[This Transcript is Unedited]

DEPARTMENT OF HEALTH AND HUMAN SERVICES

NATIONAL COMMITTEE ON VITAL AND HEALTH STATISTICS

Full Committee Meeting

September 16, 2008

Hubert Humphrey Building
200 Independence Avenue SW, Room 505A
Washington, DC

Proceedings by:
CASET Associates, Ltd.
Fairfax, Virginia 22030
(703) 352-0091

Table of Contents


P R O C E E D I N G S

Agenda Item: Call to Order and Welcome

MR. REYNOLDS: Good morning. I would like to call this meeting to order. This
is the first day of two meetings of the National Committee on Vital and Health
Statistics. The National Committee is a main public advisory committee to HHS
on national health information policy.

I am Harry Reynolds. I work at Blue Cross/Blue Shield North Carolina and
Chair of the Committee. I want to welcome committee members, HHS staff, and
others here in person. Also, welcome those now listening on the Internet. I
would like to remind everyone to speak clearly and into the microphone.

Let us now have introductions around the table and then around the room. For
those on the National Committee I would ask that if you have any conflicts of
interest related to any issues coming before us today would you please so
publicly indicate during your introduction. I have no conflicts. Jim

MR. J. SCANLON: Good Morning. I am Jim Scanlon. I am the Executive Staff
Director for the Full Committee and I am the Deputy Assistant Secretary for
Planning and Evaluation at HHS.

MR. TANG: I am Paul Tang. Palo Alto Medical Foundation, member of the
Committee, no conflict.

MR. BLAIR: Jeff Blair, Loveless Clinic Foundation. I am not aware of any
conflicts.

DR. STEINDEL: Steve Steindel. Center for Disease Control and Prevention,
liaison to the Committee.

DR. FRANCIS: Leslie Francis, University of Utah, member of the Committee,
and no conflicts.

MR. GREEN: Larry Green, University of Colorado, member of the Committee, and
no conflicts.

DR. HORNBROOK: Mark Hornbrook, Kaiser Permanente Northwest, member of the
Committee, no conflicts.

DR. MIDDLETON: Blackford Middleton, Partners of Healthcare, Reagan Women’s
Hospital, no conflicts.

DR. SUAREZ: Walter Suarez I am with the Institute for HIPAA and HITT
Education and Research, and no conflict.

MS. MCCALL: Carol McCall. I am with Humana, member of the committee, no
known conflicts.

MR. HOUSTON: No known conflicts, you sound like an attorney. John Houston,
University of Pittsburg, and member of the committee, no known conflicts
either.

MS. MILAM: Sallie Milam, West Virginia Health Information Network, no
conflicts.

DR. WARREN: Judy Warren, University of Kansas School of Nursing, member of
the Committee, no conflicts.

DR. W. SCANLON: Bill Scanlon, Health Policy Research and Development, member
of the Committee, no conflicts.

DR. CARR: Justine Carr, Caritas Christi Healthcare, member of the Committee,
no conflicts.

MS. GREENBERG: Marjorie Greenberg, National Center for Health Statistics,
CDC, and Executive Secretary to the Committee.

MR. CONLEY: David Conley, Capital Associates.

MR. LINDELL: Morris Lindell with the office of National Coordinator.

MS. JACKSON: Debbie Jackson, National Center for Health Statistics,
Committee staff.

MS. JONES: Katherine Jones, CDC National Center for Health Statistics and
staff to the Committee.

MS. JAMISON: Missy Jamison, National Center for Health Statistics CDC.

MS. CARL: Katie Carl, National Cancer Registrar Association.

MS. HORLICK: Gail Horlick, CDC, staff to the sub-committee on Privacy and
Confidentiality.

MS. THORNTON: Jeanette Thornton with America’s Health Insurance Plans.

MS. BUELL(?): Allison Buell, American Health Information Management
Association.

MS. CASH: Amanda Cash, HRSA, Office of Planning and Evaluation.

MR. PRATHER: King Prather, Blue Cross/Blue Shield North Carolina.

MR. LAND: Garland Land, National Association for Public Health Statistics
and Information Systems, member of the Committee, no conflicts.

MR. REYNOLDS: I want to start off today with officially welcoming our four
new members. Since three of them visited our last meeting, but now have to
begin earning their keep, we want to make sure that they now understand they
are official and when you put your hand up it does mean something now. You are
not a visitor. Welcome to you.

This is the first meeting for Mark Hornbrook from Kaiser Permanente. Mark,
how about telling us a little about yourself. We did that last time. We kind of
indoctrinated the other three last time to do that. We would like to hear from
you since it is your first visit with us.

DR. HORNBROOK: Thanks, Harry. I am Chief Scientist at the Center for Health
Research which is a professionally autonomous research center with Kaiser
Permanente. Our office in Portland also manages research in Kaiser Permanente
Hawaii in Honolulu and Kaiser Permanente Southeast in Georgia. I span dealing
with science issues from Honolulu to Portland to Atlanta.

We are very interested of course in dealing with health IT and statistics. I
have put together a virtual data warehouse across 16 HMOs for the Cancer
Research Network and now we are expanding that to the Health Maintenance
Organization Research Network. Also, working with the CTSA Networks to build
data exchange across the universities and the CTSAs and some of that will come
to our Populations Committee.

Our research includes cancer, maternal morbidities, cancer survivorship, and
ALS. I have a very wide research set of interests and I started off here ten
years ago in D.C. working for the National Center for Health Services Research
and Development. I have spent the last 25 years at Kaiser Permanente. Thank
you.

MR. REYNOLDS: Mark, same thing with the members that joined us last time.
First, I appreciate very much of the three of you that were here as visitors
jumped right in. Mark, we are excited to have you on the Committee for your
information so that you do not need to wait x amount of meetings to voice your
opinion. Please jump in. We look forward to your voice day one.

I also want to thank two outgoing staff who have supported us. One is Mary
Beth Farquhar ,who has assisted with the Quality subgroup and is moving on to
another assignment. I would like to, just for the record, thank Mary Beth for
her help and her insight and especially her knowledge as she helped the
subcommittee. The second is Steve Steindell who has been involved with NCVHS
and I do not know the exact number of years, but it is longer than I have. He
is retiring from CDC and will be, I know, sorely missed in standards and other
things that we have done, and for his general knowledge of healthcare issues.

I would like to put forward a resolution that the Committee produced thank
you letters on behalf of the Committee to each of them. All those in favor.

(There was a show of hands.)

Opposed?

(No response indicated.)

Okay, we will go forward with that. Thank you very much.

