[House Hearing, 109 Congress]
[From the U.S. Government Publishing Office]
HEALTH CARE INFORMATION TECHNOLOGY
=======================================================================
HEARING
before the
SUBCOMMITTEE ON HEALTH
of the
COMMITTEE ON WAYS AND MEANS
U.S. HOUSE OF REPRESENTATIVES
ONE HUNDRED NINTH CONGRESS
FIRST SESSION
__________
JULY 27, 2005
__________
Serial No. 109-28
__________
Printed for the use of the Committee on Ways and Means
U.S. GOVERNMENT PRINTING OFFICE
26-387 WASHINGTON : 2006
_____________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; (202) 512�091800
Fax: (202) 512�092250 Mail: Stop SSOP, Washington, DC 20402�090001
COMMITTEE ON WAYS AND MEANS
BILL THOMAS, California, Chairman
E. CLAY SHAW, JR., Florida CHARLES B. RANGEL, New York
NANCY L. JOHNSON, Connecticut FORTNEY PETE STARK, California
WALLY HERGER, California SANDER M. LEVIN, Michigan
JIM MCCRERY, Louisiana BENJAMIN L. CARDIN, Maryland
DAVE CAMP, Michigan JIM MCDERMOTT, Washington
JIM RAMSTAD, Minnesota JOHN LEWIS, Georgia
JIM NUSSLE, Iowa RICHARD E. NEAL, Massachusetts
SAM JOHNSON, Texas MICHAEL R. MCNULTY, New York
PHIL ENGLISH, Pennsylvania WILLIAM J. JEFFERSON, Louisiana
J.D. HAYWORTH, Arizona JOHN S. TANNER, Tennessee
JERRY WELLER., Illinois XAVIER BECERRA, California
KENNY C. HULSHOF, Missouri LLOYD DOGGETT, Texas
RON LEWIS, Kentucky EARL POMEROY, North Dakota
MARK FOLEY, Florida STEPHANIE TUBBS JONES, Ohio
KEVIN BRADY, Texas MIKE THOMPSON, California
THOMAS M. REYNOLDS, New York JOHN B. LARSON, Connecticut
PAUL RYAN, Wisconsin RAHM EMANUEL, Illinois
ERIC CANTOR, Virginia
JOHN LINDER, Georgia
BOB BEAUPREZ, Colorado
MELISSA A. HART, Pennsylvania
CHRIS CHOCOLA, Indiana
DEVIN NUNES, California
Allison H. Giles, Chief of Staff
Janice Mays, Minority Chief Counsel
______
SUBCOMMITTEE ON HEALTH
NANCY L. JOHNSON, Connecticut, Chairman
JIM MCCRERY, Louisiana FORTNEY PETE STARK, California
SAM JOHNSON, Texas JOHN LEWIS, Georgia
DAVE CAMP, Michigan LLOYD DOGGETT, Texas
JIM RAMSTAD, Minnesota MIKE THOMPSON, California
PHIL ENGLISH, Pennsylvania RAHM EMANUEL, Illinois
J.D. HAYWORTH, Arizona
KENNY C. HULSHOF, Missouri
Pursuant to clause 2(e)(4) of Rule XI of the Rules of the House, public
hearing records of the Committee on Ways and Means are also published
in electronic form. The printed hearing record remains the official
version. Because electronic submissions are used to prepare both
printed and electronic versions of the hearing record, the process of
converting between various electronic formats may introduce
unintentional errors or omissions. Such occurrences are inherent in the
current publication process and should diminish as the process is
further refined.
C O N T E N T S
__________
Page
Advisory of July 20, 2005 announcing the hearing................. 2
WITNESSES
U.S. Department of Health and Human Services, David Brailer,
M.D., Ph.D., National Coordinator for Health Information
Technology..................................................... 6
______
American Health Information Management Association, Linda Kloss.. 34
American Medical Informatics Association, Don E. Detmer, M.D..... 28
Naples Community Hospital Healthcare System, Allen Weiss, M.D.... 40
Health Policy Institute, Georgetown University, Joy L. Pritts.... 46
Healthcare Leadership Council, Mary R. Grealy.................... 53
SUBMISSIONS FOR THE RECORD
Bayot, James, McKesson Corporation, San Francisco, California,
statement...................................................... 66
Gibbons, Patricia, Mayo Foundation, Rochester, Minnesota,
statement...................................................... 70
Hogan, William and Vergil Slee, The Rods Laboratory (at the
University of Pittsburgh), Pittsburgh, Pennsylvania, statement. 74
Ignagni, Karen, America's Health Insurance Plans, Washington, DC,
letter......................................................... 78
Marshall, Rebecca, American Academy of Pediatrics, Elk Grove,
Illinois, statement............................................ 79
Orient, Jane, Association of American Physicians & Surgeons,
Tucson, Arizona, statement..................................... 80
Thomashauer, Robin, Council for Affordable Quality Healthcare,
statement...................................................... 82
Trachtman, Richard, American College of Physicians, statement.... 84
Vaughan, William, Consumers Union, statement..................... 89
Yanes, Richard, Clinical Social Work Federation, Arlington,
Virginia, statement............................................ 90
HEALTH CARE INFORMATION TECHNOLOGY
----------
WEDNESDAY, JULY 27, 2005
U.S. House of Representatives,
Committee on Ways and Means,
Subcommittee on Health,
Washington, DC.
The Subcommittee met, pursuant to notice, at 10:26 a.m., in
room 1100 Longworth House Office Building, Hon. Nancy L.
Johnson (Chairman of the Subcommittee) presiding.
[The advisory announcing the hearing follows:]
ADVISORY
FROM THE
COMMITTEE
ON WAYS
AND
MEANS
SUBCOMMITTEE ON HEALTH
CONTACT: (202) 225-3943
FOR IMMEDIATE RELEASE
July 27, 2005
No. HL-8
Johnson Announces Hearing on Health Care Information Technology
Congresswoman Nancy L. Johnson (R-CT), Chairman, Subcommittee on
Health of the Committee on Ways and Means, today announced that the
Subcommittee will hold a hearing on health information technology (IT).
The hearing will take place on Wednesday, July 27, 2005, in the main
Committee hearing room, 1100 Longworth House Office Building, beginning
at 10:00 a.m.
In view of the limited time available to hear witnesses, oral
testimony at this hearing will be from invited witnesses only.
Witnesses will include representatives from the public and private
sectors to discuss the use of IT in the health care sector and the
targeted actions that government should take to increase the adoption
of health IT. However, any individual or organization not scheduled for
an oral appearance may submit a written statement for consideration by
the Committee and for inclusion in the printed record of the hearing.
BACKGROUND:
Greater use of IT in the health care field has the potential to
reduce medical errors, improve patient care, and reduce costs; yet
adoption of new technology has been slow. Over the past year, beginning
with the Executive Order issued by President Bush that established the
Office of the National Health Information Technology Coordinator,
increased attention has been paid to the issue of the adoption of
health care information technology and the need for such technology to
be interoperable.
Throughout this dialogue, questions have been raised as to the
appropriate and ongoing role of government in facilitating the
development of standards for the exchange of electronic health
information, ensuring the interoperability of information systems,
enabling private sector investments among providers, and harmonizing
laws regarding the confidentiality of patient information. The ultimate
goal is a nationwide health care information infrastructure that
recognizes the role that modern technology can play in the health care
system.
Most recently, the Secretary of the U.S. Department of Health and
Human Services (HHS) announced the formation of the American Health
Information Community, chaired by Secretary Leavitt and comprised of 17
members from the public and private sectors, to develop IT standards
and achieve health IT interoperability. At the same time, the Secretary
released four requests for proposals seeking private sector input in
addressing issues regarding technology standards, certification,
confidentiality and security of patient information, and development of
a national architecture.
The Subcommittee has held a series of hearings on health IT,
covering private sector initiatives, government programs, and
electronic prescribing. This hearing will focus on recent developments
in this area and ways in which Congress can best act to ensure
continued progress.
In announcing the hearing, Chairman Johnson stated, ``Greater use
of IT can dramatically improve the safety and quality of our health
care system while also reducing costs. I am encouraged HHS is moving
forward to adopt health IT, and Congress wants to work with the
Administration to shape the final product. I believe that a public-
private approach appropriately recognizes the key roles that both the
government and the private sector play in the critical area of health
IT.''
FOCUS OF THE HEARING:
The hearing will focus on the approach currently being taken by the
Administration to speed the adoption of health IT and areas where
congressional involvement can further these efforts.
DETAILS FOR SUBMISSION OF WRITTEN COMMENTS:
Please Note: Any person(s) and/or organization(s) wishing to submit
for the hearing record must follow the appropriate link on the hearing
page of the Committee website and complete the informational forms.
From the Committee homepage, http://waysandmeans.house.gov, select
``109th Congress'' from the menu entitled, ``Hearing Archives'' (http:/
/waysandmeans.house.gov/Hearings.asp?congress=17). Select the hearing
for which you would like to submit, and click on the link entitled,
``Click here to provide a submission for the record.'' Once you have
followed the online instructions, completing all informational forms
and clicking ``submit'' on the final page, an email will be sent to the
address which you supply confirming your interest in providing a
submission for the record. You MUST REPLY to the email and ATTACH your
submission as a Word or WordPerfect document, in compliance with the
formatting requirements listed below, by close of business Wednesday,
August 10, 2005. Finally, please note that due to the change in House
mail policy, the U.S. Capitol Police will refuse sealed-package
deliveries to all House Office Buildings. For questions, or if you
encounter technical problems, please call (202) 225-1721.
FORMATTING REQUIREMENTS:
The Committee relies on electronic submissions for printing the
official hearing record. As always, submissions will be included in the
record according to the discretion of the Committee. The Committee will
not alter the content of your submission, but we reserve the right to
format it according to our guidelines. Any submission provided to the
Committee by a witness, any supplementary materials submitted for the
printed record, and any written comments in response to a request for
written comments must conform to the guidelines listed below. Any
submission or supplementary item not in compliance with these
guidelines will not be printed, but will be maintained in the Committee
files for review and use by the Committee.
1. All submissions and supplementary materials must be provided in
Word or WordPerfect format and MUST NOT exceed a total of 10 pages,
including attachments. Witnesses and submitters are advised that the
Committee relies on electronic submissions for printing the official
hearing record.
2. Copies of whole documents submitted as exhibit material will not
be accepted for printing. Instead, exhibit material should be
referenced and quoted or paraphrased. All exhibit material not meeting
these specifications will be maintained in the Committee files for
review and use by the Committee.
3. All submissions must include a list of all clients, persons,
and/or organizations on whose behalf the witness appears. A
supplemental sheet must accompany each submission listing the name,
company, address, telephone and fax numbers of each witness.
Note: All Committee advisories and news releases are available on
the World Wide Web at http://waysandmeans.house.gov.
The Committee seeks to make its facilities accessible to persons
with disabilities. If you are in need of special accommodations, please
call 202-225-1721 or 202-226-3411 TTD/TTY in advance of the event (four
business days notice is requested). Questions with regard to special
accommodation needs in general (including availability of Committee
materials in alternative formats) may be directed to the Committee as
noted above.
Chairman JOHNSON. Good morning, everyone, and a special
welcome to Dr. Brailer and the rest of the panelists. My
personal apologies to Congressman Stark and Congressman
Thompson for the delay in the start of this hearing. As some of
you may know, the President was at the Republican Conference
and sometimes he is very digressive and covers a lot of
territory, and if you are in the middle of the room, you can't
get up and walk out, so my apologies, but I didn't anticipate
the problem. Today, I am pleased to chair this hearing on the
use of information technology (IT) in the health care sector.
In the last Congress, we held two hearings on this topic, and
today, we have an opportunity to revisit this issue to learn
what progress has been made over the last year. In addition, I
hope to focus our discussion on what Congress can do to further
the efforts of the administration and the private sector in
increasing the adoption of health IT. Greater use of IT has the
potential to dramatically improve the safety and quality of
health care for Americans, while at the same time lowering
costs through reductions in clinical errors and elimination of
redundant procedures.
Yet despite these benefits, widespread adoption of IT in
the health field has been disappointingly slow. I have long
supported efforts to increase the use of IT in the health
sector. In the 108th Congress, I introduced H.R. 2915, the
National Health Information Infrastructure Act. I am currently
working on a follow-up piece of legislation that takes a
simple, streamlined approach to addressing this issue by
focusing exclusively on those areas in which Congress needs to
intervene in order to promote greater adoption of health IT by
all providers. I am encouraged by the steps that this
administration has taken recently to engage in a public-private
partnership to move the health IT agenda forward with the
announcement of the American Health Information Community
(AHIC), and the release of four requests for proposals to
address the key areas in this field, that is the development of
standards, certification of products, protection of patient
information, and creation of a nationwide platform for
electronic health information exchange.
I believe that we will see real progress in the months
ahead and I just want to commend Secretary Leavitt and Dr.
Brailer for the breadth of their vision and the foresight of
their work. These dramatic proposals are eliciting new thought
from the nation at a level that portends progress in the future
at a rate impossible without this kind of leadership. So, I
welcome Dr. Brailer and all those who will testify and help us
understand the progress that has been made to date in this area
and additional ways in which Congress can advance the health IT
agenda. Dr. Brailer has been with us before. He was named the
National Health Information Technology Coordinator last year.
Shortly after his appointment, Dr. Brailer produced a framework
for strategic action to guide the Federal Government's effort
in this area and he has been leading the administration's
efforts to increase adoption of health IT in both the public
and private sectors. I have attended a number of the
conferences that he has scheduled, and honestly, the breadth of
involvement of people from the private sector, not only
technology people, but health delivery people and academics,
has really been impressive and has made a difference in the
speed at which we, as a nation, can move forward in this
difficult but very important area.
On our second panel, I am pleased to welcome a
distinguished group who can help us sort through some of the
more technical challenges we face in this field. Dr. Don Detmer
is President and chief executive officer (chief executive
officer) of the American Medical Informatics Association
(AMIA), a current member of the Commission on Systemic
Interoperability that was created under the Medicare
Modernization Act, and a past Chairman of the National
Committee on Vital Statistics. He will provide us with his
insights as to the need for Federal leadership in the health IT
arena and offer specific suggestions of the ways in which
Congress can continue to move this issue forward. Linda Kloss
is the Chief Executive Officer of the American Health
Information Management Association. She will discuss particular
challenges we face in coding for new medical technologies and
the need to update our coding system to keep pace with the
modern medical world. Dr. Allen Weiss, President of the Naples
Community Hospital Healthcare System in Florida, will provide
us with some real-world insight into the benefits that can be
derived from implementing a health care IT system along with a
better understanding of the challenges he has faced in making a
paperless health care system a reality. Joy Pritts, Assistant
Research Professor at the Health Policy Institute at Georgetown
University will discuss issues relating to maintaining the
confidentiality of patient information so important to all of
us.
Finally, Mary Grealy with the Health Care Leadership
Council will discuss the challenges that health care providers
and others face in navigating the myriad State and Federal
regulations geared toward protecting patient information and
how the existence of many layers of regulations may impede the
adoption of health care IT. Incidentally, I would just say
these two contrasting views, with the depth of knowledge and
experience behind them, will be very helpful to the Committee.
I look forward to hearing from all our witnesses and thank you
for being with us today. Mr. Stark, I would like to invite you
to make an opening statement.
Mr. STARK. Thank you, Madam Chair. I am afraid that while
the administration can get its act together on soliciting votes
for the Central America Free Trade Agreement, I wish we could
have the same kind of direction on bringing the medical
delivery system into the, at least, 20th century before the
21st century is over. We are going to hear this morning from
our lead witness about more meetings and conferences than one
could believe possible and relatively nothing about getting the
job done. Now, on the other hand, another employee of the U.S.
Department of Health and Human Services tells us that next
week, they are going to get something done, and I am beginning
to wonder whether the right and the left hand speak to each
other. We are going to hear that we brought a bunch of chief
executive officers together from companies with such greater
experience in delivering health care as Wal-Mart, but this
leadership panel, which had basically no representation for
patients or beneficiaries on it, did say that the key
imperative that the Federal Government should act as the
leader, catalyst, and convener of our IT effort. Yet in the
same testimony, we are going to hear that there is an idea that
this new community of health care information will be turned
over to the private sector in 5 years. It sounds to me like the
administration can't decide what they want to do. They do
suggest that--the President suggested in 2004 a deadline.
Albeit 10 years, it is something that many of us think might
have a good effect on getting people moving.
Now, as I say, we are going to hear an awful lot of
discussion about consultation and harmonization, which I used
to think was a mathematical result of a wave study, but
harmonization may have something to do with doctors and
patients gathering information. Dr. McClellan, on the other
hand, has told us that on August 1, the Centers for Medicare
and Medicaid Services (CMS) staff is going to release the
Veterans VISTA program and it will be a stand-alone and allow
an in-office electronic health record (EHR) that contains
computerized medical records, a medication formula with refill
and drug interaction notification. It is a reminder system for
preventative services, which I know the chair is interested in,
and diagnostic tests, a potential to communicate electronically
with other systems in the future. It is free. It is in the
public domain. It is an open system. It is scalable and allows
major software developers to devise add-on enhancements. It is
basically the system that we could start with tomorrow and is
acclaimed as being quite good. All it seems to me is it takes
is the current administration, and I suspect they have the
authority to do this without legislation, but I also suspect
that we would be glad to pass it if they need it, why don't we
get started? It is beyond me why we are having all these
therapy sessions when we could get started and install the
software. So, I will look forward to hearing not only about
that. The lead witness earlier suggested to us that Health
Insurance Portability and Accountability Act 1996 (HIPAA) (P.L.
104-191) was an unmitigated disaster, so I would like to hear a
little bit more about how he intends to protect the privacy of
the American people, but we will leave that to his testimony.
Thank you, Madam Chair.
Chairman JOHNSON. Dr. Brailer, welcome.
STATEMENT OF DAVID BRAILER, M.D., PH.D., NATIONAL COORDINATOR
FOR HEALTH INFORMATION TECHNOLOGY, U.S. DEPARTMENT OF HEALTH
AND HUMAN SERVICES
Dr. BRAILER. Thank you, Chairwoman Johnson and Ranking
Member and fellow Californian Stark and other members of the
Committee. I have submitted my written testimony, and with your
consent, I will give only brief remarks and then answer your
questions. Our efforts to advance health IT are now fully
underway. There are numerous initiatives that are going on
today across the nation in the administration, which I will
talk about principally now, but also in numerous States,
including many of the States you represent, local and regional
grassroots projects, and certainly in other agencies and in the
private sector. We certainly welcome the interest in health IT
from this Subcommittee and elsewhere in Congress. We are
focusing on setting a foundation for health IT that is long-
term, not just to solve an immediate problem today, but to
create the foundations for a very long-term sustained
transformation of health care. We want this to be market-based,
to be non-regulatory, and with a primary focus on improving our
health care system's safety and quality, cost effectiveness,
and consumer involvement as well as threat preparedness.
Briefly, there are three foundations of what we are doing.
First is clinically, and I am sure you know this quite well. We
want to make sure that clinicians have access to information
that can prevent errors and deaths, that they can make
evidence-based treatment decisions and be able to reduce
redundant tests and unnecessary treatments. We want to bring
together different clinicians so they can work as a team to
deliver care and to care for the whole patient. We want to get
information to consumers so that they can manage their health,
make treatment decisions, and choose providers based on good
evidence. There are business foundations of our effort, as
well. These arrive from strong support in the private sector
for the use of health IT to enable further competitiveness of
American industry, to continue to improve the health status of
the employees who work in our commercial industries, to bring
productivity and employment improvements to health care, as IT
has brought to other industry sectors, and as an added benefit,
to develop high-tech jobs in the health care industry across
the United States. The Federal Government has been called upon
to be a leader, a catalyst, and a convener and to use
collaborative methods to pull stakeholders together and move
this forward and to use our purchasing power to drive results.
We also have a technical foundation that has been set that
is built around strong support for interoperability as a
foundational element in the health care system. The key
findings from the RFI that we sent to industry over the past 6
months have had more than 500 respondents from across sectors,
had calls for public-private collaboration, information that is
patient-centric, strong and advanced safeguards for privacy, a
centralized, regionally governed initiative, and a nationwide
communication standard and an architecture. We see two
fundamental challenges and, therefore, have two core strategies
in our initiative. First is to drive interoperability and
second is to drive EHR adoption and the adoption of other
related health information technologies. Interoperability is
essentially about getting information where it is needed when
it is needed. Most clinical value is tied up in the ability to
share health information among different providers, yet today,
we have very little sharing and health information is often
regarded as a proprietary asset of the organization. We can't
empower consumers without getting their information together in
one place in a usable manner, and this is really the functional
test of are we an interoperable health care system. For years,
we have sought integratedness and information is now the key
strategy that is being focused on.
The other component is getting EHRs into the hands of
providers. There is a large gap between the adoption of large
and small providers regarding their use of these tools. Large
organized health care systems and physician groups have the
know-how and resources to put in health IT, to implement it, to
use it, to change their practices around it, and they are the
ones that are driving most of the reported adoption. Smaller
providers, small physician offices, small hospitals, safety net
clinics, have substantial economic know-how, business operation
and market barriers to health IT. These are not a result of the
software, these are the result of the huge change in their
organizations that they stand for. Because of perverse
incentives in reimbursement, most health IT adoption is being
driven strategically today. We have taken on an
interoperability forward strategy. That means that we have
focused principally on how to make sure that as IT adoption
occurs, it can share information. I will briefly summarize the
key strategies we are doing today.
First is standards harmonization, which has the goal of
making sure that the United States has one single usable and
unified set of information standards. Many other countries
already have these and we have lagged behind and we want to
make sure that we can protect our hospitals and clinicians from
having to deal with overlaps, ambiguities, and gaps in
standards. Second is compliance certification. We want to make
sure that EHRs and other health IT do meet minimal standards
for clinical content, for security, and for information sharing
so we can make sure that patient information can be gathered
from different sources, we can protect and secure information
in these tools, and we can prompt physicians with needed
preventative care and orders and other alerts that are part of
routine care and treatment. We want to develop an architecture
for sharing of information that would be Internet-based and
built around the concept of high security that is used in other
applications. We want to make sure that we have a capacity in
industry to share health information so that doctors do not
have to do this without help. Finally, we are focusing on
addressing variations in privacy and security practices across
states and across covered entities. Our goal is to ensure that
not only State-to-State variation can be reduced, but more
importantly, that covered entity-to-covered entity variation
can be reduced, as well, so that we don't have to choose
between flexibility of security and privacy and
interoperability. Chairman Johnson, I appreciate your
leadership. I appreciate the interest of the Subcommittee and I
certainly look forward to answering your questions.
[The prepared statement of Dr. Brailer follows:]
Statement of David Brailer, M.D., Ph.D., National Coordinator for
Health Information Technology, U.S. Department of Health and Human
Services.
Chairwoman Johnson and Members of the Subcommittee, I am Dr. David
Brailer, the National Coordinator for Health Information Technology.
The Office of the National Coordinator for Health Information
Technology is a component of the Department of Health and Human
Services (HHS). Thank you for inviting me to testify today on health
information technology activities underway in the Department.
Setting the Context
On April 27, 2004, the President signed Executive Order 13335 (EO)
announcing his commitment to the development and nationwide
implementation of an interoperable health information technology
infrastructure to improve efficiency, reduce medical errors, raise the
quality of care, and provide better information for patients,
physicians, and other health care providers. In particular, the
President called for widespread adoption of electronic health records
(EHRs) within 10 years so that health information will follow patients
throughout their care in a seamless and secure manner. Toward that
vision, the EO directed the Secretary of the Department Health and
Human Services (HHS) to establish within the Office of the Secretary
the position of National Coordinator for Health Information Technology
(National Coordinator), with responsibilities for coordinating Federal
health information technology (health IT) programs with those of
relevant executive branch agencies, as well as coordinating with the
private sector on their health IT efforts. On May 6, 2004, Secretary
Tommy G. Thompson appointed me to serve in this position.
On July 21, 2004, during the Department's Health IT Summit, we
published the ``Framework for Strategic Action: The Decade of Health
Information Technology: Delivering Consumer-centric and Information-
rich Health Care,'' (The Framework). The Framework outlined an approach
toward nationwide implementation of interoperable EHRs and in it we
identified four major goals. These goals are: 1) inform clinical
practice by accelerating the use of EHRs, 2) interconnect clinicians so
that they can exchange health information using advanced and secure
electronic communication, 3) personalize care with consumer-based
health records and better information for consumers, and 4) improve
public health through advanced bio-surveillance methods and streamlined
collection of data for quality measurement and research. The Framework
has allowed many industry segments, sectors, interest groups, and
individuals to review how health IT could transform their activity or
experience, consider how to take advantage of this change, and to
participate in ongoing dialogue about forthcoming efforts. My office
has obtained significant additional input concerning how these four
goals can best be met.
We have consulted with, and actively partnered with,
numerous federal agencies in the U.S. Government including the
Departments of Veterans Affairs, Defense, Commerce, and Homeland
Security.
We have met with many organizations and individuals
representing stakeholders of the healthcare system to obtain their
individual views.
We have reached out to states and regions through site
visits and town hall meetings to understand the health IT challenges
experienced at the local level as well as best practices for the use
of, and collaboration regarding, health IT.
We have regularly testified before, and been informed by,
the National Committee on Vital and Health Statistics (NCVHS) on issues
critical to the nation's health IT goals.
We have monitored, and coordinated with, the efforts of
the Commission for Systemic Interoperability. (The Medicare
Modernization Act called for the Secretary to establish the Commission
to develop a comprehensive strategy for the adoption and implementation
of health care information technology standards that includes a
timeline and prioritization for such adoption and implementation.) and
We have met with delegations involved with health IT from
other countries, including Canada, Netherlands, Japan, Australia, Great
Britain, and France to learn from their individual country experiences.
The Framework for Strategic Action and the Federal Health
Architecture (FHA) are irrevocably linked in the effort to address
critical health care needs. The FHA is now under the leadership of the
ONC and will provide the structure or ``architecture' for collaboration
and interoperability among federal health efforts as specified in the
Framework for Strategic Action. Moreover, the Consolidated Health
Informatics activities are now moving forward under the FHA.
Building on the EO, The Framework, and this input, we have
developed the clinical, business, and technical foundations for the HHS
health IT strategy. Let me turn to some of those now.
The Clinical Foundation: Evidence of the Benefits of Health IT
We believe that health IT can save lives, improve care, and
increase efficiency and potentially reduce costs in our health system.
Five years ago, the Institute of Medicine (IOM) estimated that as many
as 44,000 to 98,000 deaths occur each year as the result of medical
errors. Health IT, through applications such as computerized physician
order entry can help reduce medical errors and improve quality. For
example, studies have shown that adverse drug events have been reduced
by as much as 70 to 80% by targeted programs, with a significant
portion of the improvement stemming from the use of health IT.
Every primary care physician knows what a recent study in the
Journal of the American Medical Association (JAMA) showed: that
clinical information is frequently missing at the point of care, and
that this missing information can be harmful to patients. That study
also showed that clinical information was less likely to be missing in
practices that had full electronic records systems. Patients know this
too and are taking matters into their own hands. A recent survey by the
Agency for Health Care Research and Quality (AHRQ) with the Kaiser
Family Foundation and the Harvard School of Public Health found that
nearly 1 in 3 people say that they or a family member have created
their own set of medical records to ensure that their health care
providers have all of their medical information.
Some researchers estimate that savings from the implementation of
health IT and corresponding changes in care processes could range
anywhere from 7.5 percent of health care costs (Johnston et al., 2003;
Pan et al, 2004) to 30 percent (Wennberg et al., 2002; Wennberg et al.,
2004; Fisher et al., 2003; Fisher et al., 2003). These estimates are
based in part on the reduction of obvious errors. For example, a
medical error is estimated to cost, in 2003 dollars, about $3,700
(Bates et al, 1997). However, these savings are not guaranteed through
the simple acquisition of health IT. If poorly designed or implemented,
health IT will not bring these benefits, and in some cases may even
result in new medical errors and potential costs. Further, these are
estimates which we have not yet seen realized in the health care system
generally.
Therefore, achieving efficiency and potential cost savings requires
a much more substantial transformation of care delivery that goes
beyond simple error reduction. Health IT must be combined with real
process change in order to see meaningful improvements in our delivery
system and systems must be standards compliant and interoperable so
that patient information can be communicated to all possible points of
care. It requires the industry to follow the best diagnostic and
treatment practices everywhere in the nation. For example, cholesterol
screenings can lead to early treatment, which in turn can reduce the
risk for heart disease. Where that has been done, there have been
substantial savings on cardiac expenditures.
So, this is the clinical foundation for our work, which
demonstrates that health IT can save lives, improve care, and improve
efficiency in our health system; now let me turn to the business
foundation.
The Business Foundation: The Health IT Leadership Panel Report
Recognizing that the healthcare sector lags behind most other
industries in its use of IT, an HHS contractor convened a Health IT
Leadership Panel for the purposes of understanding how IT has
transformed other industries and how, based upon experiences of members
of the panel, it can transform the health care industry.
The Leadership Panel was comprised of nine CEOs from leading
companies that purchase large quantities of healthcare services for
their employees and dependents and that do not operate in the
healthcare business. The Leadership Panel included CEOs from FedEx
Corporation, General Motors, International Paper, Johnson Controls,
Target Corporation, Pepsico, Procter & Gamble, Wells Fargo, and Wal-
Mart Stores. The business leaders were called upon to evaluate the need
for investment in health information technology and the major roles for
both the government and the private sector in achieving widespread
adoption and implementation. Based upon their own experiences using IT
to reengineer their individual business--and by extension, their
industries--the Leadership Panel concluded that investment in
interoperable health IT is urgent and vital to the broader U.S. economy
due to rising health care demands and business interests.
As identified by the Lewin Group, the Leadership Panel concluded:
Potential benefits of health IT far outweigh manageable
costs.
Health IT needs a clear, broadly motivating vision and
practical adoption strategy.
The federal government should provide leadership, and
industry will engage and follow.
Lessons of adoption and success of IT in other industries
should inform and enhance adoption of health IT.
Among its multiple stakeholders, the consumer--including
individual beneficiaries, patients, family members, and the public at
large--is key to adoption of health IT and realizing its benefits.
Stakeholder incentives must be aligned to foster health
IT adoption.
The Leadership Panel identified as a key imperative that the
Federal government should act as leader, catalyst, and convener of the
nation's health information technology effort. The Leadership Panel
also emphasized that federal leverage as purchaser and provider would
be needed--and welcomed by the private sector. Private sector
purchasers and health care organizations can and should collaborate
alongside the federal government to drive adoption of health IT. In
addition, the Leadership Panel members recognized that widespread
health IT adoption may not succeed without buy-in from the public as
health care consumer. Panelists suggested that the national health IT
vision must be communicated clearly and directly to enlist consumer
support for the widespread adoption of health IT.
These findings and recommendations from the Leadership Panel were
published in a report released in May 2005 and laid the business
foundation for the HHS health IT strategy. Now, let me turn to the
technical foundation.
The Technical Foundation: Public Input Solicited on Nationwide
Network
HHS published a Request for Information (RFI) in November 2004 that
solicited public input about whether and how a Nationwide Health
Information Network (NHIN) could be developed. This RFI asked key
questions to guide our understanding around the organization and
business framework, legal and regulatory issues, management and
operational considerations, standards and policies for
interoperability, and other considerations.
We received over 500 responses to the RFI, which were reviewed by a
government-wide RFI Review Task Force. This Task Force was comprised of
over 100 Federal employees from 17 agencies, including the Departments
of Homeland Security, Defense, Veterans Affairs, Treasury, Commerce,
Health and Human Services, as well as multiple agencies within the
departments. The resulting public summary document has begun to inform
policy discussions inside and outside the government.
We know that the RFI stimulated substantial and unprecedented
discussions within and across organizations about how interoperability
can really work, and we have continued to build on this. These
responses have yielded one of the richest and most descriptive
collections of thoughts on interoperability and health information
exchange that has likely ever been assembled in the U.S. As such, it
has set the foundation for actionable steps designed to meet the
President's goal.
While the RFI report is an illustrative summary of the RFI
responses and does not attempt to evaluate or discuss the relative
merits of any one individual response over another, it does provide
some key findings. Among the many opinions expressed by those
supporting the development of a NHIN, the following concepts emerged:
A NHIN should be a decentralized architecture built using
the Internet, linked by uniform communications and a software framework
of open standards and policies.
A NHIN should reflect the interests of all stakeholders
and be a joint public/private effort.
A governance entity composed of public and private
stakeholders should oversee the determination of standards and
policies.
A NHIN should provide sufficient safeguards to protect
the privacy of personal health information.
Incentives may be needed to accelerate the deployment and
adoption of a NHIN.
Existing technologies, federal leadership, prototype
localized or regional exchange efforts, and certification of EHRs will
be the critical enablers of a NHIN.
Key challenges to developing and adopting a NHIN were
listed as: the need for additional and better refined standards;
addressing privacy concerns; paying for the development and operation
of, and access to the NHIN; accurately verifying patients' identity;
and addressing discordant inter--and intra-state laws regarding health
information exchange.
Key Actions
Building on these steps, two critical challenges to realizing the
President's vision for health IT are being addressed: a)
interoperability and the secure portability of health information, and
b) electronic health record (EHR) adoption. Interoperability and
portability of health information using information technology are
essential to achieve the industry transformation goals sought by the
President.
To address these challenges, HHS is focusing on several key
actions: harmonizing health information standards; certifying health IT
products to assure consistency with standards; addressing variations in
privacy and security policies that might pose challenges to
interoperability; and, developing an architecture for nationwide
sharing of electronic health information. HHS has allocated $85 million
to achieve these and other goals in FY 2005 and has requested $125
million in FY 2006. These efforts are inter-related, and they will be
coordinated through the formation of a new collaborative known as the
American Health Information Community.
American Health Information Community (the Community)
On July 14, 2005, Secretary Michael Leavitt formally announced the
formation of a national collaboration, the American Health Information
Community (the Community), a public-private body formed pursuant to the
Federal Advisory Committee Act. The Community is being formed for the
purposes of helping transition the nation to electronic health records
in a smooth, market-led way. The Community will provide input and
recommendations to the Secretary on use of common standards and how
interoperability among EHRs can be achieved while assuring that the
privacy and security of those records are protected. And, it will be
designed as an open, transparent and inclusive collaboration.
HHS is currently soliciting nominations for people to serve on the
Community and Secretary Leavitt will appoint up to 17 commission
members, including himself as chairperson. It will consist of nine
members from the public sector and eight members from the private
sector. Public Sector members will be drawn from Department of Health
and Human Services (including the Office of the Secretary, the Centers
for Medicare and Medicaid Services, and the Public Health Service),
Department of Veterans Affairs, Department of Defense, Department of
Commerce, Department of the Treasury, Office of Personnel Management,
and a State government representative. The private sector membership
will be drawn from purchasers, third-party payers, hospitals,
physicians, nurses, ancillary services (e.g., lab or pharmacy),
consumer and privacy interests, and health information technology.
Nominations for membership are being accepted through August 5, 2005.
The Community is expected to be convened early this fall.
The Community will start by building on the vast amount of
standardization already achieved inside and outside the healthcare
industry. Specifically, the Community will:
Make recommendations on how to maintain appropriate and
effective privacy and security protections.
Identify and make recommendations for prioritizing health
information technology achievements that will provide immediate
benefits to consumers of health care (e.g., drug safety, lab results,
bio-terrorism surveillance, etc.).
Make recommendations regarding the ongoing harmonization
of industry-wide health IT standards and a separate product
certification and inspection process.
Make recommendations for a nationwide architecture that
uses the Internet to share health information in a secure and timely
manner.
Make recommendations on how the Community can be
succeeded by a private-sector health information community initiative
within five years. (The sunset of the Community, after no more than
five years, will be written into the charter.)
The Community will be chartered for two years, with the option to
renew and duration of no more than five years. The Department intends
for the Community to be succeeded within five years by a private-sector
health information community initiative that, among other things, would
set additional needed standards, certify new health information
technology, and provide long-term governance for health care
transformation.
