems
are functioning properly to assure the orderly and timely processing of
Medicare claims data.
Medicare administrative issues are of critical importance to
patients, physicians, and other health care professionals. In one
scenario that took place in my home state of Louisiana, Arkansas Blue
Cross & Blue Shield, the Medicare claims processor for Louisiana,
implemented a new computer system--intended to be Y2K compliant--to
handle physicians' Medicare claims. Although physicians were warned in
advance that the implementation might result in payment delays of a
couple of weeks, implementation problems resulted in significantly
longer delays. For many physicians, this became a real crisis.
Physicians who were treating significant numbers of Medicare patients
immediately felt significant financial pressure and had to scramble to
cover payroll and purchase necessary supplies.\4\
---------------------------------------------------------------------------
\4\ ``Year 2000 Bug Bites Doctors; Glitch Stymies Payments for
Medicare Work,'' The Times-Picayune, June 6, 1998, page C1.
---------------------------------------------------------------------------
We support and are encouraging physicians to address the myriad
challenges the Y2K dilemma poses for their patients and their
practices, which include claims submission requirements. We also
believe that HCFA should lead by example and have its systems in
compliance as quickly as possible to allow for adequate parallel
testing with physician claims submission software and other health care
professionals well in advance of the year 2000. Such testing would
allow for further systems refinements, if necessary.
reimbursement and implementation of bba
To shore up its operations, HCFA has stated that it will
concentrate on fixing its internal computers and systems. As a result,
it has decided not to implement some changes required under the
Balanced Budget Act (BBA) of 1997 and it plans to postpone physicians'
payment updates from January 1, 2000, to about April 1, 2000.
In the AMA's view, the Y2K problem is and has been an identifiable
and solvable problem. Society has known for many years that the date
problem was coming and that individuals and institutions needed to take
remedial steps to address the problem. There is no justification for
creating a situation where physicians, hospitals and other providers
now are being asked to pay for government's mistakes by accepting a
delay in their year 2000 payment updates.
HCFA has indicated to the AMA that the delay in making the payment
updates is not being done to save money for the Medicare Trust Funds.
In addition, the agency has said that the eventual payment updates will
be done in such a way as to fairly reimburse physicians for the payment
update they should have received. In other words, the updates will be
adjusted so that total expenditures in the year 2000 on physician
services are no different than if the updates had occurred on January
1.
We are pleased that HCFA has indicated a willingness to work with
us on this issue. But we have grave concerns about the agency's ability
to devise a solution that is equitable and acceptable to all
physicians.
Determining physician updates each year is complicated by the fact
that physicians, unlike any other providers, are subject to an annual
expenditure target or sustainable growth rate (SGR). Under the SGR,
updates in future years are influenced by whether actual spending on
physician services comes in over or under the target. Delaying the
physician updates thus will influence physicians' ability to live
within the targets and could affect future updates. If updates are
postponed, HCFA therefore must consider the impact on the SGR to ensure
that delays do not result in unintended penalties in years after 2000.
Also, as it turns out, the year 2000 is a critical year for
physicians because several important BBA changes are supposed to be
made in the resource-based relative value scale (RBRVS) that Medicare
uses to determine physician payments. This relative value scale is
comprised of three components: work, practice expense, and malpractice
expense. Two of the three--practice expense and malpractice--are due to
undergo Congressionally-mandated modifications in the year 2000.
In general, the practice expense changes will benefit primary care
physicians at the expense of surgeons and other procedurally-oriented
specialties. Malpractice changes, to some modest degree, would offset
the practice expense redistributions. To now delay one or both of these
changes will have different consequences for different medical
specialties and could put HCFA at the eye of a storm that might have
been avoided with proper preparation.
To make matters worse, we are also concerned that delays in
Medicare's reimbursement updates could have consequences far beyond the
Medicare program. Many private insurers and state Medicaid agencies
base their fee-for-service payment systems on Medicare's RBRVS. Delays
in reimbursement updates caused by HCFA may very well lead other non-
Federal payers to follow Medicare's lead, resulting in a much broader
than expected impact on physicians.
current level of preparedness
Assessing the status of the year 2000 problem is difficult not only
because the inventory of the information systems and equipment that
will be affected is far from complete, but also because the
consequences of noncompliance for each system remain unclear.
Nevertheless, if the studies are correct, malfunctions in noncompliant
systems will occur and equipment failures can surely be anticipated.
The analyses and surveys that have been conducted present a rather
bleak picture for the health care industry in general, and physicians'
practices in particular.
The GartnerGroup, for instance, based on its surveys and studies
has concluded that the year 2000 problem's ``effect on health care will
be particularly traumatic * * * [l]ives and health will be at increased
risk. Medical devices may cease to function.'' \5\ In its report, it
noted that most hospitals have a few thousand medical devices with
microcontroller chips, and larger hospital networks and integrated
delivery systems have tens of thousands of devices. Based on early
testing, the GartnerGroup found that although only 0.5-2.5 percent of
medical devices have a year 2000 problem, approximately 5 percent of
health care organizations will not locate all the noncompliant devices
in time.\6\ It also found that most of these organizations do not have
the resources or the expertise to test these devices properly and will
have to rely on the device manufacturers for assistance.\7\
---------------------------------------------------------------------------
\5\ GartnerGroup, Kenneth A. Kleinberg, ``Healthcare Worldwide Year
2000 Status,'' July 1998 Conference Presentation, p. 2 (hereinafter,
GartnerGroup).
\6\ Id. at p. 8.
\7\ Id.
---------------------------------------------------------------------------
As a general assessment, the GartnerGroup concluded that based on a
survey of 15,000 companies in 87 countries, the health care industry
remains far behind other industries in its exposure to the year 2000
problem.\8\ Within the health care industry, the subgroups which are
the furthest behind and therefore at the highest risk are ``medical
practices'' and ``in-home service providers.'' \9\ The GartnerGroup
extrapolated that the costs associated with addressing the year 2000
problem for each practice group will be range up to $1.5 million per
group.\10\
---------------------------------------------------------------------------
\8\ Id. at p. 10.
\9\ Id. at p. 13.
\10\ Id.
---------------------------------------------------------------------------
remediation efforts--ama's efforts
We believe that through a concerted and united effort, the Y2K
problem can still be effectively addressed within the medical community
before time runs out. For its part, the AMA has already begun devoting
considerable resources to assist physicians and other health care
providers in learning about and correcting the problem. The AMA has
developed a national campaign entitled ``Moving Medicine Into the New
Millennium: Meeting the Year 2000 Challenge,'' which incorporates a
variety of educational seminars, promotional information, and ongoing
communication activities designed to help physicians understand and
address the numerous complex issues related to the Y2K problem.
One of the many seminar series the AMA will be sponsoring is the
``Advanced Rapid Response Seminars'' series. We will hold these
seminars in various regions of the country and provide specific, case-
study information along with practical recommendations for the
participants. The seminars will also provide tips and recommendations
on dealing with vendors and will assist participants in identifying
important information they need to obtain from these vendors, as well
as various methods for obtaining this information. We are also
preparing a ``Solutions Manual,'' which will be distributed to the
participants of these sessions.
In addition, the AMA is opening a Web Site to provide the physician
community additional assistance to better address the Y2K problem. The
site will serve as a central communications clearinghouse, providing
up-to-date information about the millenium bug, as well as a special
interactive section that permits physicians to post questions and about
recommended solutions for their specific Y2K problems.
On a related note, the AMA in early 1996 began forming the National
Patient Safety Foundation or ``NPSF.'' Our goal was to build a
proactive initiative to prevent avoidable injuries to patient in the
health care system. In developing the NPSF, the AMA realized that
physicians, acting alone, cannot always assure complete patient safety.
In fact, the entire community of providers is accountable to our
patients, and we all have a responsibility to work together to fashion
a systems approach to identifying and managing risk. It was this
realization that prompted the AMA to launch the NPSF as a separate
organization, which in turn partnered with other health care
organizations, health care leaders, research experts and consumer
groups from throughout the health care sector.
One of these partnerships is the National Patient Safety
Partnership (NPSP), which is a voluntary public-private partnership
dedicated to reducing preventable adverse medical events and convened
by the Department of Veterans Affairs. Other NPSP members include the
American Hospital Association, the Joint Commission on Accreditation of
Healthcare Organizations, the American Nurses Association, the
Association of American Medical Colleges, the Institute for Healthcare
Improvement, and the National Patient Safety Foundation at the AMA. The
NPSP has made a concerted effort to increase awareness of the year 2000
hazards that patients relying on certain medical devices could face at
the turn of the century.
others' remediation efforts
As an initial step, we recommend that the Congress work closely
with the AMA and other health care leaders to develop a uniform
definition of ``compliant'' with regard to medical equipment. There
needs to be clear and specific requirements that must be met before
vendors are allowed to use the word ``compliant'' in association with
their products. Because there is no current standard definition, it may
mean different things to different vendors, leaving physicians with
confusing, incorrect, or no data at all.