Agenda Item: Review of Agenda

MR. REYNOLDS: We will be focusing today on education for the Committee on
key subjects that will be helpful as we plan 2009 and beyond. As we finish our
full session today Justine will close our full session with a discussion of
dated stewardship, one of our cross cutting initiatives, we all need to
address. Possibly another one as we look at the PCMH that we have a document
on. Exactly how that is going to happen, that is going to be discussed by
Populations and Quality today to decide what we are going to do with that.

Our one action item for today and possibly tomorrow is the letter for
Standards on E-prescribing that Jeff and Judy will present a little later in
the agenda.

I do have one change to today’s agenda, is that the one o’clock slot is
actually it is just listed here as Dominic Wallen, but I will be kicking that
off and trying to tie together why, for example, Dominic is here and Korey
Mertz. Because as we think of customers for the Committee we have talked a lot
about vendors. Dominic is coming in to speak not because of his product, but it
is good for us to see some of the technology that is out there as it relates to
consent as it relates to sensitive data issues, and some of the other things
that are going on out there. We have talked about that. Remember the term the
bus has left? I want you to see that the bus has left. Again, just to raise the
whole committee up to a point. It is not about that product. It is not about
that company. It is about the capability and the discussion related to it.

Then, the same thing when Korey Mertz comes in. I happened to hear his
presentation in another venue. It is important for you to see that a lot of
stuff that is going on nationally, even though some of it may not be adopted
nationally, is being adopted by individual states. They are becoming quite
aggressive in how they are establishing their own environments and requiring
certain things to go on in their states.

Each of these hopefully will remind us that we do have a charge. We do need
to continue going forward. We do need to stay ahead on some of these issues,
because they are being implemented in places other than just what we would
suspect as our normal customers. I think that is kind of what we are going to
be doing with that.

With that, unless there are any other agenda changes that anybody is aware
of. Jim, let us turn it over to you for the department update please.

Agenda Item: Department Update – Data Council

MR. J. SCANLON: Thank you Harry. Good morning to everyone. Since we met in
May, progress continues on a number of the data policy and health IT issues
that the Department and the Committee have been involved with. We will have
more detailed updates later today. On the AHIC 2, the AHIC successor
organization, we will get a report later from Mary Joe, but progress is moving
along. I think the new group has been incorporated in a room, directors of the
board have been named and Mary Joe will update you more. The Full Board
hopefully, names will be available next week, probably announced at the AHIC
end of next week.

Chuck Freidman will update us on other activities relating to ONC. There
have been a lot of developments relating to HIPAA. We have issued two notices
of opposed rule making related to HIPAA standards. The first is on the
implementation of the ICD 10. That is currently out for comment. The second is
on the implementation of the new version of the HIPAA transaction standards
called the 5010s suite of standards. They are both out for public comment.
Public comment is due in October and then we will look at what the public and
the industry comments are.

On the policy front I have given you at your place just remind you, a copy
of the Secretary’s nine priority areas for health. I am not going to go through
them here, but health IT is not only one of the priority areas itself but it
supports many of the others relating to value driven healthcare, quality
preparedness, and some of the others as well.

I have also left at your place a copy of our, the first page of our HHS
strategic plan. Again, I will not go through those. I have gone through them
before, but basically they are for overall goals relating to what HHS does and
objectives under each of those as well. Again, you will see that health IT and
data policy are important elements of all of those.

In terms of initiatives you will hear more from Karen I think later today,
but we have a number of pilots and demos underway or planned relating to EHRs
and ambulatory care and the Medicare demonstration program. We will have
incentive payments for E-prescribing coming up this fall through the Medicare
program. We have several pilots relating to electronic PHRs in the Medicare
program and more generally including both the plans, the Medicare plans as well
as the fee for service program.

Actually, many of the activities that the Committee originally recommended
we pursue including some of the definition of what they are, are actually
moving along fairly well.

On the legislator front, there are several health IT bills as all of you
know, on the Hill. Time is running out on the legislative calendar obviously,
and it is hard to predict what exactly will happen. It looks like this interest
will continue in the second half of the 110th Congress. Many of the
bills or several of the bills would codify ONC. They would create either AHIC
type advisor groups relating to policy and technical aspects or they would
modify the AHIC. They would establish partnerships as well as grant programs
and load programs for health IT adoption. Again, we’ll have to see where they
go. Still a little tension I think on the privacy side. I do not think anyone
has an entirely satisfactory privacy solution yet as part of those Bills.

Let me say a few words quickly about the budget. We are winding down the
fiscal year ‘08. We basically have two more weeks and then we begin fiscal
year ‘09 October 1st. It is likely that we will have a
continuing resolution. We won’t have a real appropriation otherwise. We will
probably on October 1st, be functioning on a continued resolution.
Which basically means we can continue at the level of funding and on a
controlled spending level as we did last year for this current year that we are
ending now.

Ironically, the President’s Budget for 2009 actually contains several
increases for our population statistics program. Hopefully those will
ultimately find their way into appropriations. NCHS, for example, was allotted
for an $11 million increase. ARC was allotted for some increases to help with
health insurance toolkits and state data. Most of our general population
surveys were funded at current service level otherwise. They are included in
the President’s ‘09 budget. We will have to see where they come out. I
think the outlook is hopeful that that funding would actually make its way into
our appropriation later in the year.

For the 2010 budget, obviously that will be the next President’s budget.
There will be kind of a compressed budget period after the election between
after the election and the inauguration, and shortly thereafter. That will be
the new President’s policy budget. We will have to see where that takes us as
well.

If we have time here I want to update a couple of projects that ASPE and the
Department are undertaking in addition. I mentioned that we have evaluations
and assessments of PHRs in the Medicare program, sorry. Both the fee for
service side and on the health plan side. We are also looking at some further
pilots that would offer PHR choices in several states for Medicare
beneficiaries.

We have an assessment of health IT in the health safety net underway. It is
actually progressing fairly well. We are working with HRSA. We are looking at
the community health centers and other safety net providers and what the status
of health IT adoption is and what the unique parameters might be in that
setting. We also have completed a study of the health IT workforce. I think
this was an attempt on our part to quantify the needs for health IT workers
assuming that the NHAN and EHRs, PHRs, and so on would materialize as
envisioned.

I’ve given you the executive summary at your places. It is very preliminary
obviously. It is hard to quantify this kind of information. I would be happy to
arrange a further more in depth briefing for any of the sub committees or the
Full Committee. Basically we looked at focus groups, the literature, we talked
to vendors, talked to a lot of folks who followed us, and tried to put together
what the best thinking would be. It differentiated where the health IT needs
would be.