In addition to the formation of the Community, the Office of the
National Coordinator issued four requests for proposals (RFPs). The
outputs of the contracts stemming from these RFPs will, in part, serve
as inputs for the Community's consideration. We expect to award
contracts based on these RFPs in September and October 2005.
Specifically, the RFPs will focus on four major areas:
Standards harmonization
We have issued a Request For Proposal (RFP) to develop, prototype
and evaluate a process to harmonize industry-wide standards
development, and also unify and streamline maintenance of and
refinements to existing standards over time. Today, the standards-
setting process is fragmented and lacks coordination, resulting in
overlapping standards and gaps in standards that need to be filled. We
envision a process where standards are identified and developed around
real scenarios--i.e., around use cases or breakthroughs. A ``use case''
is a technology term to describe how actors interact in specific value-
added scenarios--for example, rapidly assembling complete patient
information in an emergency room; we also call them ``breakthroughs''.
Compliance certification
We have issued an RFP to develop, prototype and evaluate a process
to specify criteria for the functional requirements for health IT
products--beginning with ambulatory EHRs, then inpatient EHRs, and then
the infrastructure components through which EHRs interoperate (e.g.,
NHIN architecture). This RFP will also evaluate a process for
inspection based on conformance with these criteria.
NHIN Architecture
We have issued an RFP to develop models and prototypes for a NHIN
for widespread health information exchange that can be used to test
specialized network functions, security protections and monitoring, and
demonstrate feasibility of scalable models across market settings. The
NHIN architecture will be coordinated with the work of the Federal
Health Architecture and other interrelated RFPs. The goal is to develop
real solutions for nationwide health information exchange and
ultimately develop a market--particularly the supply side--for health
information exchange, which does not exist today. This RFP will fund 6
architectures and operational prototypes that will maximize the use of
existing resources such as the Internet, and will be tested
simultaneously in three markets with a diversity of providers in each
market. HHS intends to make these prototype architectures available in
the public domain to prevent control of ideas and design. Through the
RFP process, we encourage the development of a complete open source
solution.
Security and privacy
We issued an RFP to assess variations in state laws and
organization-level business policies around privacy and security
practices, including variations in implementations of HIPAA privacy and
security requirements that may pose challenges to automated health
information exchange and interoperability. This RFP, administered by
AHRQ, will seek to define workable mechanisms and policies to address
these variations, while maintaining the levels of security and privacy
that consumers expect.
Fraud and Abuse Study
In addition, HHS has a 6-month project underway to determine how
automated coding software and a nationwide interoperable health
information technology infrastructure can address healthcare fraud
issues. The project is being conducted through a contract with the
Foundation of Research and Education (FORE) of the American Health
Information Management Association (AHIMA).
While only a small percentage of the estimated 4 billion healthcare
claims submitted each year are fraudulent, the total dollars in
fraudulent or improper claims is substantial. The National Health Care
Anti-Fraud Association (NHCAA) estimates that healthcare fraud accounts
for 3 percent of U.S. health expenditures each year, or an estimated
$56.7 billion. They cite other estimates, which may include improper
but not fraudulent claims, as high as 10 percent of U.S. health
expenditures or $170 billion annually.
At present, the contractor is working to perform two main tasks.
One task is a descriptive study of the issues and the steps in the
development and use of automated coding software that enhance
healthcare anti-fraud activities. The second task is identifying best
practices to enhance the capabilities of a nationwide interoperable
health information technology infrastructure to assist in prevention,
detection and prosecution, as appropriate, in cases of healthcare fraud
or improper claims and billing. An expert cross-industry committee
composed of senior level executives from both the private and public
sectors is guiding this second task.
The project's final report is scheduled for completion in September
2005.
Conclusion
Thank you for the opportunity to present this summary of the
activities of the Office of the National Coordinator for Health
Information Technology. A year ago, the President created this position
by Executive Order. In that time, we have established the clinical,
business and technical foundations for the HHS health IT strategy. Now,
we have begun to execute key actions that will give us real, tangible
progress toward that goal.
HHS, under Secretary Leavitt's leadership, is giving the highest
priority to fulfilling the President's commitment to promote widespread
adoption of interoperable electronic health records--and, it is a
privilege to be a part of this transformation.
This concludes my prepared statement. I would be delighted to
answer any questions that you or the Members of the Subcommittee may
have.
Chairman JOHNSON. Thanks very much, Dr. Brailer. Dr.
Brailer, you state in your testimony that the Federal
Government should act as a leader, catalyst, and convener of
the nation's health IT effort. Why is the Federal Government
role so critical in this effort when other industries have
managed to incorporate technology without significant Federal
intervention, and how do you see the Federal role evolving in
the coming decade? At the same time, would you also address, in
terms of the Federal Government's role, when you say you want
to develop one usable set of standards, at some point, will the
Federal Government say, this is the standard and this is the
standard everyone has to meet?
Dr. BRAILER. Yes. Thank you. We have seen many industries
have long-term conversions to new ways of doing business by
using IT and much of the sustained productivity improvements in
our economy come from the dividends we are reaping from that.
Health care has lagged behind, and I think there are a couple
of reasons that also call for why the Federal Government is
involved in this. First, we are a very large purchaser of
health care services, as you all know, and without the Federal
Government acting, too little purchasing power in the private
sector can be focused on the changes that are needed to be
done. Second, we do have a number of regulations and practices,
including the way we reimburse for care today, that provide
disincentives to the kinds of technology that we want to put in
place and the kinds of quality that we want to see produced.
This has been widely discussed. So, the Federal Government
acting as a catalyst and a leader means that we are going to
move forward and address our policies and our purchasing
practices in concert with the industry so that there is a
unified movement toward the kinds of progress that we want to
see, both in IT and in quality.
In terms of how our role will evolve over time, we are
clearly taking the initiating role leading this forward and our
principal focus, as I said, is on interoperability, which means
to ensure that as we put IT tools in place in our doctors and
hospitals and other settings that they can share information,
that we can collect information for bioterrorism threats, that
we can make sure that consumers can get access to their
information. Over time, we want to shift our attention toward
driving adoption of systems. This effort for interoperability,
I think of as a 2-year platform to be able to make sure that
the next system that is purchased is easier to purchase by a
physician, is cheaper for them to purchase, and is able to be
used more effectively in terms of staying up to date. So, our
whole role will shift as we drive that other component of long-
term change. In terms of how the standards will play out over
time, we do envision them having significant Federal support.
Starting today, we are going to work through a process to let
the current voluntary standards efforts move forward, but we
have created a new group called the AHIC that you mentioned
which will receive the testimony of these standards developers
and, after vetting them, will make recommendations to the
government about what those final standards should be. We will
then turn them over to the National Institute for Standards and
Technology (NIST) that will go through a process that will make
those standards mandatory for Federal agencies.
This is a very, very expensive change, tens of billions of
dollars of change just in Federal systems alone to comply with
standards, let alone the private sector. So, naturally, it will
be a long-term, incremental change. As that happens, that will
then become a necessity of doing business with those agencies
is to comply with those standards, as well. So, we are going to
drive voluntary adoption with a follow-up in terms of how
agencies adopt those, as well.
Chairman JOHNSON. Thank you. That is very interesting. I am
going to turn to Mr. Stark, and then at the end, if there
haven't been question about your new RFPs, I would like to come
back to that. Mr. Stark?
Mr. STARK. Doctor, you have mentioned several times using
government purchasing power to drive results, kind of a free
market approach, right?
Dr. BRAILER. I think.
Mr. STARK. Why does the administration then object to using
its purchasing power to lower pharmaceutical costs for the
taxpayers?
Dr. BRAILER. Congressman, I appreciate the question, but I
really am here to talk about health IT and I can't speak to
that. I would be happy to take that question back----
Mr. STARK. Well, let me ask you, then, as a physician, or
as a proponent of the free--you tell us you know something
about the free market. I would like to find out what you know.
Why wouldn't it make sense to you, as an expert in the free
market, that using the purchasing power of $400 to $600 billion
would be more efficient in saving money than cutting it up into
a couple of $20 billion purchasing powers?
Dr. BRAILER. Congressman, I respect the question, but I am
here today as a representative of the administration and not as
a private expert, so----
Mr. STARK. It is the administration that isn't using its
purchasing power to save pharmaceuticals, and if we don't save
any money in pharmaceuticals, we aren't going to have any money
left to pay the doctors. It is all in one box, Doctor.
Chairman JOHNSON. Will the gentleman yield?
Mr. STARK. Yes.
Chairman JOHNSON. The structure of the Medicare
Modernization Act involved people competing to provide
pharmaceuticals----
Mr. STARK. That is what he is talking about.
Chairman JOHNSON. Competition--that is right, and that is
the structure of the bill that was structured, the Democrat
bill, also, until the final motion to recommit. Both bills were
structured to have competing PBMs on the theory that
competition drove prices down, and then there is a special way
of trying to drive prices down in part B drugs. So----
Mr. STARK. I am with you.
Chairman JOHNSON. That isn't a topic of this hearing, so--
--
Mr. STARK. It is a topic, Madam Chair----
Chairman JOHNSON. Maybe you would like to go on to your----
Mr. STARK. Madam Chair, when it is convenient, when you are
not getting paid big campaign contributions by the
pharmaceutical industry, it is convenient not to let the
government drive prices down. I suspect that that would be
the----
Chairman JOHNSON. I guess what I am getting at is there is
a dispute between how you drive them down, whether you drive
them through competition or through government negotiation, and
that is a big dispute, but that is not the topic we are here--
--
Mr. STARK. If the Doctor doesn't think it is good and you
don't think it is good for driving pharmaceutical prices down,
how--now, it may be that you haven't gotten any campaign
contributions yet from the IT industry and then you might
decide that it, too, is a good idea not to let us use the
purchasing power to drive their prices down. The fact is that
the drug bill was written by the pharmaceutical industry and
has it in it a prohibition----
Chairman JOHNSON. Mr. Stark, I truly find that demeaning--
--
Mr. STARK. You are interrupting----
Chairman JOHNSON. If you would please----
Mr. STARK. Regular order. If you would like to ask me to
yield, I might, but it is my time and I would like to finish
and suggest that the reason that this good witness wants to
talk about using purchasing power is because it hasn't occurred
to them yet that the IT industry will be in making big
contributions. I think that this idea of voluntary standards,
we are now somewhere around 17th in the world in health care
and the Doctor mentioned that we have standards in other
countries and none of them are voluntary in those countries
that have better medical care than we do. So, it appears,
Doctor, that your idea of having a market-based system as a
stop to the industry that supports politicians so generously,
and not having any regulations is a matter of faith with you,
is that correct?
Dr. BRAILER. Well, I certainly do have faith in the private
market, sir.
Mr. STARK. That is obvious.
Dr. BRAILER. I believe that in this case, the private
market is both being inhibited by government policies around
how we reimburse for care----
Mr. STARK. Okay.
Dr. BRAILER. On the other hand, this is one instance where
I believe----
Mr. STARK. Would you suggest we do that with the Food and
Drug Administration (FDA), then, Doctor? How about having a
market-based non-regulatory pharmaceutical approval system?
Dr. BRAILER. I certainly couldn't comment on that. But I
would like to tell you that I believe that----
Mr. STARK. Doctor, what do you know about? You went to
medical school, didn't you?
Dr. BRAILER. I did.
Mr. STARK. Did you get a Ph.D. someplace?
Dr. BRAILER. I did.
Mr. STARK. In what?
Dr. BRAILER. In economics.
Mr. STARK. You can't comment on what the FDA does in
terms--are you familiar with the FDA?
Dr. BRAILER. Sure, and I would be happy to report to
Secretary Leavitt and to the White House your interest in the
topic and have them come back and speak with you. It is not the
topic that I have come for----
Mr. STARK. I am sorry. Thank you, Madam Chair.
Dr. BRAILER. Could I speak to the Congressman's question,
please, Chairwoman?
Chairman JOHNSON. Pardon?
Dr. BRAILER. Could I speak to his question?
Mr. STARK. My time has expired.
Chairman JOHNSON. His time has expired. Let me go now to
Mr. McCrery.
Mr. MCCRERY. Thank you, Madam Chair. Dr. Brailer, welcome.
Dr. BRAILER. Thank you.
Mr. MCCRERY. It is nice to have you with us, particularly
one of your education and expertise. I don't want to belabor
Mr. Stark's line of questioning, but I think it is worth
pointing out, and perhaps you as an economist understand what
the Congressional Budget Office (CBO) understood and wrote in
response to a specific question about the value of having the
government directly negotiate prices with pharmaceutical
companies. The CBO and their economists concluded that there
would be no significant savings to the program if the
government were to be allowed to directly negotiate prices as
compared with the formula that we did include and pass in the
legislation which calls for very aggressive negotiations among
plans and providers. So, as an economist, do you understand
that the CBO concluded that the market will work just about as
well as the heavy hand of the government dictating prices,
basically, because of their purchasing power?
Dr. BRAILER. Yes, sir, I am aware of that.
Mr. MCCRERY. Okay. Mr. Stark in his opening remarks did
bring up, I think, a useful point that we ought to discuss and
explore. In his opening remarks, he suggested that we utilize
the existing framework that the VA uses for its IT and get that
spread out as the template for the private sector. That may be
a good idea that Mr. Stark has suggested, and I think,
actually, CMS announced last week, or maybe--yes, I think last
week----
Dr. BRAILER. Right.
Mr. MCCRERY. That they intended to do something like that.
When Dr. McClellan was here last week, I asked him, and I am
going to ask you, in light of your RFPs, which seem to call for
private sector involvement in developing standards of
interoperability, are we going too fast with putting out a
system that is used by the VA and it may not be the best system
for our entire health care system? How do you plan, how do you
envision dovetailing what may be a worthwhile effort in getting
that system out there, as Mr. Stark has suggested, but also
developing through the private sector what may be an even
better system?
Dr. BRAILER. Sure. Well, I appreciate your interest and
Congressman Stark's interest in VISTA. We have been working
very closely with CMS and with the Department of Veterans'
Affairs since I came to the government to make sure that VISTA
can be available to the market and the release that is coming
next week is really an important milestone for us. We intend to
make sure that that product that is made available is one of
many choices that physicians have, and I think it will find
particular resonance in physicians that work in safety net
clinics and underserved clinics and clinics in other areas
where they have significant technology barriers. Also, I think
it does play a role in promoting competition, particularly in
small physician offices. We have seen that the price
performance of EHRs becomes very difficult for physicians to
get access to in small practices, and that probably is where
the VISTA system will have its best resonance.
We are going through a process now of having a
certification process for EHRs, meaning they will be subjected
to inspections, and we expect for the VISTA office product to
be going through that same process to ensure that it can comply
with the standards that are out as well as, hopefully, be a
leader in that process for the rest of the market. So, I am
very optimistic about what it brings, but it is one of a large
portfolio of other choices that we think physicians will make
as they pick products and software that meet their own clinical
specialty needs, their own practice setting needs, and their
own kind of patient care needs.
Mr. MCCRERY. So, you don't see necessarily getting the
VISTA system out there, the software out there, as necessarily
deciding by that that that is going to be the platform
forevermore.
Dr. BRAILER. Absolutely not. I think at this point, the
market is not supply limited. It is demand limited. The
principal factor isn't that there aren't good products
available. The principal factor is physicians have no incentive
to put them in and they have significant technical business and
human factors, barriers, to doing that, and I think the VISTA
system suffers from the same challenge that any other EHR
product does. How does the physician actually implement it and
get it up and running? How do they change the way they make
decisions and communicate? That human change, that
transformation is really what all of these software products
are about and none of them have a magic capacity to skip past
those. So, I think it is a good solution. It will be really a
good solution for particular product or particular practice
settings. I don't think it is transformative in terms of how we
regard health IT adoption.
Mr. MCCRERY. Thank you very much.
Dr. BRAILER. Thank you.
Chairman JOHNSON. Mr. Thompson?
Mr. THOMPSON. Thank you, Madam Chair. Doctor, thanks for
being here today. To pick up on the last point that you made,
you had mentioned that incentives to be a good way to bring
about these changes. Do you see at any time where we would
maybe leave the carrot and go to the stick and rely on
penalties, or maybe a combination, to bring this about?
Dr. BRAILER. I think that is a very good question. I
believe that before we will come to that debate, the market
itself will come to the conclusion that physicians must use
EHRs in their practice, and not just any EHR, but ones that can
actually deliver safer, better quality care. We have seen
reports recently in the literature that some products, some
systems, particularly older ones, don't have the kinds of
prompts and reminders and could actually increase the rate of
errors.
Mr. THOMPSON. What happens to providers who are ahead of
the curve? I have one in my district in particular that has
been doing IT for quite some time now and I am concerned, as I
am sure they are, that if, as we start moving in this
direction, they may end up being penalized or be caught in the
position where they have invested in one type of equipment and
have to switch and do something else. Have you given that any
consideration?
Dr. BRAILER. Oh, a great deal of thought. This is a market
that is 30 years old. The first EHRs were put into place by the
most innovative health care systems in the mid-1970s and we
have now seen most of the drivers of this have been really
large innovators----
Mr. THOMPSON. Is there some way to protect these folks
from----
Dr. BRAILER. Well, I think, first of all----
Mr. THOMPSON. They are kind of being punished for doing
what you want them to do.
Dr. BRAILER. Well, I think there is clearly a risk that
they could be in the position of having systems that are not
compatible with the future standard, and the Federal Government
is line with the systems we have in place for care. I think
that is one of the reasons that we want to see this be an
incremental change that happens over time to make sure that
there is not a significant risk that one day, they are----
Mr. THOMPSON. Well, I would hope that we could continue to
talk about this----
Dr. BRAILER. Very much. It is a very important topic. It is
a principle in our concern.
Mr. THOMPSON. In your testimony, you mentioned that this
could bring about some pretty substantial savings. I think you
said about 8 percent to about 30 percent of health care costs?
Dr. BRAILER. Yes. There are estimates that frame the range
of savings between ten and----
Mr. THOMPSON. What kind of dollars are you talking about?
Dr. BRAILER. I am sorry?
Mr. THOMPSON. What kind of dollars are you talking about?
Dr. BRAILER. I think the general ranges that have been
estimated for those are $150 billion up to $350 billion
dollars.
Mr. THOMPSON. The CBO agrees with that?
Dr. BRAILER. I don't think CBO has actually issued their
own estimates, and we have even cited--these estimates are
cited from others in the scientific/academic literature----
Mr. THOMPSON. Who is the benefactor of the savings, the
provider or the payer?
Dr. BRAILER. Well, I think the patient is the ultimate
benefactor because it is their lives that are saved. It is
ultimately money that comes out of wage offsets that goes into
health care----
Mr. THOMPSON. There will be some kind of provisions to
ensure that that savings is, in fact, passed on?
Dr. BRAILER. Well, I think that is a principal question.
Most of the research says that the short-term accrual of the
benefits go to payers, those at financial risk, and so that is
a question that has really dogged the industry to some degree
at this point.
Mr. THOMPSON. Then you also mention in your testimony about
the work that you have done looking at how other countries have
dealt with this issue. I think you specifically mentioned
Canada, the Netherlands, Japan, Australia, Great Britain, and
France. It strikes me that there is a considerable difference
between their systems of health care and ours, specifically
they are either national health care system or single-pay.
Given the difference, were you able to learn from your
observations there?
Dr. BRAILER. Yes, I think very much. First, it helps us
recognize that this is a global phenomenon and it is not simply
something that is happening in this country. While it is
certainly difficult for us to learn about the kinds of
incentives, the mechanisms for financing, the care and
accountabilities, because they are so peculiar to each country,
the architecture, the design of security, the way the systems
are developed and integrated, we have learned a great deal
from, and we are watching other countries who are ahead of us.
So, certainly, a lot about technology, and I think we will
learn also a lot about how to deal with large-scale data
assessment research, monitoring of care status from these
countries, as well, because they are further ahead than we are
today.
Mr. THOMPSON. Thank you. I will yield back, Madam Chair.
Chairman JOHNSON. Thank you. Mr. Ramstad?
Mr. RAMSTAD. Thank you, Madam Chair. Thank you, Dr.
Brailer. Like you, Dr. Brailer, I believe that health IT can
save lives and improve health care, increase efficiency, and
actually reduce costs in our health care system, and I want to
focus on that in my line of questioning. I think all of us
agree that it is totally unacceptable, totally outrageous that
as many as 98,000 Americans, according to your testimony, Dr.
Brailer, die each year because of medical errors. Almost
100,000 people in this country die because of medical errors
each year. Unlike my good friend from California, the ranking
member, and he is a good friend, and believe it or not, he is a
good guy, your testimony is very illuminating, I believe, and
your recommendations for reform are impressive. I read your
testimony, also believe it or not. I did read your testimony
and you state therein that health care fraud accounts for 3
percent of health care expenditures, total expenditures each
year, which equates to $56 billion, almost $57 billion in
fraudulent claims alone. When you include improper claims,
again, according to your testimony, with fraudulent claims,
improper claims plus fraudulent claims, that is 10 percent of
the money we are spending in this country each year on health
expenditures, or $170 billion in fraud and improper claims. So,
three is no question that we have got to reduce those costs,
and my question, my main question is this, Dr. Brailer. In your
judgment, how significantly can we reduce the costs of
fraudulent claims and improper claims by using automatic, or
automated, rather, automated coding software and a national
Health IT Infrastructure?
Dr. BRAILER. It is a great question and it is interesting
to note that different views have been expressed. There is
certainly a minority view that says that, in fact, EHRs will
increase the rate of fraud. The overwhelming view tends to be
that EHRs will allow us to save and reduce fraud. In fact, we
have a product going on today and one of the witnesses from
HIMA, Ms. Kloss, will be happy to tell you about their role in
that. But we are trying to estimate exactly what those savings
are. The key shift that we are trying to drive is to go from
fraud prosecution, which is way out after the fact, a very high
opportunity cost for the government and the providers, to move
toward real-time fraud prevention, so the provider there knows
whenever they are making a decision on an EHR what the
expectations are for documentation, what the expectations are
by law so they can determine there and sign that they have
complied with that. We think that is going to be a fundamental
shift toward new cyber fraud prevention capabilities over the
next few years.
Mr. RAMSTAD. Did I understand you correctly the first part
of your response? There is empirical data to suggest it will
cost instead of save money?
Dr. BRAILER. I am just indicating that there are those who
believe. There is concern in the law enforcement industry that
these electronic tools could increase the rate of fraud, but it
is a minority view. So, we are taking that project on to
estimate what the real economics of fraud are as a result of IT
adoption, but at the same time, developing these new state-of-
the-art cyber fraud prevention techniques.
Mr. RAMSTAD. As I understand it, Dr. Brailer, my question
will be answered by the results of that study, is that correct?
Dr. BRAILER. That is correct.
Mr. RAMSTAD. That is ongoing?
Dr. BRAILER. That is going on today.
Mr. RAMSTAD. When will that be completed?
Dr. BRAILER. The first phase of that will be done by early
spring of 2006 and we will work on a follow-on for various
other demonstrations.
Mr. RAMSTAD. Well, I don't think the American taxpayers or
the American health consumers can wait much longer, so if you
can do anything to expedite that----
Dr. BRAILER. I agree. That is one of the reasons we made it
one of our top priorities in the first year, was to define
that.
Mr. RAMSTAD. Again, that is encouraging and I thank you.
Let me ask, finally, with the few seconds I have, what, in your
judgment, are the biggest barriers to implementing IT in health
care? What are the biggest barriers? We know there are multiple
barriers, but what is the largest obstacle we face?
Dr. BRAILER. The largest two obstacles are perverse
incentives. There is not a business case for the typical
physician, office, or hospital in doing this. The benefits
accrue elsewhere and it is a substantial cost. Second, we don't
have the standards or the infrastructure for systems to become
compliant with the kinds of information sharing that we want to
do. That stops most people from buying these systems and it
makes their implementation very risky and very difficult, and
that is where we are focusing most of our effort today. Thank
you.
Mr. RAMSTAD. Thank you very much, Dr. Brailer, for your
testimony. I yield back.
Chairman JOHNSON. Thank you. Mr. Emanuel?
Mr. EMANUEL. Doctor, thank you for your testimony. One of
the things--you know, in the United States, some of the report
indicate that we spend about 34 cents out of every health care
dollar in kind of moving paper back and forth--insurance,
hospitals, doctors, patients, and so forth. Other major
industrialized nations range on the high end of 24, on the low
end, 18 cents of every health care dollar. The one promising
area would be this area. I think one of the things that we
should set as a goal over the next 10 years to get us into that
middle range where Canada, England, France, Germany, and Japan
have made advances, this is the one place that you can get low-
lying fruit and find the real savings in health care and apply
it in other areas, for uninsured, other types of coverage that
you want to do or cost containment areas. My concern, though,
with allowing the private sector to set the rules is--and I
said this when we met as a Committee on a bipartisan fashion,
although I generally believe that this is a great area to
proceed--is, A, if you look at what happened in the wireless
space and with the telephone without any direction from the
government, we have so many different competing platforms and
models out there that, in fact, our telephone space, wireless
space, compared to where Europe is and individual countries, is
not as strong from an infrastructure.
My fear is that if we allow the private sector to take a
lead without setting some of the boundaries and programmatic
goals for it, even though some would advocate that is the heavy
hand of government, I am willing to give them the right to
develop, but setting the ground rules, a lot of that synergy
and a lot of that cost savings that you want to see would
actually get lost and we would not see the full potential. And,
in fact, in many ways, whether you want to talk about it as my
colleague from Minnesota did as preventing fraud, or you want
to see it purely from a cost saving standing, we would
literally be leaving money on the table because it would not be
developed in the most coherent, organized fashion. I don't
think the government has to be the one that develops it, but it
surely can set some of the ground rules to ensure that we are
not leaving money on the table. I do think that there is a--we
did this once. We did it in the wireless space and it is not
the most efficient. Although we all like to applaud the private
sector as a total model, I will say one thing in defense of the
ranking member. The private sector does negotiate for wholesale
prices. That is what Sam's Club is about. When you buy bulk,
you save. I don't care what CBO says. So, in this case, my
worry is that we are going to leave money on the table and not
do it in the most efficient way. It can be developed by the
private sector. The rules, the goals, and the boundary, that is
what the government does, because there is so much here at
national risk, which is a huge amount of money we overspend in
this country on health care for what we could get for our
dollar.
Dr. BRAILER. Well, I appreciate the concern and I think you
have really put your frame around this paradox that exists,
which is we want to, on the one hand, have uniform and
widespread adoption of standards, and on the other hand, we
want them to be progressive and stay current and modern over
time. The reason that we have not taken a regulatory view of
this is because we can achieve one, but at the cost of the
flexibility over time. The approach we are taking is to develop
these by contract with the private sector under the supervision
of our office and then turn those over to a Federal advisory
Committee called the AHIC, which would then turn them into a
Federal process. The hope is, and this is where I think it is
worth a discussion, is would the buying power of the Federal
Government allow us to preserve the flexibility or the
innovation over time yet have the force of mandate? We think it
will, given our huge clout in the health care market, and we
have agreed that we are going to use the mandatory internal
process to make sure that these standards do become required
for agencies.
Mr. EMANUEL. If you----
Dr. BRAILER. So, hopefully, we can have both. I am sorry.
Mr. EMANUEL. No, no, that is okay. There is more of a
discussion. In my view, though, if you have competing platforms
being developed, what will happen is we will find savings,
because clearly, when you are paying 34 cents when other
countries are paying 25 cents, you are going to find savings.
Dr. BRAILER. Right.
Mr. EMANUEL. The question is, will you accomplish all that
you can, and I am not saying the government has to develop it.
We know this space and given technology moves way too fast for
the government's capacity to be the developer. But without
setting what our objectives are and what the platform should
look like, in fact, we are going to be leaving a lot of money
on the table and have actually wasted time and money----
Dr. BRAILER. Right.
Mr. EMANUEL. Rather than really realizing all the potential
that exists here in the medical IT space.
Dr. BRAILER. Right. This is why the work of our
certification commission will be very important, because we are
requiring them to specify potentially hundreds of parameters
and what health IT must look like, operate like, store
information like, and what standards it uses, and we will then
link Federal purchasing, conditions of participation, other
things in the future to complying with that.
Mr. EMANUEL. Madam Chair, may I ask one more question, just
as an example?
Chairman JOHNSON. We will have a second round of questions,
because there are others that----
Mr. EMANUEL. I don't know, given my memory today, whether I
will remember it. That is okay.
Chairman JOHNSON. Mr. Hulshof?
Mr. HULSHOF. Thank you, Madam Chairman. Good morning, Dr.
Brailer. The word ``harmonization'' was used earlier this
morning in this hearing, and I guess harmonization can have a
variety of different contexts. It could be musical performance.
It could be mathematics and wavelengths, as was cited.
Obviously, it is very important for this subject of IT.
Unfortunately, the word ``harmonization'' doesn't always
describe the political discourse around IT. I am encouraged, as
most are, I think, about--and Mr. Emanuel even touched on just
the extraordinary opportunities through medical devices,
through electronic records, I mean, we are just riding on the
tip of the iceberg, I think, of some extraordinary positive
changes in health care. Having said that, let me make a plug.
You mentioned your home State of California. Let me extend
kudos to another gentleman from California on this Committee,
Mr. Thompson. Mr. Thompson and I have introduced a bill related
to tele-health, and while I know that is not the particular
subject of today's hearing, let me put in a commercial message
on behalf of Mike and myself because we really see that if we
are serious about patient care, the quality of a patient's care
should not be determined by one's geographic location.
An example at the University of Missouri Medical School has
43 sites scattered throughout the State and what our bill
attempts to do, H.R. 2807, is to incorporate other disciplines,
and we are trying to deal with some of the same things as far
as cross-boundary regulations and what have you. So, I just put
that on your radar screen as we talk about this larger issue,
as we really hone it down to the underserved areas, especially
not just in the rural areas, which is often used in that
context, but even in urban settings, as well, where tele-health
could really, I think, be on the cutting edge. You mentioned
with Mr. Emanuel a little bit about transitioning, not only the
government being a payer and provider, but how you envision
transitioning to the private sector and somewhat of the ongoing
role of the Federal Government in this entity. Let me even back
up a step, because as you know, the Medicare Modernization Act,
we did take an important first step, in my view, toward this
interoperable health information system through our Commission
on Systemic Interoperability, and we are going to hopefully get
that report, I think, in October. How will that work if that
commission then transitions into the work of the AHIC? Can you
give us some thoughts on that?
Dr. BRAILER. Sure. We expressly are preparing for the
reports from the Commission on Systemic Interoperability to be
handed to the AHIC so they can review them from a perspective
of implementation. How do they accomplish the recommendations
that the CSI made? Further, Secretary Leavitt has asked the
Commission to develop a consumer vision. What does this really
mean to America's consumers if we had health IT to ensure that
the AHIC is guided by that vision? So, there is a very
important handshake between the two and we are actively
involved with both as they sunset or start up.
Mr. HULSHOF. I appreciate that. Madam Chair, I yield back
my time.
Chairman JOHNSON. Thank you, Mr. Hulshof. Mr. Camp?
Mr. CAMP. Thank you, Madam Chairman. I am interested, as
well, in this interplay between the AHIC, this community, and
the Commission in the Medicare Modernization Act. I appreciate
your service and certainly your credentials and training. In
your testimony, you mentioned that the government would act as
a leader and a catalyst and convener of ideas and information
regarding the Nation's health IT, and then also that the
private sector is key as the public will be the purchasers of
this. I think it has been important to know that when we have
seen government grapple with technology, particularly in the
fuel-efficient car area, command and control choice of electric
cars has ended up not being the direction that the technology
went, primarily because consumers didn't purchase them. So, I
think it is very important to have this private sector role,
but again, having sort of begun this process in the Medicare
Modernization Act, I would like to hear your thoughts on
proceeding forward and sort of the time line that you see this
taking in the months ahead.
Dr. BRAILER. Sure. I appreciate that very much. We intend
to have the AHIC seated in September. This group will meet
several times per year, and the first thing they are going to
do is prioritize certain breakthroughs where we think health IT
can have a short-term impact. One of the ones that we will
certainly do is e-prescribing. Because of the Medicare
Modernization Act (MMA) (P.L. 108-173), it is already underway.
Second, I am sure that we will deal with adverse drug event
reporting. This is a necessary component of information
collection to make Americans safer as a result of drugs that
are on the market. Others will be prioritized by the AHIC
Commissioners so we know where to focus our energy, on real
things that people can see soon. We will then form work groups
that are supported by our contractors to develop
recommendations, and one of the real constraints in this
process is even if today we wanted to mandate or require
something, we don't know what to do. We don't have the
standards agreed to or the certification criteria. So, we are
going to work through that and make determinations of what
should be done. Then the AHIC will then focus on how do we get
it done, how to use purchasing power, how to align our
interests with Federal agencies and private sector
organizations. So, the prioritization will occur by early 2006.
The breakthroughs will be managed on a yearly basis and we
expect to see them happen over the course of a two-year period.
Two-thousand-seven is where we have set the outside date for
the first five breakthroughs to be seen visibly by the American
public, and the rest will follow from there. We really focus on
this two-year time horizon to have very urgent things done.
Mr. CAMP. Thank you. Thank you, Madam Chairman.
Chairman JOHNSON. Thank you very much. Mr. Stark, is Mr.
Doggett----
Mr. STARK. No, he is not returning.
Chairman JOHNSON. He is not returning? Mr. McCrery had a
follow-on question.
Mr. MCCRERY. Thank you, Madam Chair. Dr. Brailer, you have
said a couple of times today that there are just too many
impediments to doctors, for example, purchasing this kind of
technology for their offices. I just want to share with you an
experience I had recently in my hometown of Shreveport,
Louisiana. I had the opportunity to go visit a small group
practice in Shreveport of family physicians, I think there are
11 physicians in the group, and they have, in fact, on their
own purchased IT and it is in use currently throughout their
office, throughout their practice. The doctors have laptops
that they can take with them when they are off. They have found
it to be extremely useful in terms of providing safer, higher
quality care to their patients, and that is why they invested
in the technology. It makes them much more efficient. It makes
them much more productive during the day. And because of the
many elements of the technology that provide them information
instantaneously, they feel much better when they prescribe a
medication, for example, for one of their patients, because it
immediately comes up on the screen, the other medications that
that patient is taking, any dangers inherent in the different
medications being prescribed. It is all right there. So, how do
you reconcile that experience of mine with a relatively small
group practice in Shreveport, Louisiana, having made that
investment on their own--they are paying for it out of their
pocket--with your conclusion that there are too many
impediments, not the least of which is cost, to the general
health care community?
Dr. BRAILER. Well, I think there are two observations that
that example brings through. First is the overwhelming power of
why this is inevitable, why physicians using EHRs that can do
the things to not only make their patients safer, but to
liberate their own professional lives is inevitable. I remember
that interns in practice today, interns that started residency,
were born the same year the IBM personal computer came out. We
should see more of that. That is one of the reasons that in
answer to the question about how do we make sure that this is
ultimately done, I think professional standards and the
discipline of physicians will make this done because of the
power of that. Now, on the flip side, those experiences are not
that old. Most of the recent adoption that we see really is
quite recent, in a couple or 3 years. So, it is really just now
that the industry is digesting that and saying, wow, this
really works. This is something that can really be a huge
benefit, and that is one of the reasons that we see substantial
increases. I would come back to this caveat. Eleven physicians
is a large practice in the spectrum of physicians. It seems
small as we view it, but that is well above the 50th percentile
of size of practice. The real critical challenge are physicians
between one and five physicians in practice that make up about
38 percent of our care delivery, and those are the ones that
don't have the resources. They look at an 11-physician group as
a big group with lots of resources and a lot of help. So,
everything is relative in this sense. I think the 100-physician
groups will do fine. The 50-physician groups will do fine. The
10 to 50, some will do it, as you have observed, and some may
not, and it is going to require some help. But below that, it
is a real challenge, and that is where we have focused most of
our effort, is how to bring along small physician practices
that are ultra-small, up to ten physicians, and there, it is
quite hard even though they could themselves see that same
vision.
Mr. MCCRERY. Thank you. I just want you to consider that as
you go forward in recommending or potentially recommending
incentives that the government should pay for as we go forward
in this. By the way, the one complaint that this physician
group expressed was that their system was not able to
communicate with the hospitals they dealt with and so forth, so
it was somewhat limited in its application.