Physicians should be able to spend their time caring for patients
and not be required to spend their time trying to determine the year
2000 status of the numerous medical equipment vendors with whom they
work.
We further suggest that both the public and private sectors
encourage and facilitate health care practitioners in becoming more
familiar with year 2000 issues and taking action to mitigate their
risks. Greater efforts must be made in educating health care consumers
about the issues concerning the year 2000, and how they can develop Y2K
remediation plans, properly test their systems and devices, and
accurately assess their exposure. We recognize and applaud the efforts
of this Committee, the Congress, and the Administration in all of your
efforts to draw attention to the Y2K problem and the medical
community's concerns.
We also recommend that communities and institutions learn from
other communities and institutions that have successfully and at least
partially solved the problem. Federal, state and local agencies as well
as accrediting bodies that routinely address public health issues and
disaster preparedness are likely leaders in this area. At the physician
level, this means that public health physicians, including those in the
military, organized medical staff, and medical directors, will need to
be actively involved for a number of reasons. State medical societies
can help take a leadership role in coordinating such assessments.
We must also stress that medical device and software manufacturers
need to publicly disclose year 2000 compliance information regarding
products that are currently in use. Any delay in communicating this
information may further jeopardize practitioners' efforts at ensuring
compliance. A strategy needs to be developed to effectively motivate
all manufacturers to promptly provide compliance status reports.
Additionally, all compliance information should be accurate, complete,
sufficiently detailed and readily understandable to physicians. We
suggest that the Congress and the federal government enlist the active
participation of the FDA or other government agencies in mandating
appropriate reporting procedures for vendors. We strongly praise the
FDA for maintaining a Y2K web site on medical devices, which has
already helped physicians to make initial assessments about their own
equipment.
Although the AMA strongly believes that information must be freely
shared between manufacturers and consumers, we strongly caution against
providing liability caps to manufacturers in exchange for the Y2K
information they may provide, for several reasons. First, as we have
stated, generally vendors alone have the information about whether
their products were manufactured to comply with year 2000 data. These
manufacturers should disclose that information to their consumers
without receiving an undue benefit from a liability cap. Second,
manufacturers are not the only entities involved in providing medical
device services, nor are they alone at risk if an untoward event
occurs. When a product goes through the stream of commerce, several
other parties may incur some responsibility for the proper functioning
of that product, from equipment retailers to equipment maintenance
companies. Each of these parties, including the end-user--the
physician--will likely retain significant liability exposure if the
device malfunctions because of a Y2K error. However, none of these
parties will typically have had sufficient knowledge about the product
to have prevented the Y2K error, except the device manufacturer. To
limit the manufacturer's liability exposure under these circumstances
flies in the face of sound public policy.
We also have to build redundancies into the remediation efforts as
part of the risk management process. Much attention has been focused on
the vulnerability of medical devices to the Y2K bug, but the problem
does not end there. Patient injuries can be caused as well by a
hospital elevator that stops functioning properly. Or the failure of a
heating/ventilation/air conditioning system. Or a power outage. The
full panoply of systems that may break down as our perception of the
scope of risk expands may not be as easily delineated as the potential
problems with medical devices. Building in back-up systems as a
failsafe for these unknown or more diffuse risks is, therefore,
absolutely crucial.
As a final point, we need to determine a strategy to notify
patients in a responsible and professional way. If it is determined
that certain medical devices may have a problem about which patients
need to be notified, this needs to be anticipated and planned.
Conversely, to the extent we can reassure patients that devices are
compliant, this should be done. Registries for implantable devices or
diagnosis-or procedure-coding databases may exist, for example, which
could help identify patients who have received certain kinds of
technologies that need to be upgraded and/or replaced or that are
compliant. This information should be utilized as much as possible to
help physicians identify patients and communicate with them.
conclusion
We appreciate the Committee's interest in addressing the problems
posed by the year 2000, and particularly, those problems that relate to
physicians. Because of the broad scope of the millenium problem and
physicians' reliance on information technology, we realize that the
medical community has significant exposure. The Y2K problem will affect
patient care, practice administration, and Medicare/Medicaid
reimbursement. The AMA, along with the Congress and other
organizations, seeks to better educate the health care community about
Y2K issues, and assist health care practitioners in remedying, or at
least reducing the impact of, the problem. The public and private
sectors must cooperate in these endeavors, while encouraging the
dissemination of compliance information.
__________
Prepared Statement of Kevin L. Thurm
Good morning. I am Kevin Thurm, Deputy Secretary of the Department
of Health and Human Services. I am accompanied by Dr. John Callahan,
the HHS Assistant Secretary for Management and Budget and our Chief
Information Officer (CIO); Nancy-Ann Min DeParle, the Administrator of
the Health Care Financing Administration; and Dr. Michael Friedman, the
Acting Commissioner of the Food and Drug Administration. I am pleased
to appear before this Special Committee to provide you with a report on
the accomplishments and the challenges faced by the health care
industry in preparing for Year 2000.
The Secretary and I have declared the Year 2000 date issue to be
our highest information technology priority. We have taken and will
continue to take actions to ensure that HHS information systems are
Year 2000 compliant.
We have involved all parts of our organization, including staff
with expertise in information systems, budget, human resources, and
acquisition management in our work to ensure that HHS information
systems are able to recognize the Year 2000. No matter what else we do
and what other initiatives we undertake, we must ensure that our
ability to accomplish the Department's mission is not impaired.
We must continue to exchange data with partners and accomplish the
Department's mission in the next century. HHS is also working to inform
the health care and human service communities about the Year 2000
issue, and to encourage awareness and facilitate Year 2000 compliance
of their equipment and facilities.
The Secretary has established December 31, 1998, as our internal
deadline for Year 2000 compliance of mission critical systems. This was
done in order to provide a full year of operations in which to detect
and remedy any adverse interactions among our systems and those of our
many service partners, including other Federal agencies, States and
local governments, tribes, and contractors. HHS mission critical
systems pay Medicare benefits, provide billions of dollars in grant
payments, collect and analyze epidemiologic, clinical trial, and other
public health data, and track patient care and records data.
hhs's year 2000 effort
To meet our Year 2000 responsibilities, we have taken a series of
strong administrative actions. We have encouraged aggressive
reallocation of funds, where necessary, to meet Year 2000 deadlines; we
have established direct reporting lines between staff working on year
2000 activities and the Operating Division (OPDIV) Chief Information
Officers. Each OPDIV CIO is responsible for regular reporting on Year
2000 efforts directly to the OPDIV head and the Department's Chief
Information Officer until Year 2000 date compliance is achieved.
HHS has also taken action to retain, attract, and re-employ
qualified information technology professionals, using both employment
and contracting authorities. On March 31, HHS received Department-wide
personnel authorities from the Office of Personnel Management (OPM) to
waive the pay and retirement reduction for re-employed military and
civilian retirees who return to work on Y2K remediation. To date,
Health Care Financing Administration has used the waiver authority to
reemploy 11 annuitants.
HHS agencies collect a tremendous amount of information that
requires data exchange. The Department has inventoried our data
exchanges and contacted our service partners to emphasize the
importance of assuring Year 2000 compliance. HHS is working with the
National Association of State Information Resource Executives (NASIRE)
and others to assure a coordinated response. On April 22, HHS provided
a listing of State interfaces to NASIRE for its review of completeness
and accuracy, and we will update this listing monthly until all of our
State interfaces are compliant. Later this month, HHS will update the
listing on the GSA web-site for NASIRE review. In addition to data
exchanges with States, HHS systems also exchange data with other
federal agencies, local governments, Medicare contractors and fiscal
intermediaries, private insurance companies, universities, banks, and
drug manufacturers.
In addition, HHS is requiring all of its operating divisions to
conduct thorough testing and independent verification and validation of
its renovated systems. We also know there is a possibility that, try as
we might, some systems may not be fully compliant in time. All of our
Operating Divisions have submitted initial business continuity and
contingency plans to the Department. These plans will be finalized and
tested, as appropriate, to provide us with the operational policies
needed to permit business continuity in the event of system failure.
ensuring medicare compliance
Of all the HHS programs, the Medicare program, administered by the
Health Care Financing Administration (HCFA), is our greatest Year 2000
challenge. Payment of health care claims is accomplished by over 60
external contractors which operate and maintain a base of software
programs that process nearly one billion claims each year from over one
million health care providers.