One would be, for example, EHRs in inpatient settings. Another was the EHRs
in ambulatory settings. A third was on the basic network infrastructure that
would support all of this. The study tried to estimate at least the range of
what sort of competency as well as numbers of workers that would be needed in
those areas. I will not go into too much more detail, but we could provide
–this report is up on our web, the ASPE website. I can make that available to
you and give you a further briefing.

I would add that it is very preliminary and other professional groups, Amy
and others are working on similar issues. They are trying to estimate what the
workforce– first of all competency. What is it? What would be the competencies
that the workforce would need? Secondly, what level and how many and in what
setting would the workers be needed.

Finally, just a few sort of last projects we have –with some of our
evaluations set aside, we added to the National Health Energy Survey. This is
underway now. We added questions on where consumers to what extent they use
their PCs and so on and technology to get health information. Where else do
they get health information? How do they use the information?

As you know, other folks have done surveys like this, but in the Health
Interview Survey we can actually relate it to health status and healthcare use,
and so on. Hopefully we will have those questions developed and added further
in January – the start of the National Health Interview Survey.

Then, one final word, we are updating our HHS -it is basically our
electronic gateway to all the health data and statistics that our agency have
on the web. This is called HHS stat net. You can go to that portal and you can
find literally every publication, every tabulation. You can make your own
tables. You can even request data for special tabulations. You can search for
specific terms. At any rate that is now, we are updating that, but it is in
pretty good shape now. We run it under the data counsel’s auspices and at some
point during the next few months I would probably like to ask them, the
committee members, to just kind of take a look at it and see if there are areas
where we are getting it right or the idea is that we are not quite there yet.

For example, we created a webpage within the gateway for health insurance
data. Whenever the Census Bureau or NCVHS or ARC release health insurance
coverage estimates we immediately get them on there. We have papers describing
the limitations and how they all relate. Again, it would be good to know how
useful it is to everyone else. We have a similar portal on race and ethnicity
data and again you can go in there and you could reach virtually all of the
data and statistics that any of our agencies have relating to race and
ethnicity. You could do a search and so on.

Again, we are trying always to improve these for policy and programmatic
utility and we will probably ask you later to give us some advice on them. Let
me stop there and take any questions?

MR. BLAIR: Thank you, Jim. One of the things you mentioned was there were
three priorities. One was ambulatory EHRs and in patient EHRs. Then, you used
the words information infrastructures for networks. Could you clarify or
elaborate a little bit on the priority?

MR. J. SCANLON: That was the workforce study, Jeff. For purposes of
estimating the health IT workforce would be that was one of the areas. All they
referred to was health information infrastructure that would be required in
communities to serve basically the information exchanges, link the various
sources of records; and so on so that each patient’s complete record would be
available. Again, this is a tough thing to estimate because it is obviously
moving through a lot of change and development at the moment. That is how it
was conceptualized, Jeff. Hospital EHRs and other institutional EHRs, EHRs in
ambulatory care and the basic health information exchange infrastructure.

MR. BLAIR: Thank you.

MR. REYNOLDS: Jim, one clarification on that you used the word community. Is
that the infrastructure that it would take within a community or does that
include the individual offices and individual hospitals?

MR. J. SCANLON: No, it would be the information exchange part of it, not the
network.

MR. REYNOLDS: Actually the numbers are substantially larger when you take
each individual site.

MR. J. SCANLON: If you add all three categories you will have every
physicians, well. Physician offices; hospitals, healthcare institutions. Not
just hospitals by the way. Then, sort of the interconnected offices as well.

MR. REYNOLDS: Yes, Mark?

DR. HORNBROOK: It feels maybe it is just because I am new today, but it
feels like the health information network is all set up in terms of IT
technology imperatives and demands and workforce. In our experience at Kaiser
Permanente at the Northwest, 11 years of medical record electronics and
electronics were incidental. What was really the important issue was the change
in physician desktop. The physician’s behavior and culture. We had a major
revolution in the medical group where many physicians retired early to avoid
dealing with electronic medical record. Boarding was not their work. Now of
course today you would not imagine practicing medicine without it. Have you
ever in the committee talked about the issue of the culture of medical practice
and what is needed to move into the electronic age?

MR. J. SCANLON: I think all of our assumptions are and certainly we have
acknowledged that, you do not achieve all of the benefits of health IT unless
it is accompanied by a change in the business process and practices, as well.

Again, we were focusing to get attention to the health IT part of it as well
and the goals there, we were focusing more on that, but we certainly assume
that to gain the real benefits you would have to really –changes would have to
accompany them in the business process and the culture and the various things
you are talking about.

MR. REYNOLDS: Mark, I think in a number of the work that has been done in
the Standard Subcommittee as well as some of the others this whole idea of
adoption of whether it be standards or any of these new situations, and how do
we get that out to the individual doctors is a continuing threat that we need
to continue to focus on.

DR. CARR: What was the website again, Jim?

MR. J. SCANLON: I will get it to you.

DR. MIDDLETON: I think we are allowed three newbie questions right?

MR. REYNOLDS: No, you are not new anymore Blackford. If you go back and read
the early minutes of today’s meeting you are no longer new.

DR. MIDDLETON: I am just following up on Mark’s comment. One of the things I
think we struggle with in HIT adoption is realizing the full value with the
adoption. It has a lot to do with change management process change and practice
redesign perhaps. I would like to suggest also and ask how new topics for
consideration are introduced to the Committee.

The question is how do we actually address the knowledge management
requirements for healthcare information technology and electronic health
records? Clearly if these technologies are not introduced with some base level
of knowledge they certainly have less change of producing the value we believe
we can ascribe to them. I would suggest actually that the full compliment of
knowledge that is requisite to achieve the highest value is hardly available in
any HIT outside of the academic settings. We’ve studied this pretty carefully
at the Brigham. I would like to ask how on the NCVHS agenda can we introduce
this topic of knowledge management for HIT?

MR. REYNOLDS: A couple things, as I started off the meeting today the whole
idea of today is really to get us positioned for what we want to do going
forward. Each of the subcommittees will have the responsibility today and
tomorrow of putting forward their agenda. The executive subcommittee is meeting
tomorrow afternoon to go over those agendas and then we would have a full
executive subcommittee meeting in October to kind of set that thing. If anybody
does have subjects that need to be submitted then those environments would be
the right way to do it. If it does not seem to fit in a specific one then we’ll
take that as a side one. You will hear Justine talk about one today where we
have one subject that touches many of the subcommittees and possibly a couple
others. That is how we tend to bring it forward. Justine?