Dr. BRAILER. Right. That is the other challenge that we
talked about, and that really is the opener of clinical value
to doctors.
Mr. MCCRERY. Thank you.
Chairman JOHNSON. Mr. Stark has a follow-on question.
Mr. STARK. Dr. Brailer, earlier, you mentioned to me that
you thought HIPAA was an unmitigated disaster, but I have to
find out if that is the administration position or not. The
administration has repeatedly said that HIPAA is a floor. Most
notably two or 3 years ago, you chose not to adopt strong
standards for protecting HIV/AIDS information and also
eliminated the requirement for patient consent to use or
disclose identifiable information. The administration used this
argument again, that HIPAA was a floor, to reassure consumers
that States would be able to address these personal and
sensitive issues by providing a higher standard. Others today,
other witnesses today will testify that the HIPAA standards are
more than adequate to address the concerns of consumers and
that HIPAA should be a ceiling, or put another way, the only
protection we have for the privacy of our records. So, my
question to you is, what is it? Is HIPAA a floor or is it a
ceiling?
Dr. BRAILER. I think that is a critical question and I
appreciate it. First, I want to comment that HIPAA really, as
you know, is two pieces. It is the privacy and security
components, but it is also the transactional standards
component. The discussion about standards, I think is one that
we have watched very closely, that the standards that are now
ensconced in HIPAA for those transactions are quite old. They
were old when they began the debate and they are locked. It is
very difficult to change those and even to fix errors in those
standards, let alone to bring them up to date with current,
modern thinking, modern as of 1980s thinking. So, this is one
of the lessons that we have watched, about how do we allow for
organic evolution of standards as determined by professional
and scientific bodies, yet have the rule of law, and this is a
challenge that I think we all grapple with. Now, turning to the
privacy questions, I think there is a part of HIPAA that we
have focused on a great deal which is not actually the State
variation, the State, if you would, rules that could go beyond
HIPAA, suggesting that it is a floor, but it is that HIPAA
allowed enterprise-level, doctor-level, hospital-level
flexibility with respect to privacy and security rules. That
means that that flexibility, which meant that Kaiser in your
district, for example, would want to have a higher level of
privacy and security because it is a cyber target and it is
much larger of a risk than a one- or two-physician practice who
couldn't afford that, perhaps. That was the determination.
What we see is that that variability, that flexibility is a
direct barrier to interoperability because each organization
sets their own security and privacy regime, and even if we had
standards, even if we had architecture and systems that could
connect, if you use a biometric for your password and I just
use just a regular old password, I couldn't get your data if
you told me that I could, and that is a piece that we are
focusing on with one of our projects, which is to illuminate
recommendations, policy guidance about how do we close that
enterprise-level variation and at the same time advance the
security and privacy protections. I will just give one other
comment on HIPAA to the spirit of your question. I think HIPAA
addressed a different paradigm than the one that we are heading
toward and I think there is a very interesting debate about
HIPAA. I think, though, there is a separate debate that is
beginning around portability of information. The HIPAA was
designed in a world that was manually controlled and paper-
based for clinical information, and as we move toward data that
is electronic and flows around health care, disclosure controls
are just one part of that dialog and there are many other
pieces. We are trying to map out, what are the right questions
to ask about the privacy regime that we would use in a highly
portable, highly electronic, automated world of health
information exchange? I don't have the answers. I am trying to
get the questions assembled, because we want to make sure that
health IT is not one example of where science and innovation
goes far ahead of social discourse, and that is where we are
focused today and that is one of my principal, principal
priorities as I come to work every day. Thank you.
Mr. STARK. Is your understanding that the administration's
position is that HIPAA is a floor or a ceiling?
Dr. BRAILER. Well, I think, definitionally, HIPAA is a
floor because of the state of variability and the enterprise
variability. The HIPAA sets a minimum that is set. In terms of
where it should be, that is a separate question and I----
Mr. STARK. Is it your opinion that it should remain that,
allowing this enterprise flexibility and State flexibility?
Dr. BRAILER. I----
Mr. STARK. I think that is what you just testified. You----
Dr. BRAILER. Yes.
Mr. STARK. As to the enterprise flexibility----
Dr. BRAILER. I will speak to your question, because it is
one that I am very worried about. The challenge here is how do
we adapt security and privacy regimes that could fit in a
3,000-physician organization and one in a two-physician
organization. I am not talking about what we should do, but I
am talking, practically, what could be done with the resources
and people and systems they have. I think flexibility,
therefore, has inherently got to be part of this, because we
can't impose multi-million-dollar costs on a small practice in
the name of a security regime that results largely from an
entity being at higher risk than a small practice. On the flip
side, I think we can create interoperability in the kinds of
security protections by creating some new kinds of modern
protections, like trust brokers or a chain of trust managers
who can actually navigate these transactions between different
security regimes, at the same time, protecting them. It has
been used in other industries. Banking, credit cards, and so
forth, use this routinely. We are just exploring it in health
care today, and I mean ``we'' meaning the industry. In the
administration, we are watching it. In the private sector,
there is some experimentation. Some policy groups, like
Connecting for Health and others that I know you have heard
from here, have looked at this. It is the question of the day
about how far we can go into really modern technology
innovations to protect innovation in health care and what that
means in terms of the huge variability of types of
organizations and practice settings.
Mr. STARK. Thank you.
Chairman JOHNSON. Thank you, Dr. Brailer. That is a very
important question and will receive a lot of attention
throughout the rest of the panel and I appreciate your thoughts
on it. Thank you for being with us.
Dr. BRAILER. Thank you both very much.
Chairman JOHNSON. Thank you. The next panel will come
forward. As is customary, we will hear each of the five
panelists. You have 5 minutes, but your entire statement will
be submitted for the record, and then we will proceed with
questions. Good afternoon. Dr. Detmer, would you proceed?
STATEMENT OF DON E. DETMER, M.D., PRESIDENT AND CHIEF EXECUTIVE
OFFICER, AMERICAN MEDICAL INFORMATICS ASSOCIATION
Dr. DETMER. Good morning, Chairman Johnson, Ranking Member
Stark, members of the Subcommittee. I am Dr. Don Detmer,
President and Chief Executive Officer of the AMIA, whose 3,200
members include physicians, nurses, computer and information
scientists and managers, biomedical engineers, academic
researchers, and educators. Over the years, AMIA has provided
many of the thought leaders who have pioneered the innovative
use of information technologies in health care. As you
mentioned in the introduction, I am a member of the Commission
on Systemic Interoperability and a former Chair of the NCVHS.
It is good to be back in front of the Health Subcommittee. My
written testimony covers five major points, and I will
summarize three of them now. First, the Office of the National
Coordinator for Health Information. Dr. Brailer and his office
have done an excellent job with very limited resources.
Examples are the strategic framework and the recent RFPs,
including State privacy and business approaches, but others
come to mind, as well. His office needs to be established in
statute and also given adequate funding. I also believe that
the NCVHS as a senior health information advisory Committee
will be a very valuable resource and sounding board and partner
for him and Secretary Leavitt as the AHIC moves forward.
The HIPAA--we have survived the formulation and early
implementation of HIPAA. An evaluation of this experience is
prudent, but the evaluation should not take too long and we
need to move forward following this review. From my
perspective, the privacy rule has been a success in clarifying
the individual rights of all patients in relation to their own
health information on a national basis and in establishing the
responsibilities and legal obligations of all providers with
whom patients interact. Undoubtedly, it has put privacy in the
face of all patients, including some who may be personally more
concerned about the inefficiency that it means and want less
hassle. Nonetheless, HIPAA has allowed NHII to move forward,
and I think this is a very big plus. As an unfunded mandate, it
hasn't yet simplified administration, but it has allowed us to
move forward with the NHII in terms of handling secure person-
specific information and setting important standards. However,
a few big issues remain. Much better funding for clinical
standards development and maintenance is needed, with the NLM
playing a big role in this. Without this investment, Federal
health information standards will not be sufficiently vetted
and developed and real problems for the entire system will
result. I support this investment, since ultimately, I think we
will only get a functional interoperable NHII with real Federal
health information standards in key areas. I mean by that
essentially establishing meaningful floor-to-ceiling standards
that preempt idiosyncratic State and business approaches.
States, in my view, cannot effectively regulate the
Internet, and I don't feel they can realistically regulate the
information highway for health information. Only Federal
leadership can develop this. This is a clear message from
international evidence to date and we would do well to seek
global collaboration on many of these standards. The NLM can
help with this, too, and so, too, can ARC and others.
Financing--financing health IT software, hardware, training,
and the backbone for the networking dimension is a complicated
matter. The Federal Government must play its role in this, as
well. So, too, must all the entities affected, and we need
innovative financing to support IT in such a way that we will
improve access, safety, quality, greater patient involvement,
data security, and efficiency. At the networking level, Stark
and other fraud and abuse prohibitions have made some key
players, such as hospitals and physicians, so totally risk
averse that the development and implementation of a functional
NHII is being impeded. Those are the big points, but I might
add that I had the experience of living four-and-a-half of the
past 6 years in England at Cambridge where I consulted to the
National Health Service on its own national program for health
IT. If you are interested, I might be able to reflect for you
on any international dimensions of this important global
development. You will note that I didn't stay long enough in
East England to develop a local accent, and it is awfully nice
to be back home with all the activity going on now.
The AMIA wishes to publicly thank you, Chairman Johnson,
for your outstanding and continuing leadership. Your
perseverance has really mattered in this crucial arena of
health information and transformation and national security.
Mentioning national security, I personally consider the NHII to
be as central to national security as the Interstate Highway
System was considered during the Eisenhower administration. I
thank you again for the invitation to testify. I look forward
to responding to any questions you may have.
Chairman JOHNSON. Thank you very much, Dr. Detmer. Ms.
Kloss?
[The prepared statement of Dr. Detmer follows:]
Statement of Don E. Detmer, M.D., President and Chief Executive
Officer, American Medical Informatics Association
Good morning. Chairman Johnson, Ranking Member Stark, members of
the Health subcommittee: thank you for the opportunity to appear before
you today. My name is Don Detmer. I am President and CEO of the
American Medical Informatics Association, whose 3200 members include
physicians, nurses, computer and information scientists and managers,
biomedical engineers, academic researchers and educators. Over the
years AMIA has provided many of the thought leaders who have pioneered
the innovative use of information technologies in healthcare. In
addition to my role with AMIA, I am a Professor of Medical Education in
the Department of Public Health Sciences at the University of Virginia.
Having been selected by Speaker Hastert, I currently serve on the
Commission on Systemic Interoperability, which was created by the
Medicare Modernization Act and which will make recommendations
concerning the adoption and implementation of health information
technology standards in a report to Congress later this year. From 1996
to 1998 I served as Chairman of the National Committee on Vital and
Health Statistics, whose mission, broadly, is to advise the Department
of Health and Human Services on shaping a national information strategy
to improve the nation's health. My tenure at NCVHS coincided with the
expansion of the Committee's charge enacted in the Health Insurance
Portability and Accountability Act of 1996, which gave the Committee
significant responsibilities in regard to administrative simplification
and privacy. In my role as NCVHS Chairman, I had the pleasure of
appearing before the Health subcommittee on occasion, and today I would
like to thank and congratulate the subcommittee for your abiding
interest in, and commitment to, the development of health information
policies to improve the quality, safety and efficiency of healthcare,
while at the same time protecting the security and confidentiality of
personal health information.
As you consider the introduction of new legislation relating to
health information technology and the development of a national health
information infrastructure or NHII, let me comment today on three
important issues:
first, there is a critical need for ongoing Federal
leadership in encouraging and shaping an NHII that benefits all
stakeholders, especially patients;
second, we should review ``lessons learned'' from the
rollout of HIPAA standards to date and identify issues to be considered
as additional health information standards are developed and
disseminated;
and, third, we should begin to address current
disincentives--both real and perceived--that slow the implementation of
health information technologies in our healthcare system, the most
information-intensive enterprise in our economy.
The Need for Federal Leadership
While it is the undoubted world leader in high technology clinical
care and biomedical research, the U.S. healthcare system is an
incredibly fragmented mix of very large and very small players, 21st
century medical science mixed with uneven access, delivery and
outcomes, and cottage-industry business practices. Market forces alone
have not driven integration of the interests and needs of disparate
participants: hospitals--physicians and other providers--payers--
employers--researchers--and, most important, patients. And, it is
unlikely that they will. As a result, too few individuals have access
to electronic health record systems and there is little
interconnectedness of the systems that exist. Further, despite some
progress, initiatives to measure and pay for quality have proven
difficult to implement.
Over the last 14 months, the Office of the National Coordinator for
Health Information Technology, which is headed by Dr. David Brailer, a
Fellow of AMIA's College of Medical Informatics, has done an excellent
job in communicating a vision to support widespread adoption of
interoperable electronic health records within the next 10 years,
particularly in consideration of the resources available to it. AMIA is
particularly pleased that among the four requests for proposals (RFPs)
issued recently by the Office (ONCHIT) are contracts for an Internet-
based national health information network and for the development of
processes for the harmonization of the various health information
standards that are emerging. In regard to interoperability standards
and the development of processes to certify health information
technologies that can actually `talk' to each other and will allow the
seamless integration of information systems to facilitate quality care,
AMIA is also very supportive of the public-private American Health
Information Community (AHIC) announced by Secretary Leavitt just last
month.
We strongly believe that HHS should be given explicit
responsibility for ensuring the ongoing maintenance and dissemination
of health information standards, with authorization for licensing and/
or other types of support. To give you a successful example of Federal
leadership, I would point to Secretary Tommy Thompson's drive to
complete the licensure and distribution of SNOMED-CT, a very useful
`dictionary' of medical terminology, by the National Library of
Medicine in 2004. AMIA firmly believes that the Department should draw
heavily on the resources and expertise of the NLM, and we hope that the
AHIC will use the Library's expertise in the maintenance and
dissemination of further content standards.
I understand that the legislation to be introduced soon by Chairman
Johnson establishes the Office of the National Coordinator for Health
Information Technology in statute, and I believe this step is a crucial
one in clarifying Federal leadership. As part of our support for the
Office of the National Coordinator, AMIA urges the appropriators on
both sides of the Hill to provide for adequate funding of ONCHIT.
Examining HIPAA Lessons Learned So Far
As we move--and we will continue to move--to develop an
interconnected, interoperable health information system that will
facilitate quality, access and patient-centeredness on a national and
international basis, it is prudent to identify lessons we have learned
so far from the administrative simplification provisions of HIPAA.
Though the road was often difficult, if not actually painful, we have
made a great deal of progress in establishing the rights of individuals
to expect that their health information will be used appropriately and
their privacy and confidentiality protected, and in imposing meaningful
and reasonable obligations on health care providers, plans and payers,
and others to comply with consistent Federal standards for the use,
disclosure and transmission of health information.
Where once some people in the healthcare system may have treated
individual health information too cavalierly on at least some
occasions, from my perspective it is manifestly clear that since the
Privacy Rule took effect in 2003, doctors, hospitals, pharmacies,
health plans and others have made really extraordinary efforts to
inform individuals of their rights and to establish policies and
procedures that protect sensitive health information. Today every
individual has a Federal right to access his or her medical record and
to expect that the healthcare system will keep that record secure and
confidential. And these norms are national--no longer are your rights,
or the legal responsibilities of those healthcare providers you deal
with, defined by the unique features of the State in which you live.
Even if HIPAA may have `backed' the nation into reasonable privacy and
confidentiality protections, the roll-out has proved, on the whole,
quite successful.
Notwithstanding what I think have been extremely good faith efforts
to ensure that personal data is adequately protected, I do not discount
that some people--for instance, those with concerns about the security
of especially sensitive information, such as HIV status or relating to
mental health treatment--have continued concerns about health privacy.
To my knowledge there have not been reports of any large-scale
violations of the framework set in place by the HIPAA Privacy Rule.
That is, individually identifiable health information is used and
disclosed only for ``treatment, payment and health care operations'' or
as otherwise specifically authorized by the individual. Does the
Privacy Rule protect against patently unethical or extraordinarily
careless acts--like the leaking of a celebrity's medical record to a
tabloid magazine or the disposal of old medical records in a dumpster
or a straightforward instance of identity theft? Of course not--but we
cannot expect even the most carefully crafted information standards to
prevent all illegal behavior. In such instances, active pursuit and
strong penalties are needed when intrusions and misuses are identified,
as a lesson to dissuade other from similar illegal behavior.
Some will argue that the States must have the capacity to enact
`more stringent' standards for health information--as is true under the
Privacy Rule--for all health information standards, including those
that are absolutely necessary for the development of an interconnected,
interoperable national health information system. In the name of better
healthcare, I must respectfully disagree. About half of all Americans
live near State lines and multiple State approaches will most likely
preclude efficient and seamless transmission of crucial health
information. For example, it is not unusual at all for an individual to
work in the District, live in Maryland, and receive health care in
Virginia, with payments made by an insurer in any or all of these
locations. If we are to ensure real-time availability of accurate and
complete clinical information at the point of care, we simply cannot
have the standards for the use, disclosure and transmission of the
patient's health information subject to idiosyncratic requirements of
individual States. Certainly, States do not intervene in similar
situations, such as in the regulation of ATM use. States may impose
varying requirements, like placing limits on allowable service fees,
but they do not intrude into the information standards that facilitate
the transmission of financial data, for example by requiring me to use
a 4-digit pin at an ATM in Maryland but a 9-element alphanumeric pin at
my home ATM in Virginia. In other words, the information exchange
standards have been developed and agreed to by the banking industry and
are national and international in their application.
I doubt that we can get to the common standards and
interoperability that must underlie the widespread adoption of
electronic health records without Federal preemption of conflicting
State laws. But rather than simply assert that proposition, let me note
that, in relation to the Privacy Rule, since 1999 AMIA has called for a
study of the impact of the lack of Federal preemption and the impact of
varying State statutes on the rights and protections afforded to
individuals and upon the quality, cost and effectiveness of health
care. Thus, I am very pleased that the bill to be introduced soon by
Chairman Johnson calls upon the Secretary to undertake such a study in
relation to standards that have been adopted subsequent to HIPAA.
Should the study show that varying State laws and requirements have a
negative impact on health care delivery, quality and access, and that
HIPAA has established meaningful privacy and security protections, it
makes sense to move forward without delay on Federal preemption for all
adopted HIPAA standards.
Disincentives That Have Slowed Implementation of Information
Technologies
From 1999 through 2003 I had the privilege to serve as the Gillings
Professor of Health Management at Cambridge University and to consult
to the National IT programme of the National Health Service. As you may
know, the British government is investing billions of pounds to
implement a fully functional, patient-friendly, electronic health
record and system. While this task might appear to be easier in some
aspects because of Britain's single-payer system, of particular note to
me was the observation that, even before the government's new
investment, well over 80 percent of England's primary care physicians
were facilitating patient care electronically, from booking
appointments and writing prescriptions to making referrals, recording
clinical notes and tracking treatment compliance. By contrast, it is
estimated that fewer than 20 percent of U.S. primary care physicians
utilize electronic health records.
Interestingly, England's primary care practices are `wired' not
because of government investment, but because the British
pharmaceutical industry years ago offered to supply the necessary
hardware and software to primary care doctors in return for access to
anonymized prescribing information. In the United States I think such
an arrangement would be seen as unseemly at best, and illegal at worst.
While the British are neither less ethical nor more permissive of the
misuse of identifiable health information than are Americans, in this
country hospitals, physicians and other providers are incredibly
reluctant to pursue any innovative financing for health IT, including
networks that can securely link together a region's providers, because
of their concerns about the Stark self-referral prohibitions and other
fraud and abuse standards.
Whether these concerns are reasonable--and perhaps, Mr. Stark, you
would say they are not--we have hospital lawyers who absolutely insist
that it is simply not acceptable for any third party to furnish any
information technologies--whether hardware, software, training or other
services--to any provider at less than a full, fair market price. While
some healthcare systems and providers are moving forward under the
current standards, the general consensus in the healthcare community is
that the Stark provisions, while quite important in many respects, are
constraining progress toward the roll-out of an interoperable NHII.
It is in the interest of all stakeholders, including patients, that
functional electronic health records and an interoperable health
information system be deployed as promptly as possible. But the
entities that are perhaps key to that deployment, the small and rural
physician practices that still provide a majority of health care
services in this country, are those that are least able to afford the
capital investment for the purchase and hassle of implementing state-
of-the art IT systems. Especially because many of the `savings' of
health IT accrue to other system participants, including employers,
health plans and patients, financial outlays necessary for the purchase
of the very building blocks of an NHII should reasonably come from a
wide variety of sources, including government outlays and pay-for-
performance programs. Actually, pay-for-performance programs represent
a clear argument for payers to provide some of the financing for health
IT--because in order to pay for performance you have to be able to
track performance and quality in the delivery of care, and to do that
efficiently you need sophisticated information capabilities embedded in
the healthcare system. Reasonable safe harbors for dissemination of
health information technologies and services intended to improve
healthcare quality, efficiency and access would encourage deployment of
essential health information systems, and I am very pleased to
understand that provisions to that effect will be included in Chairman
Johnson's bill.
Educating the Healthcare Workforce
There is no question that momentum for bringing healthcare into the
information century is building, and this is a very good thing. But
hardware and software and standards and certifications will not be
enough--we must ensure that we have enough doctors, nurses and
information specialists to take real advantage of the opportunities for
improved care and efficiency and access that health information
technologies and an interconnected national health information
infrastructure can provide. Recently, AMIA announced its 10 by 10
program, which aims to realize a goal of training 10,000 health care
professionals in applied health and medical informatics by the year
2010; it is off to a great start with an initial partnership with the
Oregon Health and Science University, and many other universities are
seeking to participate. Our program uses classes, tutorials, web-based
and in-person sessions to equip health care professionals to use health
information and health information technologies to benefit patient care
and to advance medical knowledge. In fact, we know from research that
well-trained health providers combined with robust IT systems produce
safer, higher quality care delivery.
With the supply of physicians essentially constant and the nursing
workforce aging along with the baby boomers, we will only be able to
address the increasing demands for care of a growing and aging
population by developing a better trained workforce, especially more
nurses skilled in the use of information and information systems.
Increased Federal support for education and training will be needed to
address this workforce reality--and AMIA, along with the American
Health Information Management Association (AHIMA), will develop
specific recommendations for that support.
A Few Conclusions
In terms of the development and implementation of integrated health
information systems with sophisticated capabilities, we have seen a
great deal of progress in the last few years. Within the Veteran's
Administration, for instance, the case for improved safety and higher
quality through the proper use of IT systems--including electronic
records, decision-support programs, and process tracking and change
analyses--has been largely made. We have seen the creation of the
Office of the National Coordinator for Information Technology and a
Commission to Certify Health Information Technology. The Commission on
Systemic Interoperability mandated by the MMA has been convened, and
Secretary Leavitt has announced a plan to create an American Health
Information Community that will spearhead a range of public-private
initiatives to develop information standards, certify new technologies,
and provide long-term planning and governance for the electronic health
environment. Someday we may look back at this moment and say, ``The
rest is history''--but not just yet. Additional legislation and Federal
support, and the development of accepted, enterprise-wide standards
will be required if true interoperability and connectedness are to
occur.
From the start, Chairman Johnson has recognized the potential for
improving the nation's healthcare system through the proper use of
information technologies. Further, she has been willing to face the
complicated and difficult issues involved. All of us in healthcare are
grateful and most appreciative for her wisdom, energy and persistence
over the years. As I understand the Chairman's current bill, it does
not try to address all of the issues involved in creating an NHII to
improve healthcare quality, access and patient-centeredness. But it
does forthrightly address some key `sticking points' that are keeping
the nation from moving forward as quickly as we should and among them
are first, establishment of the Office of the National Coordinator in
statute; second, addressing the impact on patient's rights and on
healthcare quality and safety of varying and conflicting State and
Federal information standards; and, third, reducing some current
disincentives to the adoption of available health information
technologies. AMIA looks forward to prompt consideration of the
legislation and to supporting its implementation.
It is my strong belief that the development of an interoperable,
inter-connected national information system is not only a healthcare
issue; it is really a matter of national security. Whether that point
will be brought home by an outbreak of avian flu in a U.S. population
center or an episode of bioterrorism or the occurrence of transmissible
disease in our food supply chain, I do not know--but I do believe that
any of those events could occur, and that we will be greatly hampered
in our response if we cannot make information that is crucial for the
public health and economic interests of our country available to the
appropriate authorities in the most timely fashion possible. While a
functional NHII will facilitate broad improvements in health care
quality, access and affordability, it will also assist in protecting
our security and I would urge your leadership in facilitating its
development with all due speed.
Thank you for the opportunity to appear before you today. I will be
happy to answer any questions.
STATEMENT OF LINDA KLOSS, CHIEF EXECUTIVE OFFICER, AMERICAN
HEALTH MANAGEMENT ASSOCIATION, CHICAGO, ILLINOIS
Ms. KLOSS. Chairman Johnson, Mr. Stark, and members of the
committee, my topic this morning is the quality of health data
in the United States, and I have been asked to speak
specifically to the status of the Code sets in place and other
on the opportunities to support and enhance improved data for
use of health IT. The American Health Information Management
Association and its 50,000 professional members are deeply
committed to and actively participating in the adoption of
standards based and the interoperable health IT. We are on the
frontlines in implementing EHRs and other technologies, but
technology alone is not enough. We need a concerted effort to
ensure the quality of the data is as good as it can be, and we
must start by improving the classification system for coding
medical diagnoses and procedures. The current system, called
ICD-9-CM, was developed and implemented in the 1970s, and we
believe it must be replaced by ICD-10-CM to classify diagnosis
data, and ICD-10-PCS to classify data about medical procedures.
Both of these ICD-10 replacement systems have been developed by
Federal agencies, the Centers for Disease Control and the CMS,
and both agencies have testified on several occasions regarding
the need for better classification systems to improve
information used in their programs.
According to HIPAA, the Department of Health and Human
Services must approve adoption of new code sets, and I would
suggest that Congress can certainly aid in this process by
supporting and requiring the Secretary to publish a proposed
and then a final rule for adoption as soon as possible, and
briefly, here is why. Each time we receive medical care,
doctors, nurses, and other professionals collect important
information about our health. They record our medical
conditions and illnesses and types of treatment we received,
any procedures performed, and then each piece of information
gets assigned a code. This coded data is the foundation for
billing, claims processing, payment and pricing. It is used for
public health and quality reporting, bio-surveillance,
research, pay-for-performance systems, provider credentialing,
fraud detection, and many other important uses. In other words,
it underlies all of the major programs that this committee
oversees and is looking to advance. The problem is that the
current ICD-9 classification system is obsolete and it is
beyond repair. Nearly every other developed country in the
world has already replaced it with a version of ICD-10.
Consider how medical practice has changed over the past 30
years--new diseases, new treatments for those diseases, new
medical procedures, threats of bioterrorism. The coding system
we are using today was developed in the early 1970s, before
MRIs, before laser surgery, before any of us had heard of AIDS
or any of the medications used to treat it today, and this is a
real problem. The value of a good classification system is its
ability to accurately represent procedures that are performed
or the illness that is diagnosed, and that is precisely what is
missing from our current system. In addition, we are finding
that the current system for classifying procedures is actually
running out of codes. There are about 70 remaining unassigned
codes, and the implications of this for quality reporting,
research, and the appropriate payment for advanced medical
technology are pretty obvious. We also believe that adoption of
ICD-10 and ICD-10-PCS is an essential component of the health
IT strategy being advanced by Congress and the administration,
not a diversion from it. There are opportunities through ICD-10
to link to SNOMED-CT, which, as you know, has been licensed by
the Federal Government. We can create robust mappings from
SNOMED to ICD and leverage the opportunities of technology for
automated coding going forward, offering a new paradigm for
health data capture, aggregation, and reporting. In the future,
it will be possible to use a variety of classification systems
to meet specific information needs without laborious manual
coding, and this is precisely what AHIMA and others are working
toward.
According to a 2003 Rand study, the benefits of
implementing ICD-10 and PCS will outweigh the costs within a
few years of implementation, and Rand noted that the cost of
doing nothing may be greater than the cost of going forward
with adoption. In summary, we urge Congress to move forward
with ICD-10 in the United States and also to leverage through
our health IT initiatives to redouble our efforts to ensure
uniform coding practice and adherence to coding guidelines. I
thank you so much, commend you for your leadership, and I will
be very happy to answer questions on this important topic.
[The prepared statement of Ms. Kloss follows:]
Statement of Linda Kloss, MA, RHIA, CAE, Chief Executive Officer,
American Health Information Management Association, Chicago, Illinois
Chairman Johnson, Mr. Stark, and members of the committee, thank
you for this opportunity to address the quality of health data and
actions that are needed to improve it as part of the overall U.S.
health IT initiative.
The American Health Information Management Association and its
50,000 health information management professional members are deeply
committed to and actively participating in the adoption of standards-
based and interoperable health IT. We are on the front lines in
implementing electronic health records and other technologies as well
as the implementation of local and national health information exchange
and continue to be on the forefront of professional activities
including privacy, confidentiality, security, data integrity, consumer
and professional education.
My comments this morning relate to the urgent need for the
Department of Health and Human Services to immediately initiate the
regulatory process for adoption and implementation of ICD-10-CM and
ICD-10-PCS code sets (referred to as ICD-10), rules, and guidelines as
a replacement for the 30-year-old ICD-9-CM. ICD-9-CM is not meeting
current healthcare data needs and cannot support the transition to an
interoperable health data exchange in the U.S.i HHS must
issue a final rule for adoption of ICD-10 as soon as possible to
reverse the trend of deteriorating health data and to allow the
healthcare industry to prepare for a smooth transition to modern
classification systems by 2008.
---------------------------------------------------------------------------
\i\ ICD stands for the International Classification of Diseases. 9
stands for the 9th revision and 10 for the 10th revision. CM stands for
Clinical Modification (a U.S. version of ICD-9 or ICD-10) ICD-9 and
ICD-10 were developed and copyrighted by the World Health Organization
(WHO). The WHO no longer supports ICD-9. ICD-10-PCS is a procedural
coding system designed by the Centers for Medicare and Medicaid to
replace the current inpatient procedural coding system currently
included as part of ICD-9-CM.
---------------------------------------------------------------------------
Specifically we are calling for the following action by HHS and the
healthcare industry, and urge your support for these actions:
HHS must immediately initiate the regulatory processes to
permit final implementation and use of upgrades to the deficient ICD-9-
CM classification system by October 1, 2008. This upgrade will affect
all diagnoses coding currently Volumes 1 and 2 of ICD-9-CM, as well as
inpatient procedural coding, currently Volume 3 of ICD-9-CM.
Adoption of final rules as early a possible in 2006 will
give the healthcare industry ample notice to commence systems
conversion and other steps necessary to ensure a smooth and efficient
implementation.
A coordinated, collaborative implementation strategy
should be developed by industry stakeholder representatives to ensure
broad input and a consensus-driven transition process.
System conversions and upgrades to implement ICD-10-CM
and ICD-10-PCS should be accomplished by healthcare entities in
conjunction with the UB-04 and CMS 1500 (diagnosis codes only) system
changes.
Robust, rules-based, maps among SNOMED-CT',
ICD-10-CM and ICD-10-PCS, and ICD-9-CM should be developed promptly and
distributed via the Unified Medical Language System
(UMLS).ii
---------------------------------------------------------------------------
\ii\ See AHIMA's Position Statement on Implementation of SNOMED-
CT'--www.ahima.org/dc/positions AHIMA has also authored a
white paper Coordination of SNOMED-CT' and ICD-10: Getting
the Most Out of Electronic Health Record Systems, which provides a
complete description of the roles of terminologies and classifications
in EHR systems and the importance of mapping to effectively use
clinical information for multiple purposes.
[I have placed a simple ``understanding ICD-10'' at the end of this
testimony and this includes how ICD-10 would impact electronic health
records.]
ICD-9-CM should have been replaced nearly 10 years ago. Each year
that passes results in further deterioration of the classification
system and the data that it produces:
The ICD-9-CM coding structure and capabilities are in
crisis. There are very few unassigned codes remaining to accommodate
new diagnoses and procedures.
In addition to no further capacity for expansion, many of
the codes now in use do not accurately describe the diagnosis or
procedure concepts they are assigned to represent.
While the U.S. has used ICD-10 coding to report mortality
data since 1999, we are now virtually the only industrial nation that
has not upgraded its morbidity classification system. This failure
threatens our ability to track and respond to international threats to
public health and bioterrorism. Rather than being a world leader in the
collection of high-quality health data, the U.S. lags far behind.
At a time when Congress and the Administration are making
significant progress toward improving our health information
infrastructure, the critically needed upgrade of ICD-9-CM has been
delayed with little acknowledgement of the serious consequences and no
clear plan for fixing the problem. Further delays in adoption of ICD-
10-CM and ICD-10-PCS increase the cost of an eventual implementation
once ICD-9-CM completely breaks down. While the U.S. is working hard to
adopt health information technology, it must also accommodate a robust
21st-century classification system.
According to the 2003 Rand study commissioned by the CDC, the
benefits of implementing ICD-10-CM and PCS outweigh the costs within a
few years of implementation. Rand further noted that the cost of doing
nothing may be greater than actual implementation and further delay in
adoption is likely to increase future implementation costs. This
research did not examine the upgrade to ICD-10 as a component of the
overall health IT improvements and thus it did not factor in the
potential to change the paradigm of coding through accelerating the
development of computer assisted coding tools. Thus, the potential
benefits may be accelerated.
Adoption of national electronic health records (EHRs) and
interoperable information networks require improved classification
systems for summarizing and reporting data. Government and industry
leaders cite healthcare initiatives that rely on data but are in fact
compromised by the continued use of ICD-9-CM. These include quality
measurement, pay-for-performance, medical error reduction, public
health reporting, actuarial premium setting, cost analysis, and service
reimbursement.iii iv Classifications systems are key
elements of the health information improvement strategy. Failure to
upgrade ICD-9-CM diminishes the value of the U.S. investment in SNOMED-
CT'. The anticipated benefits of an EHR cannot be achieved
if SNOMED-CT must be aggregated into an antiquated classification
system like ICD-9-CM. Conversion to ICD-10-CM and ICD-10-PCS will not
only produce better information and support development of computer-
assisted coding, they will serve as the necessary foundation for
continued improvements and expansion of 21st-century classification
systems, nationally and internationally
---------------------------------------------------------------------------
\iii\ See AHIMA's Position Statement on Consistency of Healthcare
Diagnostic and Procedure Coding--www.ahima.org/dc/positions
\iv\ See Medicare Payment Advisory Commission March 2005 Report to
Congress Chapter 4: Strategies to improve care: Pay for performance and
information technology--www.medpac.gov
---------------------------------------------------------------------------
Healthcare providers, payers, and vendors are waiting for a notice
from HHS signifying the intent to implement ICD-10 in order to begin
planning and preparing for an anticipated use date. Vendors also need
this notice to ensure new products will be available to accommodate
these more advanced classification systems. U.S. healthcare entities
will soon be converting databases and applications systems to
accommodate the upgrades to UB-92 and the CMS 1500 claims forms and
data sets. It would be effective and efficient to make ICD-9-CM
upgrades at the same time. Without some indication that implementation
is on the horizon, healthcare providers, payers, and vendors will be
reluctant to make these necessary changes concurrently.
As I have noted, the ICD-9-CM coding standard is in serious crisis.
Terminologies and classifications from the 1970's no longer fit with
the 21st century healthcare system as numerous conditions and
procedures are outdated and inconsistent with current medical knowledge
and application. New advances in medicine and medical technology and
the growing need for quality data cannot be accommodated. Data
incomparability continues to increase globally and within the U.S. due
to the use of these antiquated code sets. As of the spring 2005 ICD-9-
CM coordination and maintenance cycle, the U.S. now has less than 70
remaining codes to represent health technology in the future. Two
simple examples of the gross inadequacy of this classification system:
ICD-9-CM offers two codes for asthma, extrinsic and
intrinsic. Current medical knowledge no longer considers this a
clinically relevant distinction. In ICD-10-CM asthma codes are
differentiated by mild persistent, moderate persistent; and severe
persistent, which are the terms used in evidence-based practice
guidelines.