All of the external Medicare contractors have completed assessments
of their systems. However, two critical steps are needed to ensure
contractor compliance: (1) additional resources may need to be
dedicated to Year 2000 remediation, and (2) HCFA must delay
implementation of a small number of new initiatives to enable Year 2000
remediation efforts be completed on time.
Additional Resources: In May 1998, President Clinton signed a 1998
supplemental appropriations bill redirecting $20 million of HCFA
contractor funds to HCFA's Year 2000 efforts. In addition, HHS in May
1998 shifted discretionary funds to make an additional $62.1 million
available for HCFA's Year 2000 efforts in FY1998. Further, HCFA is
working with Congress to provide an additional $61.5 million above the
$37.5 million requested in the Budget, for a total of $99 million for
FY1999. Finally, it is likely that HCFA will require additional Year
2000 funding for FY2000.
Delaying Implementation of New Projects: To achieve Year 2000
compliance, HCFA estimates that 49 million lines of contractor code
will need to be renovated. Assuring services to beneficiaries in the
Year 2000 is HCFA's number one priority. Therefore, HCFA instructed
Medicare contractors in June 1998 to suspend further work on converting
their systems to the HCFA-selected standard claims systems. HCFA will
also have to delay implementation of a small number of provisions of
the Balanced Budget Act of 1997.
Implementing these new initiatives would delay the Year 2000
renovation process, jeopardizing the Medicare program's ability to
ensure that its systems are Year 2000 compliant. If not fixed,
enrollment systems might not function, beneficiaries could be denied
services because providers may not be able to confirm eligibility, and
providers could have cash flow problems because of delayed payments.
Because of this imperative, Year 2000 activities must take precedence
over other projects that require changes to computer and information
systems.
Initiatives being delayed include: implementing a new payment
system for Medicare home health agencies, institutional outpatient
Prospective Payment System (PPS), and a consolidated billing system
that would require nursing homes to bill Medicare directly for all Part
B services. In addition, HCFA has been advised by its independent
verification and validation contractor, as well as by the Medicare
contractors, to delay the provider updates scheduled for October 1,
1999 and January 1, 2000. We will work with Congress and providers to
evaluate our options and ensure that necessary delays in provider
updates do not create a hardship.
HCFA has been proactive in addressing Year 2000 compliance with its
contractors and works closely and well with the contractors through a
joint steering committee. The agency established a December 31, 1998
deadline for contractor certification of compliance in order to ensure
there is a full year to accomplish end-to-end testing and any final
corrections. HCFA is also amending its formal agreements with the
contractors to make clear that contractors are responsible for ensuring
that their Medicare systems are Year 2000 compliant. All contractors
with whom we have spoken have committed to signing the amendment, and
at least one amendment has already been signed.
Finally, as you are aware, HHS has sent proposals for Medicare
contracting reform to Congress that would have allowed the Secretary of
Health and Human Services more authority in dealing with Medicare's
Year 2000 compliance efforts. There are a number of provisions in the
existing Medicare law that hinder HCFA's ability to manage the Medicare
program, including requiring Year 2000 compliance. The Administration's
contracting reform proposal would give the Secretary greater
flexibility in contracting for claims processing and payment functions
and put HCFA on the same footing as other federal agencies. Under this
authority, the Secretary could award contracts to a larger pool of
qualified contractors. We believe this change would promote competition
and potentially allow the Medicare program to obtain better value for
its dollar. It would allow us to enhance relationships with our
existing partners and give us an opportunity to build new
relationships. The new authority would also be helpful in allowing the
Secretary to implement contingency plans that permit business
continuity in the event of system failure. In addition to having the
full support of the Secretary, this proposal has received the
endorsement of John Koskinen, Special Assistant to the President for
Year 2000, in testimony before the Senate Governmental Affairs
Committee. Medicare contracting reform has been, and continues to be, a
Department and Administration priority.
outreach activities
In response to the Year 2000 problem, the President established on
February 4, 1998 the President's Council on Year 2000 Conversion. To
deal with the issue of outreach, the Council has enlisted agencies to
increase awareness of the problem and to offer support to public and
private sector organizations--both domestically and internationally--
within their policy areas. Industry trade organizations, which have
unique capabilities for communicating with their members about the Year
2000 problem, individuals companies, and State and local governments,
are working closely with these agencies.
HHS is currently implementing a public outreach effort aimed at the
health care and human services communities.
HHS's outreach to the private sector encourages awareness and
facilitates Year 2000 compliance to prevent disruptions to health care
and human service providers and those served by those providers. The
program also includes, to a lesser degree, an initiative to make health
care providers aware of their responsibility to assure that their own
information systems are millennium compliant.
Our goal is to make sure that public and private health care
insurers, health plans, providers and third party payers have systems
that are Year 2000 compliant to avoid cash flow problems and possible
disruption of health care services to millions of U.S. citizens. Health
care providers generally have patient record and accounting systems
that document the care provided to a patient and then bill the patient
or his insurer or third party payer for the care provided.
HHS has worked with most of the major insurers, managed care plans
and public medical assistance programs in the U.S. to make them aware
of the Year 2000 problem and encourage the appropriate remedial action.
HHS has a working relationship with most of the major health care
provider associations and with most of the health care providers in the
U.S. through the Medicare program. It is taking advantage of these
direct and indirect relationships to make health care providers aware
of the millennium problem and encourage the appropriate corrective
action. HHS and its constituent agencies have made millennium awareness
a key component of opportunities to address physicians, hospitals,
managed care plans, Medicaid State agencies, and other Medicare
provider groups. Numerous speeches and presentations by senior
departmental and agency officials have contained a millennium message.
The Health Care Financing Administration has employed a variety of
strategies to reach organizations and individuals involved in health
care activities. HCFA has developed a comprehensive Year 2000 outreach
program with three main areas of concern. First, third party payers
must be able to assure health care providers that they have taken the
necessary steps to receive bills and issue payments. Second, health
care providers must take the steps necessary to make sure that their
patient record and accounting systems will be able to send bills and
receive payments. Finally, health care providers must take the steps
necessary to make sure that their biomedical equipment is Year 2000
compliant.
To accomplish its outreach goals, HCFA has:
--engaged the corporate leaders of over 60 major insurers in Year
2000 millennium awareness and renovation activities;
--promoted Year 2000 awareness to over 400 managed care plans;
--offered technical assistance to each State medical assistance
program administrator;
--established a provider outreach and education subcommittee; and
--conducted a Year 2000 briefing in Washington, D.C. for
representatives of more than 50 national health care provider
associations and payer associations.
HCFA is also publishing a Year 2000 awareness article in each of
its Medicare carrier and fiscal intermediary provider bulletins this
summer. These articles are expected to reach hundreds of thousands of
large and small provider offices.
Other HHS operating divisions have also been proactive in issuing
guidance, publishing articles in various medical and healthcare
bulletins and magazines, and sending letters to state, local, and other
public health and health care organizations. This month, the Indian
Health Service (IHS) will be sending an awareness package to all tribal
governments, tribally operated programs, urban Indian programs, and
other Indian organizations. This package will include key references
related to the Y2K issue in Indian health programs (the IHS Year 2000
Plan, an awareness presentation for local use, administrative and
technical resources available for them from the IHS) to enhance
awareness and assist them in their Y2K activities.
The Centers for Disease Control and Prevention (CDC) works closely
with public health partners in State and local governments as well as
health care practitioners to improve public health through prevention
of disease, disabilities, and injuries. In November 1997, CDC
distributed a letter to over 300 State, local, and other public health
and health care organization recipients informing them about the Year
2000 and proposing a set of public health data standards including one
that requires all dates to be Year 2000 compliant. In addition, CDC is
currently collaborating with HCFA to ensure effective communications
with all clinical laboratories regulated under the Clinical Laboratory
Improvement Act (CLIA) and to ensure that the clinical laboratory
community is informed of this issue.
In July 1997, the National Institutes of Health (NIH) established
the Y2K Medical and Laboratory Equipment Work Group to advise it on
biomedical equipment assessment and to take any remediation action
necessary. In the spring of 1998, NIH initiated a study of Y2K impact
on all medical equipment owned by the NIH Clinical Center. A notice was
published in the NIH Guide for Grants and Contracts, to remind
recipients of NIH grants and cooperative agreements that they must
anticipate and mitigate any potential problem that might be caused by
the Year 2000. This Y2K information is available on a continuous basis
via a public NIH web site. The NIH data center had an exhibit at the
Information Processing Interagency Conference to advertise Y2K
inventory analysis, code conversion, and validation testing services.
Finally, NIH has made inquiries to vendors concerning Y2K compliance of
Commercial Off-The-Shelf (COTS) software, hardware and biomedical
equipment and software. That information is currently disseminated via
a clearinghouse on the web.