DR. CARR: I would add that we actually do have that on our work plan as one
of our top three things, but I think what strikes me is the implications for
workforce. One is the content, but the other is the management and the updating
and accruing. It is an interesting phenomenon that is emerging that as folks
move forward with their electronic health records. This is I do not think a
budgeted cost. It is huge.

MR. J. SCANLON: We could certainly arrange for a briefing on the health IT
workforce. I think you would want to hear ours as well as others. This is still
an area where the estimates might be fairly wide. We could arrange that.

DR. WARREN: I actually want to respond to Blackford, too. I think that is
one of the things we have been talking about on the Standard Subcommittee is
how do you educate people when we get ready for a major standard shift. I am
beginning to think this may be another one of those cross-cutting that is going
to head all the subcommittees. I just want to throw in the standards that we
are interested in that too. We’ve sort of talked about it before, about how to
get people ready for these things.

MR. SUAREZ: Maybe just to add on and perhaps this is such a complex and
extensive topic. One of the areas that I think is important to keep in mind
besides the workforce need related to the private sector is the workforce need
in terms of training location, resources within the public sector and
specifically public health. Looking at the workforce need with respect to
health IT adoption in the public health, in the local and state, and federal
public health I think that will be one of the dimensions if you will that it
will be useful to keep in mind when looking at workforce issues related to
health IT.

MR. REYNOLDS: Any others? Okay before we move onto Karen we have had some
people join us. Those at the table if you could introduce yourselves so we can
be on the record, that would be good.

DR. STEINWACHS: Yes sir, Don Steinwachs, Johns Hopkins University, member of
the Committee, no conflicts.

MR. REYNOLDS: Karen you want to do it now or do you just want to introduce
yourself when we give your update?

MR. FITZMAURICE: Michael Fitzmaurice, Agency for Healthcare Research and
Quality, Liaison to the Committee.

MR. REYNOLDS: Okay, Karen.

Agenda Item: CMS Update

MS. TRUDEL: Hi, I am Karen Trudel from the Center for Medicare and Medicaid
Services and I do have four topics to cover in my update. I would like to find
out how much time I have.

MR. REYNOLDS: You have plenty, 45. Jim was the lightning round. He went over
his stuff pretty quick. We have more than enough discussion time for yours. You
have 45 minutes.

MS. TRUDEL: I will not take anymore than I need then.

MR. REYNOLDS: Have at it.

MS. TRUDEL: Okay thank you. The first thing I would like to cover is the EHR
electronic health record demo that we are doing. It is a pay for performance
demo with two different kinds of incentive payments. The focus of the
demonstration is on small to medium sized primary care practices. The two types
of incentive payments are one for adopting a certified EHR with higher payments
for those practices that use more sophisticated functionality like automated
alerts, the lead prescribing best practices, et cetera. And an incentive for
reporting performance on 26 clinical quality measures related to congestive
heart failure, coronary artery disease, diabetes, and preventative care.

Over the five years of the demonstration the practices that are
participating can earn up to $58,000 per physician up to a maximum of $290,000
per practice. We’ve already selected 12 community partners to work with us to
help recruit approximately 1,200 practices across all sites and to help us
leverage the impact of the demonstration across the public and private sector.
The demonstration will be implemented into phases each of which will last for
five years. The first phase includes four sites and those are Maryland, DC,
Southwestern Pennsylvania in the Pittsburgh area, Louisiana, and South Dakota
and some neighboring counties in other states.

We are currently recruiting for practices in those four sites for phase one.
Phase one will begin June 1st next year 2009 and will continue through May of
2014. These too will include the remaining eight sites and those are Alabama,
Delaware, the Jacksonville Florida area, Georgia, Maine, Oklahoma, some
counties in Wisconsin, and Virginia.

Phase two will start a year later in June of 2010 and will run through May
of 2015. We are definitely making progress on that and in less than a year
we’ll have the phase one practices all set to go. It is very exciting.

MR. REYNOLDS: You would think that based on some of the questioning on
education there would probably be some good findings out of there as to what
they face from the workforce and an education standpoint.

MS. TRUDEL: Absolutely, especially considering that it is small to medium
primary care practices.

MR. REYNOLDS: Any updates as you give us regular updates any updates you get
on those things would be good to add.

MS. TRUDEL: Actually, I don’t have any information here about the evaluation
protocol and how they are planning to do that, and whether there are any
interim touch points where we could come back and give you lessons learned to
date.

MR. REYNOLDS: I am just saying keep that in mind as you update.

MS. TRUDEL: Second thing I want to talk about is our personal health record
demonstration pilots that are going on. One of which is in South Carolina. This
has been underway since the spring and it is primarily related limited to the
Columbia, South Carolina area and surrounding towns and counties. We have just
begun to expand our outreach to the entire state. Anyone in South Carolina that
is using fee for service Medicare can participate in this pilot. What we do is
we provide the beneficiaries with free access to a PHR tool which is health
trio. Coincidentally you will see more on that shortly.

We also port Medicare claims data into the PHR automatically so that the
beneficiary does not have to actually enter all of their encounters. We have
well over 2,000 beneficiaries signed up. We’ve done a great deal of outreach
and we found that on the ground outreach works very well for seniors. We have
been doing senior fairs, health awareness days, things like that and as well as
direct mailing. We have gotten a lot of really good participation from both of
those venues. We will be continuing that pilot and we are working with ESPY to
do the evaluation and tell us what seniors like about the PHR, what parts they
use, what parts they do not use.

We have been doing, I think we have already done some focus groups down
there. One of the things that we are hoping to take away from that is really
what is the role that Medicare beneficiaries see for a PHR in their healthcare.
What parts of it do they like and take advantage of? What are some of the
benefits we can attribute to that?

The second pilot is not up and running yet, but it was announced at least
initially fairly recently. This will be a pilot where we will provide, we call
it PHR choice. We will be providing to Medicare fee for service beneficiaries
in Arizona and Utah the ability for them to select one of roughly four
commercial PHRs. We will again offer to port the Medicare claims data into the
PHR automatically so that it does not have to be entered. We are doing this
with one of the Medicare administrative contractors Noridian. That is one of
the reasons we selected these two states. It happens to be two states in
Noridian’s service area and they are doing the evaluation of the potential PHRs
and the selection of them for us.

The proposals were submitted on September 8th and they will be making the
selection of the as I said roughly four PHRs that will be working with in early
October. Then, we are planning at this point to make the PHRs available to
beneficiaries and begin to move data in sometime after the first of the year.

MR. REYNOLDS: What is the duration of those?