In the area of procedures, ICD-9-CM simply lacks
important specificity. There is a single non-specific code for ``other
revision of vascular procedure'' encompassing a wide variety of
surgeries on blood vessels. ICD-10-PCS in contrast will allow capture
of the type of surgery, the specific artery or vein involved, and use
of a device such as a graft or prosthesis. This kind of detail is
essential for evaluating outcomes and efficacy and may decrease the
supplemental information that is required to adjudicate a claim, in the
form of a paper attachment or actual review of the medical record.
Data coded under the ICD-9-CM system are the foundation for
billing, claims processing, payment and pricing. It is used for public
health and quality reporting, biosurveillance, research, pay for
performance, provider credentialing and fraud detection. In other
words, it underlies all the major programs that this Committee oversees
and is looking to advance. However, ICD-9-CM does not meet any of the
following criteria:
Code set standards outlined by the Health Insurance
Portability and Accountability Act of 1996 (HIPAA);
New services and technology that must be acknowledged in
CMS payment systems according to the Benefits Improvement and
Protection Act of 2000 (BIPA); or
Characteristics of a procedural coding system outlined by
the NCVHS in 1993.
Significant costs are incurred by continued use of severely
outdated and limited coding systems. For example, failure of our coding
systems to keep pace with medical advances results in the use of vague
or incorrect codes often taken from the claims form and thereby
requiring excessive reliance on supporting paper documentation
(attachments or copies of the health record).
When the need to replace ICD-9-CM was identified in 1993, steps
were taken by the National Committee on Vital and Health Statistics
(NCVHS), the National Center for Health Statistics--CDC (NCHS) and the
Centers for Medicare and Medicaid Services (CMS--then HCFA) to develop
a migration plan to ICD-10 for morbidity and mortality coding. ICD-10
use for mortality coding in the U.S. was initiated in 1999, however,
while the rest of the industrial countries are now using their
variations of ICD-10 for all reporting, the U.S. continues with the
unsupported ICD-9-CM (the World Health Organization (WHO) now
exclusively supports ICD-10) leading to data incomparability with the
rest of its global community.
Extensive work and dedication has gone into developing and
evaluating these systems as replacements for ICD-9-CM. While there is
significant support for this ICD-9-CM upgrade, there is also a segment
of the healthcare industry, clinging to antiquated legacy systems, who
continues to argue for further delay choosing to forgo the benefits of
improved data and information available through 21st-century
terminology and impeding progress toward achieving critical U.S.
healthcare goals.
In November 2003, the NCVHS recommended that HHS initiate the
regulatory process for the adoption of ICD-10-CM and ICD-10-PCS as
replacements for the 30-year-old ICD-9-CM. At that same time,
Congress--in language included in the Medicare Prescription Drug,
Improvement and Modernization Act (MMA)--urged the HHS Secretary to
move forward with promulgation of rules for adopting and implementing
ICD-10-CM and ICD-10-PCS. It is now 2005--a year and a half after these
distinguished recommendations--and HHS has taken no action.
We believe that adoption of ICD-10-CM and ICD-10-PCS is a component
of the health IT strategy being advanced by Congress and the
Administration, not a diversion from it. You are aware that the federal
government has licensed SNOMED-CT' to make it available at
no charge as a reference terminology in electronic health records.
Mappings must be built from SNOMED-CT to ICD-10 so robust computer
assisted coding applications will be available for
adoption.v Today, the National Library of Medicine is
preparing mappings to ICD-9-CM because there is not yet a final rule
for ICD-10. I liken this to putting a model T engine in a Porsche.
---------------------------------------------------------------------------
\v\ Background on SNOMED-CT and Mapping
---------------------------------------------------------------------------
Electronic health records based on a reference terminology, such as
SNOMED-CT, offer a new paradigm for health data capture, aggregation
and reporting. In the future, it will be possible to use a variety of
classification systems to meet specific information needs without
laborious manual coding. This is what AHIMA and others are working
toward. But it will take years for these technologies to be built and
fully deployed in all provider and payer organizations throughout the
U.S. A date certain for implementation of ICD-10 will drive application
development and accelerate adoption of reference terminologies,
mappings and artificial intelligence-aided coding engines. It will
permit IT vendors, providers and payers to prepare for the change and
develop software ``crosswalks'' between ICD-10 and ICD-9-CM to
accommodate organizations that cannot overcome legacy system
limitations before the effective date.
In addition to adopting ICD-10, the U.S. must redouble its efforts
to ensure uniform coding practice and adherence to coding guidelines.
The 1996 HIPAA legislation called for uniformity of transactions and
code sets, but states and payers, including CMS, persist in adopting
local rules and guidelines that further undermine data integrity and
add to administrative costs. If we are to have reliable interoperable
data and cost effective fraud-deterring systems, we must promote
uniformity no matter where the data originates and no matter who the
payer is. This is a first, but important step in improving the quality
of health data through standards.
I commend your leadership in supporting health IT improvements and
urge you to codify the important work of the Office of the National
Coordinator in the Department of Health and Human Services. I also
commend your action to safeguard the privacy and security of personal
health information. Health information management is fundamentally a
field that safeguards patient data--its integrity, its effective use,
and its privacy and security.
In closing, we urge Congress to expedite adoption of ICD-10-CM and
ICD-10-PCS and standards that will improve the accuracy and consistency
of health care data. I stand ready to answer questions and to provide
any additional information that is not covered in my written testimony.
Thank you.
Understanding ICD-10
ICD-10-CM is a U.S. clinical modification of the World Health
Organization's (WHO's) International Classification of Diseases, 10th
edition (ICD-10) is maintained by the National Center for Health
Statistics (NCHS). ICD-10 is now implemented or being implemented in
all highly developed nations except the U.S. ICD-10-PCS was designed
under contract by the Center for Medicare and Medicaid Services (CMS),
specifically to replace the ICD-9-CM procedural coding system.
The U.S. is the only developed country that has not adopted ICD-10
for mortality and morbidity. A total of 99 countries are currently
using ICD-10 for both mortality and morbidity. The U.S. has used ICD-10
since 1999 for mortality reporting only. We need to implement ICD-10-CM
in order to maintain comparability between mortality and morbidity
data.
Improved Data
ICD-10 provides better data needed to meet the demands of an
increasingly global and electronic healthcare environment. The ways in
which coded data are being used today go well beyond the purposes for
which ICD-9-CM was designed for back in the 1970s. Significant advances
in the understanding of disease and treatment have been made over the
last 30 years.
ICD-10 provides a significant opportunity to improve the capture of
information about the increasingly complex delivery of healthcare. ICD-
10 will provide:
Better data to support quality and patient safety
improvement activities
Better data for improved public health and bio-terrorism
monitoring
Better data for more accurate reimbursement rates.
ICD-10 and the EHR
ICD-10-CM and ICD-10-PCS are better suited for use in electronic
health record systems (EHR) than ICD-9-CM. The expanded availability of
SNOMED-CT' made possible by recent government licensing
agreement increases the urgency of replacing ICD-9-CM with ICD-10-CM/
PCS so the development of mapping tools to the ICD-10-CM and ICD-10PCS
can be initiated. Valid maps are urgently needed to link from a highly
specific terminology to a classification system so that information
captured in the reference terminology can utilize the power of summary
required for healthcare reporting and indexing offered by the
classification systems. ICD-10 medical coding system facilitates more
robust mapping from SNOMED-CT clinical reference terminology in the EHR
due to its greater size and granularity.
Continued use of the outdated version of ICD (ICD-9-CM) diminishes
the value of the U.S. investment in SNOMED-CT'. The
anticipated benefits of an EHR cannot be achieved if the reference
terminology employed in the EHR, such as SNOMED-CT', is
aggregated into a 30-year-old classification system such as ICD-9-CM
for administrative use and indexing. Mapping from SNOMED-CT to ICD-10
will improve the value of clinical data as it will:
Facilitate retrieval of coded data at the desired level
of detail depending on the purposes for which the data are being used
Allow for administrative reporting functions such as
reimbursement and statistical analysis not possible with SNOMED-CT
alone.
As part of their recommendations for patient medical record
information terminology standards, NCVHS urged the federal government
to promote the creation and maintenance of mappings between the
recommended core set of terminologies, which includes SNOMED-
CT', and medical code set standards designated under the
Health Insurance Portability and Accountability Act (HIPAA).
Replacing ICD-9-CM with ICD-10-CM is necessary in order to maintain
clinical data comparability with the rest of the world concerning the
conditions prompting healthcare services. The longer the healthcare
industry continues to use ICD-9, the more difficult it becomes to share
disease and mortality data at the time when such global data sharing is
critical for public health. For example:
ICD-10-CM would have better documented the West Nile
Virus and SARS complexes for earlier detection and better tracking
ICD-10-CM also provides the ability to track bio-
terrorism events and other public health outbreaks.
SNOMED-CT:
Is a comprehensive, precise clinical reference
terminology that contains concepts linked to clinical knowledge to
enable accurate recording of data without ambiguity;
Is specifically designed for use in an EHR:
It is incompatible with a paper-based health record
system.
Integrated into software applications, it represents
clinically relevant information in a reliable, reproducible
manner;
Supports clinical decision support systems, computerized
physician order entry systems, and critical care monitoring;
Facilitates communication among clinicians and improves
the quality of data available for research and measurement of clinical
outcomes;
Ensures interoperability of patient information across
software applications for disease management, treatments, etiologies,
clinical findings, therapies, procedures, and outcomes;
Provides a common language that enables a consistent way
of capturing, indexing, storing, retrieving, and aggregating clinical
data across clinical specialties and sites of care;
Contains concepts linked to clinical knowledge to enable
accurate recording of data without ambiguity;
Works through implementation in software applications,
representing clinically relevant information in a reliable,
reproducible manner;
Contains over 364,400 concepts with unique meanings and
formal logic-based definitions; more than 984,000 English language
descriptions or synonyms; and approximately 1.47 million semantic
relationships.
Mapping
The purpose of mapping is to provide a link between one terminology
and another in order to: v
Use data collected for one purpose for another purpose,
Retain the value of data when migrating to newer database
formats and schemas, and
Avoid entering data multiple times and the associated
risk of increased cost and errors.
See the AHIMA white paper, Coordination of SNOMED-CT and ICD-10:
Getting the Most Out of Electronic Health Record Systems, for a
complete description of the roles of terminologies and classifications
in EHR systems and the importance of mapping to effectively use
clinical information for multiple purposes.
Chairman JOHNSON. Thank you. Dr. Weiss?
STATEMENT OF ALLEN WEISS, M.D., PRESIDENT, NAPLES COMMUNITY
HOSPITAL HEALTHCARE SYSTEM, NAPLES, FLORIDA
Dr. WEISS. Chairwoman Johnson, Representative Stark,
distinguished members of the committee, thank you for the
opportunity to advocate for patients, communities, care givers,
and payers, whom we all agree have benefited by the use of IT
in health care. My comments are based primarily on my own
experiences that I believe may be typical for many care givers
and leaders in health care today. More than half of the care in
the United States today, as we have already heard, is from solo
and small group practices of ten or fewer physicians. Naples,
Florida, mirrors these demographics. By brief way of
background, I was in solo private practice of rheumatology,
internal medicine, and geriatrics for 23 years in Naples,
Florida, before becoming President of the Naples Community
Hospital System in the year 2000. When I was asked to join the
leadership team at Naples Community Hospital, we had many
independent, stand-alone, best-of-breed computer systems within
the building. The interfaces among these systems were always
intricate to build, expensive to maintain, and difficult to
use.
Learning best practices from other industries, such as
manufacturing and banking, showed the wisdom of integration of
systems. Having a common data repository accessible in
different ways depending on the various needs of patients,
providers, and payers, is key to both safety and efficiency.
The push for an internal, seamless integration started
seriously at Naples Community Hospital about 5 years ago. A
dramatic improvement in functionality resulted from
integration. This internal integration needs to be duplicated
outside the hospital in the community, where the majority of
patient care is rendered today. Any action facilitating
integration at the time of installation is much more effective
than late integration or none at all. Once computer systems are
purchased, installed, and functional, they are difficult to
change. Birth is easier than resurrection. Clearly, IT in
health care will be the ten exchange that Andrew Grove, former
chairman of the board of Intel Corporation, referred to in the
past. Medical errors have been shown to decrease up to 95
percent at Vanderbilt Children's Hospital in a study published
in the January 2004 issue of Pediatrics. Naples Community
Hospital's experience shows over a 50 percent decrement in
reported medication errors since medicine administration was
automated using bar code technology and an electronic medical
record. IT's remarkable effect on efficiency will be documented
in a study to be published this September by Dr. Richard
Homestead, Co-Director of Rand Enterprise Analysis.
Naples Community Hospital's experience with the prevention
of pressure ulcers similarly reflects cost savings by
decreasing the length of the patient's hospital stay. Pressure
ulcers typically form on an area of the body under pressure in
frail elderly patients. While the 2005 national prevalence was
7.3 percent, Naples Community Hospital's recent prevalence was
1.7 percent. The use of IT to assess risk and initiate
prevention in a timely manner yielded a huge savings in terms
of misery and money. The most important problem to be solved
today is the propagation of IT with integration. At least four
options or combination of options are possible. Number one,
allow the current stand-alone best of breed systems to evolve,
hoping the purchasers of these systems will only demand
integration. Number two, ask State or Federal government to
modify rules and regulations that would facilitate propagation
of integrated IT. Number three, ask the health care IT industry
to work together with payers, providers, and consumers to
develop common standards. Number four, ask payers, namely the
insurers, both governmental and commercial, to financially
support IT, whether by direct funding or implementation or by
increased reimbursement for providers who do use IT in their
practices, thinking that the cost of care would decrease as
care is rendered in a more efficient and safe manner. Thank you
for the opportunity to assist in this important endeavor.
[The prepared statement of Dr. Weiss follows:]
Statement of Allen Weiss, M.D., President, Naples Community Hospital
Healthcare System, Naples, Florida
Chairwoman Johnson, Representative Stark, distinguished members of
the Committee:
Good Morning. Thank you for the opportunity to advocate for
patients, communities, care givers, and payers who must benefit by the
use of information technology (IT) in healthcare. My comments are based
on my own experiences that, I believe, may be typical for many care
givers and leaders in healthcare today.
By brief way of background, I was in solo private practice of
Rheumatology, Internal Medicine and Geriatrics for twenty-three years
in Naples, Florida before becoming President of the Naples Community
Hospital Healthcare System (NCH) in 2000. During my last decade of
private practice I used a computer system for billing purposes. During
my last two years of practice I additionally used an inexpensive,
commercially available voice recognition system for recording clinical
information. Mine was not a ``high tech'' office, and I was not a
``high tech'' person; my situation was rather typical of many offices
across the United States at that time and even today where the majority
of physicians are in either solo or small group practice.
When I was asked to join the leadership team at NCH, we had many
independent ``stand alone--best of breed'' computer systems. The
interfaces among those systems were always intricate to build,
expensive to maintain, and difficult to use. Learning best practices
from other industries such as manufacturing and banking showed the
wisdom of integration of systems. Having a common data repository that
can be accessed in different ways depending on the various needs of
patients, providers, and payers is the key both to safety and
efficiency. The push for internal, seamless integration started
seriously at NCH about five years ago. Now, this internal integration
needs to be duplicated outside the hospital, in the community where the
majority of patient care is rendered.
NCH is typical of many hospitals in terms of size and
demographics--two locations with 539 beds, almost 4000 employees, over
35,000 admissions, 4000 births, 600 open hearts surgeries, and 130,000
emergency room visits per year. We care for all who come to our
hospital, with approximately 24% of our patients uninsured, unable to
pay, or on Medicaid.
We are a not-for-profit community-based system with three core
competencies--demonstrative quality, operational efficiency and fiscal
responsibility. Operational efficiency, with the extensive use of IT,
nurtures demonstrative quality, in turn leading to fiscal
responsibility.
In striving to demonstrate quality, we earned a Healthgrades top 5%
overall rating and a top 5% rating in cardiac, stroke, and pulmonary
along with a top 3% in patient safety. We volunteered to participate in
the Center for Medicare and Medicaid Services (CMS) project to
demonstrate quality. This project compares us to 277 other hospitals
that have also volunteered regarding measures for congestive heart
failure, acute myocardial infarct (heart attack), coronary bypass (open
heart surgery), community acquired pneumonia, and joint replacement
(hip and knee). We also use a balanced scorecard as popularized by
Norton and Kaplan. This scorecard stresses both quality metrics and
operational efficiencies in addition to the traditional financial
metrics. The leadership team at NCH believes that these quality awards
were facilitated by the use of IT.
NCH's most fundamental core competency is operational efficiency.
Information technology is the tool that allows caregivers to provide
better care more efficiently. A common metaphor concerning IT compares
a hand and power drill. Both tools can produce the same end product,
namely a hole, but the power drill accomplishes the task with a
fraction of the energy in a fraction of the time. IT correctly used can
not only drill the hole, but also guarantee that the hole was made in
the right place without doing any neighboring damage. Moreover, IT's
improved ease, speed, accuracy, and reliability in a process can, more
fundamentally, encourage other processes to change.
Hospitals are set-ups for tremendous inefficiency. For example, a
common scenario is a duplicate laboratory test: the attending
physician, after assessing the patient, orders an appropriate test,
followed by the consulting physician, not able to read or find the
order in the chart, ordering the same test later in the day while the
original test was already in progress.
Physicians using computers to enter orders will have instant, clear
knowledge. In the example above, the second physician would receive a
``pop up'' cautionary note stating that the same test is already in
progress or that the results were now available. ``Do you want to order
it again?'' would be the question displayed. The physician could exit
the order-entry routine, avoiding another needle stick for the patient,
another charge for the payer, and another inefficiency for the
caregiver. Having the right information at the right time will make for
a safer, more efficient environment for patients and caregivers.
Ordering and administering medicines have become more complex over
time. Only 60 drugs were commonly prescribed in 1960. In 2000 almost
6000 medicines were commonly prescribed. Who can keep 6000 drug
interactions in mind? No human can, but a well functioning IT system
can give instant feedback for incorrect doses, inappropriate
interactions, potential allergies, as well as make suggestions based on
medical evidence. At NCH's smaller hospital, greater than a 50%
decrease in medicine errors has been reported over the last four months
since instituting a bar code system: portable bar code readers
correctly identify patients wearing wrist bands with bar codes.
Medicines are delivered to the bedside in bar coded containers, and
nurses wear badges with bar code identification. Once the scanning is
complete and the bar code reader states all is proper to proceed with
the medicine administration, documentation is done automatically. A
pharmacist who can intervene at any time electronically supervises the
entire process. NCH's larger hospital has had the same system in place
for only two months with similar positive results. IT in this situation
makes caregivers more efficient and patients safer.
As previously stated, NCH has strived towards an integrated IT
system since 2000. On Saturday, September 8, 2001 our almost 1000
nurses started documenting all of their notes using digital technology.
This event was a sea change and retrospectively may have been the
tipping point for our institution in the use of IT.
One remarkable result in saving patients from the misery of
pressure ulcers has been directly related to the process change
facilitated by the use of IT. Pressure ulcers are sores which form on
skin areas under pressure in people who are typically debilitated,
malnourished, and lying or sitting in one position. These sores, for
the most part preventable, usually develop on the sacral area
(backside) or the back of the heels. Each pressure sore adds suffering
to the patient as well as cost to the healthcare system in terms of
length of hospital stay and thousands of dollars in patient care. The
national average for prevalence of pressure ulcers was 7.3% in 2005.
Patients can be assessed for risk of developing pressure ulcers by
using the Braden Scale Scoring System that asks six questions and
produces a score from six to twenty-three, inclusive. Starting
intervention after doing these scores manually is burdensome to the
caregivers, and often is not done. Using IT to facilitate the scoring
and alerting the appropriate caregivers has been remarkable in
effectiveness.
Every patient at NCH is assessed for pressure ulcers once on
admission and if at risk, daily thereafter. An elderly, malnourished,
incontinent person with a fractured hip due to a fall in a skilled care
facility is an example of a high-risk patient. Having a low score
indicating risk for developing pressure ulcers, the patient is
immediately seen by a nurse trained in prevention and given specific
skin treatment. NCH's pressure ulcer rate was above 12.8% at the start
of using IT to measure risk and start intervention. NCH's most recent
assessment had a rate of 1.7% with no heel ulcers--a remarkable
achievement.
Drexel University has a competition for the best new use of
technology in healthcare; our care givers won this year for using IT to
decrease pressure ulcers. IT is the ``power drill'' in this remarkable
example that allows for a process change resulting in decreased misery,
improved safety, and lower cost. Patients, communities, care givers,
and payers all benefit.
Having strong integrated IT within the hospital is only the first
step towards safety and efficiency. The goal of sharing health
information is to have the patient, caregiver, and payer all have
access to the portions of the health record that are appropriate for
their respective needs. Granting practicing physicians access to the
hospital system has been the most successful portion thus far. Sharing
patient information from the physicians' office to the hospital has
not. Thus far, information has flowed in one direction only--hospital
to physician. Physician to hospital, physician-to-physician, and
patient to care giver still depend on patients' and physicians'
memories, copied papers, and faxes. Patients and payers continue to
depend on care givers sharing clinical information in much the same way
as decades ago. We practice and treat using 21st century technology,
but we record and archive the same way we did in the 18th century.
Demographic information is being shared by hospitals and physicians
offices with payers primarily for reimbursement purposes. Having a
patient both involved and informed in his or her care are two goals
that have been shown to improve health and decrease anxiety. Who isn't
anxious waiting for the results of a mammogram or PSA (prostate
specific antigen)? Yet, we still can't report these results quickly and
safely using the IT currently available. This challenge can be helped
by creating a common set of standards and policies to exchange
information among patients, communities, caregivers, and payers.
Moreover, neutered data shared within and among communities may be
helpful for public health purposes.
Currently, NCH has about 525 physicians on staff. Over 350 of these
physicians have secure access to the in-patient IT system from their
offices and homes using high speed internet access. This access is in
``read only'' mode to borrow a term from the computer industry. Each
physician purchases a key fob at cost from NCH--seventy-five dollars.
Security is maintained by a series of numbers that change each minute
by satellite on the fob's screen. To access the system, a person must
enter the numeric code for that minute in addition to a password. Early
in our process of trying to integrate our physicians with the in-
patient IT system, NCH charged five hundred dollars for installation of
the system in an office. Physicians in larger groups needed the billing
information available on their in-patients and did buy the system
primarily for that reason. These physicians needed to have high speed
internet access in their offices and gradually came to the realization
that it was easier to obtain lab results, vital signs, and other
clinical information on their in-patients by going on-line rather than
playing ``telephone tag'' with the nurse on the floor who might be
occupied caring for another patient. NCH, realizing that the in-patient
nurse became more efficient when relieved of the ``telephone tag''
process, decided to waive the five hundred dollar charge if the
physician would also keep all of his/her hospital chart documentation
up to date. NCH made this offer in conjunction with Florida's Doctors'
Day in 2003.
Now, physicians may obtain lab results, vital signs, nursing notes,
and consultative notes on-line in a ``read only'' mode at any time and
in any place with computer access. Obstetricians can view ``read only''
fetal monitor strips that are contemporaneous measures of an unborn
child's health during the labor process. Soon, physicians will be able
to order medicines, lab tests, and other modalities on-line for their
patients. This off-site entry capability should facilitate
communication and decrease the inherent risk of phone orders which even
if read back, could be misunderstood or transcribed incorrectly.
Local nursing homes, visiting home nurse companies, and more
recently a mental health facility and the Medical Examiner's office
also have secure access to the in-patient record. This capability has
replaced the physical need for a person to travel to review a record or
to fax dozens or even hundreds of pages per day to another provider. In
the case of nursing home transfers, multiple nursing homes can review
charts simultaneously to determine which patients are best suited for
the home's particular environment. This off-site, pre-discharge review
decreases a patient's hospital stay, previously devoted to in-person
reviews by successive nursing facilities. In turn, costs are lowered
and safety is improved.
When NCH initiated this review process at the suggestion of the
Director of Patient Advocacy, concerns about security and privacy
arose. The electronic environment, although not perfect, is in fact
better--safer--than the paper environment. With paper, anyone in the
hospital can casually pick up a chart at the nursing station and browse
anonymously. Patient charts have been minimally secured for decades
without patients' realization. However, to ``open'' a patient chart
electronically, one must first have a password. Then the record is
updated showing the date and time of access, what specifically was
examined, and the claimed relationship of the viewer to the patient. To
search for unauthorized access, the log of viewers is reviewed both
randomly and also using specific algorithms. Not only are searches done
on high profile patients and high profile diseases, but also records
are examined for viewers with same last names and those designated as
``who to notify in case of an emergency.'' Hospital employees are
warned that invasion of privacy will result in immediate termination,
and NCH has enforced this regulation already. This termination policy
has proven to be an effective deterrent. Long term using IT, health
care will have comfort in security now perceived in the banking and
finance industry. In the paper age, people had a false sense of
security and privacy.
An Electronic Health Record (EHR), for hospitals or physician
offices of any size, requires support people with a variety of skills
used episodically. Having full time employees to maintain hardware and
software and train other employees does not take advantage of economies
of scale or scope. Service personnel, as well as replacement parts, are
needed for rapid repair to avoid unplanned downtime when computers are
on-site. Even as a 539-bed two-hospital system, NCH could not support
full time hardware service personnel on-site when needed only
occasionally. NCH advantageously outsourced its main hardware, the
computer server, to a specialist in remote hosting of computers.
Similarly, NCH could not stock replacement parts economically. While
remote hosting, web support and internet training do not obviate the
need for face-to-face, hands-on employees, the need and cost are
greatly reduced.
The cost of purchase, installation, maintenance, and training is a
challenge for small or moderate sized groups as well. Smaller groups
have the same problems in an exaggerated form. Ideally, by combining
five hundred physicians and a 539-bed two-hospital system, the costs of
installation, maintenance and training would come down and be
manageable for everyone.
However, the major disappointment in our local health care
community has been not having seamless EHR shared by the treating
physicians and NCH. About eighteen months ago two local groups of
physicians (one with approximately fifty-five physicians and the other
forty) shopped independently for an electronic health record for their
respective practices. Both ultimately purchased excellent IT products
which do not interface with the equally powerful hospital system.
Moreover, solo and small groups have installed ``stand alone'' systems
that will be hard to integrate in the future. The goal of having one
common community system was very attractive for many reasons including
patient safety, patient and provider convenience, support personnel
training, system maintenance, and overall efficiency. A unified EHR
helps make an area attractive for retirees who rank health care as a
major concern.
Compounding this problem, Collier County has a summer and winter
population variation between a nadir of approximately three hundred
thousand and peak of over four hundred thousand people. Moreover, while
NCH was previously the sole hospital in Naples, now Cleveland Clinic
Foundation of Collier County has an eighty-bed hospital and HMA, a for-
profit hospital system, is in the permitting process to build a
hundred-bed hospital. Most physician groups want to be able to interact
with more than one hospital system. Most hospitals want to be able to
service as many physicians and patients as possible in an efficient
manner. Ideally, all EHR systems would have seamless interaction
without the need for interfaces, but that is currently not the case.
Complete integration would solve the problem of information transfer
for patients, providers, and payers.
NCH, in spite of relatively good relations with physician groups,
could not build a mutual bridge of trust to share IT resources so that
patients, communities, care givers, and payers would all benefit. What
went wrong or why does Collier County, Florida have three major
independent systems along with several additional ``stand alone''
systems? First, physicians questioned whether a successful outcome was
possible given that installing IT in private offices was new territory
for hospital services. Second, physicians wanted to be able to practice
at all three hospitals in the county and not be locked into NCH if the
other two systems chose a different IT system. Third, NCH was
prohibited by self-referral laws from giving support services to
physicians or groups of physicians.
Any encouragement that could integrate healthcare IT within Collier
County would be welcome and of benefit to all involved. Each system has
advantages but having multiple different systems more than neutralizes
any of the individual advantages as far as patient safety, provider
convenience and payer efficiency are concerned. Hopefully, both IT
companies and purchasers will understand that the next generation of
software must be interoperable.
Having common standards is quintessential for seamlessness, safety,
efficiency, privacy, confidentiality, economic feasibility, and the
development of evidence based medicine (EBM). Currently, a wealth of
clinical information is not shared because it is either in paper form
or in isolated digital form. Once a common language exists, large
populations may be easily and quickly studied. EBM would advance at a
much faster pace than can be done currently with controlled
experiments.
Common standards and digitalization of the EHR would also permit
patients to have access to appropriate portions of their own medical
records such as cholesterol results and blood pressure readings
regardless of where they move to in the future. Patients who are
involved with their own care are more compliant, are easier to care
for, cost less, and have a better prognosis.
IT also allows fungible work to be performed in remote locations.
Currently, radiology reading and medical transcription are done abroad.
Moreover, while calculations of total parental nutrition (a therapy to
assist patients who cannot take in nutrition) are complex, requiring
both a pharmacist and dietician's time and attention, the math can be
done anywhere in the world. Healthcare workers will always be needed in
the workforce because face-to-face contact with patients is not
fungible. However, healthcare workers will need to adapt by learning
new skills throughout their careers and realizing that their value lies
in the human interface.
Is payment for IT implementation holding back its adoption
nationally? Thus far, the caregivers have paid for their IT systems,
and the care givers have benefited somewhat but not as much as the
patients and payers have benefited. Patients cared for in a functioning
IT environment have a safer, higher quality experience while not having
any additional out-of-pocket expense. Payers benefit by having fewer
duplicate tests in addition to better quality, both of which always
lower cost. Similar to the patients, the payers have not had any
additional expense for their cost savings. The caregivers who have paid
for the installation and maintenance of IT have benefited by avoiding
medical errors. However, these care givers ultimately may lose revenue
due to decreased patient volume as the power of IT shifts care to the
outpatient arena.
Ultimately, the right thing to do in caring for patients is to
provide quality using the best tools (IT) available for operational
efficiency. During evolutionary times, market share will shift as will
profit margins for hospitals, caregivers, and payers. Those with the
most to lose will resist the most; but in the free market with the
exchange of information, change is inevitable.
The pressing issue to be solved today is seamless propagation of
integrated information technology and who pays the cost.
At least four options or combinations these options are possible:
#1 Allow the current ``stand alone--best of breed systems'' to
evolve, hoping that the purchasers of these systems will ultimately
demand integration. With this option, the providers--both hospitals and
physicians--continue to pay rather than payers (insurance companies) or
government. This ``do nothing'' approach could take too long and
ultimately not develop a unified system. Reminiscent of this approach
is the Beta versus VHS conflict in video technology, taking time but
ultimately producing a sole system.
#2 Ask state or federal government to modify rules and regulations
that would facilitate propagation of integrated IT. With this approach,
providers could continue to pay or government could financially support
its mandate, speeding accomplishment. This government model has the
advantage of universal applicability but the disadvantage of possible
initial tax payer cost along with additional rules for providers.
#3 Ask the healthcare information technology industry to work
together with payers, providers and consumers to develop common
standards for seamless information transfer among the in-patient and
out-patient environments as well as among patients and payers. Thus
far, the IT industry has not produced interoperability. With this
option, the providers continue to pay but will be receiving better
value.
#4 Ask payers, namely the insurers--both governmental and
commercial--to financially support information technology, whether by
direct funding of implementation or by increased reimbursements for
providers using information technology, thinking that the cost of care
would decrease as care is rendered in a more efficient and safe manner.
This approach would create more EHR care givers, perhaps allowing
Option #1 to evolve faster or pressuring Option #3 to mature sooner.
Thank you for the opportunity to assist in this important endeavor.
Chairman JOHNSON. Thank you very much, Dr. Weiss. Ms.
Pritts?
STATEMENT OF JOY L. PRITTS, ASSISTANT RESEARCH
PROFESSOR, HEALTH POLICY INSTITUTE, GEORGETOWN
UNIVERSITY
Ms. PRITTS. Good morning. Madam Chairman, Congressman
Stark, members of the Subcommittee on Health, I would like to
thank you for inviting me today to testify on the
confidentiality of health information as the National Health
Information Infrastructure continues to develop. As I was
introduced, my name is Joy Pritts and I am Assistant Research
Professor at Georgetown's Health Policy Institute. I have
studied medical privacy issues, in particular medical privacy
laws, for a number of years now, and I have spent a lot of time
looking at State health privacy laws and the Federal privacy
laws and how they interact with each other. Everyone seems to
agree that as we develop a national Health Information
Infrastructure and continue to push for this electronic
exchange of health information, that protecting the privacy of
the health information is an admirable goal and this is
something that we should be doing. The question remains, even
after all that has gone on up to this point, how to accomplish
that goal. A comprehensive minimal Federal standard
supplemented by Federal privacy laws is what we are working
with today. I would say that, at a minimum, that is where we
should end up.
Where we should not end up is relying on the HIPAA privacy
rule as it is written now as a national Federal standard. The
HIPAA privacy rule standing on its own in the absence of higher
State privacy protections is simply inadequate. It does not
cover many of the people and organizations who will have access
to health information on the National Health Information
Infrastructure as it is envisioned, and it was designed as a
minimal set of standards from the outset. I would first like to
briefly address the scope of HIPAA as it is currently written.
It is our only generally applicable Federal privacy standard
for health information. It is not enough. It is not broad
enough. The way HIPAA was written, it covers only a core group
of people and organizations that hold health care information:
Health plans, health care clearinghouses, and health care
providers who transmit health information electronically for
certain administrative and financial purposes, usually in
connection with processing health insurance and claims and
things of that nature.
Because of the way it is written, HIPAA is very limited in
who it covers. It doesn't even cover everybody in the core
group of those who hold and use health information on a regular
basis. For example, it does not cover health care providers who
don't engage in health care insurance transactions. That means
that health care providers who provide health care services
over the Internet and accept credit cards are not covered by
HIPAA. This is an increasing area of medical practice. People
turn to the Internet for medical care, for one thing, in order
to keep their medical information private and out of their
other medical records, but also because they don't have health
insurance and they have found this to be one mechanism that
they can pay for their own health care at a reasonable level,
is turning to the Internet. They are not covered by the Federal
privacy protections. Beyond this core group that HIPAA does
cover, it doesn't cover all of the other entities that receive
health care information from the core group. It doesn't cover
them directly. It doesn't cover Workers' Comp. It doesn't cover
life insurance. In particular, it doesn't cover some of the
people who are essential to the use of health care information.
It also does not cover, according to the Department of
Justice, employees of covered entities, and that is something
that really needs to be remedied as we move forward. I would
also like to emphasize that HIPAA sets minimal standards. It
was conceived that way. It was written that way. When HHS
received comments on the privacy rule and people requested them
to set high standards for certain medical conditions, such as
HIV, mental health treatment, consumers were reportedly told,
this is the floor. We are not set out to set maximum or even
best business practices. You can always turn to your State
laws, and States have filled that gap where HIPAA has not
reached a very high standard. Eliminating State law, as some
have proposed to do, to set a uniform standard in order to ease
the exchange of health care information would drastically lower
consumer privacy rights and protections. We should not use the
development of the National Health Information Infrastructure
as an excuse to reduce privacy protections of health
information to the least common denominator. Thank you.
[The prepared statement of Ms. Pritts follows:]
Statement of Joy L. Pritts, Assistant Research Professor,
Health Policy Institute, Georgetown University
I. Introduction
Madam Chairman and Members of the Subcommittee on Health of the
House Committee on Ways and Means: Thank you for the opportunity to
testify before you today on protecting the confidentiality of health
information and health information technology (IT).
My name is Joy Pritts. I am a lawyer and an Assistant Research
Professor at GeorgetownUniversity's Health Policy Institute. In my
position at Georgetown, I conduct research and analysis on a range of
health privacy issues. Much of my work has focused on the Privacy Rule
issued under the Health Insurance Portability and Accountability Act of
1996 (HIPAA), its scope and its interaction with state health privacy
laws. I have written extensively on this topic including: The State of
Health Privacy (2002); Implementing the Federal Health Privacy Rule in
California (2002); ``Altered States: State Health Privacy Laws and the
Impact of the Federal Health Privacy Rule,'' Yale Journal of Health
Policy, Law, and Ethics (Spring 2002); and ``Preemption Analysis Under
HIPAA--Proceed with Caution,'' In Confidence (April 2003); and state-
specific consumer guides on how to obtain and correct or amend medical
records under a combination of the HIPAA Privacy Rule and state law,
available at http://hpi.georgetown.edu/privacy/records.html.
