[Federal Register Volume 62, Number 142 (Thursday, July 24, 1997)]
[Notices]
[Pages 39844-39847]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 97-19492]
-----------------------------------------------------------------------
DEPARTMENT OF HEALTH AND HUMAN SERVICES
National Committee on Vital and Health Statistics: Publication of
Recommendations Relating to HIPAA Health Data Standards
AGENCY: Office of the Secretary.
ACTION: Notice.
-----------------------------------------------------------------------
SUMMARY: Section 1172(f) Subtitle F of Pub. L. 104-191, the Health
Insurance Portability and Accountability Act of 1966, requires the
Secretary of Health and Human Services to publish in the Federal
Register any recommendation of the National Committee on Vital and
Health Statistics (NCVHS) regarding the adoption of a data standard
under that
[[Page 39845]]
law. Accordingly, the full text of the initial set of NCVHS
recommendations relating to HIPAA data standards is reproduced below.
The text of the recommendations is also available on the NCVHS website:
http://aspe.os.dhhs.gov/ncvhs/. The executive summary of the NCVHS
recommendations to HHS relating to health information privacy and
confidentiality is also reproduced below. The full text of the NCVHS
privacy report is available on the NCVHS website.
SUPPLEMENTARY INFORMATION: Under the Administrative Simplification
provisions of the Health Insurance Portability and Accountability Act
of 1966 (HIPAA), the Secretary of Health and Human Services is required
to adopt standards for specified administrative health care
transactions to enable information to be exchanged electronically. The
law requires that, within 24 months of adoption, all health plans,
health care clearinghouses and health care providers who choose to
conduct these transactions electronically must comply with these
standards. Further, the law requires the Secretary to submit to
Congress detailed recommendations on standards with respect to the
privacy of individually identifiable health information. In preparing
these reports and recommendations, the Secretary is required to consult
with the NCVHS, the statutory public advisory body to HHS on health
data, privacy and health information policy. On June 27, 1997, the
Committee submitted a set of initial recommendations relating to health
data standards. In accordance with the law, the full text of the
recommendations is published below. The executive summary of the NCVHS
privacy report also is reproduced below.
Recommendations Relating to the National Provider Identifier
The Honorable Donna E. Shalala,
Secretary of Health and Human Services,
200 Independence Avenue, SW.,
Washington, DC 20201.
Dear Secretary Shalala: On behalf of the National Committee on
Vital and Health Statistics (NCVHS), I am pleased to forward to you
our recommendations relating to the first of the health data
standards being proposed for adoption in accordance with the
administrative simplification provisions of the Health Insurance
Portability and Accountability Act of 1996 (HIPAA). HIPAA outlines a
new approach to the adoption of data standards to support electronic
data interchange in the health industry in the United States, in a
framework that protects the privacy and security of health
information. The law assigns to you the responsibility for adopting
such standards by February 1998. It also asks you to provide
detailed recommendations to Congress with respect to the privacy of
individually identifiable health information by next August. The
NCVHS is very pleased to provide support, advice and consultation to
you in this effort.
To assist in carrying out our advisory responsibilities to you,
the NCVHS, in collaboration with HHS, has held a number of public
hearings to obtain input and advice from throughout the health
industry, State government, and the research and public health
communities. The first of the health data standards to be proposed
for adoption is the unique identifier for health providers, which
HHS has had under development for some time and which we understand
is planned for Federal Register publication in July for review and
comment.
The NCVHS has been briefed on the proposal for the National
Provider Identifier (NPI), and we offer our strong support. The
proposal includes an eight digit alphanumeric identifier that would
be assigned to all providers, along with essential identifying
information. The identifier includes a check digit and contains no
embedded intelligence. We recommend that HHS proceed to publish the
proposal for public comment without delay. While public comments are
likely on the technical details of the number and the optimal
approach to enumeration, we have found broad support for the
proposal in general and urge you to proceed.
The Committee did identify one concern that we bring to your
attention. The NPI, like all of the subsequent standards to be
adopted, should be conceived of as a generic industry-wide standard
and it should not contain any requirements that are specific to
individual programs--government programs or otherwise. It is our
understanding that information about HHS Inspector General sanctions
against providers is being considered as part of the NPI system.
We believe that this approach undermines the principle of a
generic industry-wide standard and makes the successful
implementation of the first standard needlessly difficult and
controversial. While we are supportive of HHS efforts to prevent and
detect health care fraud and abuse, we strongly recommend against
the inclusion of sanctions information as part of the NPI system
itself. The OIG provider sanctions information is already public,
and it can be further publicized in other ways. We do agree that the
use of the NPI to facilitate access to health care fraud and abuse
information in other data systems is both appropriate and consistent
with the intent of the statue.
We appreciate your national leadership in health data standards,
electronic data interchange and privacy, and we are privileged to
work with you on these issues.
Sincerely,
Don E. Detmer, M.D.,
Chairman.
Recommendations Relating to Transaction Standards
The Honorable Donna E. Shalala,
Secretary of Health and Human Services, 200 Independence Avenue, SW,
Washington, DC 20201.