MS. TRUDEL: The duration of that one I believe is a year from the time that
we make it available. I think that is December 2009.

MR. BLAIR: Karen, are you able to share with us which PHR systems are being
considered?

MS. TRUDEL: It is based on who submitted proposals. We received I think
something less than 20. There are specific criteria that we provided and the
contractor will make the decision based on those criteria. They include
function, things like functionality, security, privacy, etc.

Okay, let me move onto HIPAA for a moment.

MS. FRANCIS: I had a quick question about the South Carolina pilot and also
the other one. You said there are 2,000 who signed up and what is the number of
Medicare beneficiaries in South Carolina roughly?

MS. TRUDEL: You got me on that one. It is a very small percentage.

MS. FRANCIS: It is a small percentage. It struck me as a small percentage. I
wondered whether you were going to be looking at why people do not sign up?

MS. TRUDEL: I think that is a good question for the evaluation. Part of the
reason is that as I said with limited funding we focused the outreach, the on
the ground outreach, and a lot of the print ad outreach to the Columbia area.
We actually have not done advertising through the entire state of South
Carolina. We have had a great deal of assistance from the Attorney General’s
office, the deputy Lieutenant Governor’s office. There is an advisory group
that we have of organizations in South Carolina who have been helping with some
of the outreach decision making.

MS. FRANCIS: It seems to me that if people are just not hearing about it
that is one thing. If there is a kind of resistance where people are in some
way opting out it would be really useful to know that.

MR. REYNOLDS: I saw a presentation on this and I think you are actually
getting, the national average is about 3 percent adoption on it. So far with a
targeted audience you are almost at 9 percent. It is low, but it is still three
times higher than what has been going on. The outreach is substantially
different. We have Paul.

DR. TANG: There is just one comment on what you just said Harry. It may be 3
percent nationwide, but you have to consider in the area where it is being
offered is one point. For example we have 50 percent of our patients. The other
piece is just like in the EHR demonstration which I really like. There is a lot
of really unique and constructive points that are made in that demo project.
You talked about we would gather some information including the need for the
workforce to implement these things, make these things possible, make them
effectively used. Likewise in the PHR uptake it would be nice to understand
things like how did it contribute to care and did it improve things like self
management or avoid some of the office based care cost. In that sense, is there
a way that we can either review or see the evaluation plan and are you looking
at it from the healthcare professional team’s perspective as well as the
patient’s perspective? Just to try to get as much information as possible.

MS. TRUDEL: I will refer that to Jim.

MR. J. SCANLON: On the EHR demo again we can arrange a briefing; again it is
early in the demo and evaluation. We can certainly arrange a briefing there and
we have a fairly good evaluation underway of the South Carolina which we could
brief you on as well.

Again, it was mostly to see if you built would they come, how does it work
plus usability. We are asking Medicare enrollees as well as provider focus
groups how they view this. We will get a sense of, again it is not so much
quantitative as focus groups.

DR. TANG: I suppose one question is could we turn it into a little more
formal. Because you have created this nice experiment and just like we are
moving towards HIT adoption and the effective use of EHRs if we could start
looking at that from the patient or consumer side. How long is the South
Carolina demo, is it one year as well?

MS. TRUDEL: We are in the process of extending it so I cannot answer the
question at this point.

MR. REYNOLDS: Okay, we have Carol, Blackford and then Marjorie.

MS. MCCALL: There seems to be kind of a theme this morning already and I am
going to use Harry’s line. Buses are leaving the station all over the place. We
have many, many buses. Because of that I think when I think about these
particular pilots which I think are great. I think it is important to because
not so much of their size, but because of how long they go end to end that it
is important to get intermediate briefings and feedback all the time. It is
going to be tough to wait an entire duration of the full study to learn
anything because more buses are leaving and they can benefit from getting some
course corrector and things like that. That could be something for us to
consider.

Another thing that goes back to Leslie’s question, which I think is
absolutely spot on. It is going to matter whether this is an awareness issue or
whether there is yes I heard you, but I am not interested issue, and to
understand why. If it is an awareness issue having done a lot of recruitment
for pilots and programs and clinical trials there are some ways that can
harness some of the technologies that are merging now, very social. You can
have different types of means to increase awareness about something, social
network type of phenomena.

My question goes back to you Karen, are you trying to harness or explore any
of those technologies and NGO relationships and what might be used out there
just really to get the word out in very sometimes kind of novel ways?

MR. BLAIR: What is the word? When you say get the word out, what is the
word?

MS. MCCALL: Well it is like any campaign there is going to be key message
points. It would be like running an advertising campaign for example. It says
there is something you could benefit from. There is going to be key pitch
points. What is the value to me? You know, there is the what is in it for me
from a beneficiary standpoint. It is also speaking to their children. There
could be an awareness that says, hey your mom or dad may not know about this,
but here is something that could benefit.

There are a lot of different ways to reach different constituencies directly
or one or two degrees of separation. My question was really more whether or not
you were exploring any of those?

MS. TRUDEL: Actually at this point we are in addition to doing just your
basic media, radio, print, etc. We are primarily reaching out to the seniors
themselves through whatever means the advisory groups are telling us will
actually reach them. In addition to mailings events where we know we can set up
a booth and actually show the tool to people because that is one of the things
we are running into. You tell somebody about a PHR and they have no point of
reference. What we have found that it is very valuable to go to some kind of a
health fair, set up a booth, show people what the PHR looks like, and how they
can sign up for it, and what it does. Then, we tend to get a fairly high
percentage of return signups as a result of that.

MR. REYNOLDS: Okay, we have got Blackford next.

DR. MIDDLETON: One other thought about the evaluation following up on
Leslie’s comments and others. One of the things that we find in Partners
Healthcare we have over 50,000 patients and over 50 clinics on a homegrown PHR
tightly coupled to our EMR. What is the physician’s attitude with the respect
of PHR and that this is a strong influence or predictor of patient uptake of
PHR. My only suggestion is that in the methodology that is going to be a
problem on this committee. With people doing research and methodology on the
committee perhaps that in any evaluation we consider what are the physicians
attitudes as well as whether or not they are promoting a coupled PHR or is this
an independent PHR which has different implications?

MS. GREENBERG: Thank you, Karen. You may have mentioned this, but the EHR
demonstrations assuming they are kind of coordinated with or aligned with the
ONC work, are these EHRs actually implementing some of the HIT SP standards
that have been particularly like the terminology standards and adopted?

MS. TRUDEL: They are CH certified EHRs. At whatever point in time the
practice steps on I believe the expectation is that the EHR product that they
pick up is CH certified. Yes, we are very tightly coordinated with the ONC
work.

