[Federal Register Volume 63, Number 128 (Monday, July 6, 1998)]
[Notices]
[Pages 36411-36413]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 98-17763]


-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES

Centers for Disease Control and Prevention


National Vaccine Advisory Committee; Notice of Meeting

    Name: National Vaccine Advisory Committee (NVAC) Immunization 
Registries Workgroup on Privacy and Confidentiality.
    Time and Date: 8:30 a.m.-12:30 p.m., July 16, 1998.

    Name: NVAC Immunization Registries Workgroup on Technical and 
Operational Challenges.
    Time and Date: 1:30 p.m.-5:30 p.m., July 16, 1998.

    Name: NVAC Immunization Registries Workgroup on Ensuring Provider 
Participation.
    Time and Date: 8:30 a.m.-12:30 p.m., July 17, 1998.

    Name: NVAC Immunization Registries Workgroup on Resource Issues.
    Time and Date: 1:30 p.m.-5:30 p.m., July 17, 1998.
    Place: Marriott Marquis, 265 Peachtree Center, Atlanta, Georgia, 
telephone (404) 521-0000.
    Status: Open to the public, limited only by space availability. The 
meeting room accommodates approximately 200 people.
    Purpose: During a White House Ceremony on July 23, 1997, the 
President directed the Secretary of Health and Human Services (HHS) to 
work with the States on integrated immunization registries. As a 
result, NVAC has formed a Workgroup, staffed by the National 
Immunization Program (NIP), that will gather information for 
development of a National Immunization Registry Plan of Action.
    To assist in the formulation of a work plan, a series of public 
meetings relating to (1) privacy and confidentiality; (2) resource 
issues; (3) technical and operational challenges; and (4) ensuring 
provider participation, will be held throughout the Nation. These 
meetings will provide an opportunity for input from all partners which 
include state and local public health agencies, professional 
organizations of private health agencies, managed care organizations 
(MCOs), employer-funded health care plans, vaccine manufacturers and 
developers, vendors and developers of medical information systems, 
information standards development organizations, parents, social 
welfare agencies, legislators, privacy and consumer interest groups, 
and other representatives of the public at large.
    For each meeting, the Workgroup is inviting experts to address the 
four specific issues outlined above. Expert speakers are being asked to 
respond to the questions outlined below in writing, make brief oral 
presentations, and to respond to additional questions from the 
Workgroup.
    Members of the public who wish to provide comments may do so in the 
form of written statements, to be received by the completion of the 
last meeting, addressed as follows: NIP/CDC, Data Management Division, 
1600 Clifton Road, NE, M/S E-62, Atlanta, Georgia 30333.
    There will be a period of time during the agenda for members of the 
public to make oral statements, not exceeding 3

[[Page 36412]]