Dear Secretary Shalala: On behalf of the National Committee on
Vital and Health Statistics (NCVHS), I am pleased to forward to you
our recommendations relating to some of the health data standards
being proposed for adoption in accordance with the administrative
simplification provisions of the Health Insurance Portability and
Accountability Act of 1996 (HIPAA). As you are aware, HIPAA outlines
a new approach to the adoption of data standards to support
electronic data interchange in the health industry in the United
States, in a framework that protects the privacy and security of
health information. The law assigns to you the responsibility for
adopting such standards by February 1998. It also asks you to
provide detailed recommendations to Congress with respect to the
privacy of individually identifiable health information by next
August. The NCVHS is very pleased to provide support, advice, and
consultation to you in this effort.
To assist in carrying out our advisory responsibilities to you,
the NCVHS, in collaboration with HHS, has held a number of public
hearings to obtain input and advice from throughout the health
industry, State government, and the research and public health
communities. We have heard a great deal of input from the private
and public sectors, and have synthesized that input into the
following recommendations regarding the administrative
simplification standards.
Administrative Transaction Messages
The NCVHS recommends that you adopt the following standards for
transmission of administrative and financial transactions. In
addition, we recommend that you specify the acceptable versions and
implementation guides for these standards at the time the final
rules are issued.
Health Claims * or Equivalent Encounter Information
Pharmacy--NCPDP Telecommunications Standard Format
Institutional--ASC X12N Health Care Claim (837)
Professional--ASC X12N Health Care Claim (837)
Dental--ADA Implementation Guide for ASC X12N 837
* The X12N standard for claims includes standard information for
coordination of benefits.
Enrollment and Disenrollment in a Health Plan
ASC X12N Benefit Enrollment and Maintenance (834)
Eligibility for a Health Plan
ASC X12N Health Care Eligibility/Benefit Inquiry (270)
ASC X12N Health Care Eligibility/Benefit Information (271)
Health Care Payment and Remittance Advice
ASC X12N Health Care Claim Payment/Advice (835)
[[Page 39846]]
Health Care Premium Payments
ASC X12N Consolidated Service Invoice/Statement (811)
ASC X12N Payment Order/Remittance Advice (820)
First Report of Injury
ASC X12N Report of Injury, Illness or Incident (148)
Health Claim Status
ASC X12N Health Care Claim Status Request (276)
ASC X12N Health Care Claim Status Notification (277)
Referral Certification and Authorization
ASC X12N Health Care Service Review Information (278)
The adoption of a standard for claim attachments is not due
until next year, so we will make a timely recommendation for that
transaction at a later time.
Although we recommend that institutional and professional claims
should move to the ANSI X12N 837 standard, we recommend a strategy
to ease the transition for providers and payers that currently rely
on the older NSF or UB92 flat-file formats for electronic claims
submissions. We have learned at the hearings that the financial
health of providers is extremely sensitive to the timing of payments
for claims submitted. As a result, there is some fear in the
industry that pushing this transition to the 837 too rapidly could
lead to financial failures if payments were delayed because of
technical problems during the conversion. We recommend a transition
strategy whereby willing trading partners, by mutual agreement,
could continue to use existing flat-file mechanisms (NSF and UB92)
to exchange claim transactions until February, 2002. Strict
adherence to section 1175 of HIPAA (which forbids plans from
refusing standard transactions or delaying payment on the grounds
that a transaction is standard) will be expected and should be
enforced.
Transaction Data Content
The Committee has a long history of national leadership on
health data content issues. We will review the information now being
collected by HHS in the master data dictionary of transaction data
elements and, once that is available, will formulate our
recommendations. The Committee's recommendations on data content
also will include specific recommendations for a process for
changing, maintaining, and updating the standard data content
specifications for the above administrative transactions. As part of
our ongoing responsibilities, we will continue to advise you on the
need for new data elements, as well as deletions and modifications
to current data elements, for health care transactions.
At this time, we would like to make specific recommendations
about several data elements. In a previous communication, we
endorsed HCFA's NPI proposal for a unique identifier for providers.
The Committee would like to endorse the HCFA proposed Payer ID as
the national standard for the payer identifier. A recommendation on
the individual identifier may follow, after the Committee has had
opportunity to review and discuss the commissioned report on this
topic.
The Committee recommends that diagnosis and procedure coding
continue to use the current code sets because replacements will not
be ready for implementation by the year 2000. ICD-9-CM diagnosis
codes, ICD-9-CM Volume 3 procedure codes, and HCPCS (including CPT
and CDT) procedure codes should be adopted as the standards to be
implemented by the year 2000. Annual updates to ICD-9-CM and HCPCS
should continue to follow the schedule currently used. In addition,
we recommend that you advise industry to build and modify their
information systems to accommodate a change to ICD-10-CM diagnostic
coding in the year 2001 and a major change to a unified approach to
coding procedures (yet to be defined) by the year 2002 or 2003. We
recommend that you identify and implement an approach for procedure
coding that addresses deficiencies in the current systems, including
issues of specificity and aggregation, unnecessary redundancy, and
incomplete coverage of health care providers and settings. The
committee will continue its leadership and participation in this
endeavor.