MR. REYNOLDS: We have a couple more. I am sorry we have got Justine and then
John.

DR. CARR: I was just going to second with what Carol was eluding to. I have
seen in my own family, the younger generation helping the older generation get
started on PHRs. I think even an older person buying into the concept might be
intimidated and the facilitator effector arm at least in our family is the
younger generation who set it up and make it look easy.

MR. HOUSTON: Is there any attempt to try to focus these PHRs towards
chronic, people with chronic illnesses? By example let us say diabetes. Is that
part of the intent here or is it just a generic PHR that you are trying to roll
out?

MS. TRUDEL: One of the things that we are trying to look at is how privately
developed PHRs for the entire population work for Medicare beneficiaries and
many of them do have chronic conditions. We are not specifying functionality
that is specifically tuned to people with chronic conditions, but there is
recognition that PHRs can be especially helpful to people with those
conditions. The question in my mind at least is how well are the commercial
products answering that need now and we should find as we do these evaluations
whether there are gaps.

MR. HOUSTON: I am convinced and I have said this for a long time, that if
you are healthy and you are young you are probably not going to be interested
in subscribing to a PHR because there is no need, there is no reason. What you
end up with I believe is PHRs needing to be focused towards people that have a
need to interact with them. Those are people with chronic illnesses and I think
there would be great value in focusing specifically on a group like people with
diabetes and trying to determine how best to serve them specifically. Obviously
that is of great national importance and I guess the question then is how do
measure success? You are never going to get everybody. Has anybody up front
tried to say okay what is success to us as we do these pilots and these various
initiatives? I think you need –as going back to my chronic illness comment,
you almost have to look at different groups and say people between 20 and 40
with no health issues my enrollment may be 2 percent. People with diabetes
maybe my goal should be that we need 25 percent or 50 percent. Has anybody
tried to establish a set of goals for this?

MS. TRUDEL: I am personally familiar with any research like that. Although,
it is critical to do and I think a lot of the research that I have seen about
the effectiveness of PHRs has been in the context of systems where the PHRs
tethered to an EHR.

MR. REYNOLDS: Three more questions. Steve, Marjorie, and then Blackford.

DR. STEINDEL: Karen, I was very impressed with the comments you were making
and the rollout of the PHR demo project, but John’s question posed a question
that I wanted to ask to you about this. When you are saying you are pre
populating a lot of these PHRs with Medicare claims data, how much clinical
information is going to be pre populated and if not how is that going to get
in? Because a lot of the advantage of tracking people with chronic conditions
has to do with maintaining records of their clinical conditions.

MS. TRUDEL: Well that is one of the questions of any PHR that is not
tethered to an EHR. It is a huge question that I think is under a great deal of
debate. Do we have lab results? No, we do not have lab results. Do we have the
diagnosis and the procedures? Do we know when there was an encounter? Do we
know when there was a hospitalization? Do we know who the physician is? Yes, we
know all that stuff. At some point in time it is theoretically possible to port
the active meds into the PHR also.

It is not perfect, but it is something and it is something that the patient
does not have to key in themselves. Yeah, the jury is still out on the –is it
this useful or is this useful? Small, medium, or large. That is one of the
things that we are really interested in seeing the results of.

MS. GREENBERG: It just kind of builds on that when John was asking about
talking about chronic diseases it made me think of the patient centered medical
home demonstrations that we learned about back in May. I was wondering if
either the EHR or the PHR demonstrations are in any way linked with those
demonstrations because they all kind of fit together? I know that an EHR is one
of the important features of this medical home really working.

MS. TRUDEL: I don’t know the degree to which there’s any geographic overlap
in either of the other demos, but our PHR demos are not related. I think one of
the things that we need to remember is that Medicare is looking at this from
the perspective of our own beneficiaries and what data we can bring to the
table. That is really just the beginning of the process. Many PHRs can accept
input from home measurement devices, glucose monitors, scales, etc. That
functionality is there and can be added on. We are simply looking at kind of
the first tier of the process.

DR. MIDDLETON: To answer your question we do have a little bit of data from
Partners Healthcare and other experiments are on the way. Looking at diabetes
care using our patient portal and this PHR being tightly coupled to the EMR. We
find that patients actually when they are for the opportunity and are diabetic
and are inclined. There are a number of reasons to explain all of that. They do
wish to engage with the physician over the portal for diabetes co management.
When that happens actually, interesting things do result. Two-thirds of the
time significantly the physician will actively, will more often than not
actively manage the patient’s diabetes medications. There seems to be a PHR
activation effect on providers which is interesting. We always worry about
activation of patients, but the patient may actually be one of the final agents
to activate the provider to overcome inertia with respect to some of the most
inertia prone for chronic care conditions like diabetes.

Secondarily, the communication satisfaction, all of that is thought to have
been useful for the clinical care encounter. Secondarily, another effort for
center IT leadership just completed a large study that synthesized the evidence
in creating a simulation model of value based upon the evidence of the value of
PHR. We find that it is only when in fact those other data types are available
if you will the laboratory and the rest of it that allows us to achieve the
full value of the PHR promise through reduced duplicate test ordering and
procedures etc as well as meds, problems, etc. I think we may be wary here of
finding if you will a negative result with it because it may not have all of
the features and data that we wish to have in a PHR evaluation.

MR. REYNOLDS: Before we go on remember this Committee and numerous
opportunities have talked about pilots and other things. I think the goal is
that we do everything that we can to continue to help these things. As there
are subjects, and I can tell you when we get there a little bit later and I
talk about if you all remember the discussion we had on sensitive data and what
those might be. You are going to see a little bit of that a little bit later.

Let us take Karen’s words a moment ago, where she said 20 vendors submitted
proposals. Those 20 vendors may have all decided what sensitive data is in
their own way and under their own offices. Whether or not we using our privacy
and other things decide we ought to look into that more and continue to build
it so that there is some kind of a target to shoot at nationally. That is the
kind of thing that is how this all starts to tie together. I commend the
department for doing the pilots and let us make sure that we understand that
part of our role is to continue to help stay in front of that, help the dialog
and help build some of the things that can be used. You are going to see it
over and over as we talk later about the kinds of things that are going on.
Whether it is in the states or vendors or pilots, or anything else. We are
building this stuff. Individuals around the room may have a piece that works
for them, but we are trying to drive the nation forward in a way that we can
kind of do it in a standard way.