minutes in length, on the issues being considered by the Workgroup. 
Members of the public who wish to speak are asked to place their names 
on a list at the registration table on the day of the meeting. The 
number of speakers will be limited by the time available and speakers 
will be heard once in the order in which they place their names on the 
list. Written comments are encouraged; please provide 20 copies.
    Based on the outcome of these meetings, a National Immunization 
Registry Plan of Action will be developed and proposed to NVAC for 
their deliberation and approval. This plan will identify registry 
barriers and solutions, strategies to build a registry network, 
resource requirements and commitments, and a target date for network 
completion.
    Matters to be Discussed: Agenda items will include an overview of 
the Initiative on Immunization Registries and current immunization 
registry efforts and testimonies by organizational representatives on 
the following issues relevant to immunization registries: privacy and 
confidentiality, resources issues, technical and operational 
challenges, and ensuring provider participation.
    Agenda items are subject to change as priorities dictate.
    Resource Issues Questions to be Considered: 
    1. What approaches have been successful in securing funding to 
support registries?
    2. What approaches to secure funding have been tried but failed?
    3. What cost-sharing arrangements would your organization view as 
reasonable and fair to ensure long-term sustainability of a registry?
    4. Would you be willing to share costs through a fee-for-service 
arrangement and how much would you be willing to pay?
    5. Would you be willing to support a vaccine surcharge and at what 
rate?
    6. What types of resources and/or in-kind support do you receive 
and from whom?
    7. What types of resources and/or in-kind support do you provide?
    8. What types of resources are you willing and able to provide over 
the short-term and/or long-term to ensure registry sustainability?
    9. Are you willing to provide resources or in-kind support toward 
linking your existing registries with state and local registries?
    10. What are the costs of implementing/operating an immunization 
registry?
    11. What are the costs of not having an immunization registry 
(e.g., looking up immunization histories, generating school 
immunization records, etc.)?
    12. How should immunization registries be integrated with larger 
patient information systems and how should their component costs be 
ascertained?
    13. Do you feel there is a need for the Federal Government to 
provide leadership in developing state and community-based immunization 
registries? What should the role of the Federal Government be in this 
effort?
    Technical and Operational Questions to be Considered: 
    1. How can universal, interactive, real-time, secure immunization 
record exchange between immunization providers be implemented?
    2. How does your system implement record exchange?
    A. Can a provider get an up-to-date immunization history for a 
patient sitting in his or her office?
    B. How is this function implemented?
    3. How can it be assured that the most complete and up-to-date copy 
of an immunization record is always retrieved by a requesting provider?
    4. How does your system identify the definitive record?
    5. How can existing practice management systems achieve 
connectivity with immunization registries efficiently, without dual 
systems, redundant processes, and multiple interfaces?
    6. What software systems can your system interface with?
    7. How are connections between your system and existing systems 
implemented?
    8. How can registries be used to measure immunization rates, 
accurately and routinely, at county, state, and national levels, 
without counting any individual more than once?
    9. How can the functionality of immunization registries be 
standardized without compromising registries' ability to customize and 
extend that functionality?
    10. What immunization registry functions should be standardized?
    11. Who should provide leadership in such a standardization effort?
    12. How will/should standards be implemented in immunization 
registries?
    13. How can the cost of operating immunization registries be 
reduced to a level at which immunization providers themselves would be 
willing to support them? [crossover with cost issue]
    14. What sorts of inter-organizational arrangements and legal 
structures need to be in place to provide an environment in which 
immunization registry data can flow as needed? [crossover with privacy 
& confidentiality issue]
    15. Do you feel that there is a need for the Federal Government to 
provide leadership in developing state and community-based immunization 
registries? What should the role of the Federal Government be in this 
effort?
    16. How can duplication of records be minimized?
    17. How can existing billing/encounter information systems be 
modified to provide appropriate immunization registry functions?
    18. How can immunization registries be broadened to provide other 
important functions in patient monitoring (e.g., well-child 
assessments, metabolic/hearing screening, etc.)?
    19. What mechanisms are needed to detect and prevent unauthorized 
access to registry data?
    20. What data capture technology (e.g., bar codes, voice 
recognition, etc.) can minimize the negative impact on workflow?
    21. What techniques (e.g., standard knowledge representation such 
as Arden Syntax) can be used to disseminate vaccination guidelines to 
individual registries quickly and with a minimum of new programming 
required to update automated reminder/recall and forecasting based on 
the guidelines?
    Privacy and Confidentiality Questions to be Considered: 
Terminology: Privacy--The right of an individual to limit access by 
others to some aspect of the person. Confidentiality--The treatment of 
information that an individual has disclosed in a relationship of trust 
and with the expectation that it will not be divulged to others in ways 
that are inconsistent with the understanding of the original 
disclosure. Individually identifiable information--Information that can 
reasonably be used to identify an individual (by name or by inference).
    1. Should immunization data have different privacy requirements 
than the rest of the medical record?
    2. How can the disclosure and re-disclosure of immunization 
information be controlled through policies, procedures, and 
legislation?
    3. Should consent to participate be implied or required? In what 
form?
    4. Should different levels of disclosure be possible? What levels 
should be available to what groups?
    5. Who should have access to immunization registry data?
    6. What information should be disclosed to an immunization 
registry?
    7. What other uses can immunization registry data have?
    8. Would ability to produce a legal record be a desirable function 
for the registry?

[[Page 36413]]