Security Standards
Security standards will be recommended by the Committee after
hearings are held on this topic. These hearings are currently
scheduled for August.
We appreciate your national leadership in health data standards,
electronic data interchange and privacy, and we are privileged to
work with you on these issues.
Sincerely,
Don E. Detmer, M.D.,
Chairman.
Recommendations Relating to Privacy
The Honorable Donna E. Shalala,
Secretary of Health and Human Services, 200 Independence Avenue
S.W., Washington, D.C. 20201.
Dear Secretary Shalala: On behalf of the National Committee on
Vital and Health Statistics (NCVHS), I am pleased to forward to you
our recommendations relating to health information privacy. The
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
requires you to provide detailed recommendations to the Congress
with respect to the privacy of individually identifiable health
information by August 1997. The law also directs you to consult with
the NCVHS in developing your recommendations. The enclosed report is
submitted in support of this responsibility.
In developing our recommendations to you for health information
privacy, the NCVHS Subcommittee on Privacy and Confidentiality held
six full days of public hearings during which we heard from 43
witnesses from the industry, privacy community, State government,
and public health and research communities. We also benefited from
two additional days of public hearings in San Francisco where we
heard from an additional 40 witnesses from across the health
industry spectrum, including a number of representatives from the
privacy and patient advocacy community.
The NCVHS recommends that you and the Administration assign the
highest priority to the development of a strong position on health
privacy. The NCVHS also recommends that the 105th Congress enact a
health privacy law before it adjourns in the fall of 1998.
We appreciate your leadership on health information privacy, and
offer our continuing assistance in addressing this national issue.
Sincerely,
Don E. Detmer, M.D.,
Chairman.
Enclosure
Health Privacy and Confidentiality Recommendations of the National
Committee on Vital and Health Statistics
Executive Summary
The Health Insurance Portability and Accountability Act requires
the Secretary of Health and Human Services to consult with the
National Committee on Vital and Health Statistics when developing
recommendations on standards for the protection of the privacy of
individually identifiable health information. This report is the
Committee's advice to the Secretary.
The Committee finds that the United States is in the midst of a
health privacy crisis. Patients must feel comfortable in
communicating sensitive personal information. Delays in passing
privacy legislation will allow additional and uncontrolled uses of
health information to develop.
The Committee recommends that the Secretary and the
Administration assign the highest priority to the development of a
strong position on health privacy that provides the highest possible
level of protection for the privacy rights of patients. The
Committee also unanimously recommends that the 105th Congress enact
a health privacy law before it adjourns in the fall of 1998.
Health privacy legislation presents only hard choices and
difficult tradeoffs. The importance of trust in the provider-patient
relationship must be preserved. Health records are used to improve
the quality of health care, reduce the costs of health care, expand
the availability of health care, protect the public health, and
assure public accountability of the health care system. Privacy
competes with all of these objectives, and it is not easy to strike
a fair balance between privacy and these other worthy goals. The
Committee has no doubt, however, that a privacy bill can be passed
that balances the interests of patients with the needs of the health
care system.
The Committee calls for a law that will require creators and
users of identifiable health care information to establish a full
range of fair information practices, including a patient's right of
access to records, right to seek amendment of records, and right to
be informed about users of health information. The law must also
impose restrictions on
[[Page 39847]]
disclosure and use of the information, require adequate security,
impose sanctions for violations, and increase reliance on non-
identifiable information whenever possible.
The Committee strongly supports the use of health records for
health research, subject to independent review of research protocols
and other procedural protections for patients. The Committee also
strongly supports the use of health records for public health
purposes, subject to substantive and procedural barriers
commensurate with the importance of the public health functions. The
Committee believes that patients need strong substantive and
procedural protections if their health records are to be disclosed
to law enforcement officials.
The Committee strongly supports limiting use and disclosure of
identifiable information to the minimum amount necessary to
accomplish the purpose. The Committee also strongly believes that
when identifiable health information is made available for non-
health uses, patients deserve a strong assurance that the data will
not be used to harm them.
Contact Person for More Information: Information about the
Committee as well as the text of the HIPAA recommendations is available
on the NCVHS website or from James Scanlon, NCVHS Executive Staff
Director, Office of the Assistant Secretary for Planning and
Evaluation, DHHS, Room 440-D, Hubert H. Humphrey Building, 200
Independence Avenue S.W., Washington, D.C. 20201, telephone (202) 690-
7100, or Marjorie S. Greenberg, Executive Secretary, NCVHS, NCHS, Room
1100, Presidential Building, 6525 Belcrest Road, Hyattsville, Maryland
20782, telephone (301) 436-7050.
Dated: July 18, 1997.
James Scanlon,
Director, Division of Data Policy, Office of the Assistant Secretary
for Planning and Evaluation.
[FR Doc. 97-19492 Filed 7-23-97; 8:45 am]
BILLING CODE-4151-04-M