My testimony today will focus on what, if any, actions the federal
government should take with respect to protecting the confidentiality
of health information in order to facilitate the electronic exchange of
health information, including the development of a national health
information infrastructure (NHII). In particular, my testimony will
address why, at a minimum, the HIPAA Privacy Rule must be expanded to
directly cover all who have access to individually identifiable health
information. I will also discuss the importance of protecting the
ability of states to build on the floor of federal privacy protections,
as is currently permitted by HIPAA.
II. Background
The electronic exchange of health information has the potential to
improve the quality of health care. Electronic records will be more
complete, legible, and more accessible to providers. These features
should lead to improved quality of care, the elimination of repetitive
tests and a streamlining of the administrative process. Under the right
circumstances, electronic medical records should also be more secure
than paper records.
The risks of a computer-based health information system, however,
remain real. Computerization of medical records will make large amounts
of detailed personal data more readily accessible and transferable not
only to health care providers but to others. When a breach in
confidentiality occurs, it is often with respect to hundreds if not
thousands of records at a time. For example, several thousand patient
records at the University of Michigan Medical Center containing names,
job status, treatment information and other data were inadvertently
posted on public Internet sites for two months.\1\
---------------------------------------------------------------------------
\1\ ``Black Eye at the MedicalCenter,'' The Washington Post,
February 22, 1999, p. F5.
---------------------------------------------------------------------------
Unintentional disclosure is not the only threat to heath
information in electronic format. Some people improperly access and
disclose medical records because they want to make money. A hospital
employee sold country singer Tammy Wynette's medical records to the
National Enquirer and Star tabloids.\2\ Hospital employees in New York
sold emergency room patients' information to attorneys and others to
use in insurance scams.\3\ Recently, an employee of cancer clinic
accessed the medical records of a patient with terminal cancer,
obtained credit cards in the patient's name, and ran up over $9000 in
charges.\4\
---------------------------------------------------------------------------
\2\ Selling Singer's Files Gets Man Six Months,'' Houston
Chronicle, December 2, 2000, p. A2.
\3\ Office of the District Attorney, Nassau County, New York, Press
Release, November 23, 2004, available at http://www.nassauda.org/
dawebpage/pressreleases/NUMC%20arrests.htm
\4\ U.S. Attorney's Office, Western District of Washington, Press
Release, ``Seattle Man Pleads Guilty in First Ever Conviction for HIPAA
Privacy Rules,'' August 19, 2004, available at http://www.usdoj.gov/
usao/waw/press--room/2004/aug/gibson.htm
---------------------------------------------------------------------------
Others improperly access medical information to use against or
embarrass a person. As New York Congresswoman Nydia Velasquez testified
before the Senate Judiciary Committee, her medical records--including
details of a bout with depression--were faxed from a New York hospital
to a local newspaper and television station on the eve of her 1992
primary.\5\ On a more local level, the medical records of a Maryland
school board member, who had been treated for depression, were sent to
school officials as part of a campaign criticizing his performance.\6\
---------------------------------------------------------------------------
\5\ A. Rubin, ``Records No Longer for Doctors' Eye Only,'' Los
Angeles Times, September 1, 1998, p. A1
\6\ C. Samuels, ``Allen Makes Diagnosis of Depression Public;
Medical Records Mailed Anonymously,'' The Washington Post, August 26,
2000, p. V1.
---------------------------------------------------------------------------
Still others improperly access and disclose medical information out
of curiosity. An employee at a major hospital in Washington DC learned
that one of her co-workers had HIV when she improperly accessed his
medical record to find out why he was hospitalized. The employee
revealed the patient's HIV status to other co-workers who ostracized
him.\7\ When former President Clinton was in the hospital for heart
surgery 17 hospital workers who had nothing to do with his health care
improperly tried to access his medical records. Perhaps most disturbing
was the reaction of the hospital employees, one of whom commented,
``I'm not surprised. People are nosy. It happens all the time.'' \8\
---------------------------------------------------------------------------
\7\ P. Slevin, ``Man Wins Suit Over Disclosure of HIV Status,'' The
Washington Post, December 30, 1999, p. B4.
\8\ J. Lite, D.Epstein and C. Katz, Clinton File Snoopers Rapped,''
New York Daily News, September 11, 2004, available at http://
www.nydailynews.com/news/local/story/230961p-198366c.html
---------------------------------------------------------------------------
The risks of having medical information improperly accessed and
disclosed are shared by nearly everyone: people going through a divorce
or custody dispute; people who work in the health care system and who
also happen to be patients of that system; people who live in small
communities; and people with medical conditions that may subject them
to stigma or discrimination. The consequences can be severe. People
fear that they will be ostracized, that they may lose their custody
battle, a political race, their job, or their insurance.
As we continue to move toward the computerization of medical
information, it is imperative to ask whether there are adequate privacy
laws in place to reduce, if not eliminate, these risks. The HIPAA
Privacy Rule is not sufficient. It is not broad enough to cover all of
those who have access to health information, especially the growing
number who will have electronic access. Furthermore, because HIPAA is
designed to provide a minimal floor of privacy protections it is
important that states retain their ability to offer higher levels of
privacy protection.
III. Federal Privacy Protections Should Apply To Everyone Who Receives
Or Creates Identifiable HEalth Information
HIPAA and the Privacy Rule issued under the Act only directly cover
a core group of those who hold and maintain health care information
(known collectively as ``covered entities''): health care providers who
transmit health information electronically in connection with certain
financial and administrative purposes, health plans and health care
clearinghouses. As the Department of Health and Human Services (HHS)
noted, ``Unfortunately, this leaves many of the people and
organizations that receive, use and disclose protected health
information outside of the system of [federal] protection.'' \9\ First,
HIPAA does not cover all health care providers. Only providers who
transmit health information electronically for certain administrative
and financial transactions (largely related to insurance) are covered
by HIPAA. For example, an increasing number of health care providers
offer health services directly to consumers over the Internet,
accepting only credit card payments. These providers are beyond the
scope of HIPAA.
---------------------------------------------------------------------------
\9\ U.S. Department of Health and Human Services, Preamble,
Standards for Privacy of Individually Identifiable Health Information;
Proposed Rule, 64 Fed. Reg. 59918, November 3, 1999, p. 59923.
---------------------------------------------------------------------------
Other examples of persons who receive and use information and who
are not covered by HIPAA include workers compensation carriers,
researchers, life insurance issuers, employers and marketing firms. HHS
also lacks the authority to directly regulate many of the persons that
covered entities hire to perform administrative, legal, accounting, and
similar services on their behalf, and who would obtain health
information in order to perform their duties (called ``business
associates'').\10\
---------------------------------------------------------------------------
\10\ See 64 Fed. Reg. 59923.
---------------------------------------------------------------------------
Although HHS attempted to fill some of these gaps by requiring
covered health care providers and health plans to enter into contracts
that require those who perform services on their behalf (known as
``business associates'') to protect the confidentiality of the health
information that they receive, HHS has no enforcement authority over
these recipients. If business associates violate their contracts, HHS
cannot impose civil or criminal penalties against them.
Similarly, it appears that HHS may not have the authority to impose
criminal penalties against individuals who improperly obtain or
disclose individually identifiable health information even if they act
for profit. HIPAA provides for criminal penalties for persons who
knowingly in violation of the Act obtain or disclose individually
identifiable health information relating to an individual.\11\ The Act
provides the most substantial criminal penalties for those who commit
these acts under false pretenses or with intent to sell or use the
information for commercial purposes, personal gain or malicious
harm.\12\ The United States Department of Justice has recently taken
the position that these criminal penalties generally apply only to
covered entities. Employees and others who improperly obtain and use
health information (even if it is for profit or to cause serious harm
to another) may not be prosecuted under this section.\13\ Under this
interpretation, the hospital employees described above who sold
emergency room patient information to lawyers could not be prosecuted
under HIPAA.
---------------------------------------------------------------------------
\11\ 42 U.S.C. � 1320(d)-6(a).
\12\ 42 U.S.C. � 1320(d)-6(b).
\13\ U.S. Department of Justice, letter for Alex M. Azar II,
General Counsel, Department of Health and Human Services, June 1, 2005,
available at http://www.usdoj.gov/olc/hipaa--final.htm
---------------------------------------------------------------------------
These gaps in federal privacy protection coverage leave large
volumes of identifiable health information vulnerable to improper
access and disclosure without any real remedies. The promotion of the
electronic exchange of health information heightens the urgency of
filling these gaps through federal legislation. Forming a national
health information infrastructure without adequate federal privacy
protections threatens not only the privacy of patients but also the
very viability of such a system.
III. Higher State Health Privacy Protections Should Remain In Place
It is important to preserve the ability of states to impose more
protective privacy standards on the use and disclosure of health
information as we encourage the electronic exchange of health
information. As currently written, HIPAA sets a federal floor for the
protection of health information. The HIPAA Privacy Rule overrides
(preempts) state laws that are less protective of privacy. However,
state laws that provide health information privacy protections that are
equal to or greater than those contained in the HIPAA Privacy Rule
remain in place. These state laws offer additional privacy protection
to people with medical conditions that often subject them to stigma or
discrimination, such as HIV or mental health conditions. They give
patients greater access rights to their own health information.
Many in the health care industry would like to preempt all state
health privacy protections so that the HIPAA Privacy Rule would serve
as the uniform, national standard for protecting the privacy of health
information. However, doing so would directly contradict a key,
underlying premise of the HIPAA Privacy Rule. The Rule was explicitly
conceived, written and issued as the minimally acceptable standard upon
which states could build. Indeed, the ramifications of nullifying
stronger state privacy laws are enormous and could be quite negative
for patients on a number of fronts.
In considering these issues, it is imperative to remember how we
got to where we are today. States have traditionally exercised power
over the health and welfare of their citizens. Over the years, states
have developed an extensive range of statutes and regulations that
protect the privacy of health information. Every state has some statute
or regulation governing the use of health information. These laws can
be found in health provider licensing laws, insurance laws, public
health laws, the rules of evidence and civil procedures. Many states
developed statutes and regulations that specifically address the use
and disclosure of health information in a detailed and comprehensive
fashion. In response to the needs of their citizens, most states have
laws that provide privacy protections specifically for information
related to medical conditions that are often associated with stigma or
discrimination, such as HIV or mental health conditions.
Additionally, in the 40 years preceding the issuance of the Privacy
Rule, most states developed common law through court cases where people
sued for the improper disclosure of their health information, often
based on invasion of the right to privacy. The level of privacy
protection afforded by the states, however, varied widely. Some states
had broad, detailed privacy protections for health information while
others had few protections.\14\
---------------------------------------------------------------------------
\14\ See J. Pritts, ``Altered States: State Health Privacy Laws and
the Impact of the Federal Health Privacy Rule,'' Yale Journal of Health
Policy, Law, and Ethics (Spring 2002).
---------------------------------------------------------------------------
As efforts to encourage the health care industry to adopt computer
technology intensified it became apparent that there was a need for at
least minimum federal standards to protect the privacy of health
information. Beginning as early as 1980, Congress attempted to pass
health privacy legislation. In 1996, Congress once again took up the
issue of health privacy, this time within the context of HIPAA. The
Administrative Simplification provisions of HIPAA were designed to
encourage the development of an electronically based health care
system. Recognizing that protecting the privacy of health information
was an important component of this system, Congress set itself a 3-year
deadline for enacting comprehensive health privacy legislation. If
Congress failed to act in that time, HHS was directed to write and
issue health privacy regulations. HIPAA expressly provides that these
federal regulations will not supercede a contrary provision of state
law if the state standard is more stringent than the standards imposed
by the federal regulations.
Congress was unable to pass comprehensive health privacy
legislation within the 3-year period. No national consensus could be
reached on some of the more difficult policy issues surrounding the
protection of health information (such as the appropriate level of
protection for HIV information or for genetic information and the right
of an individual to sue for improper disclosures of information).
Accordingly, the duty to craft federal health privacy protections
passed to HHS.
Throughout the rule-making process, HHS consistently maintained
that it was establishing minimum federal standards, which would not
disturb more protective state laws. In explaining its approach to the
Privacy Rule, HHS stated:
It is important to understand this regulation as a new federal
floor of privacy protections that does not disturb more protective
rules or practices. Nor do we intend this regulation to describe a set
of a ``best practices.'' Rather, this regulation describes a set of
basic consumer protections and a series of regulatory permissions for
use and disclosure of health information. The protections are a
mandatory floor, which other governments and any covered entity may
exceed.\15\
---------------------------------------------------------------------------
\15\ Preamble, Standards for Privacy of Individually Identifiable
Health Information; Final Rule, 65 Fed. Reg. 82461, December 28, 2000,
p. 82471.
---------------------------------------------------------------------------
In response to public comments requesting additional privacy
protection for HIV/AIDS information, HHS again explained that it was
taking a minimalist approach:
Where, as in this case, most states have acted and there is no
predominant rule that emerges from the state experience with this
issue, we have decided to let state law predominate. The final rule
only provides a floor of protection for health information and does not
preempt state laws that provide greater protection than the rule. Where
states have decided to treat certain information as more sensitive than
other information, we do not preempt those laws.\16\
---------------------------------------------------------------------------
\16\ Preamble, Standards for Privacy of Individually Identifiable
Health Information; Final Rule, 65 Fed. Reg. at 82731.
---------------------------------------------------------------------------
One and half years later, HHS responded to consumer concerns about
the elimination of the requirement that covered entities obtain
patient's consent to use or disclose identifiable health information
for treatment, payment, and health care operations, by reassuring them
that state privacy protections would remain in place. HHS stated:
The Privacy Rule provides a floor of privacy protection. State laws
that are more stringent remain in force. In order to not interfere with
such laws and ethical standards, this Rule permits covered entities to
obtain consent. Nor is the Privacy Rule intended to serve as a ``best
practice'' standard.\17\
---------------------------------------------------------------------------
\17\ Preamble, Standards for Privacy of Individually Identifiable
Health Information; Final Rule (as Modified) 67 Fed. Reg.53192, August
14, 2002, p.53212.
---------------------------------------------------------------------------
In short, from beginning to end the Privacy Rule has been built on
the understanding that it would serve as a minimal floor of protection
and that state laws affording higher protections would be preserved.
As a result, many state laws remain in effect. Some of these state
laws afford a higher degree of protection to sensitive medical
information, such as information related to genetic testing, HIV or
mental health. States continue to afford their citizens the right to
sue for improper disclosures of their privacy or to obtain their
medical records.
Many in the health care industry would eliminate these higher state
health privacy protections in the interest of having more uniformity.
The Privacy Rule has set minimal standards in every state. It has
effectively created privacy standards in states where few existed and
raised standards in those with few protections. By establishing a
federal floor of health privacy protections, HIPAA has already
substantially evened the playing field. (See App. Fig. 2). Moreover, in
response to the HIPAA Privacy Rule, many states have taken the
initiative to re-examine their own health privacy laws. As a result,
some states have amended their privacy laws, where appropriate, so that
they are more closely aligned with the HIPAA standards. In practice,
this voluntary action has also produced more uniformity.Preempting all
state health privacy protections in the interest of producing yet more
uniformity would have serious and wide spread ramifications. As
discussed above, the HPAA standards are meant to be minimum standards.
They were never intended to serve as the sole standard for protecting
identifiable health information. Eliminating state law and relying on
the HIPAA Privacy Rule would effectively lower the privacy protections
in place for some of the most vulnerable health care consumers (such as
mental health patients and those with HIV). (See App. Fig. 3) In many
states, it would overturn hard-fought compromises over some of the very
issues on which Congress has not been able to reach consensus. Such an
approach would eradicate over 40 years of state common law giving
consumers the right to sue for the improper disclosure of medical
records. Given the variety of state laws that are designed to protect
the privacy of health information it is difficult to predict the full
range of consequences of such an approach. It is clear, however, that
preempting state health privacy protections would seriously undermine
states' traditional ability to protect the health and welfare of their
citizens.
IV. Conclusion
As we continue to move toward the electronic exchange of health
information and the creation of a national health information
infrastructure it is crucial that the privacy of health information not
be compromised in the interest of expediency. Federal privacy
protections for health information should be expanded to ensure that
standards for using and disclosing health information are in place for
everyone who receives or creates identifiable health information.
Federal law also should ensure that those who improperly obtain use and
disclose health information are subject to civil and criminal
penalties.
State laws that set higher standards for protecting the privacy of
health information should remain in place. The HIPAA Privacy Rule is
simply not adequate.
Uniformity--At What Cost?
Health Privacy Protections Before HIPAA (Fig. 1)
[GRAPHIC] [TIFF OMITTED] T6387A.001
Healh Privacy Protections After HIPAA (Fig. 2)
[GRAPHIC] [TIFF OMITTED] T6387A.002
Health Privacy Protections--State Law Preempted by HIPAA (Fig. 3)
[GRAPHIC] [TIFF OMITTED] T6387A.003
Chairman JOHNSON. Thank you, Ms. Pritts. Ms. Grealy?
STATEMENT OF MARY R. GREALY, PRESIDENT,
HEALTHCARE LEADERSHIP COUNCIL
Ms. GREALY. Thank you, Chairman Johnson, Congressman,
Stark, and distinguished members of the Subcommittee. On behalf
of the members of the Healthcare Leadership Council, I would
like to thank you for this opportunity to testify today. We are
pleased to share with you some specific recommendations
regarding ways in which Congressional action can clear the way
for greater progress in the adoption of health IT. Madam
Chairman, there are at least two things that we know with
certainty on this issue, one good and one is a matter of
concern. We know that the promise of health IT is enormous.
With widespread use of new technology, we can deliver health
care with greater efficiency, bring about tremendous advances
in patient safety, and literally transform our health care
system to better utilize the wealth of knowledge and ideas that
are possessed by health professionals throughout the country.
We also know that there are obstacles that must be overcome
before we can move forward. On that subject, I would like to
turn specifically to the issue of privacy. Now, there is a
misconception that the HIPAA privacy rules may not adequately
protect the confidentiality and security of electronic medical
information transmitted across a national health care network.
We think that these concerns are not well founded.
The HIPAA privacy and security rules were created
specifically to protect electronic transfers of financial and
administrative information. Significant civil and criminal
penalties exist for improper disclosure. These strong
safeguards also exist for clinical records. What is troubling,
though, is the fact that the HIPAA privacy rule as it exists
today does not always supercede State laws and regulations,
and, in fact, it permits significant variations in the ways in
which States can regulate medical privacy matters. As a result,
providers, clearinghouses, and health plans are required not
only to comply with the Federal law, but they also must comply
with State privacy restrictions that are more stringent than
the HIPAA rule. This will make the creation of an effective
health information network, one that crosses that State
boundaries, virtually impossible, and I think we heard that
from Dr. Brailer this morning. Let us paint a very realistic
scenario. A health care provider wants to acquire and implement
a new health IT system that will allow them to be part of an
interstate information network. This health provider knows that
privacy protections vary widely State to State and are found in
literally thousands of statutes, regulations, common law
principles, and advisories.
So, our hypothetical health care provider must, number one,
find and identify every possible privacy-related rule, statute,
law, and ordinance. Number two, they must obtain legal opinions
as to whether the State laws are contrary to HIPAA and whether
the contrary rules are more stringent. Number three, they must
figure out how to comply with either the Federal rule, the
State rule, or in some cases, both simultaneously. Then they
must build their computer systems in a manner that ensures
compliance, realizing that these laws can change even before
the system is finalized. I have provided the Committee with a
much more detailed nine-step process for determining this
compliance for just one State. It will be much more complex
when dealing with all 50 States. At the HLC, we understand the
challenge that HIPAA-covered entities face because we took the
initiative to commission a multi-jurisdictional study of State
privacy laws and regulations to help with compliance. It is a
study that initially cost more than $1 million and must
continuously be updated, at considerable cost, to reflect any
newly-enacted State privacy rules and regulations. Now, once
the National Health Information Network is in place, systems
will have to be constantly retooled, staffs continually
retrained for these variations among the States. A network that
is constrained by myriad State requirements on, for example,
prior consent to use health care records for treatment, will
operate at only a fraction of the speed and efficiency
necessary to improve patient outcomes. Much of the promise of
this new technology will be lost as a result.
So, what is the answer? Madam Chairman, the current
patchwork of applicable State and Federal privacy laws will be
a severe disincentive for stakeholders who would otherwise be
enthusiastic about participating in a national Health
Information Network. Our solution is both clear cut and
essential. Congress must enact Federal preemption provisions
that will establish a unified national privacy standard. A
uniform patient privacy framework is critical to the viability
and interoperability of National Health Information Network. We
stand on the verge of doing something extraordinary for
patients, for health care consumers, and for our entire health
care system. We urge Congress to take the final steps necessary
to make the promise of health IT a reality. The members of the
Healthcare Leadership Council, many of whom were the earliest
adopters of electronic medical records and pioneers of this
technology, look forward to working with you and the Committee
on this shared vision. Thank you.
[The prepared statement of Ms. Grealy follows:]
Statement of Mary R. Grealy, President, Healthcare Leadership Council
Chairman Johnson and Members of the Subcommittee, I want to thank
you on behalf of the members of the Healthcare Leadership Council (HLC)
for the opportunity to testify on the adoption of health information
technology (HIT) and areas where Congressional involvement can further
these efforts.
The Healthcare Leadership Council supports the efforts of the
President, the Office of the National Coordinator for Health
Information Technology (ONCHIT), and the Congress, to create a national
health information infrastructure. We believe that legislation should
especially focus on areas where Congress and the President must act to
facilitate successful implementation of HIT. We believe that one such
area is harmonization of state laws regarding the confidentiality of
individually identifiable patient information.
Any regional or national system designed to facilitate the sharing
of electronic health information must adequately protect the
confidentiality of patient information. Efforts to establish a National
Health Information Network or NHIN must take into account the privacy
and security challenges associated with exchanging patient information
among health care providers, consumers, payers and other authorized
entities. Addressing these issues appropriately will be essential to
achieving the interoperability necessary to improve the quality and
cost effectiveness of the health care system--while still assuring
patients' confidence that their information will be kept private.
Confidentiality of patient medical information is governed by the
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
statute and the privacy regulation promulgated thereunder (the Privacy
Rule). Although HIPAA establishes a federal privacy standard, it
permits significant state variations that will create serious
impediments to ``interoperability'' of clinical information,
particularly when information is sent across state lines. The patchwork
of applicable state and federal laws will likely be a significant
disincentive to participation in a national health information network
for virtually all stakeholders. We believe Congressional action to
establish a uniform federal privacy standard will help to ensure the
viability of a national health information network. This is an
important step that Congress can take to facilitate progress toward
interoperability.
Before I discuss the importance of these actions, let me first
explain the perspective that HLC brings to the issue. HLC is a not-for-
profit membership organization comprised of chief executives of the
nation's leading health care companies and organizations. Fostering
innovation and constantly improving the affordability and quality of
American health care are the goals uniting HLC members. Members of
HLC--hospitals, health plans, pharmaceutical companies, medical device
manufacturers, biotech firms, health product distributors, pharmacies
and academic medical centers--envision a quality driven system built
upon the strengths of the private sector. Several HLC member
organizations have been among the earliest adopters and pioneers of
health information technology. We believe HIT has the power to
transform our health care system and provide increased efficiencies in
delivering health care; contribute to greater patient safety and better
patient care; and achieve clinical and business process improvements.
Since 1996, HLC has led the Confidentiality Coalition, a broad-
based group of organizations who support workable national uniform
privacy standards. The Confidentiality Coalition includes over 100
physician specialty and subspecialty groups, nurses, pharmacists,
employers, hospitals, nursing homes, biotechnology researchers, health
plans, pharmaceutical benefit management and pharmaceutical companies.
During Congressional consideration and subsequent regulatory
development of the HIPAA Privacy Rule, the Confidentiality Coalition
played a leadership role, working with members of Congress and the
administration to advocate for a workable privacy rule. We sought a
rule that would strike the appropriate balance between protecting the
sanctity of a patient's medical information privacy while, at the same
time, ensuring that necessary information is available for providing
quality health care and conducting vital medical research. We believe
that the Privacy Rule largely achieved this balance and has increased
consumers' confidence about the privacy of their medical records while
allowing providers and payers to establish the procedures necessary to
accomplish the dual goals of privacy protection and the delivery of
quality health care.
Under the Privacy Rule, disclosing individually identifiable health
information for purposes other than carefully defined appropriate
health care activities is prohibited unless the patient grants
specific, prior written authorization. For example, among others,
information cannot be disclosed to employers, the media, or neighbors.
It is important to note that HIPAA has strong penalties for non-
compliance. The Department of Health and Human Services (HHS) may
impose civil monetary penalties on health plans, providers or
clearinghouses of up to $250,000 for failure to comply with a Privacy
Rule requirement. HIPAA also has criminal penalties. Persons who
knowingly obtain or disclose individually identifiable health
information in violation of HIPAA face a fine of $50,000 and up to one
year of imprisonment. Criminal penalties increase to $100,000 and up to
five years imprisonment if the wrongful conduct involves false
pretenses. Penalties for wrongful conduct that involve the intent to
sell, transfer, or use individually identifiable health information for
commercial advantage, personal gain or malicious harm increase to
$250,000 and up to ten years imprisonment. Criminal sanctions are
enforceable by the Department of Justice--and there has already been
one criminal conviction under the rule. Thus if you use a patient's
record, without permission, for reasons other than legitimate health
care operations, you could be sanctioned with severe federal civil and
criminal penalties.
As Congress and the Administration have considered the issues
relating to the facilitation of a national health information network,
questions about the privacy and security of electronic medical
information have arisen. A common misperception is that the HIPAA rules
may not adequately protect the confidentiality and security of
electronic medical information in the context of an NHIN. It is
important to remember that the HIPAA privacy and security rules were
adopted to provide appropriate safeguards for the electronic exchange
of financial and administrative information, and the regulation
expanded this to also include paper records. The electronic exchange of
clinical information is no different.
Thus, HLC and the Confidentiality Coalition believe that the
existing HIPAA Privacy Rule provides strong privacy protections--
effective to address the privacy and security challenges associated
with exchanging patient information among health care providers,
consumers, payers and other authorized entities in the context of a
NHIN.
However, we are troubled by the fact that the HIPAA Privacy Rule's
preemption standard permits significant state variation. In general,
HIPAA supersedes contrary provisions of state law. For example, the
HIPAA standards for the electronic exchange of financial and
administrative information, such as health insurance claims, preempt
state laws that require billing records to be maintained or transmitted
in written rather than electronic form. Congress, however, set a
different preemption standard for privacy protections under HIPAA. The
Privacy Rule does not supersede contrary state laws that are more
stringent than the federal standard. As a result, providers,
clearinghouses and health plans are required to comply with the federal
law as well as any state privacy restrictions that are more stringent.
In the context of HIPAA implementation this has been extremely
difficult. In the context of a NHIN it is potentially impossible.
State health privacy protections vary widely and are found in
thousands of statutes, regulations, common law principles and
advisories. Health information privacy protections can be found in a
state's health code as well as its laws and regulations governing
criminal procedure, social welfare, domestic relations, evidence,
public health, revenue and taxation, human resources, consumer affairs,
probate and many others. The rules typically apply either to specific
entities--such as hospitals or county health departments--or to
specific health conditions, and no two states are the same in this
regard. Virtually no state requirement is identical to the federal
rule.
Thus HIPAA covered entities, such as hospitals, physicians and
health plans, must find every possible state rule, statute, law,
ordinance, etc. concerning every aspect of privacy, obtain a legal
opinion as to whether or not the law, regulation or ordinance is
contrary to the HIPAA privacy rule, and then determine if the contrary
state rule is more stringent than the federal rule. Once this analysis
is complete, covered entities must then determine how to comply. Within
one state, there may be cases where the federal law applies and in
others where both federal and state law applies. At that point, covered
entities must build their information technology systems to implement
the legal interpretation and hope that there isn't a change in law
before the systems are up and running. But since nothing prevents
additional state privacy rules and regulations from being enacted, it
would take constant monitoring of state action, retooling of systems
and retraining of staff.
HLC attempted to assist covered entities in this process by
commissioning a multi-jurisdiction study of state privacy laws, case
law and regulations that analyzes the relationship between the federal
Privacy Rule and state laws. The study is formatted as a website where
authorized users can search state laws on a particular subject and
determine whether or not they must comply with the state law, the HIPAA
Privacy Rule, or both. The study initially cost more than $1 million
and costs $100,000 to update annually. The Department of Health and
Human Services made it clear when issuing the Privacy Rule that it
would not provide this analysis and that covered entities must
determine whether federal or federal and state law applies.
The issues associated with privacy compliance are greatly magnified
in the context of a NHIN. The creation of a successful NHIN will
require a national system of interoperable systems that can exchange
health information. Making information available through or to a NHIN
conceivably could require entities to comply with a range of different
state laws each time they disclose information in the context of a
federated system.
Some proposals attempt to address the patchwork of state privacy
laws and regulations by suggesting that states should work together
regionally to develop privacy agreements or harmonize state
requirements. This would require states to review their own laws,
regulations and ordinances, reach consensus with the other states on
uniform rules, get the agreement enacted within each state without
modification and ensure that existing rules are preempted. However,
unless all 50 states agree to the same rules, this will not be adequate
to address the problem of conflicting state regulation relative to
interoperability of HIT nationwide.
My testimony includes, as an attachment, a map developed by the
Indiana Network for Patient Care. Each dot represents a patient seen at
an Indianapolis hospital during a six month period. While the dots are
stacked very deep around Indianapolis as you would expect, patients
served by the Indiana health providers during this period were also
located in 48 of the 50 states. Looking at this map it is easy to see
why regional agreements will not be adequate to address the myriad
regulations with which providers and others will need to comply to
achieve ``interoperability.''
One of the most common areas for states to legislate regarding
privacy is that of patient consent and authorization for uses of their
medical information. There are prolific and varying state requirements
regarding who may access patient information, for what reason, and with
what type of notice and consent to patients. During promulgation of the
HIPAA Privacy Rule, the issue of requiring providers and payers to
obtain the prior written consent of patients before using their
information was examined and debated at great length. The final rule as
modified allows covered entities to use patients' medical information
without prior authorization for medical treatment, claims payment or
health care operations, or as otherwise permitted or required by the
Privacy Rule \1\ For any other uses, providers must obtain a written
authorization from each patient.
---------------------------------------------------------------------------
\1\ Under the Privacy Rule a covered entity is permitted to use and
disclose protected health information without authorization for the
following purposes or situations: 1) to the individual; 2) for
treatment, payment and health care operations; 3) for uses and
disclosures with an opportunity to agree or object; 4) for uses and
disclosures that occur incident to an otherwise permitted use or
disclosure; 5) for public interest and benefit activities; and 6) of a
limited data set for purposes of research, public health or health care
operations.
---------------------------------------------------------------------------
Requiring providers and payers to obtain prior consent for
treatment, payment and health care operations was rejected because of
concerns that a prior authorization requirement would seriously delay
and disrupt the care of patients, particularly the most vulnerable
elderly and sick patients. For example, elderly patients would not be
able to send a family designee to a pharmacy to pick up a prescription
without first going to the pharmacy to sign consent forms; pharmacies
would not be able to fill prescriptions for patients phoned in by
physicians; and emergency medical personnel would be forced to get
consent forms signed before treating patients--even when contrary to
best medical practice. These concerns were not simply theoretical.
Maine passed a law requiring prior consent for health care purposes,
the law was suspended just 12 days after taking effect because of the
chaos that ensued in hospitals and pharmacies.
One of the primary goals of a national health information network
is to improve the quality of health care by giving providers the
information they need quickly. A NHIN that is constrained by various
state authorization or consent requirements will provide only a
fraction of the speed and efficiency necessary to improve patient
outcomes. These unnecessary requirements are extremely burdensome for
providers, impeding their ability to provide timely and efficient
medical services. Even worse, they offer little value to patients.
Varying notice provisions which force covered entities to provide
notice to patients in triplicate are simply not helpful to patients who
are more likely to be overwhelmed by the paperwork these requirements
necessitate. It would be much better for patients if they, providers
and payers could rely on a uniform standard based on the principles of
the HIPAA Privacy Rule--that information can be used and disclosed only
by authorized persons in order to provide and pay for medical care--and
that information will be kept confidential.
As a NHIN becomes a reality, we fear that states may also begin to
legislate the degree to which patients can control their own electronic
health record--deciding who can access what information for which
reasons. Especially in emergency situations, where treatment is a
matter of life and death, electronic health records can be a life-
saving tool for clinicians. However, if electronic records are to be
utilized as a part of care delivery, patients simply must not be able
to selectively provide information that may be relevant for treatment
purposes. Should this occur, providers would be unable to rely on the
NHIN as a tool for diagnosis and treatment as it may or may not include
the facts necessary for the delivery of quality medical care. In
addition, providers are very concerned about the liability that might
result from their reliance on incomplete information.
In conclusion, I reiterate the belief that the current patchwork of
applicable state and federal laws is a significant disincentive to
participation in a national health information network for virtually
all stakeholders. Indeed, already HLC members working with emerging
state consortia are reporting difficulty in navigating the variations
in state privacy laws among bordering states.
We believe that it will be extremely difficult to achieve
interoperability without a more uniform framework for the protection of
patient privacy. Absent such a framework, the barriers to using health
information technology to improve the quality and efficiency of health
care will be substantial and covered entities will be discouraged from
participating. Federal preemption provisions that establish a unified
national standard are essential to the viability of a NHIN. We believe
the HIPAA Privacy Rules should be the national standard and should
supersede state laws. Covered entities already have established HIPAA
compliance programs, appointed privacy officers and implemented
extensive staff training. But more importantly, we believe that HIPAA
provides the privacy and confidentiality protections demanded by
consumers and can set a high, uniform standard for health information
practices across all states.
The Healthcare Leadership Council appreciates the opportunity to
testify on the protection of patient privacy and the development of
health care information technology. We look forward to working with the
Subcommittee in pursuit of these goals. Any questions about my
testimony or these issues can be addressed to me or to Ms. Theresa
Doyle, Senior Vice President for Policy, Healthcare Leadership Council
(telephone 202-452-8700, e-mail [email protected]).
Chairman JOHNSON. Thank you very much. I would like to
throw out a question to the whole panel. We have had two very
different opinions about the adequacy of HIPAA even as a
national minimum and the role of the State laws. It is hard for
me to see how you have a nationally operable system with the
extent of variation caused by not just State laws, but all
these regulations and subsections of State action. So, this is
a very big issue. I hope that some of the studies that both HHS
is commissioning now and that I am interested in seeing will
begin to focus on what are the little differences that could be
easily adjusted and what are the big differences. I would like
those of you who face this in everyday life to give us examples
of the problems and maybe comment on Ms. Pritts's testimony
that too many are left out, that the standards are too minimum,
versus Ms. Grealy's testimony that the laws are really quite
adequate, but we can't tolerate the degree of variation if we
are going to have an interoperable national information system.
We will just start down the line.
Dr. DETMER. Thank you. An excellent question, obviously. I
agree with you. I think that studies underway are quite
important, and I do think there are some place where we will
find corrections and some things that need to be done. I think
at the end of the day, I think part of what the study has to
look at are the real tensions between some of these
transformational gains and safety, quality, and so forth
against some of the tensions that come where you need access to
information, but at the same time, you also want to have
privacy, and I think those are real tensions and at some point,
I think we are going to have to have real basement-to-ceiling
standards for an NIHH to work. A patient who works in the
District, lives in Virginia, gets their care in Maryland or
something like that may have a provider, excuse me, an insurer
in any one of those three locations. You just can't have
interoperability, I think, at the end of the day, without it. I
think it is going to take, frankly, some will and leadership at
that point and I think we will have to face this. As I say, I
think the studies are important. I think there are some things
that will need to be done. But ultimately, I think we are going
to have to deal with this.
Chairman JOHNSON. Thank you. Ms. Kloss?
Ms. KLOSS. I would agree that we will learn from the
studies, perhaps, that some of the States have found additional
protections that should be added to the current floor we have.