The Administration for Children and Families (ACF) outreach is a
two part effort. One part is directed at State grantees which are
responsible for administering ACF's major programs, such as Child
Support Enforcement and Temporary Assistance for Needy Families.
Another part is directed at sub-State, non-profit service providers and
Indian Tribe grantees served by ACF in program areas such as Head Start
and Community Services.
Among the key activities involved in outreach to human service
providers are the following: identifying key audience members and
appropriate points of contact, such as associations and publications;
distributing information to those audiences, for example by using
attendance at major meetings to raise awareness of the problem;
developing and including Y2K awareness language in grant awards;
developing Internet Y2K information web-sites; and exploring other
opportunities for effective outreach.
The Health Resources and Services Administration (HRSA) is
targeting their outreach awareness campaigns at universities and
colleges, health care facilities, and local government audiences. In
the HRSA Grants Preview, Summer 1998 issue, HRSA has included a section
dealing with the Year 2000 policies and provided a list of Year 2000
resources. HRSA has alerted potential grantees/applicants on the Year
2000 issue and asked potential grantees and applicants to address their
organizations efforts to become Year 2000 compliant as part of their
business or operational plan. The Summer 1998 issue of the HRSA Preview
has already been distributed to 14,000 grantees, associations and
partners of HRSA. In addition, it is on the Internet in both English
and Spanish for grantees and users to see. The Internet address is
http://www.hrsa.dhhs.gov/grants.htm. The HRSA Preview will also be
distributed at the National Association of Local Boards of Health (July
29-August 1, 1998), the Joint Annual meeting of the Association of
County and City Health Officials (September 23-26, 1998) and the
American Public Health Association Annual Meeting/Convention (November
15-19, 1998).
The Administration on Aging's (AoA) outreach plan involves raising
awareness at all meetings, monitoring visits, and presentations made by
the Assistant Secretary for Aging, Regional Administrators, and other
senior management. The AoA UpDate, a monthly newsletter reaching over
2000 members of the aging network, will have an article in every issue
beginning in August highlighting important Y2K messages. All grant
award packages beginning in August will have a Y2K message from the
Assistant Secretary for Aging.
Finally, the Substance Abuse and Mental Health Services
Administration (SAMHSA) plans to raise awareness of the Year 2000
problem with the various organizations which deal with substance abuse
and mental health services. A letter was sent in May 1998 to all State
and territorial mental health and substance abuse directors alerting
them to the seriousness of the problem and requesting that they review
their systems for Year 2000 conformance. Year 2000 requirements have
been included in all grant award notices beginning in fiscal year 1998
and in all Request-for-Contracts since late 1996. SAMHSA management
staff have been including the Year 2000 issue in all speaking
opportunities, and Year 2000 information is being included on the
SAMHSA WEB site.
On a regular basis agency representatives will be meeting with me
to ensure continued success in our outreach efforts.
biomedical equipment
We are also addressing the need to develop public information about
the compatibility of systems embedded in biomedical devices. Because it
is imperative that medical equipment continues to function properly in
the next century, the Department is requesting information about the
Year 2000 compliance of medical devices and scientific laboratory
equipment manufactured by biomedical equipment manufacturers.
HHS is working with the VA to better serve our mutual interests in
Year 2000 compliance of biomedical equipment by merging our efforts on
biomedical equipment. We have convened a steering committee to develop
a charter and action milestones, and have asked the Department of
Defense to participate as well. We will also work through the Health
Care Outreach Sector Committee and the White House Year 2000 Conversion
Council to enhance our ability to make more information available to
the public.
Medical devices and scientific laboratory equipment may experience
problems beginning January 1, 2000 if the computer systems, software
applications, or embedded chips used in these devices and equipment
contain two-digit fields for year representation. Agencies, such as the
Department of Defense, Department of Veterans Affairs, and Department
of Agriculture as well as HHS, are concerned that the existence of the
Year 2000 date problem in biomedical equipment could pose potentially
serious health and safety consequences.
On January 21, 1998, I signed a letter sent to over 16,000
biomedical equipment manufacturers, strongly urging them to identify
noncompliant products and the actions they are taking to ensure
compliance. The manufacturers are responding to this survey developed
by the Department and the Food and Drug Administration (FDA). The Food
and Drug Administration now operates and maintains an Internet web site
listing all biomedical equipment information received from
manufacturers relating to Year 2000 compliance. The site address is:
http://www.fda.gov/cdrh/yr2000/year2000.html. In addition, the FDA
moderated a session at the annual meeting of the Association for the
Advancement of Medical Instrumentation and issued to industry,
``Guidance on FDA's Expectations of Medical Device Manufacturers
Concerning the Year 2000 Date Problem.''
The response from manufacturers has been disappointing. To date,
approximately 10 percent of the 16,000 manufacturers have provided
information. FDA issued a more targeted, follow-up letter on June 29,
1998, to about 2,700 manufacturers of computerized devices urging them
to submit product data. Dr. Friedman will provide you with the specific
results from the manufacturers' responses, but we see no indications
that there will be significant problems that will place patients at
risk, assuming that the manufacturers are implementing the reported
solutions.
The Food and Drug Administration has held both Executive level and
technical meetings with the Veteran's Health Administration (VHA) to
assure a unified approach to the Y2K compliance of biomedical
equipment. A Steering Committee has been formed, which will define HHS
and DVA roles, responsibilities and schedules, determine the scope and
content of the data to be collected from the manufacturers, reconcile
redundant and conflicting data, merge data collected by VHA and FDA
from the same manufacturer into a common format, and disseminate the
data to interested parties via a single biomedical equipment website to
be housed at FDA.
additional outreach activities
HHS will undertake additional outreach activities to inform the
health care and human services community about the Year 2000 issue.
These efforts are part of the government-wide outreach efforts
developed and managed by the White House Year 2000 Conversion Council.
The President's Council on Year 2000 Conversion created over 30
industry sector outreach groups. The purpose of these groups is to
inform all the constituents of a given sector about what the federal
government is doing to achieve Year 2000 in a timely way and to work
with these constituencies, as appropriate, to increase their awareness
and their own readiness. HHS chairs two groups--the Health Care Sector
Outreach Committee and the Human Services Sector Outreach Committee. In
addition, HHS is a member of other outreach committees, such as Benefit
Payments, Education, Emergency Management, Employment-related
Protection, Food Supply, and Science and Technology. We are also
encouraging all our operating divisions with an Internet presence to
establish a Year 2000 web site.
conclusion
HHS still faces substantial challenges in its Year 2000 efforts.
However, let me assure you, on behalf of Secretary Shalala, that we
will continue to vigorously pursue Year 2000 remediation as our most
important information technology initiative.
We recognize our obligation to the American people to assure that
HHS's programs function properly now and in the next millennium.
I thank the Committee for its interest and oversight on this issue,
and would be happy to answer any questions you may have.
______
Responses of Kevin L. Thurm to Questions Submitted by Chairman Bennett
Question. [State Health and Child Support Systemsl
Mr. Secretary your department has been delegated Y2K responsibility
to deal with Health and Welfare computer systems in the area of
Federal-State Y2K compliance. Please give the Committee an overall
status of the following programs. In addition we would like a State by
State appraisal for the record.
--Medicaid: both the payment systems and the Medicaid Management
System
--Child Support Enforcement: both payment systems and child support
enforcement
Answer.
General
The Department of Health and Human Services (DHHS):
--provides funds and technical assistance for ``State'' systems
developed and implemented to support State administration of
Federal programs, such as the Medicaid and Child Support
Enforcement (CSE); and
--assesses the degree to which State systems projects are
successfully implemented and meet program requirements.
In support of States' efforts to address the Y2K problem in their
systems, DHHS is exercising these same roles (funding, technical
assistance, project assessment, and monitoring). This is explained
below in some detail. DHHS is not directly involved in the on-site,
day-to-day development and operation of State systems, nor is DHHS
directly involved with the day-to-day activities of States Y2K
remediation efforts.
medicaid: both the payment systems and the medicaid management system
General
--HCFA is concerned with monitoring 3 systems:
--MMIS (Medicaid Management Information Systems)
--Managed Care which assures the delivery of care and
the payment for care
--IES (Integrated Eligibility Systems)
--Focus is on program eligibility, delivery of services to
beneficiaries and payment to providers
--Definition of Certification and Compliance: Medicaid systems must
be operational with no disruption of the delivery of service to
eligible Medicaid beneficiaries or to the providers of care
--Three areas of complexity in monitoring the Medicaid Y2K status:
--IES's interface with the MMIS and Managed Care may or
may not be a component of the MMIS
--Two or more State agencies administer these systems
in support of their programs: Medicaid/Public
Assistance/Child Support/Child Welfare
--Defining the scope of outreach in terms of interfaces
to the IES is problematic.