We see as we have done with e-prescribing this committee helping along with
the department and everyone else how that has become a standard and is starting
to move in a dramatically different fashion from the ground up. I ask us to
embrace first the things that they are doing. They are actually out there
trying to make a difference.

Second, how we can play in moving that forward, not necessarily deciding
good, bad, or indifferent, but making sure that we recognize the things that we
ought to get out in front of and help. When it becomes more of a situation that
is adopted more universally that everybody is doing it in a similar way,
because that patient sees multiple doctors and other things. Thank you Karen
for that and now you have some more, right?

MS. TRUDEL: Yes. Moving on to e-prescribing. We are very excited to be
working with the commitment provision that provides for an incentive for
physicians to e-prescribe. It starts out as a 2 percent incentive and then
eventually becomes a reduction in payment for those who continue not to
e-prescribe over a period of time. We will be implementing this provision in
the confines of the physician, quality reporting initiative, the PQRI. We are
developing PQRI measures that can be reported and that is done on claims as the
physician bills. We will be using that information to compute the incentive
payments and there will be more information coming out on that this fall. The
provision takes effect in calendar year 2009.

Following up on that the department an in particular Secretary Leavitt felt
that this was a really good time to really try to get the word out about
e-prescribing. The department is sponsoring a conference, a two day conference
in Boston on October 6th and 7th on e-prescribing to introduce providers to the
new MIPA incentive and to also provide some information about e-prescribing and
how to go about implementing it and some of the advantages, et cetera. It will
be a two day conference with a cast of speakers including Secretary Leavitt,
Newt Gingrich, Secretary Cary, the Governor of Rhode Island, and a number of
others. It has been advertised extensively. I think there are already over
1,000 attendees signed up. We are really looking forward to that.

In addition, on a less exciting front we are by the end of this fiscal year
will be awarding a contract for the second round pilots of standards. We will
be looking very closely at the structured and caudified sig(?) and the RX norm.
We are very definitely hoping this time to get positive impact so that we can
move forward with those as a standard. Both of those standards underwent
significant revision as a result of the first round of pilots and we are very
much hoping that both or at least one of them will be in a place where we can
move forward.

MR. REYNOLDS: Let me just volunteer a comment, hot dog that is great.

MS. TRUDEL: Not so optimistic up front. We also had been working with ARC to
have a group looking at electronic prior authorization. They have looked at the
suite of standards that we had pilot tested and went back and looked at them
from a business modeling prospect. It came back and recommended basically that
we start over that those did not work. They could not be made to work and that
we needed to think about this a lot more. We have already begun discussions
with ARC to discuss what our next moves on that front will be. Stay tuned for
that one.

Then, on a minor note on August 22nd we published proposed rules for ICD 10
code sets and for modified HIPAA transactions versions 5010 and D.0 and a new
transaction for Medicaid segregation which was NCPDP version 3.0. We have
obviously received a lot of attention and the comment period closes on October
21st. We are anticipating receiving a large quantity of comments on
both of them with special attention being paid to the proposed compliance dates
and the timeline that is built when you structure the 5010 and the ICD 10
deadlines together back to back.

DR. FITZMAURICE: I know you can not comment on the NPRM or the comments that
have come in because you have not received them yet and are in that period.
Some of the things that I am hearing and I am sure other people are hearing
them too is that one of the most important things that is a gold standard
crosswalk between ICD10 and ICD9. Not just any crosswalk, but one that is
blessed by CMS and blessed by Blue Cross and other health insurance plans. It
is essential for DRGs for payment and for quality measures.

Secondly, there’re questions about the timing of is it too soon to go to ICD
10? Do we have enough time to make the adjustment even if it is after 5010? The
things coming up are –the CMS as a health plan could do an awful lot to move
it ahead by adopting it early generating pilots to develop information about
lessons learned, the technical lessons as well as how you actually implement
the business rules for making payment. Is the time to compliance too short or
too long? We do not know, but the Medicare program and perhaps the Medicaid
program could shorten it by putting out lessons learned by adopting it maybe
just a test area. That is for some suggestions and maybe a rule for NCVHS would
be to develop some questions that could be answered by such a pilot test. You
are right that is not a question, it is a suggestion.

MS. TRUDEL: No, it is not and we are hearing many of the same comments as
you and we have had some discussions already with NCH and our own folks on the
issue of crosswalks. I will tell you when the term crosswalk is used people are
not really clear about what they mean. We do have some maps up there already
and many people were not aware that there were any maps available at all. Then,
the next question is what is it about what is up there already that does not
meet your needs.

We are beginning to have those discussions and I think one of the things
that is good about the proposed rule coming out is that at this point people
are beginning to focus on okay what would we actually need to make this work
better. Basically, let us talk making it work in specifics. I think that is a
shift in focus that I have not seen before. I think it is very helpful and I
think there is no question to CMS and CDC are happy to talk to the notion of
additional tools being needed. We just need to find out exactly what they are.

MR. FITZMAURICE: I know at least one of the crosswalks ARC helped fund
through NLM and NCHS, but the essential point is that there should be one
crosswalk that people can use and that is agreed upon by the health plans.

MS. GREENBERG: There is. I think it is probably not appropriate for the
federal representatives to do other than answer factual questions at this
point, because it is out for comment. There are crosswalks. You can call it
equivalents, mappings, or crosswalks. The department has only posted, –doesn’t
have multiple crosswalks. The CMS has crosswalks from 9CM to 10PCS and on the
NCHS website are the crosswalks from 9CM to 10CM and vice versa. As Karen said,
we have definitely welcomed comments about how those crosswalks could be made
more useful. I believe CMS is also, I know CMS is also working on developing
the crosswalks to the DRGs. There are quite a few things that are being
developed. I don’t think they are competing ones that are being developed,
certainly not by the government.

Now, you raised the issue of the whole industry agreeing on the crosswalks.
I think that at this point it is a responsibility of the department to put up
what those people who are responsible for the classifications. Of course, put
up what they would consider the –as you said gold standard or whatever
crosswalks. Then, obviously use cases could also have some impact. We welcome
comments in all of those areas.

MS. TRUDEL: I think we are going to get a lot of comments in those areas. I
think when the comment period is over and we have all of the written comments
that are representative of a thought process that has gone on through this
entire period, we will have a much better idea of exactly what the concerns are
and how we can address them.

MR. SUAREZ: I think part of the comments that are going to come are going to
relate mostly to the sequencing of the introduction of these new versions as
well as the adoption of the new quotes. There is sort of the concern among the
industry at least some of the things that we started to hear already about what
is the appropriate sequencing and what is appropriate time between those
sequential introductions. What I have been watching and listening with some
concern is the perception that the industry can “handle” only one at
a time kind of a thing within a period of around two years. Actually it was
actually suggested in some of the communications from this committee in earlier
letters. If you add the two groups of changes that we see coming, the 5010
change with all the updates of all the transactions and then the ICD10. Then,
introduce one that is expected to come and my question was going to be about
that.