I would also suggest that it is incumbent on us in the design
of the National Health Information Network to do all we can to
use best practices, new best practices and new technologies
that, again, weren't necessarily conceived of or available at
the time that the HIPAA regulations were crafted.
Chairman JOHNSON. You may in your comments want to
differentiate as to Dr. Brailer, between this issue of
transaction standards and privacy standards as the public
thinks about them. Dr. Weiss?
Dr. WEISS. Thank you. I will answer it in two ways. First,
as a solo private practitioner, it is hard for an individual in
an office to understand everything that is going on around
them. They want to have an interaction with the patient and
take care of that patient and move on. They are less concerned
about national standards, just because of the practicality of
the thing. As a hospital system, we obviously obey all the
regulations, but it becomes confusing and expensive to have
multiple regulations, and even more importantly, as we think
about globalization--we are worrying now about State versus
Federal--we send our night radiology reading to Australia right
now. We send some of our dictation--some of our practitioners
in our town send our dictation abroad, so that the real
standards are not--we are quibbling over something in our
country and not realizing that we are a global network, so that
really, we need international common standards so that we can
share the--and any of the work that is fungible around the
world, which will make things more economical for everyone.
There aren't ten best ways of doing anything, so to have 50
different ways, be it 50 different States, of doing something
is just inane and expensive. So, we really need to do this. We
do need this interoperability. Trying to get that perfect to
interfere with good will always slow us down. No legislation,
with all due respect to all legislation, can be absolutely
perfect, so that there will always be exceptions. It is just a
question of doing what is best for the common good and
sacrificing a little bit of individual freedom, although it is
not comfortable, just to make this a viable system.
Ms. PRITTS. Do you want me to wait until last?
Chairman JOHNSON. Ms. Pritts?
Ms. PRITTS. Should I wait until last?
Chairman JOHNSON. All right, fine. Ms. Grealy?
Ms. GREALY. I think the point here is that HIPAA provides
us a framework. I think the comments about the studies that
will be underway to really look at all 50 States, the key here
is that we need to find a single national uniform standard that
is a workable privacy rule. So, I think the studies underway
are something that will be very valuable, but at the end of the
day, we think HIPAA provides a framework. A lot of work has
gone into compliance with the current HIPAA standards. Entities
have installed privacy officers. They have done staff training.
So, we think it does provide us a reasonable framework, but the
studies will provide valuable information, as well. The key at
the end of the day, as Dr. Brailer said, is reducing the
variability, reducing the complexity, and allowing us to use
our resources for direct patient care as opposed to trying to
comply with this myriad of regulations and making these health
IT systems much more expensive than they need to be.
Chairman JOHNSON. Ms. Pritts?
Ms. PRITTS. Well, there are a number of issues that were
raised here that I would like to address. First, I would like
to say that there are a lot of providers out there who are
dealing with this multi-State issue right now and who are doing
it successfully, and I would hope that as these studies are
being taken place, that they are consulted and their best
practices are taken into account, because obviously, there are
some ways that people who have embraced this, the privacy rule,
and have looked forward with it have been able to function
quite well underneath it. I also think that it is really
important while we are looking at this issue to understand how
we got to where we are today, which is that we have been unable
for the last 25 years to reach significant privacy standards in
Federal--comprehensive Federal privacy standards in Federal
legislation. What has happened is we have a core group of
people and organizations, covered entities, who are covered by
HIPAA, but there is this whole other range that is still--and
nobody addressed this--that there are lots of people in the
National Health Information Infrastructure who won't be
covered.
It is a very--I think it is a very difficult issue when you
talk about wholly preempting State law. I understand the need
to be able to exchange health information, but when you are
talking about health privacy laws at the State level, you know,
States have been in this business for much longer than the
Federal Government has. I mean, traditionally, health, welfare,
those are the issues that the States--of their citizens States
have been legislating, and they have these laws in every nook
and cranny in their codes and regulations and there are very,
potentially, severe consequences of preemption of these laws.
So, those consequences must be thought of before any action of
that kind could even be really seriously considered. We are not
looking for perfect here, but we are looking for protections of
individuals. The gentleman, Dr. Weiss, said, well, sometimes
the good, the common good requires the sacrifice of individual
freedoms. The problem is, in our country, it is the individual
who is going to bear the burden of--the cost of this in a
very--it is not just freedom, it is in a very direct result.
Our health care system is funded primarily through employers.
People are afraid that if their health information gets out,
somebody in their family has some expensive medical condition,
they won't get a job. If they don't get a job, they don't get
insurance. So, it is all interconnected. It all has to be
considered within a context.
Chairman JOHNSON. I think the goal, really, of this
discussion at this point in the development of further
legislation to guide the development of a national
infrastructure is to begin to be sure that we do those studies
and we look more carefully at what are the serious differences,
what are the non-serious differences, and where do we really
have to preempt, because it is--and whether we have to preempt.
I mean, it may be that all the States are doing things that we
are not doing and they get folded into the national standard.
So, this isn't, do we preempt with the existing standards. This
is, what do we do about the problem? So, I hope you will be
involved in some of those studies. It will be a multi-year
process, but it is serious enough that to think that the
tensions in the future between privacy and portability may not
have to be resolved differently, I think is to kind of ignore
the dynamic that has taken place in other parts of the economy.
On the other hand, we also don't know how much the capability
to protect privacy is going to be developed in the technology
and it will have a lot to do with our ability in fraud and
abuse, too. I have taken my time and I am going to turn to Mr.
Stark.
Mr. STARK. Thank you, Madam Chair. I want to thank Ms.
Pritts for, as near as I can tell, the only witness there that
has concern for patients and consumers. The pharmaceutical
industry is well represented and the interests of physicians
are well represented, but somehow, it seems to me that somebody
ought to think a little bit more about what those of us who are
patients care about our privacy. Some States do a better job.
Some States would have tougher requirements for a variety of
reasons that we might not be able to pass at the Federal level.
It happens in automobile emissions standards. We are much
tougher in California than they are in North Dakota. So, if we
took North Dakota's emissions standards, you wouldn't be able
to see for the smog in big cities. I think the same thing could
very well be true in various States and the standards that
would be accepted. Dr. Detmer, you did or do represent this
vital health statistics national Committee. You have worked
with them. They have a common set of data elements. They have
developed a common set of data elements for patient records,
have they not?
Dr. DETMER. No, not really----
Mr. STARK. They haven't?
Dr. DETMER. Not truly, no.
Mr. STARK. Okay. So, they haven't developed it?
Dr. DETMER. Well, they work on this because they are
mandated to work on it from the HIPAA legislation, but it is
not like that has comprehensively been completed.
Mr. STARK. Okay. Do you think that there is a kind of a
minimum set of data, like height, weight, blood pressure, that
doctors could all agree on that would be sort of a minimal set
of statistics that they could collect? Do you think we are----
Dr. DETMER. You know, this is actually one of those very
frequently debated points. Do we go toward a, if you will,
minimum data set, or do we go toward an infrastructure that
really tries to capture all of the things that go on.
Mr. STARK. But you have got to start with the minimum,
right?
Dr. DETMER. I have to admit, I guess I tend to be in the
population that say, look, I think that health care today
really must have the complexities covered, too, because
candidly, I practiced 25 years as a vascular surgeon. The kinds
of data I typically needed to respond to a patient's personal
needs wouldn't necessarily come up in a general practice kind
of environment.
Mr. STARK. I have got your thing here on standardization--
personal identifier, date of birth, gender, race or ethnicity,
residence. I mean, you guys have agreed on that, right?
Dr. DETMER. Oh, yes. There is a set of--there are a set of
data, yes.
Mr. STARK. That is what I am trying to get.
Dr. DETMER. I am sorry. Sure.
Mr. STARK. Okay. So, you guys are all in accord, and you
suspect that the medical profession would generally say those
are okay? They may want more, but----
Dr. DETMER. Yes. I think the question is how the process
works. If there are----
Mr. STARK. No, I don't want to know about the process. I
just want to know where we are. There are 49 line items here
that you guys have agreed on, so that is a start.
Dr. DETMER. Correct. It is a good start, I would say.
Mr. STARK. Now, the question of interoperability and
privacy, I would submit to you, either you or Dr. Weiss
mentioned credit cards and banking, a subject about which, if
my memory would serve me better, I know a good bit. It is quite
possible that the--well, the interoperability of the credit
card industry and checking accounts is a direct function of
Federal mandates, okay. The Federal Reserve basically set the
standard for clearing, without which I could not go into any
airport in the world and have the ATM say, you are a bum, you
don't have any money and we ain't giving you any more. They
know that about me before I get off the plane. The privacy and
security requirements in Shannon or Heathrow or San Francisco
or Dulles are all different. Yet we are able to operate with an
exchange of information. Our privacy standards for financial
information are ten times tougher in California than they are
in the District of Columbia. If my bank were to give out
information even to their subsidiary and solicit me for
insurance in California, they would be in deep trouble. Not so
in many other areas. So, I guess what I am suggesting is a
couple of things, and I would like your comments, Dr. Weiss, if
the chair will indulge me with the red light a little longer.
One, that we are not going to start or have interoperability
until some one entity that can monitor and enforce it says,
this will be the standard. Dr. Weiss, you are going to have to
do it in Florida, right?
Dr. WEISS. Yes.
Mr. STARK. Dr. Detmer, wherever you practice. You guys are
going to have to do it the same way. Now, you can add bells and
whistles. I would use the case--let us just try it. Dr. Detmer,
Dr. Weiss, do either of you use, what is that thing, the
bookkeeping thing, Quicken? Do you use Quicken?
Dr. WEISS. Yes.
Dr. DETMER. I know what you are talking about.
Mr. STARK. Do you use Quicken?
Dr. DETMER. No, but----
Dr. WEISS. I use Microsoft Money, but it is the same thing.
Mr. STARK. Okay, the same thing. Now, you could hook up to
your bank or Schwab or some--if you want, and they could import
your credit card information into Microsoft Money each month,
or you don't have to do it. You could balance your checkbook by
hand. Your bank has a different set of security--you have got
to have a password--than Microsoft Money. I guess what I am
saying is that, yes, we could accommodate more sophisticated
systems, and I would submit that Dr. Weiss's practice for each
individual physician entering information on his or her laptop
or whatever input device isn't any different than the thousands
of Kaiser physicians in my district. They have got a bigger
system someplace. But at the point of the physician entry, it
doesn't make any difference. I guess, if I could get to the
point, why shouldn't we, Dr. Detmer and Dr. Weiss, have CMS,
for example, say you have got to start with this minimum amount
of information and this type of electronic reporting or we will
pay you less for Medicare and Medicaid, and then at least we
would get started. Does that----
Dr. WEISS. I agree. My fourth option is that as the
government and the other payers--you have the commercial payers
that pay one or 2 percent more for physicians who are using an
IT system that has a minimal set of standards. Those physicians
who decide to stick with paper rather than technology----
Mr. STARK. Get less.
Dr. WEISS. Will get one or 2 percent less.
Mr. STARK. Could you live with that, Doctor?
Dr. DETMER. Yes. I think if you make it revenue neutral,
then you have dealt with it, too. I mean, I don't think you are
necessarily talking about new money.
Mr. STARK. Well, we will--your colleagues----
Chairman JOHNSON. We have to wrap up pretty quickly, so let
us add anything in.
Mr. STARK. Thank you.
Chairman JOHNSON. I thought the issue that Mr. Stark raised
about global, basically, variation versus a core of
standardization is a good one, and if any one of you want to
comment on that. In our pay for performance bill that we are
going to introduce tomorrow, we do have variable payment
structures for just that reason.
Dr. DETMER. No, I agree. It is good. I think that is good.
I guess the comment I would make is it comes back to the
clinical standards issue. I do think the government needs to
invest enough to really make sure that this process is done and
kept up and maintained and so forth, and I think the idea that
you think you can just sort of do it and then not maintain it
is just not going to work.
Chairman JOHNSON. Right. I agree.
Mr. STARK. Somebody has got to start it.
Chairman JOHNSON. Yes.
Ms. KLOSS. I would also follow on to our earlier discussion
on certification of EHRs. The approach being taken is to set
forth some fundamental standards for functionality, security,
interoperability, and to go from there so that at least we know
that all EHRs meet that basic set of standards. So, I think
that is a sensible way to proceed.
Chairman JOHNSON. Mr. Hulshof?
Mr. HULSHOF. Thank you, Madam Chairman. I will try to be
brief. Just a couple of quick comments. A lot of discussion
about HIPAA, which the standards were intended to be a minimum
privacy standard and yet sometimes, as is the case, at least in
my experience, has been that State laws are not necessarily
more stringent. It is just that they are different and,
therefore, you have entities having to comply with two
completely different sets of standards and one may not be more
rigorous than the other. So, that is one comment I would make.
Let me commend everyone for the written testimony. There is
some great stuff, and I know when you are trying to pare it
down into a five-minute presentation, a lot of good things get
missed, and I would just commend everybody to take all of your
written testimony. I wanted to emphasize a point, Ms. Pritts,
you made in yours, that you cite in your written testimony a
number of instances in which medical information was sold.
Isn't that already prohibited under HIPAA?
Ms. PRITTS. Well, it is prohibited under HIPAA, but what
has recently happened is the Department of Justice issued
guidance to HHS saying that the criminal provisions of HIPAA do
not apply to most employees, even of covered entities. So, if
you had--the example in my testimony says, if you had a
hospital and the hospital will have policies in place saying
you may not sell patient information, that the hospital is not
going to be prosecuted under HIPAA, and rightfully so, because
it is not the one selling the information improperly. The
employee who is improperly taking patient information and
selling it is not going to be prosecuted under HIPAA because
the Department of Justice has announced they are not covered by
HIPAA.
Mr. HULSHOF. Let me emphasize another point that Dr. Weiss
made, because again, in your testimony, you talk about privacy.
We have been talking a lot about privacy of medical records.
But again, Dr. Weiss, thank you for just reminding us that,
really, the electronic environment, though not perfect, as you
write on page five of your testimony, is better and safer than
the paper environment. Right now, anyone in the hospital can
pick up a medical chart, browse through it anonymously, whereas
on electronic records, you have access--if you have access, you
can then call up and see who exactly accessed your information
based on privacy. So, again, thanks for those real world
examples. Now, Dr. Weiss, in the remaining time I have got, let
me ask you this. Can you describe how an exception to the
physician self-referral laws and the anti-kickback statute
would actually increase adoption, or would it increase adoption
of health IT among your physicians, because here is the concern
that we have heard from some. Some would argue that maybe a
safe harbor like this would create a situation in which
hospitals would compete for physicians based on IT spending, or
they might create these captive referral systems between
physicians in certain hospitals. So, can you respond to that
generally, and I will yield you the remaining balance of my
time.
Dr. WEISS. Thank you. I will start with a real story that
is happening as we speak, where we have 525 physicians on
staff. We have a group of 55 physicians in town who are
wonderful. We have another group of 40 physicians who focus on
an indigent care market. About 18 months ago, these other two
small groups were out to buy an IT system. I spent a
significant amount of time and energy, as did they, to see if
we could get interoperability among the systems. I was
advocating that they use the hospital system, which is relative
mature. We are not quite a paper-free environment, but we are
heading that direction. During that period of time, these two
physician groups had three concerns that actually never
happened. They ended up buying two excellent systems, but not
the same system the hospital has right now, so basically we all
have romance languages but we are not speaking to each other.
We are doing French, they are doing Italian and Portuguese or
whatever. So, we sort of understand, but at the end of the day,
we have got to print everything, carry it to and from.
They can read our system anywhere that they have high-speed
Internet connection, but they can't get from their system to
our system, and so if a patient gets a lab result earlier in
the day in his or her doctor's office and gets admitted to the
hospital later in the day, we will repeat the blood test
because it is too hard to get the results. Now, what actually
happens and gets to the regulation question, we looked at the
new Stark laws. As a private practitioner, I understand the
temptation of self-referral and self-inducement and I applaud
those rules. That really does make a difference. There are a
small minority of physicians who take advantage of patients
economically and do self-referral and the law has been a great
law. The actual practicality of it is, when we thought about
trying to help physicians, of our 525 physicians, 200 admit
patients commonly in the hospital. That leaves 325 whom we
would have to pay for computers for their offices who really
aren't associated. There are another 300 physicians in the
community who don't use our hospital, so that we don't have the
money--we have about a three percent profit margin, we are a
not-for-profit community-based hospital and we are doing fine
and we reinvest all our money, but that is not the highest--we
can't buy computer systems for 800 physicians. It is just
practically not economically possible.
Then we have one other hospital in town and we have a third
hospital who will be probably coming to town. The physicians
were worried about, number one, the hospital's IT department's
ability to implement IT or computer systems in his or her
office, and being on the provider side before, no offense to
government, but it is the ``I am from the government, I am here
to help you.'' We say, ``I am from the IT department of the
hospital, I am here to help you,'' and it makes you a little
bit worried. So, that the doctors were worried about our
ability, and our ability is great, but we are used to working
inside the hospital. So, the first thing was the ability to
make it happen. The second thing was, as an individual
physician, they were worried about being married, having--
monogamous relationships are necessary for healthy marriages,
but not for businesses, so that they wanted to be able to be
involved with the other two hospital systems in town and not be
married to one hospital. If I were in individual practice the
way I was before 2000, I certainly wouldn't want to be married
to one system.
The third thing--and the third major point was it just
economically wasn't feasible for us to do that, so that even
though the rule was relaxed somewhat, it is just not practical.
What we really need is the health care industry as an industry
to do integration, to do it voluntarily. Right now, I sort of
have the idea that everyone wants to become like Microsoft when
Commodore and Apple were involved. But really, if you go back
to the Sony and VHS in 1975 to 1980, the group that won out was
the group that cooperated. The VHS won out because they gave
their technology to other people. The group that lost, even
though Sony had a two-year lead and arguably a better product,
never made it because they didn't connect and collaborate. They
tried command and control. In our environment in 2005, command
and control does not work. Connect and cooperate does. Thank
you.
Chairman JOHNSON. Thanks very much. What I hear you saying
is that once sort of the standards are set so that there isn't
this worry about the monopolistic relationship and we have a
greater flexibility than the Committee-wide exception, that
then those things could have happened and the outcome for the
public and for the patient would have been far better. I thank
the panel very much for their testimony today. It was very,
very helpful and very specific. We appreciate it. As we move
forward, we will look to call on you for your advice and input.
Thank you. The hearing stands adjourned.
[Whereupon, at 12:28 p.m., the hearing was adjourned.]
[Submissions for the record follow:]
Statement of James Bayot, McKesson Corporation,
San Francisco, California
For more than 170 years, McKesson has led the industry in the
wholesale delivery ofmedicines and healthcare products. Today, a
Fortune 15 corporation, McKesson delivers vital pharmaceuticals,
medical supplies, and healthcare IT solutions that touch the lives of
more than 100 million patients in every healthcare setting. As the
world's largest healthcare services company with a customer base that
includes more than 200,000 physicians, 25,000 retail pharmacies, 5,000
hospitals and 600 payers, McKesson is well positioned to help transform
the healthcare system.
McKesson strongly supports the goal of improving healthcare quality
by using healthcare information technology (IT) to reduce medical
errors and lower costs. As the largest provider of automation and
information technology in the healthcare industry, we deliver
innovative technologies at each point in the healthcare system to
reduce medication errors, lower costs, and improve the quality and
efficiency of healthcare. We are dedicated to making healthcare safer,
a goal that requires a deep understanding of healthcare delivery
processes and a clear focus on what is required by key stakeholders
such as physicians, nurses, pharmacists and patients.
McKesson fully supports the President's goal that every American
should have an electronic health record (EHR) in 10 years. To meet this
bold vision, McKesson believes that the federal government should
pursue a two-pronged strategy to spur the adoption of automation and
healthcare IT. First, we need broad deployment today of high-impact
technologies that provide unquestionable benefits in the delivery of
healthcare. Second, on a parallel track, we need to develop the
standards and promote the interoperability of systems that are
essential for medical information to be shared among healthcare
providers, patients, and public health agencies in a safe, secure
manner.
At McKesson, we know that technology itself is not the inhibitor of
change in the healthcare system. The technology is available and
working. It is intolerable that people die every day from medication
errors that could be prevented with bar-code technology, the same
technology that is used in every major retail outlet in this country.
We conduct sophisticated banking and other business transactions
electronically across continents; yet most physicians in the United
States still rely on their memories for complex medical information,
and write orders using pen and paper.
While deployment of healthcare IT is growing, less than 20 percent
of hospitals in the United States today use bar-codes to verify the
administration of patient medications, and fewer than 10 percent of
physicians in hospitals enter patient prescriptions and medical orders
electronically. The numbers are only slightly better outside the
hospital: only about 25 percent of large physician offices enter their
prescriptions electronically. The number drops considerably for small
physician practices.
Three Areas Where High-value, High-impact Technologies Already Make a
Difference
We can and must make the healthcare system safer and more efficient
by accelerating the use of technology in all hospitals and physicians'
offices in the United States. There are three areas where high-value,
high-impact technologies already make a significant difference:
1. Bar-code technology. Medications should be packaged in unit-
doses labeled with bar codes and scanned at the bedside before they are
given to patients. Today, on average, there are 27 steps in the
medication use process that involve many decisions, multiple handoffs
and various people, ranging from the physician who prescribes the order
to the pharmacy staff to the nurse who ultimately administers the
medication to the patient. Healthcare IT and automation can reduce the
handoffs and eliminate, on average, 40 percent of the steps. This
results in dramatically improved accuracy, efficiency and safety. In a
group of 75 hospitals that use McKesson's bedside bar-coding
technology, 400,000 ``alerts'' are triggered weekly to nurses or other
healthcare professionals to advise them that the wrong medication or
incorrect dosage is about to be administered. As a result of these on-
line warnings, we estimate that these hospitals prevent 56,000 errors
each week. Hospitals that deploy bar-code scanning technology report
dramatic error reduction in medication administration, as high as 90
percent.
2. Electronic prescriptions. We must eliminate paper prescriptions.
Each year, more than three million preventable adverse drug events
occur in physicians' offices or other out-patient care settings.
Imagine a world where a patient's list of current medications is
available to the physician and the physician can order initial scripts
or refill them online. All the medication names would be legible, and
all orders checked for drug-drug interactions and allergies. Today,
McKesson's systems help to ensure safe prescriptions are written and
filled 100,000 times each month, but, nationwide, 80 percent of
prescriptions are still on paper, and many are illegible.
3. Secure Web-based access to patient information. We must equip
physicians and clinicians with the information needed to make informed
decisions about patient care. Today, most healthcare is delivered in a
paper-based world. It is not uncommon for physicians to provide
patients with advice, give directions to other staff and recommend
treatment changes without any access to a patient's chart. These blind
encounters happen every day. Secure Web-based access to clinical
patient information, such as laboratory results, the patient's medical
record and diagnostic images, enables physicians to find, within
seconds, the information they need to make more informed decisions and
initiate or adjust treatment. McKesson currently records 1.8 million
logins each month to its Web-based physician portal, almost double
compared to a year ago. Remote access via Web portal technology is in
common use across many industries; yet, in healthcare, its deployment
is only in the 50--60 percent range.
Funding to support these focused initiatives can lead to dramatic
progress very quickly. McKesson applauds the leadership shown and
initiatives undertaken by the Congress and this Administration.
Implementing these three forms of technology will build the required
momentum and provider support for adoption of healthcare IT.
Technology is Improving Healthcare Quality Today
Healthcare technologies today save lives, reduce medical errors,
improve the quality of care, and reduce overall health costs. The
following healthcare organizations are just a few of our customers that
have taken these important first steps to improve care for their
patients:
Concord Hospital, an affiliate of Capital Region Health Care
(CRHC), Concord, NH: Concord was one of the first hospitals in the
United States to introduce bedside bar-code scanning of medications in
1994, which reduced its already low medication error rate by 80
percent. This reduced error rate, which has been sustained for more
than 10 years, has improved productivity and efficiency as well as
increased clinician satisfaction and retention.
Medical Associates Clinic, Dubuque, IA: Medical Associates is
deploying an ambulatory electronic health record and e-prescribing
system for more than 100 physicians and medical providers, which
represent 30 specialties dispersed across 16 locations in three states.
With the implementation still underway, physicians are already entering
26,000 e-prescriptions each month, and patient information is available
electronically regardless of location. Nurses spend far less time on
medication management; they have reduced the time spent on paper
charting activities by 24 percent; and, they spend 16 percent more time
with patients and their families. In addition to improved quality and
better decision-making, this clinic projects an annualized net gain of
$1.7 million with full system deployment.
Regional West Medical Center, Scottsbluff, NE: A regional referral
center covering more than 12,000 square miles in rural Nebraska,
Regional West has used information technology to streamline the
delivery of healthcare. Through secure Internet access, physicians and
other clinicians can view a single electronic medical record for each
patient, which includes diagnostic medical images, pharmacy data and
laboratory results. A McKesson pharmacy robot dispenses bar-coded,
unit-dose medication packets virtually error-free. Electronic patient
charting at the bedside has cut nurses' daily paperwork by nearly 1.5
hours, enabling them to spend more time caring for patients. The
hospital has reduced its medication error rate by 30 percent to less
than one percent. Before giving a medication, the nurse must capture a
three-way bar-code match between his/her badge, the medication and the
patient's wristband to check the five ``rights'': the right patient is
receiving the right dose of the right medication at the right time via
the right route.
Mary Lanning Memorial Hospital, Hastings, NE: The largest employer
in Hastings, Nebraska, Mary Lanning Memorial Hospital has served the
healthcare needs of the surrounding community for the past 83 years.
Although the hospital's medication error rate was low, a single tragic
event highlighted the need for standardized medication administration.
Bedside bar-code scanning technology was implemented along with a
pharmacy information system to reduce the risk of medication errors.
Additionally, medications scanned at the bedside are compared to orders
reviewed by pharmacists and screened for allergies, interactions and
therapeutic duplications. Preliminary data has shown a 35 percent
increase in the reporting of near-miss events related to wrong drug and
wrong patient.
Presbyterian Healthcare Services in Albuquerque, NM: Using
McKesson's bar-code technology solutions, Presbyterian reduced
medication administration errors by 80 percent. Technology has also
allowed pharmacists to be redeployed to critical care units to work
directly with patients and physicians and enhance the quality of care.
These innovative health systems and others across the country are
saving lives and saving money. Physicians, nurses, and pharmacists now
spend more time interacting with patients and less time performing
administrative functions. More importantly, these organizations are
creating a new baseline for patient care in the United States. While
making healthcare safer through seamless, rapid and accurate
information flow, they are also addressing one-third of healthcare's
overall costs: administrative paperwork, clinical errors, manual hand-
offs and rework.
Developing Standards and Promoting Interoperability
McKesson fully supports efforts of Congress and the Administration
to facilitate standards harmonization, encourage the formation of
regional health information organizations and establish a National
Health Information Network. Development of the requisite technology
standards will allow the computer systems of doctors, hospitals,
laboratories, pharmacists and payers to efficiently communicate and
share information. We are honored to work with Dr. David Brailer and
the Office of the National Coordinator for Health Information
Technology as he moves to create a foundation for the transformation of
our healthcare system. We are also pleased to be a member of the
Commission for the Certification of Health Information Technology, a
collaborative public-private partnership to develop standards and
certify health information technology systems.
We all remember the incremental steps that were taken by other
industries as they moved towards connectivity and interoperability.
First, they automated individually and then, collectively, they
collaborated to connect the information. Consider the banking industry.
A full decade elapsed between the early proliferation of bank-specific
automatic teller machines (ATM) and the formation of ``shared ATM
networks'' in the 1980s. Once the automation was complete, connectivity
and interoperability occurred very quickly. In the interim, banks were
able to realize the cost and efficiency savings of ATMs, and consumers,
appreciating the convenience of ATMs, quickly adapted to this new
banking system. Connectivity is a natural evolution of automation. We
are confident the same evolution will happen in healthcare. Once our
nation's healthcare providers are fully automated, it will be possible
to connect previously isolated healthcare systems.
Understanding and Overcoming Barriers to Rapid Adoption of Health
Technology
The biggest obstacle to healthcare information technology adoption
is securing the needed funding and resources. Today, physician
practices and hospitals do not have access to the capital necessary to
invest in their own technology or, on a larger scale, to fund
connectivity.
The federal government can play a key role in financing this
healthcare transformation through creative funding arrangements. One
option is through the creation of Government Sponsored Entities, which
would provide indirect federal support through guaranteed loans for
healthcare providers to purchase, adopt, and implement proven health
technology solutions that are focused on error elimination and safety.
Coupled with the pay-for-performance initiatives that reward providers
for the quality of healthcare delivered rather than for services
rendered, guaranteed loans or other financial incentives will spur
technology adoption.
A combination of financial and performance incentives would help
mitigate the initial expense of technology implementation. The
reduction in medication errors and improved efficiencies in delivering
improved healthcare will also provide a return on investment for
healthcare organizations, thereby enabling them to repay the loans.
Conclusion
McKesson believes our healthcare system must adopt and deploy
proven technologies today that reduce medical errors in order to save
lives, improve the quality of care, and reduce costs. These initial
steps should include:
1. Implementation of bedside bar-coded medication administration
systems across the United States.
2. Elimination of paper prescriptions through use of e-prescribing
in physicians' offices.
3. Secure, online, ``anytime, anywhere'' access for physicians to
critical patient information.
Automated information will enable our healthcare organizations to
store and collect patient data, which will ultimately lead to a
comprehensive electronic health record. Concurrently, we need to adopt
the standards necessary to ensure interoperability among systems that
will facilitate communication within our health system. If we execute
these initiatives simultaneously, McKesson strongly believes that this
Congress and this Administration will be able to deliver visible and
measurable results with a lasting impact on the quality of healthcare
for the American public.
As a nation, we have both the will and the means to transform
healthcare for the better. This will be a remarkable legacy, and one we
should act on today.
We appreciate the committee's interest in healthcare information
technology and look forward to working with members of the Subcommittee
on Health, as well as other Members of Congress, to address these
critical issues.
Statement of Patricia Gibbons, Mayo Foundation, Rochester, Minnesota
OVERVIEW
The proposal to move to the ICD-10-CM/PCS (International
Classification of Diseases, 10th Edition, Clinical Modification and
Procedure Coding System, hereafter referred to as ICD-10-CM) should to
be coordinated with other legislative and regulatory initiatives having
to do with the use of standard terminologies for the reporting of
clinical information. These include pay-for-performance and quality
reporting, the public interest in encouraging the use of SNOMED for the
improvement of clinical description, and the establishment of a
standards-based national health information network (NHIN). The NHIN
should include a roadmap for the adoption of terminologies if true
interoperability is to be achieved. If the various terminology
initiatives can be synchronized, it will be possible to realize
improvements in health care diagnosis, quality, safety and treatment,
along with significant cost savings, for the benefit and well-being of
all Americans.
CURRENT SITUATION
Neither ICD-10-CM/PCS, nor its predecessor currently in use, ICD-9-
CM, allow for the capture of data at the detailed level that is
required for the identification and description of case types (groups
of patients with a similar diagnostic profile) as specified by most
quality measures. Such case types and the optimal interventions
prescribed for them are now defined by a combination of ICD-9-CM codes
plus additional clinical information, much of which cannot be coded at
an appropriately detailed level in ICD-9-CM or in ICD-10-CM/PCS. In
contrast, SNOMED (the Systematized Nomenclature of Medicine), which has
been identified by the NCVHS (The National Committee on Vital and
Health Statistics) and by CHI (the federal Consolidated Health
Informatics Initiative, now part of the Federal Health Architecture
project) must be considered the preferred terminology for the
expression of clinical information. SNOMED has been shown to be able to
handle this level of detail, in two studies on content coverage
performed at Mayo Clinic.\1\
---------------------------------------------------------------------------
\1\ Chute, et al, http://www.jamia.org/cgi/content/abstract/3/3/224
The second content coverage study was done in the summer of 2004 and is
not yet published, but the findings are very similar to the 1996 study.
---------------------------------------------------------------------------
SNOMED contains the detail needed for the 1) billing and
reimbursement, 2) national health statistics and public health
reporting, 3) the real-time measurement and reporting of safety and
quality measures, and--most importantly--4) the precise
characterization and recording of information about all medical
diagnoses, findings, treatments, and events by care providers, as they
occur.
Important work is currently underway by the National Library of
Medicine, in collaboration with HL7, the leading standards development
organization for health care, to accomplish the translation of SNOMED
codes into ICD-9-CM codes. A similar translation (or mapping) is
planned between SNOMED and ICD-10-CM. A mapping already exists, as
well, between ICD-9-CM and ICD-10-CM. Work remains to be done.
Completion of these mappings should be expedited, tested, and adjusted
to assure continuity in moving forward. But that alone is not adequate
to achieve the potential benefits of the synchronization. Additional,
supportive standards for the specification of clinical statements and
templates for clinical documents, under development by HL7, complete
the array of standards needed to support SNOMED to ICD synchronization.
The Centers for Medicare and Medicaid Services (CMS) and the
National Center for Health Statistics (NCHS), which are today the
leading users of ICD-9-CM-coded data must play a critical role in
providing and maintaining for general use, a single approved, computer-
based mapping of SNOMED to ICD-9-CM and to ICD-10-CM. This mapping
should allow organizations, including providers, payers, and other
stakeholders, to ``capture the data once,'' store it as SNOMED
expressions, and produce from it all ``derivative'' information (such
as ICD codes for reimbursement, and for statistics and public health
reporting).
TERMINOLOGY NEEDS FOR QUALITY AND SAFETY
Quality indicators and patient safety measures, now characterized
by a cumbersome mixture of ICD-9-CM codes plus other data, can be
better and more consistently captured by SNOMED. If ICD-10-CM is
implemented without coordination with SNOMED, a major recasting of
indicators into ICD-10-CM terms will still need to be done and
calibrated. All indicator-related data not currently encodable into
ICD-9-CM will need to be scrutinized for codability in ICD-10-CM, and
much of the information will still need to be gathered manually, with
different processes for different indicators On the other hand, if
SNOMED is specified as the basic nomenclature for reporting of quality
indicators, all detailed clinical data needed can be characterized
using SNOMED, since SNOMED can handle the content of both the ICD-10-CM
codes and the additional data required for quality indicator reporting.
Not that every element of information available in SNOMED will always
be in use, but if a new measure or finding is required, it will be
there. By way of analogy, SNOMED will provide a complete dictionary,
and grammar, for composing any sentence, whereas today we have no more
than a list of pre-formed and pre-selected ``sentences'' to choose
from.
To understand this better, let us look at the findings of the first
content coverage study from 1996 which compared SNOMED with ICD-9-CM
and ICD-10-CM. ``Content coverage'' is the relative ability to describe
full clinical content, including diagnoses, findings, prescriptions and
drug information, procedures and other information. It includes the
ability to modify these expressions in various ways (from ``stages'' of
cancer, to degrees of certainty, to modifiers such as ``family history
of,'' ``history of,'' ``exposure to''). The versions of SNOMED and ICD-
9-CM that were in available at the time were used in the study. Plus,
there was a draft version of ICD-10-CM available that was used in the
study. The approximate results from the 1996 study are tabulated below:
\2\
---------------------------------------------------------------------------
\2\ These numbers are derived from the graphic in the published
study. See actual study for precise results.
----------------------------------------------------------------------------------------------------------------
ICD-9-CM ICD-10-CM SNOMED
----------------------------------------------------------------------------------------------------------------
Diagnoses 1.61 1.61 1.92
----------------------------------------------------------------------------------------------------------------
Findings 1.22 1.24 1.82
----------------------------------------------------------------------------------------------------------------
Modifiers 0.38 0.41 1.71
----------------------------------------------------------------------------------------------------------------
Other 0.55 0.79 1.52
----------------------------------------------------------------------------------------------------------------
Procedures/Rx 1.01 1.09 1.79
----------------------------------------------------------------------------------------------------------------
OVERALL 0.81 0.84 1.75
----------------------------------------------------------------------------------------------------------------
Figure 1. Scores by semantic group for major coding systems. Bar graph of mean scores over all concepts within
each semantic domain and Overall. The scale is based on a 0--2 integer scaling reflecting a subjective measure
of concept capture. 0 = absent, 2 = complete.