Outreach activities to date
HCFA has issued Medicaid Correspondence to State Medicaid Agencies:
--HCFA's Center for Medicaid and State Operations (CMSO) issued a
State Medicaid Directors Letter on July 17, 1998 which outlined
HCFA's millennium compliance strategy as it relates to State
Medicaid Management Information Systems (MMIS).
--Requires States to certify that their MMIS is Y2K
compliant by 3/99
--Requires States to document their contingency plans
--Strongly urges that States contract for IV&V services
(75 percent FFP for MMIS, 50 percent FFP for IES)
--CMSO issued a State Medicaid Directors Letter on August 17, 1998
--Informs States of institutional, professional, and
coordination of benefits (COB) claims processing
instructions that have been issued to Medicare Fiscal
Intermediaries (FIs) and Carriers
--Although these new file format instructions apply to
Medicare contractors, due to the fact that many
providers serve both Medicare, as well as, Medicaid
populations, this may impact State Medicaid claims
processing. Therefore, this letter strongly encourages
States to communicate with their providers and other
respective trading partners to facilitate these data
exchange issues
--A National Medicaid Management Information Systems (MINIS) was held
from August 10-14, 1998 in Orlando, Florida. The attendees
included State Medicaid staff, vendors, and HCFA central and
regional office staff. Monday, August 10th a Y2K working
session composed of HCFA regional and central office staff was
held. In addition, Wednesday, August 12th of the conference was
dedicated to Y2K. Among the topics discussed include: HCFA's
overall Y2K strategy, HCFA's Medicaid Y2K Strategy, and
contingency planning. Part of the day will also be spent in
``break-out sessions'' with the States. This will help HCFA
obtain feedback from States in terms of their status, as well
as, what additional activities HCFA can take part in to further
assist States in their Y2K projects.
--HCFA has placed Medicaid-specific Y2K Information on the INTERNET,
at the following URL:
--http://www.hcfa.gov/y2k/Future Outreach Activities
Regarding Reporting:
CMSO initiatives in process
--Documents being prepared by CMSO:
--certification criteria for States to self-certify
--on-site review tools for RO visits, and
--contingency planning check list
--A Medicaid-specific IV&V contractor statement of work (SOW) has
been written and is being process. The SOW includes the
following activities:
--HCFA's Regional Offices will work with an outside
contractor to assess the status of State Y2K efforts.
Of primary concern are those systems that are used by
States to provide payments to Medicaid providers, both
fee-for-service and managed care, as well as those that
collect patient-related data including that used to
verify the status of patient eligibility for the
program.
--Based on State self-reported information regarding
their assessment of where they are relative to
achieving full Y2K compliance, the contractor will
assist HCFA in ranking State systems into high, medium
and low risk categories, thereby providing a State by
State evaluation. The technical support contractor
would conduct on-site visits to those States which
appear to be of medium and high risk in terms of their
Y2K compliancy status.
--The contractor will provide training to regional
office to assist in conducting on-site visits of those
States who are ranked to be low risk. The regional
office staff may also participate in on-site visits of
those States in the other risk categories. As a result
of the site visits, the technical support contractor
shall advise HCFA of the reasonableness of the work
effort as reported by the State Medicaid Agencies. As
part of the visits, the contractor will review such
materials as the States' test plans and contingency
plans and shall assist HCFA in assessing the adequacy
and appropriateness of such documents.
--The results of the on-site visits, in conjunction
with the survey data of the MMIS Y2K status, will be
used by the contractor to develop monthly reports
summarizing MMIS Y2K status and further refining the
ranking of States by risk categories as needed. The
contractor will also assist HCFA in developing the
criteria that a State MMIS must meet to certify that it
is millennium compliant.
--The contractor will collect information on the Y2K
status of States' integrated eligibility systems (IES)
through a variety of means including telephone surveys.
The contractor would be responsible for the analysis of
such data and for writing a summary report based upon
the results of the survey. Such surveys, and
corresponding reports, would be conducted on a regular
basis.
--In addition to monitoring and evaluating the States'
Y2K readiness, HCFA will work with the contractor to
provide a variety of technical assistance vehicles.
--A series of Medicaid Y2K white papers will be
developed to serve as guidance to State
Medicaid Agencies and the Regional Office Y2K
Coordinators (i.e., a Medicaid Y2K compliance
definition, a Y2K certification document to
serve as guidance to the contractor and RO
personnel when conducting on-site visits, and
``best practices'' and ``lessons learned'').
--Two national Y2K Conferences, and two Y2K
conferences in each region, for Medicaid State
Agencies will be conducted to provide Y2K
guidance through workshops and presentations.
Joint activities (USDA [FS], HHS [ACF, HCFA])
Two coordinated Action Transmittals (AT) issued by Administration
for Children and Families, HCFA and Food and Nutrition Service and
signed by all parties were released to State Medicaid and Public
Assistance Agencies in July 1998. These ATs are described as follows:
Transmittal No. AT-98-004
Subject: Federal/State Information Technology Policy-Expedited
Advance Planning Document Procedures for Year 2000 Compliance
Activities
This AT extends the expiration date for the expedited advance
planning document (APD) approval procedures through July 1, 2000 to
regular match State data processing acquisitions and systems
development projected initiated in support of Year 2000 compliance in
the State.
Transmittal No. AT-98-006
Subject: State Public Assistance Systems and Year 2000 (Y2K)--
lnformation Sharing
This AT:
--Provides general information pertinent to dealing with the Y2K
problem--Federal Y2K contacts
--Seeks to identify State public assistance agency contacts
responsible for the Y2K problem in the agency by program area.
This information is due to ACE by August 6, 1998
--Informs States that HCFA will conduct a survey in which ACE may
participate that will provide information specific to the
Medicaid program
--Strongly recommends that State public assistance agencies include
IV&V services in their Y2K testing plans
--Will develop a State Y2K project manager contact list to be used to
contact each State, by phone, to determine whether their
integrated eligibility systems are Y2K compliant. These are the
systems that interface with MMIS.
Suplemental information to assist DHHS activities
GAO's 30 page survey titled, Survey of States' Welfare Automated
Systems Year 2000 Compliance (Job 511246) and the coordinated Action
Transmittal mentioned above, requests that States provide Y2K contact
personnel by July 6 and August 7, 1998 respectively. This information
will be used by DHHS agencies to assess the status of State Y2K
activities. In addition, the HCFA/CMSO's Data and Systems Groups'
Division of State Systems will use this information to contact State
public assistance agencies and State health departments to determine
time frames for completion of State Y2K activities regarding integrated
eligibility systems. Other public assistance programs that interface
with the State's integrated eligibility systems impact the Medicaid
Management Information Systems and have been included in the survey.
The GAO schedule presented in the Year 2000 Computing Crisis: An
Assessment Guide, will be used to compare State time frames against
their Y2K activities in the survey being developed.
child support enforcement: both the payment systems and child support
enforcement system
Most statewide automated Child Support Enforcement (CSE) systems
were developed and implemented in the last 5 years and appear to be
Calendar Year 2000 compliant. This is principally because of the Family
Support Act of 1988 requirement that established a deadline for
developing a single statewide system for child support of October 1,
1997. Despite this, States are for the most part taking the additional
precaution of conducting Year 2000 assessments of their entire child
support automated systems, including critical interfaces with other
systems. ACE is working closely with the States to provide assistance
in these efforts. Federal reimbursement under the CSE program for Y2K
activities in support of a statewide child support system is eligible
for a 66 percent match rate.
The areas of possible impact for Child Support automated systems
are as follows:
--Some of the oldest CSE statewide automated CSE systems were
developed in the early 1980's and may not be Y2K compliant.
--The State CSE system's dependence on interfaces makes them
potentially vulnerable to Y2K even if the Child Support system
is Year 2000 compliant. A typical State CSE system has
interfaces with State agencies related to TANF, child welfare,
and Medicaid, as well as State Employment Security Agencies,
DMV, State taxes, Vital Records, and other public and private
automated systems, such as consumer reporting, financial
institutions, to locate, enforce, and process child support
payments. The State Child Support programs are concerned about
whether these other State agencies will have Y2K problems that
will affect the transmission of information.
--The high priority being given to may be is impacting some State
agency efforts to make enhancements to their CSE systems to
meet statutory deadlines. Some States have been advised by
their State data centers that Y2K is a priority, and that no
mainframe change orders will be accepted until Y2K issues are
addressed. This makes it difficult for those States to meet the
statutory deadlines in PRWORA.
The General Accounting Office is in the midst of a substantive
survey of all State and territories to determine the status of State's
plans related to calendar year 2000 for human service programs. About
one-third of the questionnaires have been received so far and the GAO
is following up with the remaining States to obtain their survey
results.