    9. What fair information practices should be implemented (e.g., 
ability to correct the record, notice of being put in registry to 
parent)?
    10. How long should information be kept in a registry?
    11. How will privacy issues affect the following groups: parents, 
immigrants, religious groups, HIV-positive and other immunocompromised 
health conditions, law enforcement, victims of domestic violence, and 
custodial parents?
    12. How should registries ensure that privacy policies are 
followed?
    13. Do you have any comment or recommendation for NVAC/CDC/HHS 
related to the implementation of the network of state and community-
based registries and do you have any concerns?
    14. Do you feel there is a need for the Federal Government to 
provide leadership in developing state and community-based immunization 
registries? What should the role of the Federal Government be in this 
effort?
    15. Given the mandate of Health Insurance Portability and 
Accountability Act to create a unique health identifier, how should 
that goal be achieved while minimizing the probability of inappropriate 
use of the identifier?
    16. What steps can be taken to prevent unauthorized re-disclosure 
of information already provided to an organization or person?
    17. What legal barriers exist which prevent data sharing by MCOs 
and how can they be obviated?
    18. What mechanism should be available to allow parents to opt out 
of the registry?
    19. What agency/organization should be responsible for maintaining 
registry information?
    20. How should consent for inclusion in an immunization registry be 
obtained? Should it be implicit or explicit?
    21. What information should be included in an immunization 
registry?
    22. Should registries include (and release) information on 
contraindications, adverse events, etc.?
    23. Who should have access to immunization registry data and how 
can restricted access be assured?
    24. What information should be available to persons other than the 
client/patient and the direct health care provider (e.g., schools)?
    25. What is the best way to protect privacy and ensure 
confidentiality within a registry?
    26. How should individuals/parents have access to registry 
information on themselves/their children?
    27. Should data maintained in a state and community-based 
immunization registry be considered public information?
    28. Would national privacy and confidentiality standards help 
ensure that data maintained in an immunization registry is protected?
    Ensuring Provider Participation Questions to be Considered:
    1. What type of resources (e.g., hardware, staff, etc.) are needed 
for you (provider/organization) to participate in a computerized 
registry?
    2. What are the cost-related barriers that keep you (provider/
organization) from participating in an immunization registry?
    3. What cost should providers be responsible for, pertaining to 
participation in immunization registry systems?
    4. What are the cost savings you would anticipate as a result of 
participating in a computerized registry (e.g., increased return visit 
form reminders, less personnel paperwork for preschool exams, etc.)?
    5. How much time would you be willing to invest per patient visit 
(e.g., additional 1, 5, 7, 10 minutes) in the overall success of an 
immunization registry?
    6. What type of user support would be needed in order for you 
(provider/organization) to participate in an immunization registry?
    7. How would you (provider/organization) encourage providers and 
consumers in your community to participate in an immunization registry?
    8. What community support would be necessary for you to participate 
in the immunization registry?
    9. What benefits/value (e.g., immunization reminders, quick access 
to immunization histories, etc.) would a registry provide that would 
encourage your (provider/organization) participation?
    10. What incentives should be offered to providers/organizations to 
participate in an immunization registry?
    11. What barriers have you (provider/organization) encountered that 
have prevented you from participating in an immunization registry?
    12. Is provider liability (e.g, disclosure of sensitive patient 
information) a barrier to participating in an immunization registry? 
Why?
    13. How would an immunization registry impact your practice/
organization?
    14. Do you currently share immunization data with other providers 
electronically? For what purpose (e.g., billing, share group data, 
etc.)?
    15. How (e.g., electronic record, paper record) is medical 
information maintained in your practice/organization?
    16. Who should retain ownership of immunization records as they are 
distributed throughout an immunization registry?
    17. How would you (provider/organization) use the data maintained 
in an immunization registry?
    18. What type of quality control process would you (provider/
organization) perform to ensure the accuracy and completeness of the 
immunization data entered into an immunization registry?
    19. What type of security policies and procedures need to be in 
place for you to be confident that data are secure?
    20. What functions should a registry perform in your office in 
order for you (provider/organization) to participate?
    21. Do you have any advice or recommendations for NVAC/CDC/HHS 
related to the implementation of the network of state and community-
based registries and do you have any concerns?
    22. Do you feel that there is a need for the Federal Government to 
provide leadership in developing state and community-based immunization 
registries? What should the role of the Federal Government be in this 
effort?
    23. Have you received training on the use and maintenance of 
computerized medical information? Do you feel this training is needed 
to fully support the development and maintenance of immunization 
registries?
    Contact Person for More Information: Robb Linkins, M.P.H., Ph.D., 
Chief, Systems Development Branch, Data Management Division, NIP, CDC, 
1600 Clifton Road, NE, M/S E-62, Atlanta, Georgia 30333, telephone 
(404) 639-8728, e-mail [email protected].

    Dated: June 29, 1998.
Carolyn J. Russell,
Director, Management Analysis and Services Office, Centers for Disease 
Control and Prevention (CDC).
[FR Doc. 98-17763 Filed 7-2-98; 8:45 am]
BILLING CODE 4163-18-P