The two content coverage studies show that, despite structural
changes and a switch to alphanumeric codes (which theoretically add
much expandability to the coding system), ICD-10-CM/PCS does not
increase content coverage in a major way. Overall, both the 1996 and
the 2004 studies show similar content coverage for ICD-9-CM and ICD-10-
CM/PCS. Content coverage for SNOMED is roughly twice that of either
version of ICD.
There are several reasons these studies do not show a significant
increase in content coverage between ICD-9-CM and ICD-10-CM:
1. The study looked at actual histories, and although there are
some new diseases and procedures, these typically occur in low volumes;
once they are recognized, they are added to ICD-9-CM (or-10 or SNOMED)
in regular or special updates.
2. Many of the changes in ICD-10-CM/PCS are changes to the internal
way codes are handled, rather than the addition of new codes. There are
some additions that are very helpful, such as the ability to indicate
``right,'' ``left'' or ``both,'' but in many cases, it is the old pie
that is being cut up.
3. ICD-10-CM is largely a recasting of major two types of clinical
knowledge, major diagnosis and interventional procedures, which is also
captured by ICD-9-CM.
In general, the scope of ICD-10-CM/PCS has not broadened to include
the range of detailed clinical information covered by SNOMED.\3\
---------------------------------------------------------------------------
\3\ http://www.snomed.org/snomedct/documents/July05--CT--
FactSheet.pdf
---------------------------------------------------------------------------
SNOMED, on the other hand, shows particular strength of content
coverage precisely in those areas central to the measurement of
clinical quality and safety: detailed findings and clinical modifiers.
All-in-all, SNOMED outperforms either ICD-9-CM or ICD-10-CM/PCS by a
margin of nearly two to one. This of profound importance when it comes
to the specification, collecting, and reporting of quality measures--if
what we mean to do is, truly, to create the foundation of a new
generation of medical knowledge which can serve as the foundation for
major new improvements and advances in patient care and public health.
ICD-10-CM provides limited specificity regarding lab findings, non-
billable procedures (such as many nursing activities) and
pharmaceuticals. SNOMED either maintains links to such information or
has developed it internally.\4\ Plus SNOMED has a vision and flexible
structure which allows for entire new dimensions to be added in the
future.
---------------------------------------------------------------------------
\4\ Information on SNOMED inclusions and mappings to other coding
systems (including LOINC for lab values and various nurse activity
coding systems) is provided at: http://www.snomed.org/snomedct/
documents/July05--CT--FactSheet.pdf
---------------------------------------------------------------------------
CHARACTERISTICS OF THE ICD CLINICAL MODIFICATIONS
Although ICD-10-CM allows for greater extensibility (the ability to
add more codes in many areas), it remains unchanged in two respects. It
is designed for aggregation and/or classification. It retains use of
``NOS'' and ``NEC'' codes.\5\ This means that it gathers similar
diagnoses into common groupings. Sometimes, these ``groupings''
represent a single clinical expression, but not always, and not
fundamentally. The ICD Clinical Modifications have done a reasonable
job of serving the functions for which they were designed, statistical
reporting, case retrieval for study, and, more recently, reimbursement.
---------------------------------------------------------------------------
\5\ NOS means ``Not otherwise specified.'' ``NEC'' means ``Not
elsewhere classified.'' In short, unusual, uncommon, and--importantly--
new conditions, such as SARS or avian flu, are first likely to be
lumped into one of these ``other'' categories, until their correct
etiology or expression are better understood. For reimbursement or
statistics this tends to work reasonably well. A new type of flu will
end up in ``other influenza,'' for instance, and so be counted and
reimbursed in a reasonable manner.
---------------------------------------------------------------------------
But, to handle the new proliferation of quality indicator
reporting, neither ICD-9-CM nor ICD-10-CM/PCS have the detail, the
structure, or the ability to adapt to foundational changes to its
underlying assumptions; it will still be possible to run out of codes.
With genomic data rapidly being linked to symptoms and diseases and
with the promise of an ever-changing but always growing set of
requirements for detailed and ``subtle'' quality criteria
(``nonbillables''), any fixed classification system will be short-
lived. Indeed, ICD-10-CM is based on the First Edition of ICD-10, and
the Second was introduced last year, along with a whole new user
interface technology. If history is to be the guide, ICD-11 is due out
in the next few years, and is expected to be more SNOMED-like in its
design. Indeed, ICD-10-PCS, the Procedure Coding System (to be used for
inpatient procedures only; it does not replace CPT), a thoroughly U.S.-
developed system--uses a SNOMED-like approach.\6\
---------------------------------------------------------------------------
\6\ It must be emphasized that the ICD-10-PCS, Procedure Coding
System, is not based on any ICD mortality coding system, but was
developed under contract by 3M for CMS.
---------------------------------------------------------------------------
It is indeed most commendable that AHIMA, which has 40,000+ members
involved largely in the coding of medical information into the ICD, CPT
and related families of coding systems, is now voicing its strong
support for the mapping SNOMED to ICD-10-CM as part of a coordinated
strategy in the direction of adequate, ``capture once, use many times''
clinical description capability. This is a significant step forward.
There is every reason to believe that these talented professionals will
continue to play a key role in the future of all aspects of clinical
information capture.
RECOMMENDATIONS
The following two measures are required in order for the United
States to move forward to a detailed, flexible, and clinically useful
system for characterizing health related conditions, findings,
interventions, and events:
1. CMS and NCHS should provide, for general use, a mapping between
SNOMED and both ICD-9-CM, and ICD-10-CM/PCS
2. CMS should require that all data specified for the reporting of
newly mandated safety and safety measures should be submitted in SNOMED
terms
Designated Mapping between SNOMED and ICD-9-CM and ICD-10-CM
CMS and NCHS must help develop, certify and provide for use, an
approved mapping of SNOMED codes to ICD-9-CM and ICD-10-CM. It is
surely possible that more than one roll-up will be possible given the
``multiple inheritance'' capability of SNOMED.\7\ Work is progressing
on the mapping of SNOMED to ICD-9-CM, in the joint initiative of the
NLM and HL7. Work should begin as soon as possible on ICD-10-CM as
well. A mapping to ICD-10-PCS may also be considered, although it is
not a necessary part of the diagnosis cross-mapping.
---------------------------------------------------------------------------
\7\ Indeed, the fact that ICD only allows a condition to be
assigned to one category is considered a valuable feature for purposes
such as classification and grouping for reimbursement, in reality,
conditions often have multiple characteristics and other aggregations
may also be useful, not only for research, but also for practice. A
bacterial infection of a heart value is both a heart condition and a
bacterial infection. Metastatic liver cancer is not only a cancer but
has multiple sites that may be characterized. SNOMED handles this kind
of multiple characterization much more easily than do the ICDs.
---------------------------------------------------------------------------
CMS and NCHS should, as well, take on the necessary calibration
work to assure that in terms of payment and statistics, the disease
profiles which result from the mappings to ICD-10-CM are consistent
with those derived from ICD-9-CM. Not all health care organizations
will be able to go to use of SNOMED at the outset and will likely
prefer a more straightforward move to coding into ICD-10-CM. Provider
organizations that want to move to automated problem lists which can be
used directly by care providers and which can be linked to clinical
advice/alerts and medical literature (creating the full cycle of
evidence-based medicine), can be expected to enthusiastically embrace
SNOMED-based problem lists. These organizations should be assured that
any potential decreases in reimbursement due to the ability to provide
additional detail should be neutralized initially and factored in over
time. A potential source of revenue for handling any such gaps can be
expected from decreases in ``fraud and abuse,'' which can result from
differences in coding conventions between payers and providers. With a
system based on SNOMED-level detail, disagreements over which category
(ICD code) a condition should be assigned to will be eliminated by the
explicit use of the actual description of the condition as the primary
data entity. Only consequently will this detailed diagnosis be
assigned--by means of a CMS-approved mapping--to an ICD-level category.
Actual abuse will be actually documented and furthermore, will be
internally testable, for instance, by the ability to compare a SNOMED-
coded diagnosis with a SNOMED-coded lab result to see if they are
consistent. Systems will naturally evolve which internally check to
assure that such inconsistencies are noticed and attended to.
Requiring Quality Indicators to be Submitted using SNOMED
SNOMED has been designated by CHI as the preferred standard for use
for most clinical reporting, and is mapped to LOINC and several nursing
terminologies. In short, SNOMED contains the level of detail needed for
the direct encoding of the details needed for the reporting of quality
indicators. Neither ICD-9-CM or ICD-10-CM/PCS are capable of capturing
this level of detail nearly as well as SNOMED. SNOMED, is based on a
natural ordering, or ontology, which reflects the natural relationships
among health-related entities (states of health and disease, symptoms,
findings, events, interventions, medications, and all types of
interactions with care providers). And it has the flexibility to be
changed as the understanding of these relationships change--as they are
certain to do, given the rapid advancement and restructuring of medical
knowledge
ADDITIONAL BENEFITS
Major new benefits and `freedom of (clinical) expression' will
result from adopting this approach. Provider organizations will be free
to implement EHR systems which use SNOMED as the foundation of all
their information needs, enabling them to provide the highest quality
patient-oriented care. Systems of medical advice and on-line access to
medical knowledge, for patients and care providers alike, will be
enhanced; and active quality and safety management can be integrated
into systems rather than patched onto them. And yet it will still be
possible for providers to submit the financial and administrative data
required of them--only with less bureaucracy and duplication of effort,
and a real savings of consumers' and tax payers' dollars. For years we
have been moving deliberately to this new vista, and so many of the
initiatives are ready to bloom. There is every reason to believe that
we are at the verge of the emergence of the long-anticipated ``common
language of medi-
cine'' which can make the new era of ``collaborative health decision-
making'' a reality rather than a dream.
Statement of William Hogan and Vergil Slee, The Rods Laboratory
(at the University of Pittsburgh), Pittsburgh, Pennsylvania
SUMMARY
It would be a mistake to switch from ICD-9-CM to ICD-10-CM in the
Medical Record Health Information System (MRHIS) \1\ at the present
time.
---------------------------------------------------------------------------
\1\ The MRHIS is the information system which originates with data
in the medical records of hospitals and physicians' offices. It must
first meet the needs of the physician as a memory and communication
tool in care of the individual patient. Some medical record content is
then used to support billing and to create statistics on health and
healthcare.
---------------------------------------------------------------------------
The resource expenditure required would present an unnecessary,
perhaps insurmountable, obstacle to the efforts of the federal
government to modernize the healthcare industry with information
technology (IT), most especially the adoption by physicians of the
electronic medical record (EMR).
The claim that implementing ICD-10-CM is critical to
biosurveillance for such threats as SARS and avian influenza is
inaccurate--the public health reporting system does not use ICD-9-CM
codes for this purpose.
The basic problem that the healthcare system and the federal
government need to address is that there is no standard set of codes
for diagnosis INPUT. Our system is obsolete. It uses diagnosis OUTPUT
codes \2\ for diagnosis INPUT --both ICD-9-CM and ICD-10-CM are OUTPUT
codes.
---------------------------------------------------------------------------
\2\ Output codes are codes which represent the labels of the
categories of a classification which has been constructed for
statistical purposes. Each diagnosis output category (code) contains a
collection of the individual diagnoses which are its input. In both
ICD-9-CM and ICD-10-CM, several hundred thousand specific diagnoses are
collected into the few thousand categories of the classification. Most
individual diagnoses, therefore, have no unique codes.
---------------------------------------------------------------------------
Instead of switching to ICD-10-CM, we should develop and implement
a modern system for diagnosis INPUT \3\ No system for this purpose
exists today.
---------------------------------------------------------------------------
\3\ Input diagnosis codes are codes which exactly represent
diagnosis entities as expressed by the physician. The physician may or
may not record a diagnosis using its ``preferred term;'' he may or may
not even use a standard synonym. Following input, the computer system
will add the ``standard code'' for the preferred term in order to
facilitate finding it in all medical records.
---------------------------------------------------------------------------
OUR CREDENTIALS
Willian Hogan, MD, MS is an Assistant Professor of Medicine in the
School of Medicine of the University of Pittsburgh and a senior analyst
in its Realtime Outbreak and Disease Surveillance (RODS) Laboratory.
RODS carries out research under funding from DARPA, CDC, NLM, DHS,
AHRQ, and NSF. Hogan has extensive experience in building
biosurveillance systems, as well as conducting basic biosurveillance
research. Prior to joining the RODS Laboratory in 2002, he worked at
Health Language, Inc, where he gained expertise with vocabulary
standards including ICD-9-CM and SNOMED. He is the expert on vocabulary
standards at the RODS Laboratory, and led the effort at the RODS
Laboratory to map proprietary codes used by eight hospital laboratories
to LOINC \4\ and SNOMED CT for electronic laboratory reporting. He has
written on vocabulary standards, biosurveillance, and the intersection
of the two.
---------------------------------------------------------------------------
\4\ LOINC--Logical Observation Identifiers, Names, and Codes.
---------------------------------------------------------------------------
Vergil Slee, MD, MPH, FACP, FACHE (Hon) was responsible for the
first deployment of ICD in hospitals as a tool for diagnosis indexing,
a task for which ICD was admirably suited at that time (1955). In 1975
he represented the U. S. at the WHO conference which designed ICD-9. In
1976 he became President of the Council on Clinical Classifications
which, in collaboration with the U. S. National Center for Health
Statistics, developed ICD-9-CM (1978). He has analyzed ICD-10-CM
(Reference 6) and has written extensively on the expanding demands on
medical record information (Reference 7), demands which have destroyed
ICD's suitability for diagnosis input.
STATEMENT OF THE ISSUE:
The Federal government is being urged to replace ICD-9-CM diagnosis
codes with ICD-10-CM diagnosis codes in the Medical Record Health
Information System (MRHIS) \5\ This system uses medical record data for
three major purposes:
---------------------------------------------------------------------------
\5\ NOTE RE PROCEDURE CODING: Proponents of the switch to ICD-10-CM
imply that it would also require the switch, for hospital inpatient
records, from Volume 3 of ICD-9-CM to ICD-10-PCS (which was written by
3M under contract from HHS). Procedure coding is a separate issue from
diagnosis coding. No simultaneous switch is necessary; the system could
stay with the present procedure coding or consider the procedure coding
available with SNOMED CT (Standardized Nomenclature of Human Medicine--
Clinical Terminology). SNOMED CT is a reference terminology developed
and maintained by the College of American Pathologists (CAP). SNOMED CT
has been made available to the healthcare system by HHS under a
contract with CAP.
---------------------------------------------------------------------------
PRIMARY PURPOSE: Patient care. The medical record's primary,
nonnegotiable purpose is to be the memory and communication tool for
the physician. It has no substitute for the care of the individual
patient.
SECONDARY PURPOSES: (1) Billing and (2) Statistics on health and
health care.
BASIC FACTS:
Two essential facts about the MRHIS must be included in discussing
the question of switching from ICD-9-CM to ICD-10-CM:
For patient care, the physician must have diagnoses in their
greatest detail.
For billing and statistics, diagnoses must be grouped.
``ICD coding,'' the coding used in the MRHIS, is category
coding,\6\ which captures only the labels of the groups (categories) in
a clinical modification of ICD. The ICD series \7\ was designed for the
OUTPUT of data for statistics (and, in the U. S., the clinical
modification (CM) is essential for billing). The ICD series was never
intended for INPUT, the purpose for which we (mis)use it. The precise
diagnoses are simply discarded, except in the rare instance where a
category has only one diagnosis (see the illustration on page 8). The
result is that ICD coding--category coding--is not useful for the
physician in the care of the patient.
---------------------------------------------------------------------------
\6\ Category coding of diagnoses is coding in which each code
(number) represents (the title of) a category of diagnoses, e.g.,
``Other diseases of the liver.'' In category coding, the coding of the
diagnosis itself and its classifying are combined into one step.
\7\ ICD, the International Classification of Diseases, is a serial
publication of WHO. The U.S. created ICD-9-CM (a clinical modification,
CM) in 1978 for use in hospitals and doctors' offices. ICD-10-CM based
on ICD-10, first edition (1992), is now in draft in a version dated
June 2003. WHO issued a second edition of ICD-10 in 2004. Presumably
the U. S. ICD-10-CM would have to be made to correspond with each new
edition.
---------------------------------------------------------------------------
Category coding has an especially pernicious effect for statistics.
The coded data are already aggregated, and aggregated data can never be
disaggregated--they can only be combined into larger groups (such as
DRGs). This means that our health care system is in a ``one-size-fits-
all'' situation and must use the same statistics for such disparate
purposes as public policy, quality review, facility management, and
evidence-based medicine. Common sense dictates that each of these uses
has unique information demands and should have its own grouping of
diagnoses. We propose a solution below.
SWITCHING FROM ICD-9-CM TO ICD-10-CM
Proponents of switching argue that switching is a cost-effective
and necessary step to modernize our healthcare information system, that
we must keep in step with other nations for international comparisons
of morbidity, and that ICD-10-CM is more up-to-date, has more room for
``things,'' can more easily accommodate new diseases such as SARS, and
is better suited to biosurveillance for terrorist and emerging disease
threats.
UP TO DATE: ICD-9, the parent of ICD-9-CM, was written in 1975 and
ICD-9-CM was put into use in 1978. ICD-10 was written in 1989 and
published in 1992. ICD-10-CM is still in draft form. The U.S. agreement
with the World Health Organization (WHO) (the author of the ICD series
of classifications) states that any clinical modifications (CM
versions) must be ``collapsible'' back into the categories of ICD
itself, which greatly reduces our freedom to keep it current with
medical progress.
LACK OF SPACE: A second argument is that ICD-9-CM has few remaining
codes to assign to new diagnoses. Actually it uses only about 13,000
codes out of the over 100,000 permitted by its structure. The problem
is that it uses an antiquated code structure, where the code indicates
the location of a category in a hierarchy of categories.\8\ Modern
computer methods do not require that codes be in such a numerical
hierarchy. ICD-10-CM (2003 draft) has 67,000 codes, and thus one might
expect that it has more clinically relevant detail, but this number is
misleading. For example, one category, Code S82 Fracture of lower leg,
including ankle, with its mandatory extensions, accounts for 3,248 of
the codes in this count.
---------------------------------------------------------------------------
\8\ ICD-10- and ICD-10-CM maintain this antiquated hierarchical
code structure, but have a higher number of possible codes. Depending
on how our knowledge of disease increases, ICD-10 could also eventually
``run out of codes'' in some parts of its category hierarchy.
---------------------------------------------------------------------------
NEW DIAGNOSES: We have no system for promptly coding new conditions
such as avian influenza, SARS, and Gulf War Syndrome (real or
suspected) with ICD-9-CM, nor would we with ICD-10-CM. For example,
there were no ICD-9-CM codes for SARS until October 1, 2003, nearly 3
months after the WHO lifted all its travel advisories and considered
the outbreak under control. Nor is the system ready to uniquely
identify avian influenza. The inability of a category coding system to
classify new entities is due to the necessity of deciding what they are
before deciding where to put them in the classification. There are also
the requirements that a committee make the decisions, and that changes,
which must be implemented first by human coders dispersed throughout
the nation, are only made once a year.
INTERNATIONAL MORBIDITY DATA: The U. S. is under no obligation to
use ICD for anything other than mortality data. In personal
communication with Dr. Slee, a WHO statistician stated that for
virtually all international morbidity studies, special data collection
is required.
BIOSURVEILLANCE: Proponents of ICD-10-CM argue that it is essential
to make the switch to have better disease surveillance for terrorist
and emerging infectious disease threats. However, the current
biosurveillance system makes little use of even ICD-9 codes for
detecting disease outbreaks. When physicians, hospitals, and
laboratories report notifiable diseases to public health, they do not
use (nor are they required to use) ICD-9-CM codes. Influenza
surveillance relies in part on mortality statistics (which are
retrospective, of course), but mortality statistics are already
compiled using ICD-10 (not ICD-10-CM) codes. We have already noted the
inadequacy of ICD-9-CM for accommodating emerging disease threats such
as SARS.
In view of these facts, the arguments as to advantages of ICD-10-CM
over ICD-9-CM lose a great deal of their weight.
FINANCIAL IMPACT:
MONETARY COSTS: Two estimates have been made of the cost of
switching to ICD-10-CM from ICD-9-CM. The RAND Corporation figure, for
the Centers for Disease Control, was from $425 million to $1.125
billion over 10 years. The Robert E. Nolan Company figure, for the Blue
Cross Blue Shield Association, was from $6 billion to $14 billion over
2-3 years. The higher figures are likely to be more accurate, because
Nolan based its estimates on similar information technology conversions
in the past, namely actual costs to the healthcare system of the year
2000 (Y2K) remediation and Health Insurance Portability and
Accountability (HIPAA) compliance. Nolan also gave some details of
actual costs incurred by Canada, Australia, and the United Kingdom
during their switch to ICD-10.\9\
---------------------------------------------------------------------------
\9\ Canada created and implemented its own modification of ICD-10
called ICD-10-CA. Similarly, Australia created and implemented ICD-10-
AM. The U.K. uses ICD-10 for morbidity with no modifications. Note that
each has used a different version of ICD-10, thus making international
comparisons far more difficult than if the same code version (clinical
modification) were used.
---------------------------------------------------------------------------
Regardless, the switch would require the commitment of human and
financial resources which would thus not be available for solving the
underlying problem with health care information: we use diagnosis
output codes for diagnosis input. Detailed diagnosis input is a
building block on which the entire MRHIS must be (re)built. It is
critical that the healthcare system and the federal government devote
resources to the solution of this problem, as we discuss below.
SAVINGS: The most optimistic estimate of the benefit of switching
to ICD-10-CM is $7.7 billion over 10 years (Rand). By contrast, the
projected savings to the healthcare system of a national health
information network (NHIN), as envisioned by the Office of the National
Coordinator for Healthcare Information Technology (ONCHIT), is $337
billion over the first 10 years, and $77.8 billion per year thereafter
(Reference 1). This estimate assumes the use of the EMR, the adoption
of which requires diagnosis input codes in place of ICD-9-CM codes.\10\
Importantly, none of the benefit of NHIN results from switching to ICD-
10-CM.
---------------------------------------------------------------------------
\10\ The ICD-9-CM coding would continue, however, since it is at
the heart of the billing process, and financial stability must be
maintained.
---------------------------------------------------------------------------
BUILDING NHIN: Achieving this goal would be seriously delayed. In
the event of a switch to ICD-10-CM physicians would have to give the
new code system priority over the EMR so that they could maintain
revenue. Health plans considering financial incentives to physicians
for adopting EMRs would have to divert resources to the ICD-10-CM
switch. Hospitals, health plans, physicians, and state governments
would all have fewer resources to devote to developing health care data
exchange.
INFORMATION COSTS: The costs of the switch in its effects on health
and healthcare information cannot be predicted, but they may well be,
in the long run, more important than money. One particular effect:
Longitudinal studies (studies which cross the date on which
classifications change, e.g., from ICD-9 to ICD-10) usually are
seriously disrupted and often have to be abandoned. Disturbance of such
studies costs money as well as information. To illustrate with one such
study:
ICD-10 has been used for U.S. mortality tabulations effective with
1999 death certificates. In Florida, the AIDS death rate, which had
been declining by about 6% per year until 1999 took a sudden rise of
about 6% in that year. Investigation showed that this 12-13% jump was
entirely due to the coding change; the true trend had been badly
distorted (See Reference 2).
INFORMATION QUALITY: Information quality always sags, often for
several years, simply as the result of changing coding (the effects are
prolonged by the fact that implementation cannot be achieved on a
single date; all elements of the system, from coders, through
computers, must be up to speed before the system becomes reliable).
HOSPITAL AND PHYSICIAN REIMBURSEMENT: Our reimbursement system is
in financial equilibrium. Any change in coding would require
recalibration, involving collection of both medical and financial
information on huge numbers of patients (enough to give statistical
validity to each DRG, for example), and parallel operation of both the
old and the new systems until reliability could be guaranteed. This is
truly a non-trivial aspect of switching.
MODERNIZATION OF THE MRHIS: The switch would delay attention to
actually modernizing the system, as outlined below.
MODERNIZATION OF THE MRHIS
We contend that we should not try to put a ``band-aid'' on our
obsolete MRHIS. Instead, we should develop the missing component, a
system for INPUT of diagnoses, and bring the system up to 21st century
standards. Modernization should start with these steps:
1. DELAY THE SWITCH to ICD-10-CM: We should continue to use ICD-9-
CM, modifying it as necessary for the reimbursement system, in order to
free the resources, human and financial, needed to modernize the
system.
2. DEVELOP A CODED DIAGNOSIS INPUT SYSTEM: Add diagnosis entity
coding \11\ to the medical record.
---------------------------------------------------------------------------
\11\ Diagnosis entity coding, necessary to modernize MRHIS, is
coding in which each code represents an individual diagnosis entity.
The diagnoses can, with this coding, be placed in ANY classification,
e.g., ICD-9-CM, ICD-10-CM, or policy, planning, or research groupings.
It is a basic principle in science that original observations--in
this instance, original medical records--should be preserved
permanently, without alteration, in order to permit review and further
analysis as needed. Preserving diagnoses only after they have been
placed in groups and have lost their individual identity, as we do
today with category coding input, is a gross violation of this basic
principle. The practice is an embarrassment and should be stopped
immediately. Entity coding would permanently preserve the original
diagnoses.
The needed input system would be simple and user-friendly for the
physician--with no look-up or coding required. This would demand three
critical attributes. The system would
a. Accept natural language input for any term the physician wishes
to use (See Reference 8 which discusses ``free vocabulary'' and
References 3 and 4 which discuss the need for an ``interface''
vocabulary for users of EMRs).
b. Map, by computer, this free language term to a standard
vocabulary such as SNOMED CT. (SNOMED CT is a reference terminology for
well-studied conditions, not an input terminology, although its
preferred terms are, of course, often those the physician normally
uses.)
c. Provide instant, ``realtime'' codes for new diagnoses such as
SARS--coding for new terms is delayed in the present system for months
or years, as was the case with AIDS.
3. DEPLOY THE INPUT SYSTEM: Make the entity diagnosis coding
system freely and readily available to all elements of health care.
ADVANTAGES OF THE MODERNIZED SYSTEM
The modernized system would
1. Provide physicians the detailed diagnoses they need for patient
care.
2. Remove a major barrier to acceptance of the EMR.
America's Health Insurance Plans
Washington, DC 20004
July 26, 2005
The Honorable Nancy Johnson Chairman
Subcommittee on Health
House Ways and Means Committee
1136 Longworth Building Washington, D.C. 20515
Dear Madam Chair:
On behalf of America's Health Insurance Plans (AHIP), I am writing
to submit testimony for your subcommittee's July 27 hearing on health
information technology.
AHIP and our members are committed to playing a leadership role in
developing an interconnected health care system--based on voluntary,
national, uniform standards--in which consumers and providers have
access to patient-owned Personal Health Records (PHRs) that provide
integrated health information, from all clinicians and all settings of
care, in a usable form and in a timely manner. Our testimony focuses on
several key areas:
opportunities to deploy health information technology to
improve quality, value and efficiency for health care consumers;
the role health insurance plans are playing in advancing
health information technology through the Ambulatory Care Quality
Alliance (AQA) and other initiatives; and
the importance of establishing consumer-centric Personal
Health Records (PHRs) that are fully compatible with Electronic Health
Records (EHRs).
We are pleased that health information technology has been the
focus of bipartisan legislation in both chambers of Congress. At the
same time, we have serious concerns about one proposal addressed by
several pending bills. Specifically, we strongly oppose provisions that
would relax the federal fraud and abuse laws for the purpose of
allowing hospitals to support physician use of health information
technology. We are concerned about the unintended consequences of tying
physicians to hospitals financially through equipment subsidies or
electronic record sharing. Moreover, the ability of physicians to
cooperate with other providers--and deliver services in a range of
hospitals--may be hindered if they become dependent on a hospital-based
information sharing network.
Another concern is that the proposed exceptions could
unintentionally lead to local information sharing programs that are
isolated and impede the development of the interconnected system that
is needed to exchange information across the country. We believe that
creating new exceptions to the current fraud and abuse laws is not only
unnecessary, but will undermine the integrity of the existing
regulatory framework.
Thank you for considering our concerns on this issue. We also
appreciate this opportunity to submit testimony on the broader issue of
advancing an interconnected health care system to improve the delivery
and quality of health care in America.
Sincerely,
Karen Ignagni
Statement of Rebecca Marshall, American Academy of Pediatrics,
Elk Grove Village, Illinois
Introduction
This statement is submitted on behalf of the American Academy of
Pediatrics (AAP), an organization of 60,000 primary care pediatricians,
pediatric medical subspecialists, and pediatric surgical specialists
who are dedicated to the health, safety, and well being of infants,
children, adolescents, and young adults. The AAP would like to thank
the House Committee on Ways and Means for the opportunity to submit a
statement for the record on congressional involvement to further the
adoption of health information technology (HIT).
Key Principles
In January 2005, the AAP joined with the American Board of
Pediatrics, the Child Health Corporation of America, and the National
Association of Children's Hospitals and Related Institutions to develop
the following key principles of a National Health Information
Infrastructure:
1. Every child should have a personal electronic health record
that is available 24 hours a day, 7 days a week, in whatever location
is necessary to provide care to the patient. If regional networks are
formed to facilitate the sharing of data within a community, it is
crucial that these networks be built using the same national standards
for data, functionality, and transmission so that patient information
may be shared across networks when necessary.
2. All information systems must be built on national standards for
both data and functionality. The Health Level 7 (HL7) EHR Draft
Standard for Trial Use, its accompanying standards, and future versions
should be adopted in all health care settings, including hospital,
ambulatory care, and public health. The use of controlled medical
terminology should be encouraged in the design of any data structure.
3. A standard method of transmission of data among information
systems must be established.
4. All information systems and procedures for data transmission
must protect the privacy and integrity of patient data through
compliance with the Privacy and Security Rules of the Health Insurance
Portability and Accountability Act (HIPAA) of 1996. Systems must also
be flexible enough to enable more stringent controls where required by
law. Data sharing will require national standards for authentication of
users and verification of access rights, and must support audit tools.
5. The availability of planning and implementation grants to begin
building local networks based on national standards and including all
health care providers would greatly improve the speed at which the NHIN
will develop.
These key principles highlight the need for national standards for
data, functionality, transmission, and vocabulary so that a patient's
electronic health record is accessible wherever it is needed, whenever
it is needed.
Resource Challenges
It is well known that one of the greatest challenges in encouraging
physician adoption of HIT is the misalignment of incentives.
Pediatricians wishing to implement EHRs face additional challenges.
1. Children, who are generally healthy, account for less than 12%
of personal health care spending. Therefore, market incentives have not
compelled private industry to focus on the unique IT needs of the
health care of children. As a result, the development of IT focused on
children's health care progressed more slowly than in other areas.
Where it does exist, the provider must have the resources to develop
customized IT systems. Of the pediatric dollars spent, 80% are
generated by children with special healthcare needs (who in turn
constitute approximately 16% of the pediatric population).i
This figure supports the need for financial incentives for systems that
improve care for the most medically complex children. In addition,
since these children are living longer, adult systems will eventually
need to handle the same functions in order to care for patients who
transition out of pediatric care.
---------------------------------------------------------------------------
\i}\Health Care Financing Review/Web Exclusive/December 2, 2004,
Volume 1, Number 1, page 2.
---------------------------------------------------------------------------
2. Because pediatric evaluation and management services are often
compensated at lower rates than the equivalent adult services or
procedures, children's doctors--pediatricians and family physicians--
often are unable to invest either the money or time required to obtain
and use IT appropriately.
3. Because pediatricians do not make frequent use of transcription
and often practice in solo practice or small groups, the usual
components of return on investment (reduced transcription costs and
reduced staff support) either do not apply or apply only marginally to
practices, making investment in an EHR difficult to recoup.
4. To date most public resources for IT development have been
focused on the Medicare population, with quality improvement efforts
focused on adult measures. This leaves physicians who care for children
at a disadvantage, since there are only approximately 12,000 pediatric
Medicare beneficiaries, and risks allowing market forces to drive EHR
development based almost exclusively on adult care.
Recommendations
In order to encourage adoption of HIT without impeding progress
already being made, Congress should:
1. Ensure that the Office of the National Coordinator for Health
Information Technology receives sufficient funding to continue its
work.
2. Allow for licensing and support of national health information
standards identified by the Department of Health and Human Services.
3. Provide funding to support activities of standards development
organizations, which often rely on volunteers for labor-intensive
development, refinement, and maintenance of standards.
4. Ensure that legislation impacting healthcare quality
improvement activities and incentives for HIT adoption apply to
Medicaid and SCHIP populations, in addition to Medicare.
5. The Stark laws and anti-kickback legislation should be relaxed
to allow for data-sharing between the hospital and the ambulatory
practice. In addition, since large medical centers typically have
financial and other resources for development of clinical information
technology that small, ambulatory practices do not, there should be
some provision for sharing of those resources to assist local providers
in accessing the RHIO.
In conclusion, the American Academy of Pediatrics fully supports
efforts to speed the adoption of electronic health records across the
nation. The Academy is heavily involved in clinical information
technology standards-setting and in assisting its members as they make
this transition. The fate of our children's healthcare is at stake. We
are available to answer any questions you may have regarding this very
important subject, especially as it relates to children. The Academy
appreciates your efforts, which will assist our members and all those
who care for children in improving health care quality and safety.
Statement of Jane M. Orient, M.D., Association of American Physicians &
Surgeons, Tucson, Arizona
Madame Chairman and Members of the Committee:
The Association of American Physicians and Surgeons was founded in
1943 to preserve private medicine. We represent thousands of physicians
in all specialties nationwide, and the millions of patients that they
serve. I am the executive director, and a practicing internist in
Tucson, Arizona
Nine years ago, President Bill Clinton signed into law the Kennedy-
Kassebaum bill, also known as the Health Insurance Portability and
Accountability Act of 1996 (HIPAA). It was the end product of three and
a half contentious years of White House and Congressional horse-
trading. These efforts resulted in new laws that were supposed to make
health insurance easier to purchase, with the capability to follow a
worker from one job to another, with policies more responsive to the
needs of patients, doctors and hospitals. It was also supposed to help
38 million Americans obtain health insurance.
There are now an estimated 45 million uninsured Americans,
according to the U.S. Census Bureau and other government sources.
Premium increases grew by 8% in 2000, 11% in 2001, 13% in 2002 and 14%
in 2003. We now spend an estimated $480 billion annually on U.S. health
care, according to the Robert Wood Johnson Foundation.
We believe that this situation is in large part the unintended
consequences of HIPAA. Additionally, many of the rules of HIPAA
continue to erode the quality of health care, add to the cost of
medical and administrative services, and undermine the patient-
physician relationship.
Rather than making medical care portable and more accountable,
HIPAA has apparently laid the foundation for a one-size-fits-nobody
national health insurance program. Reliance on the Internet and an
interoperable technology system may promise cost-savings to the federal
government and certain third-party payers, but it will add enormous,
unsupportable costs to private practitioners and small facilities.
Moreover, many physicians fear that the establishment of an Internet-
based health information infrastructure will enable facilitate, or even
lead inexorably to an effective hostile government takeover of American
medicine.
One of the objectives of HIPAA is the creation of a mandatory
electronic coding, tracking and surveillance system that would use a
uniform set of codes for every single medical procedure. Every doctor,
hospital and clinic would be required by law to submit these coded
procedures so that diseases could be tracked and ``quality'' could be
monitored. Even if proponents deny that a national database would be
established, the existence of multiple, interoperable databases would
be its functional equivalent. In other words, everyone's personal
medical history, including the most sensitive and intimate records,
would be accessible on the ``worldwide web'' to persons unknown to the
patients, with unpredictable and potentially devastating effects.
Back in 1996, when the ``Information Superhighway'' began
electronically linking all of humankind, it was paved with fiber optics
that led to high-speed modems. There were no visible potholes, viruses
or worms, and just a few annoying pop-ups. The Internet looked like the
answer to our dreams of a modern world, but it has become a dangerous
place for storing personal records of any kind.