In the interim, in order to determine the status of Child Support
Enforcement systems, OCSE intends to do the following:
--OCSE issued revised regulations regarding State Child Support
Enforcement systems on August 21st. Among other provisions,
these regulations provide that when OCSE determines that a
State's child support enforcement systems efforts are at risk
due to any one or more of a variety of factors, including Y2K
problems, OCSE will take corrective action. This will include
requiring the State to obtain independent validation and
verification (IV&V) services.
--The regulation also finalizes reinstatement of the Paperwork
Reduction Act clearance for OCSE's Advance Planning Document
process. Once the regulation is issued, OCSE will request that
each State submit a Y2K addendum to its Advance Planning
Document Update (APDU) for the State CSE system. OCSE will ask
each State to describe the Y2K compliance status and the status
of remedial action for State child support enforcement systems,
State payment systems, and the most important interfaces
between the State child support system and other State systems,
such as DMV, vital records, etc.
After the material is received and analyzed, ACF/OCSE will require
any State that it deems at high risk of failure due to insufficient
attention to Year 2000 issues to obtain an Independent Validation and
Verification Contractor to assist the State in addressing this issue.
Question. [Health and Welfare Eligibility]
Mr. Secretary, your department, and the departments of Agriculture
(food stamps), Treasury (IRS family income data), Veterans Affairs
(veterans benefit data) and the Social Security Administration (data
for disability retirement and supplemental security income)
collectively share data to determine eligibility for welfare and
Medicaid assistance.
--What is the status of the joint agency Y2K effort to determine
eligibility? How do you plan to test the system for Y2K
readiness?
--Please explain the types of contingency plans you are developing to
ensure eligibility determination after the year 2000? Please
explain.
Answer. The question refers to the Income Eligibility Verification
System (IEVS) requirement under section 1137 of the Social Security
Act. This requirement includes a number of mandatory separate and
distinct information exchanges between States and various Federal
agencies. These exchanges are intended to verify reported client
circumstances, primarily including earned and unearned income, in order
to avoid program eligibility and payment errors. IEVS is not a
``system'' in which these agencies ``collectively share data,'' but is
rather a series of separate and individual processes.
No single Federal agency is responsible for coordinating the
several information exchanges that comprise the IEVS requirements. Each
of these exchanges takes place under the terms of a separately
negotiated agreement between each State and each Federal agency. To the
extent that these requirements involve the exchange of information
between a Federal agency and States, they are covered under the
individual Y2K corrective action plans of these Federal agencies. The
Department of Health and Human Services (DHHS) is not responsible for
any of the IEVS mandated information exchanges with States, nor is DHHS
a party to any of the individual exchange agreements.
No DHHS systems are used to determine eligibility for the welfare
programs. With the implementation of the Temporary Assistance for Needy
Families (TANF) block grant program, title IV-A of the Social Security
Act prohibits the Secretary of Health and Human Services from
prescribing rules or imposing any requirement on States unless
specifically permitted by the statute. However, the individual Federal
agencies involved will be working with States to ensure that their Y2K
contingency plans address the issue of mandatory IEVS interfaces.
Question. [Funding for Y2K Repairs]
Mr. Secretary, HHS like other agencies has had to make tradeoffs in
other programs and information technology initiatives to pay for Year
2000 repairs. While the focus of this hearing is on HHS' outreach
efforts to the private sector and not HHS' internal systems, I would
still like to know if you have all the resources you need to remediate
your systems?
Answer. If HHS does not receive sufficient Y2K funding early in
fiscal year 1999, it will be unable to finance all of its costs for
remediation efforts, outreach, and contingency planning. All of these
activities are essential for ensuring that the Department can
accomplish its mission without disruption due to the millennium date
change. HHS has already dedicated additional resources to Year 2000
remediation. In May 1998, President Clinton signed a 1998 supplemental
appropriations bill redirecting $20 million of HCFA's contractor funds
to HCFA's Year 2000 efforts. In addition, HHS shifted discretionary
funds in May 1998 to make a total of $62.1 million in additional funds
available for HCFA's Year 2000 efforts in fiscal year 1998. HHS still
has additional funding needs in fiscal year 1999 and fiscal year 2000.
These cost estimates and chart have been updated again as requested by
the Office of Management and Budget's call for Comprehensive Plans and
Associated Funding Requirements for Achieving Year 2000 Computer
Compliance, as can be seen in the attached exhibit.
DEPARTMENT OF HEALTH AND HUMAN SERVICES: Y2K TOTAL COST ESTIMATES--FISCAL YEAR 1996 TO FISCAL YEAR 2000
[Dollars in millions]
--------------------------------------------------------------------------------------------------------------------------------------------------------
Fiscal years-- Budget
------------------------------ President's Supplemental Total request
budget estimate fiscal fiscal Total
1996 1997 1998 fiscal fiscal year year 1999 year
year 1999 1999 2000
--------------------------------------------------------------------------------------------------------------------------------------------------------
ACF Total.................................................... ....... $0.500 $3.960 $1.500 $4.725 $6.225 $0.500 $11.185
AHCPR Total.................................................. ....... ........ 0.040 ........... 0.420 0.420 ......... 0.460
AOA Total.................................................... ....... ........ ......... ........... 0.600 0.600 ......... 0.600
CDC Total.................................................... ....... 3.000 9.400 1.900 4.299 6.199 1.610 20.209
FDA Total.................................................... $0.200 2.000 7.250 2.215 11.113 13.328 2.000 24.778
HCFA--Internal........................................... 0.800 7.000 19.000 15.000 13.000 28.000 27.000 81.800
HCFA--External........................................... 6.800 7.500 26.000 22.500 191.100 213.600 208.500 462.400
HCFA--Supplemental....................................... ....... ........ 62.100 ........... ............ ......... ......... 62.100
HCFA--Total \1\.......................................... 7.600 14.500 107.100 37.500 204.100 241.600 235.500 606.300
HCFA--Contingency........................................ ....... ........ ......... ........... ............ ......... 311.200 311.200
HRSA Total................................................... ....... 1.200 1.400 ........... 10.000 10.000 1.400 14.000
IHS Total.................................................... ....... 2.500 2.500 2.300 23.400 25.700 1.000 31.700
NIH Total.................................................... 0.040 9.200 11.200 5.993 4.832 10.825 3.328 34.593
OIG Total.................................................... ....... ........ ......... ........... 5.350 5.350 5.200 10.550
OS Total..................................................... ....... ........ 0.500 ........... 2.300 2.719 ......... 3.219
PSC Total.................................................... ....... 0.200 2.300 1.000 7.333 8.333 0.881 11.714
SAMHSA Total................................................. 0.095 0.020 ......... ........... 0.100 0.100 ......... 0.215
------------------------------------------------------------------------------------------
HHS Total \1\.......................................... 7.935 33.120 145.650 52.408 278.572 331.399 562.619 1,080.723
--------------------------------------------------------------------------------------------------------------------------------------------------------
\1\ HCFA presented two estimates based upon ``most likely'' and ``pessimistic'' scenarios. ``Most likely'' estimates are in this table. The
``pessimistic'' alternative estimates are $299.7M for fiscal year 1999; $328.1M for fiscal year 2000; and $536.7M for contingency.
Question. What are the Department's contingency plans, specifically
what are the contingency plans for FDA and HCFA?
Answer.
--HHS required all of its operating divisions to develop business
continuity and contingency plans that will permit HHS to
conduct essential business in the event of computer system
problems arising from Year 2000. The GAO draft guide, ``Year
2000 Computing Crisis: Business Continuity and Contingency
Planning,'' was used as a foundation. Plans will identify the
operating divisions' core business processes, the minimum
acceptable level of service, triggers that would cause the
contingency plan to be invoked, and the business resumption
team, their roles, and responsibilities.
--On June 15 HHS received the business continuity and contingency
plans from the operating divisions. These plans constitute an
important start, but they were generally not sufficiently
complete and detailed. In some cases, the plans did not appear
to be feasible or testable. HHS requested all operating
divisions to improve their plans.
--In addition, HHS has formed three cross operating division
workgroups to develop generic contingency plans for (1)
payments of grants and benefits, (2) clinical care and health
data, and (3) facilities management areas. Since many of the
operating divisions have similar processes, these groups will
ensure that all HHS plans in these three areas will have
coordinated strategies.
hcfa
HCFA is establishing a high-level enterprise-wide business
continuity and contingency plan modeled from the GAO draft guide,
``Year 2000 Computing Crisis: Business Continuity and Contingency
Planning,'' and the Social Security Administration's plan. The number,
diversity, decentralization, and lack of standardization among HCFA,
intermediary, carrier, State, and other contractor systems presents
especially unique problems and risks, and requires considerable
planning and evaluation before HCFA can develop adequate contingency
plans.
As guidance to system and business process owners, a model format
for contingency plan development and tracking has been developed. It
incorporates a template for standard risks, as well as guidelines for a
business process-based risk analysis. It will also include management,
environmental, and other risks, as well as the identification of
system-specific risks. Versions of this template have been developed
for both internal and external systems, and will be shared with key
grant, contract, and other business partners.
In view of substantial resource contention, we have developed
triage procedures that will waive contingency plan development for
systems that are low risk or low impact, and that are not essential to
support of a critical business process.
HCFA's number one concern is that beneficiaries continue to have
access to needed care. The continuity of payments to providers is
fundamental to ensuring that access.
Our focus is on continuity of key business functions, not specific
systems. Consequently, we are not limiting ourselves to specific
mission-critical systems, but instead looking at all core business
processes essential to sustain a basic level of service to our
beneficiaries.
The HCFA core business processes that are the focus of our
contingency plan are:
--Provision of Medicare services and the payment for those services
--Interactions with state Medicaid agencies
--Interactions with states on children's health insurance programs
--Program integrity
--Quality of care
--Research
The specifics of this plan will address:
--Payment Processes
--Eligibility Issues
--Program Integrity
--Litigation
--Managed Care
--Security and Privacy
--Telecommunication Services
--Quality of Care
Some plans already in place
Some contingency plans are already in place; for example, our
critical accounting functions will be protected by ``bridges'' that
will assure that we will be able to continue transactions with our
external partners even if they are not fully ready.
Specific examples
Intermediaries or carriers may be able to back up some processes--
such as enrolling providers--with manual methods, especially those that
are not time sensitive.
Every intermediary and carrier will be prepared to operate on a
temporary basis, assuring continuity of local eligibility verifications
and payments in the event of local unavailability of the Common Working
File.
HCFA has also already taken some management actions to focus
resources on its Y2K activities.
--HCFA removed several internal systems from their normal environment
and assigned those systems to programming ``tiger'' teams,
whose job is to perform Y2k renovations and nothing else until
the job is done.
--Second, HCFA is moving aggressively to take advantage of new
authority from the Office of Personnel Management to re-employ
retired federal programmers to help with Year 2000 activities.
To date, HCFA has used the authority to re-employ eleven
annuitants.
--And, HCFA is continuing to develop other contingency strategies for
use in the event that even the ``tiger'' team's efforts fail.
For example, HCFA is capable of continuing to make payments to
managed care organizations even if its current processes that
support such functions totally fail. Similar contingencies will
be developed for all HCFA critical processes. Likewise, HCFA is
beginning to develop contingencies for its external systems
along with trigger points to tell us when to activate a
contingency plan.
HCFA requires all owners of critical business processes, including
external system maintainers, contractor data centers, and Medicare
intermediaries and carriers to develop contingency plans, and has
established working groups to develop Agency-level business continuity
plans for the most critical business processes. Their IV&V contractor,
Intermetrics, is reviewing all of HCFA's contingency plans as a
component of its system reviews. Intermetrics will also review Medicare
contractors' corporate contingency plans to access whether they are
adequately conceived, developed, and supported.
fda
Background
FDA has developed a strategic business contingency plan, based on
GAO's guidance document, that outlines the process which component
organizations are to use in dealing with the impact of the Y2K date
change on their core business processes. The plan requires each
component organization to perform a business impact analysis by
September 15, 1998. Following this, they must develop detailed business
continuity plans by December 15, 1998. These plans will address how the
processes will continue unabated into the year 2000, regardless of
whether the impact is from the failure of a mission critical system or
from another area of IT. In addition, the plans will take into
consideration external dependencies and their impact. FDA has also
completed contingency plans for each of its mission critical systems.
Approach
FDA's basic contingency for ensuring business continuity in the
face of Year 2000 system failure is to revert to manual processes if
systems are unusable. To prepare for executing this strategy, the
Centers/Offices need to perform the following:
1. Conduct a business impact analysis.--This analysis will be
performed on each major business process, and will examine the risks of
business process failure due to Y2K impact on the Center/Office's
ability to perform its critical work. As part of this business impact
analysis, Centers/Offices will define the minimum acceptable level of
outputs and services for each critical process.
2. Build business continuity contingency plans.--Based on the
results of the business impact analysis, Centers/Offices must define
specific plans for FDA staff to follow in the event of system failure.
In developing these business continuity and contingency plans, managers
will consider different alternatives, and document the best contingency
plans in terms of cost and benefits.
3. Test the contingency plans.--After business continuity and
contingency plans have been developed, they must be assessed to
determine how realistic they are. This testing allows the Center/Office
managers to see how quickly the plan can be implemented and how
effective it is at carrying out the Agency's critical business.
Depending on the type of test selected, it may also provide information
affecting the cost estimates.
Below are the key program areas and their associated processes for
which FDA will develop business continuity plans.
------------------------------------------------------------------------
Program area Business processes
------------------------------------------------------------------------
Foods........................ Conduct product review and approval on
products within the food supply.
Conduct post-market surveillance and
adverse event reporting in accordance
with the foods program.
Develop Methods and Good Manufacturing
Practices in accordance with the foods
program.
Conduct scientific research in support of
the foods program.
Human Drugs.................. Conduct product review and approval on
human drug products.
Conduct post-market surveillance and
adverse event reporting in accordance
with the human drug program.
Develop Methods and Good Manufacturing
Practices in accordance with the human
drugs program.
Conduct core scientific research
associated with human drugs.
Biologics.................... Conduct product review and approval on
biologic products.
Conduct post-market surveillance and
adverse event reporting in accordance
with the biologics program.
Develop Methods and Good Manufacturing
Practices in accordance with the
biologics program.
Conduct core scientific research
associated with biologics.
Medical Devices and Conduct product review and approval on
Radiological Health. medical devices and radiological health
products.
Conduct post-market surveillance and
adverse event reporting in accordance
with the medical devices and
radiological health program.
Develop Methods and Good Manufacturing
Practices in accordance with the medical
devices and radiological health program.
Conduct core scientific research
associated with medical devices and
radiological health program.
Animal Drugs and Feeds....... Conduct product review and approval on
animal drugs and feeds.
Conduct post-market surveillance and
adverse event reporting in accordance
with the animal drugs and feeds program.
Develop Methods and Good Manufacturing
Practices in accordance with the animal
drugs and feeds program.
Conduct core scientific research
associated with animal drugs and feeds
program.
National Center for Conduct risk assessment.
Toxicological Research Conduct scientific research.
(NCTR). Develop methods in accordance with FDA's
regulatory mission.
Office for Regulatory Affairs Educate the public on food and drug
issues consistent with FDA's consumer
protection mission.
Perform compliance monitoring and
auditing.
Initiate legal action when needed.
Key Support Processes........ Oversees Agency-wide budget formulation
and execution, accounting, payment
processing, financial reporting, foreign
and domestic travel, employee
relocation, payroll liaison and
financial systems.
Provide a standard system for the
administrative processes that are common
across the Agency.
Manage the physical security of all FDA
facilities.
Develop and maintain an overall
information system architecture,
including telecommunications support.
------------------------------------------------------------------------
Schedule
The table below shows the key milestones involved in the
contingency planning, as well as the group responsible.
------------------------------------------------------------------------
Component
Milestone responsible Target date
------------------------------------------------------------------------
Develop draft strategic business OCIO.............. 15 June 1998
continuity and contingency plan. (Done).
Develop system-level contingency Center IRM staff.. 15 June 1998
plans for mission critical (Done).
systems.
Receive comments back from Agency-wide....... 15 July 1998.
Centers/offices on draft
strategic business continuity
and contingency plan.
Conduct business impact analysis Program staff..... 15 September
on critical business processes. 1998.
Develop business process Program staff..... 15 December 1998
continuity contingency plans for
critical business processes.
Complete compliance validation of IV&V Contractor... 31 December 1998
mission critical systems.
Complete testing of business Program staff..... 15 March 1999
process contingency plans.
------------------------------------------------------------------------
Question. What are you doing to help providers meet the Year 2000
requirements?
Answer.
--We have a comprehensive outreach program to help providers
understand what they must do about the Year 2000.
--This summer we are publishing Year 2000 awareness articles
discussing the need to ensure that patient records and
accounting systems. as well as their biomedical equipment are
Year 2000 compliant. These will be included in all Medicare
contractor bulletins that go out to thousands of providers of
fires, large and small.
--We are conducting a series of provider outreach meetings. In July
of this year, we held a briefing for representatives of more
than 50 national health care provider associations and payer
associations to discuss the status of Y2K, our expectations of
them, electronic data interchange, biomedical equipment and a
general overview of Y2K and the health care community. A second
meeting is scheduled for mid-August, an is expected to focus on
the electronic data interchange (EDI) community. We also expect
to hold additional outreach meetings in the future to increase
Y2K awareness in the provider community.