One only needs to consult the Congressional Record of June 23, 2004
to better understand the intent and scope of medical information
technology: Upon introduction of his Health Care Modernization, Cost
Reduction and Quality Improvement Act of 2004, legislation (S. 2421,
108th U.S. Congress) amending HIPAA and the Public Health Service Act,
Sen. Edward Kennedy explained his vision for medical information
technology:
``The legislation we are introducing is an effective way to
modernize and improve the health care system, by using modern
information technology, by paying for value and results [emphasis
added] and not simply for procedures performed or patients admitted to
hospitals, and focusing in improving quality and preventing disease,''
Kennedy explained to his colleagues.
In one paragraph, Kennedy proposed that what was supposed to be a
way to help seniors pay their medical bills into a command-and-control
economy directed from Washington. His assumption that government knows
enough to define ``value and results'' and should have the authority to
deny payment for services rendered in good faith illustrates immense
chasm of understanding of American health that currently exists between
the U.S. Senate and the practitioners of modern medicine
The government takeover begins with so-called Pay-for-Performance
(Pay-for-Conformance really) within the Medicare program. Doctors would
not be allowed to participate in Medicare unless they met all the
information technology requirements proscribed by the U.S. Congress.
But that is just the camel's nose! Even if in compliance with the
electronic requirements, doctors would only be paid for what
bureaucrats decide should be done, under what circumstances, for whom,
and with what results--in other words only for care that follows
government ``guidelines.'' (These will be ``voluntary,'' so physicians
will be responsible for any untoward consequences, but any
``deviation'' will have to be justified or punished.) If paid only for
``successful'' outcomes, physicians who desired to remain financially
solvent might be forced to restrict their practice to patients with a
relatively good prognosis, who are inclined to follow doctor's orders.
Under the guise of streamlining the practice of medicine by
discouraging any procedures that computers might be able to identify as
defensive medicine, Pay-for-Performance becomes an obstacle to medicine
tailored to the needs of individual patients by focusing only on pre-
approved procedures for specific treatments and illnesses.
The electronic surveillance of medicine would make it that much
easier for trial lawyers to sue doctors, and doctors who would no
longer be paid for defensive medical practices. Under Kennedy's
proposal, doctors would not be paid for anything but results
If the House Ways & Means Committee and the U.S. Congress intend to
reduce medical costs, increase quality, and eliminate needless tests
and administrative overhead, a good first step would be to complete
work on long-overdue and badly needed caps on monetary awards for
``pain and suffering,'' limits on contingency fees that lawyers charge,
and penalties for filing unfounded lawsuits.
Instead, the federal government may require use of the Internet to
expose private medical records, monitor medical procedures, and dictate
the day-to-day operations of doctors' offices, hospitals, and
pharmacies.
The government-dictated medical information technology movement and
the intrusive, restrictive central planning in American medicine that
it would foster would render the practice of modern medicine as we know
it today virtually impossible. The quality and privacy of medical care
would suffer, as well as availability, because many excellent
practitioners are likely to become demoralized and withdraw from active
practice as soon as possible, unwilling to perform under constant
surveillance by bureaucrats. Advancements in medical technology and
groundbreaking treatments for disease would become nonexistent, because
the federal government would control all financial incentives for
medical research and development.
As the members of this Committee debate the broader issues of
medical information technology, and the potential for cost-savings for
government programs like Medicare and Medicaid, please keep foremost in
your mind the need to protect the sacred relationship between
physicians and their patients. In this 109th U.S. Congress, doctors and
their patients are facing a deluge of punitive and doctrinaire
regulatory proposals including the failure to reform medical liability
laws, moratoriums on physician financial interest in specialty
hospitals, information technology requirements for physicians
participating in Medicare, and now the proposed assault on the actual
practice of medicine--pay-for-performance.
The Association of American Physicians and Surgeons is urging
restraint, reflection and reassessment of the use of relatively novel
information technology and its relationship with government programs
and federal and state spending on health care. Forcing technology on
medicine by top-down central planning risks an end to advancements in
information technology, as outmoded, inappropriate, cumbersome systems
are imposed. Physicians and medical facilities will voluntarily adopt
technology as they find it serves their patients well, just as they
have been quick to use new imaging technology, surgical procedures, and
medications.
Please do all you can to roll back destructive federal interference
in medicine, so that those with actual knowledge of medicine and of
their patients can do their jobs efficiently, economically, and
privately. At least, stop adding new burdens to a system already
overloaded by counterproductive regulation.
Statement of Robin J. Thomashauer, Council for Affordable Quality
Healthcare
The Council for Affordable Quality Healthcare (CAQH) is an
unprecedented alliance of the nation's leading health plans, networks
and industry trade associations (see Appendix) working collaboratively
to help improve the healthcare experience for consumers and providers.
Our members, who provide healthcare coverage to more than 50 million
Americans, are strongly committed to developing and implementing
programs that reduce administrative burdens for physicians and patients
and improve quality of care. On behalf of its Board of Directors and
members, we appreciate the opportunity to submit a written statement
for consideration by the U.S. House Ways and Means Committee for
inclusion in the printed record of the Subcommittee on Health July 27,
2005 Hearing on Health Care Information Technology.
The purpose of this statement is to make the committee aware of a
public-private, multi-stakeholder initiative that is currently
developing an approach to promote and facilitate interoperability
between health plans and providers. Facilitated by CAQH, the initiative
is called the Committee on Operating Rules for Information Exchange or
CORE.
Interoperability
The benefits of an interoperable healthcare system are well
understood. However, technology adoption rates, data security, and
inconsistency associated with transactions between health plans and
providers have made interoperability in the healthcare arena extremely
difficult. No quick, effective mechanism exists today for provider
practices to access consistent patient administrative data--plan
coverage, co-pays, deductibles, etc. Furthermore, the information that
is available varies from plan to plan, requiring provider office staff
to spend hours of time on the phone or Web tracking down information.
It is estimated that the cost of this administrative work runs in the
millions of dollars per year. Incomplete or incorrect data has often
been cited as a significant cause of denied claims by insurers. CAQH
and its members strongly believe that interoperability between
providers and plans is critical to advancing improvements in healthcare
data transactions.
The Banking Industry Model
After conducting extensive research on the best approach for
facilitating interoperability, CAQH determined that a solution could be
found in the banking industry. In that sector, electronic data exchange
rules--embraced by the industry--has made ATM transactions and direct
deposits an everyday occurrence. Throughout 2004, CAQH worked with
NACHA, The Electronic Payments Association, and other experts in the
banking field to develop an organizational structure by which all
appropriate stakeholders could participate in an initiative to bring
interoperability to healthcare. NACHA establishes and enforces the
standards, rules and procedures that enable financial institutions to
exchange payments on a national basis through the ACH (Automated
Clearing House) Network. CAQH drew on the organization's more than 30
years of expertise in developing operating rules for the financial and
energy industries.
Committee on Operating Rules for Information Exchange (CORE)
CORE is the result of the collaboration between CAQH and NACHA.
Launched in January 2005, CORE is bringing together industry
stakeholders to build consensus on a set of operating rules that will
govern eligibility and benefits data exchange. It is important to note
that the initiative is solely focused on developing operating rules and
not software solutions. CORE believes that industry vendors, including
those currently participating, will develop software products that
adhere to the operating rules and enable consistent data exchange.
Based on that focus, CORE is working to
Identify common business practices between trading
partners that will facilitate ease of information exchange and
influence the simplification of data exchange between disparate
processing systems by supporting the identified common business
practices
Ensure all recommendations are independent of any
technology or vendor solution
Interact with standard setting bodies to facilitate
business rules enhancements (CORE rules will be built on existing HIPAA
standards)
Define clear roles and responsibilities for all
stakeholders: technology solution vendors, payers (public and private)
and their trading partners, business associates of trading partners and
clearinghouses, and providers
Identify key changes that must be made by trading
partners
Suggest migration steps to promote successful adoption of
CORE operating rules
Promote and encourage voluntary adoption of the rules
with tools and support
Support HHS national health information network Guiding
Principles
Report and monitor successes and status of mission by
participating entities and provide tools and assistance, where
possible, to assist in the implementation of CORE's mission, vision and
strategy
A Phased Approach
CORE was envisioned as a multi-phase initiative (see timeline
below). Stakeholders strongly believed that a process allowing
meaningful but achievable initial results was particularly important.
Therefore, its first set of operating rules, slated for rollout in
early 2006, will help standardize delivery of the following set of data
to providers:
Determine which health plan covers the patient
Determine patient benefit coverage
Confirm service type
Confirm the patient's copay amount (as defined in the
member contract)
Confirm the patient's coinsurance level (as defined in
the member contract)
Confirm the patient's base deductible levels (as defined
in the member contract)
Initial CORE efforts (Phase I) are building on applicable HIPAA
eligibility transaction requirements. Going forward, CORE will create
rules for additional components of eligibility transactions, such as
the amount the patient owes for services, what amount the health plan
will pay for authorized services and coordination of benefits,
enrollment/ disenrollment and claims status, prior authorization and
referrals. CORE's long-term aim is to standardize a comprehensive set
of patient administrative data, greatly decrease data request response
times and eliminate phone calls and website searching to track down the
information.
CORE Participation
CORE participation is open to every organization that has an
interest in eligibility transactions. To date, the initiative has
succeeded in attracting nearly 70 industry stakeholders. These include
health plans, providers, vendors, CMS and other government agencies,
associations, regional entities, standard setting organizations and
organizations from the banking industry (see Appendix).
Participating organizations are contributing input on the operating
rules by serving on CORE's Steering Committee and/or its three work
groups.
Steering Committee--Accountable for CORE strategic oversight and
creation of a long-term vision with objectives and implementation time
frames.
Policy Work Group--Developing CORE policies and procedures, such as
a contractual participant ``pledge'' that states commitment to comply
with CORE operating rules.
Technical Work Group--Determining the technical specifications for
CORE.
Rules Work Group--Writing the detailed business rules that will be
reviewed by the Steering Committee and voted on by CORE members.
CORE Timeline
The initiative is on track to finalize Phase I rules and policies
by year-end and encourage participant implementation in 2006. All
participating organizations recently received a Mid-year Communication
Package, which included ``strawman'' drafts of the CORE Phase I rules,
such as the CORE pledge and standards for response times. The rules
will be completed and tested by the end of 2005.
CORE's three phases are scheduled as follows:
Phase 1: 2005--Early 2006
Establish CORE Vision, Steering Committee and Work Groups
Create operating rules for selected patient eligibility
and benefits data elements and create a formal methodology to gain
market commitment and adoption
Phase II: 2006--2007
Promulgate and promote adoption of CORE Phase I operating
rules
Identify other opportunities to enhance market adoption
and industry support for interoperability among trading partners
Create rules for additional components of eligibility
transactions, such as the amount the patient owes for services, what
amount the health plan will pay for authorized services and
coordination of benefits
Create rules for other business transactions, which may
include enrollment/ disenrollment and claims status
Phase III: 2007 and Beyond
Promulgate and promote adoption of CORE Phase II
operating rules
Identify other opportunities for enhanced
interoperability among trading partners
Create rules for other business transactions, which may
include prior authorization and referrals
In Conclusion
CAQH, its Board and members and all CORE participants support an
interconnected healthcare system that allows for real-time,
standardized, quality data exchange among all stakeholders. We are
committed to playing a leadership role in achieving that system. And we
believe that the time to pursue that goal is now and feel certain that
CORE will make a significant contribution.
As Congress works to address the many issues surrounding healthcare
IT, we are eager to offer our assistance. CAQH looks forward to a
continuing dialogue with committee members on modernizing the
healthcare system.
Statement of Richard Trachtman, American College of Physicians
The American College of Physicians (ACP)--representing 119,000
physicians and medical students--is the largest medical specialty
society and the second largest medical organization in the United
States. Internists provide care for more Medicare patients than any
other medical specialty. Of our members involved in direct patient care
after training, 50 percent are in practices of 5 or fewer physicians
and 66 percent are in practices of 10 or fewer. We congratulate
Subcommittee Chairman Nancy Johnson and Ranking Member Pete Stark for
recognizing the importance of moving toward an interoperable health
information technology infrastructure and the crucial role the federal
government has in assisting the health care industry acquire and
utilize information technology. Thank you for holding this important
hearing on congressional involvement in speeding the adoption of health
information technology.
Background
In the Institute of Medicine's (IOM) 2001 Report, ``Crossing the
Quality Chasm--A New Health System for the 21st Century,'' the authors
describe the growing disparity between society's willingness to embrace
the advantages of information technology in many aspects of everyday
life, with the exception of health care. The IOM report cautions,
however, ``In the absence of a national commitment and financial
support to a build a national health information infrastructure--the
progress of quality improvement will be painfully slow.'' \1\ Since
that time, numerous studies and other policy experts agree that the
full adoption and utilization of health information technology (HIT)
can revolutionize health care delivery by improving quality of care and
reducing high medical costs.
---------------------------------------------------------------------------
\1\ Institute of Medicine, Crossing the Quality Chasm--A New Health
System for the 21st Century, March 2001, and U.S. Department of Human
Services, Information for Health: A Strategy for Building the National
Health Information Infrastructure, Report and Recommendations from the
National Committee on Vital and Health Statistics, November 15, 2001.
---------------------------------------------------------------------------
Meanwhile, Congress and the Administration have taken some initial
steps to advance the adoption of an interoperable health information
infrastructure model. The 2003 Medicare Modernization Act anointed the
Commission for Systematic Interoperability to take the lead in
developing a strategy for the adoption of uniform national standards.
In the 109th Congress, several bills have been introduced to mold the
framework for adopting HIT infrastructure.
President George W. Bush also seized on the opportunity to further
HIT adoption. In his January 2004 State of the Union address, Bush
first described the benefits that information technology will bring to
the health care sector: ``By computerizing health records, we can avoid
dangerous medical mistakes, reduce costs and improve care.'' \2\ The
President backed up this support by proposing additional funding for
federal HIT initiatives in his FY 2005 and FY 2006 Budgets.
---------------------------------------------------------------------------
\2\ Bush, George W., State of the Union, Washington, DC, January
20, 2004.
---------------------------------------------------------------------------
More significantly, however, was the April 2004 announcement by the
President calling for the widespread adoption of interoperable
electronic health records within the next decade. To oversee this bold,
new, ten-year initiative, the President announced the creation of the
Office of National Coordinator for Health Information Technology
(ONCHIT), and named its first Director, Dr. David J. Brailer.
Subsequently, ONCHIT devised a 10-year funding strategy for
policymakers to consider in speeding HIT adoption nationwide. According
to ONCHIT's ``Framework for Strategic Action,'' Congress should
consider several funding options, including additional Medicare
reimbursement as well as the use of loans, tax credits, and grants. It
also should consider the easing of fraud and abuse laws to allow the
sharing of electronic hardware.
ACP strongly supports the Congress and the Administration in these
initiatives to speed the adoption of uniform standards for health
information technology (HIT). The College is committed to providing
practicing internists with practical tools to help them improve
quality. ACP's Physicians Information and Education Resource (PIER)
provides ACP members--at no cost to them--with access to ``actionable''
evidence based guidelines at the point of care for over 300 clinical
modules. PIER has also been incorporated into several electronic health
record systems. It is currently in the process of aligning its
evidence-based content to support a starter set of measures selected by
the Ambulatory Care Quality Alliance (AQA). PIER is also creating paper
order sets that imbed such quality measures so that physicians who have
not made the transition to electronic health records could still
utilize PIER content to support their participation in performance
measurement initiatives.
ACP's Practice Management Center has developed resources to help
internists in the decision-making process on electronic health records
and is leading an initiative to provide internists with tools and best
practices to help them redesign their office processes to improve
health care quality.
But without sufficient financial assistance from the federal
government to incentivize providers to purchase the full range of HIT,
particularly those in small physician practices, we will be unable to
achieve a smooth transition into a fully-integrated HIT society. We
believe it is absolutely essential for Congress to begin to immediately
fund initiatives to adopt uniform national standards, and to fully fund
the pilot testing of HIT integration into all health care sectors.
The Benefits of Interoperable Health Information Technology
Policymakers agree that the universal utilization of interoperable
HIT can revolutionize health care delivery by putting real-time
clinically relevant patient health information and up-to-date evidence-
based clinical decision support tools into the hands of providers.
Adoption of HIT at all levels of health care will lead to the
improvement of health care quality and reduce the high costs for
individuals with complex health problems, particularly for those
Medicare patients with multiple costly chronic conditions.
Investment in the adoption of HIT is expected to result in
significant return savings. The Department of Health and Human Services
(HHS) and ONCHIT both agree that savings from a universal interoperable
HIT infrastructure could achieve between $140 billion to $170 billion
per year, close to 10 percent of total U.S. health spending. They note
the majority of these savings would be achieved by reducing duplicative
care, lowering health care administrative costs, and avoiding costly
medical errors. Independent studies also confirm substantial annual
savings as well.\3\
---------------------------------------------------------------------------
\3\ Walker, Jan; Pan, Eric et al., Health Affairs, ``The Value of
Health Care Information Exchange and Interoperability,'' January 2005.
``Full standardized health care information exchange and
interoperability could yield a net value of $77.8 billion per year once
fully implemented.''
---------------------------------------------------------------------------
The savings could even be more substantial when the adoption of HIT
is coupled with value-based purchasing programs (also known as ``pay-
for-performance''), now under consideration by key congressional
committees. Substantial savings in the Medicare Part A Trust Fund could
be captured by preventing unnecessary hospitalizations caused by
complications, needless duplications of medical tests and procedures,
and the lowering of health care administrative costs. Unfortunately for
small physician practices considering whether to make a significant
investment in converting their practice to a fully-integrated HIT
system, the cost-benefit analysis of making the initial purchase
currently favors the public and private payer over the health care
provider.
Costs of Acquiring Health Information Technology
The single biggest barrier to achieving fully interoperable HIT
across the nation is the substantial cost in acquiring the necessary
technology. This obstacle is especially acute for physicians practicing
in small office settings, where three-fourths of all Medicare
recipients receive outpatient care.\4\ An additional related barrier is
that public and private payers, not the physicians, will realize the
savings from physician investment in acquiring the necessary HIT (i.e.,
electronic health records, electronic prescribing, clinical decision
support tools, etc).
---------------------------------------------------------------------------
\4\ Center for Studying Health System Change, ``Most Medicare
Outpatient Visits Are to Physicians With Limited Clinical Information
Technology,'' July 2005.
---------------------------------------------------------------------------
The initial start-up costs for the purchase of a fully
interoperable HIT system can be substantial. Depending on the size of
the practice and its applications, acquisition costs on average range
from $16,000 to $36,000.\5\ (The Harvard Center for Information
Technology Leadership estimates HIT systems cost about $29,000 per
physician). The ongoing costs associated with training, maintenance,
and system support of the HIT system make these estimates substantially
higher over the lifetime of the practice.
---------------------------------------------------------------------------
\5\ Congressional Research Service, ``Health Information
Technology: Promoting Electronic Connectivity in Healthcare,'' The
Library of Congress, April 13, 2005.
---------------------------------------------------------------------------
Unfortunately, the savings from interoperable HIT will largely go
unrecognized for physicians making the investment to convert their
practices. In fact, it's more likely the majority of the savings from
physician investment will be recognized by payers and patients--through
a reduction in duplicative care, the lowering health care
administrative costs leading to lower health insurance rates, and
avoiding costly medical errors--not to the providers that pay the
initial and ongoing implementation costs. ACP strongly believes that
physicians' collective and individual contributions must be recognized
in order to achieve Medicare and Medicaid savings through HIT adoption.
Current reimbursement policies should allow for individual physicians
to share in the system-wide savings that are attributable to their
participating in HIT and other quality improvement programs.
While the College and the physician community recognize the great
potential for improving the overall quality of care that HIT brings,
the majority of small physician practices cannot afford to expend the
necessary capital to make the initial investment. For physicians
dealing with a multitude of financial issues--ranging from low
reimbursement under Medicare and Medicaid, declining fees from managed
care, the rising costs of medical malpractice insurance, and the cost
of compliance under increasing state and federal regulation--the
majority are not in any financial position to make the initial $16,000
to $36,000 investment.
The reality of HIT underinvestment by the typical physician
practice is affecting millions of Medicare beneficiaries. The Center
for Studying Health System Change (HSC) recently released a study
documenting the significant lack of Medicare beneficiary access to
physician practices with fully-integrated HIT systems. The study
monitored physician practice adoption trends for the following five
clinical functions: obtaining treatment guidelines; exchanging clinical
data with other physicians; accessing patient notes; generating
preventive treatment reminders for the physician's use; and writing
prescriptions.
While nearly half of the Medicare outpatient visits used at least
one of these five clinical functions, according to the HSC study, only
9 percent of visits were to physician practices with electronic
prescribing capabilities. The study concluded that while Medicare is
targeting small practices by offering technical assistance and
undertaking a chronic care pay-for-performance demonstration, ``Broader
policy efforts--including financial incentives--may be needed, however,
to substantially improve patient access.'' \6\
---------------------------------------------------------------------------
\6\ See HSC study, July 2005.
---------------------------------------------------------------------------
The Need for Immediate Congressional Involvement
The current Medicare physician reimbursement system does not reward
physicians for quality. Because physicians are paid on a per-procedure
or per-service basis, the Medicare reimbursement structure emphasizes
volume over quality. In recognition of the need for a Medicare
reimbursement system that rewards innovation and quality, Congress is
examining the role that value-based purchasing programs might play in
the Medicare program.
ACP strongly believes a solution to this problem lies in changing
the Medicare physician payment policies to reward those physicians who
fully incorporate all aspects of HIT (and value-based purchasing
programs) into their practice. Under today's Medicare payment
formula,physician payments is based upon several factors: relative
value units (RVUs) for each service, reflecting the relative amount of
physician work effort, practice expenses, and malpractice insurance
expenses involved with furnishing each service; a dollar conversion
factor that translates these RVUs into monetary payment amounts; and
geographic practice cost indexes (GPCIs) for physician work, practice
expenses, and malpractice insurance expenses to reflect differences in
physician practice costs among geographic areas.
But in order to speed the adoption of HIT into physician practices,
and to take into account the ongoing, everyday costs associated with
maintaining such systems, the College recommends Congress consider
legislation that builds into the Medicare physician payment system an
add-on code for office visits and other evaluation and management (E/M)
services. This payment mechanism should identify that a service was
facilitated by electronic health data systems, such as electronic
health records, electronic prescribing and clinical decision support
tools, and reimburse accordingly.
In addition, Congress should also allocate the necessary funding
for small physician practices to make the initial HIT investment to
purchase the necessary hardware and software. The majority of bills
that have been introduced in the 109th Congress only utilize either
grants, loans, tax credits, or a combination of the three. We believe
those funding mechanisms alone are insufficient to put the necessary
HIT systems into the hands of small physician practices.
Finally, the College is growing deeply concerned over the lack of
coordination in the creation of uniform HIT standards. In order to
facilitate the seamless and secure transition to an electronic flow of
health information, Congress must push for the adoption of uniform
standards for everyone to use. To date, several standards have already
been developed by a mixture of public and private entities.
Unfortunately, these entities are, in most cases, duplicating efforts.
We believe Congress must intervene in this process and bring public and
private entities together into one decision-making body to agree on
existing standards, determine what additional standards are needed,
prioritize future standard development, and make sure approved
standards are maintained.
ACP is very supportive of the initiative recently announced by HHS
Secretary Mike Leavitt to create the American Health Information
Community (AHIC), a public-private collaboration that will help develop
standards and achieve interoperability of health information. This
collaboration will provide a forum for interest ed parties to recommend
specific actions that will accelerate the widespread application and
adoption of electronic health records and other health information
technology. We believe an entity, such as AHIC, should be recognized as
the sole organization charged with developing uniform standards and
certifying HIT products for industry use. Therefore, Congress must
immediately authorize and provide the sustained funding to begin the
development of uniform national HIT standards.
Once developed, HIT standards will need real-world pilot testing.
This should come as no surprise to Congress given the dire situation we
found ourselves in 2003 with the implementation of standards mandated
under HIPAA Transaction and Code Sets Standard. As with HIPAA Standards
compliance, implementation of HIT standards will require time and a
significant amount of pilot testing by the full range of health care
providers from all sectors with adequate HIT in place. Testing must
include physicians in solo/small and large practice settings (rural and
urban areas), psychologists, hospitals, community health centers,
skilled nursing facilities, laboratories, and pharmacies. All
participants in the pilot must utilize the full range of HIT systems
and the necessary ongoing training must be provided. Therefore, we
believe Congress must provide the necessary funding to ensure adequate
testing of HIT standards across all health care sectors. These pilot
tests can begin immediately as standards become accepted. As additional
standards are approved, they can be immediately incorporated into the
pilot.
Legislation in the 109th Congress
In the 109th Congress, a flurry of legislative proposals has
already been introduced to define the federal role in speeding the
adoption of HIT. ACP is supportive of many of the bills that have come
forward, especially those we believe will lead to the achievement of
universal acceptance and adoption of HIT. We are also appreciatative of
the Senate-passed FY 2006 Budget Resolution that creates a HIT
``reserve fund'' to permit financial incentives which will encourage
the adoption of information technology for the period of fiscal years
2006 to 2010. Recognizing the quality and the cost savings benefits,
the FY 2006 Budget Resolution provides the authority for the Senate
Finance Committee and the Senate HELP Committee to report out language
offering financial incentives that encourage the adoption of HIT,
anticipating they will pay for themselves within 5 years.
The College is particularly supportive of the bipartisan bill, H.R.
747, the ``National Health Information Incentive Act,'' sponsored by
Reps. Charles Gonzalez (D-TX) and John McHugh (R-NY), because it
specifically targets those small physician practices who are in need of
the most financial assistance. Like most of the legislative proposals
introduced so far, H.R. 747 offsets the initial start-up costs and
ongoing training and maintenance costs of acquiring interoperable HIT
systems by providing grants, loans, and refundable tax credits. But
more importantly, the legislation builds into the Medicare physician
payment system an add-on code for office visits and other evaluation
and management (E/M) services, care management fees for physicians who
use HIT to manage care of patients with chronic illnesses, and payments
for structured email consults resulting in a separately identifiable
medical service from other E/M services. These fees would be triggered
if the procedure or service was facilitated by an electronic health
data system (such as electronic health records, electronic prescribing
and clinical decision support tools) when used to support physicians'
voluntary participation in performance measurement and improvement
programs. Additionally,H.R. 747 takes the appropriate step of
establishing two-year pilot testing of the standards and the
determining quality improvements and cost savings of the integration of
HIT.
In addition, the College is also strongly supportive of the
bipartisan bill, S. 1227, the ``Health Information Technology Act,''
introduced by Sens. Debbie Stabenow (D-MI) and Olympia Snowe (R-MA).
Like the Gonzalez-McHugh bill, S. 1227 includes one-time tax credits
and grants for the purchase of HIT as well as Medicare physician
payment changes that recognize the ongoing costs in maintaining HIT by
authorizing adjustments to Medicare payment when an identifiable
medical service is provided using HIT.
The College strongly believes Congress should provide the necessary
funding to offset the initial costs in obtaining HIT, but it should
also recognize the unquantifiable and ongoing costs in utilizing HIT.
It is this combination of one-time and on-going financial incentives
put forward by H.R. 747 and S. 1227 that will substantially speed HIT
adoption and improve access to physician practices with HIT, resulting
in tremendous system-wide savings. Congress should recognize the
collective and individual contributions needed to achieve Medicare and
Medicaid savings through the adoption of HIT. Therefore, we believe
funding initiatives should allow for individual physicians to share in
the system-wide savings that are attributable to their participating in
HIT and other performance measurement and improvement programs.
Conclusion
ACP is pleased that the House Committee on Ways and Means
Subcommittee on Health is examining the congressional role in
accelerating the adoption of health information technology. We strongly
believe Congress has a very important role in promoting the adoption of
uniform standards and providing the necessary initial and ongoing
funding mechanisms to assist small physician practices to adopt and
utilize HIT. The benefits of full-scale adoption of interoperable HIT
will be significant, leading to a higher standard of quality in the
U.S. health care system. Unfortunately, without adequate financial
incentives, small physician practices will be left behind the
technological curve and their patients with them.
Statement of William Vaughan, Consumers Union
Madame Chair, Members of the Committee:
Consumers Union is the independent, non-profit publisher of
Consumer Reports.
Like so many others, we believe expediting the development of a
common health care information technology has the potential to bring
enormous long-term savings and quality improvements.
But--and this is a big qualifier--there needs to be more consumer
involvement in and understanding of how consumers' very personal
medical data is going to be used and protected.
A truly modern health care system should enable medical providers
to immediately access an individual's medical records, images or drug
reactions in an emergency, or quickly put their hands on the complete
medical history of a new patient. But the promise of better health care
through easily useable medical records is accompanied by deep fear that
one's most private medical records might be easily compromised. In
recent months, we have seen this compromise of electronic data in the
theft of millions of Americans' financial records. Computers are hacked
into almost daily; identity theft has become a common story. If these
severe problems happen constantly in the financial world, the consumer
wonders what is to keep them from happening in the medical world?
The consensus Senate IT bill seems to deal with privacy issues
largely through a cross-reference to the Health Insurance Portability
and Accountability Act of 1996. Yet the average person on the street
has no idea what HIPAA means, or how it may protect their medical
recored privacy. Legislation that promotes the use of health care IT
needs provisions that educate the American public about what it means,
how it will work, and what a person's rights and protections are in the
new system. The privacy standards need to be restated and clearly
explained, the penalties for willful and malicious violations
strengthened, and individuals should be given the right to opt out of
the system until they want to join in. Also, if a person's medical
record is ever compromised, they should be informed immediately about
the breach. It should be clear that individuals should in general be
able to see their records and request corrections.
To date, the health care IT process has been largely a technical
discussion involving providers and purveyors of IT services. But what
hasn't been talked about is the incredibly personal and sensitive
information these electronic medical records would contain. Any and all
advisory commissions created by any health care IT legislation should
include a majority of ``ordinary'' citizens to make sure that the
American consumer is comfortable with measures to protect this
sensitive information.
Rather than increasing the sense of powerlessness and vulnerability
in our modern computer age, the health care IT system of the future
should be a benefit to consumers' quality of life of consumers. Only by
including consumers in the process, educating the public about this
technology, and strengthening privacy protections will consumers have
faith in the new system.
Statement of Richard Patrick Yanes, Clinical Social Work Federation,
Arlington, Virginia
Chairwoman Johnson and Members of the Committee, we appreciate this
opportunity to address the Committee as it continues its work in
examining the issues attendant to the greater uses of the developing
information technologies in the health care field. Clearly such
technologies offer great opportunities to provide improved and better
integrated physical and mental health care services. Just as clearly,
however, such technologies carry great risks of harm. Our comments,
then, will be directed at our concern that such technologies not put at
risk the disclosure of an individual's private health information
without the individual's consent.
For decades Congress has recognized the need to protect consumers'
personal information and has passed laws ensuring the privacy of
information contained in bank, credit card, other financial records,
and even video rentals. With respect to an individual's health
information, Congress has been no less vigilant. With the passage of
the Health Insurance Portability and Accountability Act of 1996
(HIPAA), Congress recognized the importance of protecting the
consumers' most sensitive information--health information \1\ as did
the previous Administration, drafting regulations implementing the Act
that required consumers' consent \2\ The protection offered in HIPAA,
however, was a continuation of the almost three decades long
application of the confidentiality regulations developed to protect the
consumers of substance abuse services.\3\
---------------------------------------------------------------------------
\1\ 67 Fed. Reg. 14775 and 14777.
\2\ 45 CFR � 164.506
\3\ 42 CFR Part 2.
---------------------------------------------------------------------------
With the enactment of these and other legislative policies,
Congress recognized the many reasons for safeguarding consumers' health
information including that many individuals will refuse to seek timely
physical and mental health care for conditions they perceive may have a
stigmatizing effect on them should the information not be held in the
strictest confidence. ``People's willingness to seek help is contingent
on their confidence that personal revelations of mental distress will
not be disclosed without their consent.\4\ To delay treatment is to
exacerbate the condition and increase costs should treatment be sought
later.
---------------------------------------------------------------------------
\4\ Department of Health and Human Services, Mental Health: A
Report Of The Surgeon General, (Washington D.C., GPO, 1999) p. xvii.
---------------------------------------------------------------------------
The Federal courts have also recognized the critical nature of
confidentiality when the United States Supreme Court held in Jaffe v.
Redmond that patients receiving mental health therapy have a right to
privacy in therapist-patient communications and that such
communications cannot be used or disclosed without their consent \5\
The Court also recognized that all 50 states and the District of
Columbia have enacted some form of psychotherapist-patient privilege
and it was through that reason and experience that the Court was led to
its holding.\6\
---------------------------------------------------------------------------
\5\ Jaffe v. Redmond 518 U.S. 1 (1996).
\6\ Ibid.
---------------------------------------------------------------------------
As the Subcommittee goes about its work we urge that the Members be
mindful that not only has the federal government placed critical
importance on the protection of health information but that many states
have adopted their own standards of protection as well. Both the
Congress and the Department of Health and Human Services (HHS) gave
assurances through their enactment of HIPAA and its implementing
regulations that federal privacy standards would not supercede state
privacy laws ``. . . if the provision of State law imposes
requirements, standards, or implementation specifications that are more
stringent than the requirements, standards, or implementation
specifications imposed under the regulation . . .'' \7\ and again later
when commenting on the adopted Privacy Rule HHS stated that ``State
laws that are more stringent remain in force. In order to not interfere
with such laws and ethical standards, this Rule permits covered
entities to obtain consent.'' \8\
---------------------------------------------------------------------------
\7\ 67 Fed. Reg. 1475 et seq., 264(c)(2).
\8\ 67 Fed. Reg. 53,212.
---------------------------------------------------------------------------
In conclusion, as the Subcommittee continues its work to set
standards for the development of information technologies and their
application to health care information we urge that the Members
continue to give the highest priority to the protection of the
individual's right to control the disclosure of their private health
information.
______
Appendix A.
The Clinical Social Work Federation, the largest clinical social
work organization in the United States, has members and societies in
37states both nationally and in Canada. The Federation works for
improvement of the standards of the profession, the protection of
clients, and the professional development of its members. The
Federation provides both clients and members with advocacy on mental
health issues before the Congress and regulatory bodies and assists the
state societies with advocacy at the state level.
Licensed clinical social workers provide 41% of the mental health
services in the United States and work through social service agencies,
hospitals and community health centers, health maintenance and managed
care organizations, schools, and private practice. Clinical social
workers are licensed in all 50 states and diagnose, treat, and engage
in preventive services of mental, behavioral, and emotional disorders
in individuals, families, and groups.
Both the states and the courts have upheld the confidentiality of
the special relationship the clinical social worker has with their
clients. Clinical social workers are also recognized and testify as
expert witnesses on the diagnosis and treatment of mental disorders.
All clinical social workers hold advanced degrees and have undergone
thousands of hours of supervised clinical internships prior to
licensing.
______
Appendix B
Clinical social work plays a crucial role in the delivery of mental
health services nationally with over 250,000 licensed clinical social
workers. Clinical social workers hold advanced degrees and have
undergone thousands of hours of supervised clinical internships prior
to licensing. In most states, clinical social workers are licensed to
diagnose, treat, and engage in preventive services of mental,
behavioral, and emotional disorders in individuals, families, and
groups.
Clinical social workers provide 41% of mental health
treatment in the country (ASWB, 2003) and have clinical training
standards that are the equivalent of or stronger than psychologists,
mental health counselors, marriage and family therapists, and
psychiatric nurses.
Clinical social workers have one of the lowest actionable
complaint rates of any mental health discipline with national rates of
0.9% (ASWB, 2003).
Clinical social workers have one of the highest
satisfaction ratings of all mental health professionals, as surveyed
and reported in a 1995 Consumer Reports article according to 4000
consumers of mental health services.
Clinical social workers are trained to provide diagnosis
and treatment through psychotherapy and counseling of all mental health
disorders. Both the states and the courts have upheld the
confidentiality of the special relationship the clinical social worker
has with their clients.
Clinical social workers work through social service
agencies, hospitals and community health centers, health maintenance
and managed care organizations, schools, and private practice.
Clinical social workers reduce medical problems and
health care costs by treating the emotional disorders that lead to 50%
of the visits to family practitioners (Office of the Surgeon General,
2000).
Clinical social workers play an integral role in state,
county, and city mental health programs throughout the country.