--We presented our Y2K efforts and expectations for managed care
plans and insurers during HCFA Medicare Plus Choice
conferences. The conferences were held July 13-14 and August 3-
4 in Baltimore, MD, July 21-22 in Chicago, IL, and July 28-29
in Los Angeles, CA which brought together approximately 1,600
persons. We announced during these sessions that requirements
for certification and contingency planning are currently being
developed and should be released to the managed care community
in September, 1998.
We are also committed to providing technical assistance to state
medical assistance program administrators, and have provided several
written communications to them relating to Y2K compliance. Our latest
letter strongly encouraged states to communicate with their providers
and other trading partners to facilitate resolution of Y2K readiness of
data exchanges.
--We have also scheduled a Y2K working session at the National
Medicaid Management Information Systems conference which will
be held in mid-August. This session will provide an opportunity
for HCFA to discuss its Medicaid Y2K strategy and contingency
planning and to obtain feedback from the Y2K states on their
individual state operations. HCFA is also exploring using one
or more to look at the independent validation and verification
(I&IV) contractors Medicaid States' Y2K efforts. This is to
give us some assurance that the systems used to provide
payments to Medicaid providers, both fee-for-service and
managed care, as well as those that collect patient-related
data are Y2K complaint.
--Lastly, HCFA has established a Y2K provider relations/Outreach
Group. This group is comprised of HCF, Medicare Contractors and
State Agency Personnel, whom is charged with developing a
strategy for spreading awareness among Medicare. Medicaid and
Managed Care Providers of the Y2K problem, providing them with
information which can be used to assist them in checking for
Y2K compliancy and producing materials which can be used by
HCFA employees, Medicare Contractors, State Agencies, Provider
Organizations and other partners who can use the information
for these purposes.
--The workgroup has surveyed the Medicare contractors and obtained
examples of outreach materials they are using. Example of the
material collected thus far include a provider checklist to
assess Y2K compliance, Y2K articles in bulletins/newsletters,
and the establishment of voicemail and E-mail boxes for Y2K
questions, the development of millennium logos, Y2K seminars,
and a mechanism for testing electronic claims.
--We will continue to closely monitor our own efforts and those of
our contractors to ensure that we are on track with becoming
Y2K compliant.
Question. In HHS outreach efforts, what has HHS done to take into
account the difficulties and concerns that rural hospitals may have
because they do have the staff or money to become Y2K compliant?
Answer. HCFA, through the efforts of its fiscal intermediaries, is
reaching out to all rural hospitals. The outreach efforts include
educational mailings, training seminars, vendor exhibits, along with
personalized customer service activities. Examples of these customer
service activities are provider Y2K hotlines and provider Y2K web
sites.
In addition, a Y2K briefing was conducted on July 16 for national
professional and provider organizations. A special meeting is being
conducted on August 20 for the benefit of organizations using
electronic data interchange for Medicare billings. Other information
sharing sessions on such topics as bill payment, biomedical equipment,
and telecommunications are planned over the next several months as part
of a continuous outreach program for provider organizations.
HCFA will continue to alert and assist all providers, including
rural hospitals, on the urgency of Y2K remediation. Over the next
several months, HCFA will be developing outreach materials and
disseminating them to providers. However, HCFA does not have the
authority or resources to fund code renovation and testing at rural
hospitals. Rural hospitals currently receive a number of grants to
assist in administration. These grant monies can, and should be,
utilized to help achieve Y2K compliance.
ADDITIONAL MATERIAL SUBMITTED FOR THE RECORD
------
Statement of the Medical Device Manufacturers Association
Medical Device Manufacturers Association (MDMA) appreciates this
opportunity to comment on the potential impact of the ``year 2000
problem'' on healthcare for the record of the Senate Special Committee
on the Year 2000 Technology Problem. MDMA is a national trade
association based in Washington, D.C., representing nearly 130
independent manufacturers of medical devices, diagnostic products, and
health care information systems. MDMA seeks to improve the quality of
patient care by encouraging the development of new medical technology
and fostering the availability of beneficial innovative products to the
marketplace.
MDMA also appreciates this opportunity to tell you how MDMA and its
members are responding to public concerns about this issue. First,
however, we want to assure this committee and the public that the
hundreds of thousands of people employed by the medical device industry
are committed to public health and patient safety. Manufacturers of
medical devices that rely on date-sensitive computer hardware and
software are well aware of the significance of the potential problem
created by two-digit date formats and are working to identify and
develop solutions for the ``year 2000 problem.'' The industry intends
to solve this dilemma and to prevent even one patient from being
endangered by a device that malfunctions or is rendered inoperable by
the ``millennium bug.''
MDMA believes, however, that many concerned organizations have
overstated the risk to health and medical device safety posed by the
``year 2000 problem.'' Computer technology is not a component of most
medical devices, and the vast majority of medical equipment that does
rely upon computer hardware and software is not date-sensitive. In
fact, the Food and Drug Administration (FDA), which regulates the
medical device industry, testified before Congress last year that the
agency does not believe this issue will have ``any major impact on
medical device safety'':
Computer software frequently is embedded as a ``component'' of
devices, i.e., software contained on a microchip to control
device operation. Examples of such devices are: pacemakers,
infusion pumps, ventilators, and many others. It is unlikely
that most of these products would be impacted by the ``Year
2000'' problem. Almost none of these devices require knowledge
of the current date to operate safely and effectively. For
example, pacemakers do not use the current date in their
operation.\1\
---------------------------------------------------------------------------
\1\ Testimony of Thomas Shope, Ph.D., acting director, Division of
Electronics and Computer Sciences, Office of Science and Technology,
Center for Devices and Radiological Health, Food and Drug
Administration, before the Subcommittee on Oversight and
Investigations, Committee on Veterans' Affairs, U.S. House of
Representatives, June 26, 1997.
Manufacturers are responding to this issue with all deliberate
speed because the industry shares a commitment to patient safety with
our nation's health professionals and hospital administrators. In
addition, FDA regulations require our products to be ``year 2000
compliant.'' Finally, the unwritten laws of business require
manufacturers to address any ``year 2000 problems'' if they hope to
maintain customer confidence in their companies and products.
Nevertheless, the industry needs to do more to demonstrate that
there is no ``year 2000 crisis'' for medical devices and to reinforce
our commitment to patient safety. Patients and healthcare providers are
asking for information about the ``year 2000 compliance'' of medical
products and about manufacturers' plans for addressing any potential
problems with date-sensitive devices. Fortunately, an excellent
national clearinghouse for information on the ``year 2000 compliance''
of medical devices already exists: the FDA's Year 2000 World Wide Web
site [www.fda.gov/cdrh/yr2000].
The FDA established its Year 2000 Web site earlier this year as a
comprehensive database for information on the status or impact on
product performance of the ``year 2000 problem'' for medical devices
and scientific laboratory equipment. The FDA is collecting this
information on behalf of federal agencies that purchase and use medical
products and need to plan remedial actions in case any such products
are affected by date-processing or date-storing problems. This database
could serve as the coordinated national clearinghouse sought by
concerned health professionals and healthcare institutions
To demonstrate the responsiveness of the medical device industry on
issues of patient safety, MDMA has begun an initiative to collect
information from its members on the ``year 2000 compliance'' of their
products. Today, MDMA is sending a memorandum that asks our member
manufacturers to fill out and return an questionnaire and any necessary
supplementary information on ``year 2000 compliance'' to MDMA as soon
as possible but no later than October 6, 1998. MDMA will transmit all
completed questionnaires to the FDA as we receive them.
With our members' cooperation, MDMA hopes to complete this
initiative by October 7, the day that Congress is scheduled to adjourn
for the year. Since this committee and many other members of Congress
have expressed interest and concern in this issue, MDMA wants to assure
our legislators before they return home for the November elections that
the medical device industry is responding to their concerns.
MDMA believes this coordinated response to the FDA's request for
information will demonstrate the responsiveness of MDMA and its members
on issues of patient safety and, more importantly, will reassure the
public that there is no major ``year 2000 crisis'' in medical devices.
Many manufacturers have already posted information about theirs
products' compliance status on the FDA's Web site, and MDMA encourages
the media and the groups that represent patients, health professionals,
hospitals, and health plans to publicize the existence of this site to
their constituents and affiliates. We also encourage these
organizations to report responsibility on the true extent of the ``year
2000 problem'' and medical device safety. Incomplete or misleading
pronouncements on this issue will only serve to frighten unnecessarily
patients who rely on the life-enhancing and life-saving technologies
developed by the medical device industry.