You are beginning to look at potentially pushing things out up to six years
of transitioning, putting certainly into sequence the ICD10 at the end makes
that probably in the realm of 2015 before we see anything happen. My question
is there is one specific set of rules that the industry has been waiting for
and that are mentioned in the two PRMs and that could sequentially create some
major transitioning issues. That is the claims attachments final rule. The MPRM
have been published. The comments have been collected. The industry has been
waiting for the final rule. Could you give us, Karen, an update on that and how
you see the sequencing of those coming out between claims attachments, ICD10,
and PRM for 5010, etc?

MS. TRUDEL: At this point, I think it is prematurely premature for me to
comment on any publication dates or any of those three standards.

DR. FITZMAURICE: Another thought was that you know how we bought the license
for SNOMED it was freely available in the United States to anybody who
downloaded it off NLMs website. The same could be true for ICD10 and for the
gold standard crosswalk if NCHS would put it up on a website, make it freely
available to all, maybe pay a licensing fee to World Health Organization. That
could also speed it up.

MS. GREENBERG: What should be on the website?

DR. FITZMAURICE: The ICD10 classification for diagnosis and the gold
standard crosswalk between ICD10 and ICD9.

MS. GREENBERG: Those are. They are public domain and they are freely
available. There is not a right now the international community the IHTSDO and
the WHO are working on the arrangements under which they will develop
essentially the gold standard crosswalk between SNOMED CT and ICD10. All of the
international work obviously is focused on ICD10 because nobody else is using
their ICD9 or none of the other members the IHTSDO. That will be a foundation
for the crosswalks between SNOMED CT and ICD10 CM. Obviously a separate effort
will have to take place for 10PCS because there is no international
interventions classification at this time. I thought that was where you were
going. That work is going on and should actually work quite well in the sense
that they are moving ahead with that.

DR. FITZMAURICE: You are right that is further down on my list.

DR. CARR: Thank you Harry. Maybe this is a naïve question, but it will
help me to understand it. Right now on the inpatient side ICD9 is predominantly
used for the inpatient side and on the outpatient side at least billing is
directed by CPT codes.

MS. GREENBERG: You are talking about procedures?

DR. CARR: Yes.

MS. TRUDEL: That would continue to be the case. CPT would continue to be
used for outpatient procedure coding and ICD10 would be for inpatient procedure
coding. ICD10 would only replace ICD9 where ICD9 is currently used.

DR. CARR: Thank you.

MR. REYNOLDS: Anything else Karen?

MS. TRUDEL: No, thank you.

MR. REYNOLDS: Good, right on time. Well done, thank you very much. John did
you have a point?

MR. HOUSTON: Yes, Karen I noticed, I don’t know if this is up your alley
anymore or not. There was an article a few weeks ago about some sanctions that
had been levied against a hospital out in the west coast.

MS. TRUDEL: Yes, that is me.

MR. HOUSTON: That is you?

MS. TRUDEL: That is us.

MR. HOUSTON: Can you speak to that at all? Is there anything else left to be
said other than the fact that it occurred? I would be interested in
understanding. I guess there was a compliance program that had to be put in
place and some other things.

MS. TRUDEL: Actually I see Sue McAndrew sitting back there and I think I
will ask her to speak to that.

MR. REYNOLDS: Sue how about introducing yourself first if you would please.

MS. MCANDREW: Sue McAndrew. I am the deputy for Health Information Privacy
and the Office for Civil Rights. What John was referring to was a resolution
agreement which was the first one for HIPAA. We entered into on July 15th of
this year with Providence Hospital Systems out in I believe Washington and I
think they also operate in Oregon. This was the result of a joint
investigation. This was a case that implicated both the privacy rule and the
security rule. It was investigated under our dual case referral process that we
have with CMS. The resolution agreement was signed by both CMS and OCR with the
hospital system.

The incidents involved in this case were lost and stolen media. There were
back up tapes that contained the names of close to 400,000 patients of the
hospital system as well as a series of stolen laptops from the systems home
health services. We worked with Providence and Providence Hospital was actually
very cooperative in the investigation and in taking necessary corrective
actions. The resolution agreement because of the nature and the number of
individuals that were involved as well as the problems with the security
arrangements and the system that implicated. These were not just employee larks
or single failures. These were systemic. These were management endorsed habits
or processes that were accidents and incidents waiting to happen.

We decided to resolve this case through a resolution agreement which
includes a three year monitoring program where the hospital system has both
their security processes and reformed their procedures as well as put into
place security training and privacy practices training throughout the system.
They will be making spot checks and unannounced visits to make sure that those
security procedures are being adhered to because that was one of the main
failures. –that they may have had some policies in place, but the policies
were more or less put on the shelf and other less secure practices were
tolerated.

This is a way of making sure that they have improved their security
procedures and are enforcing them throughout the system. They will submit
annual reports to our offices, our regional office in Seattle. We are, I think,
this was the first resolution agreement that we entered into. There was also a
settlement minimum amount of $100,000 that was paid to resolve this case. We
are hopeful that if there are other cases that come up that involve the same
kinds of activities that we are willing to enter into these kinds of agreements
going forward when we find the right circumstances.

MR. HOUSTON: One question I have, was this the result of an audit? They have
the PWC audits through OCR that you announced some time ago and are doing.
Piedmont was one of the hospitals. What provoked this?

MS. MCANDREW: This was Providence, not Piedmont. It was not the result of an
audit. It was a result of a number of complaints that we received against this
covered entity. We got approximately 31 complaints plus there was at least with
regard to the loss back up tapes that was considerable media and actually
Providence themselves self reported the loss following the media reports. It
was not the auditing.

MR. HOUSTON: Okay, thank you.

MR. REYNOLDS: Sue, thank you. It is always good to have you at the table. We
are now scheduled for a break. If we be back at 10:40 that would be good so
that we can continue to move on appropriately. We will begin reading the letter
promptly at 10:40.

(Break)

MR. HOUSTON: Moving right along to the next item. The next issue is that we
will have the letter read by the Standards Committee. Jeff, do you want to say
anything? I understand Judy is going to read the letter. Do you want to add
anything prior to the reading?

Agenda Item: Standards and Security Letter on
e-Prescribing Standards and DEA, Action September 17

MR. BLAIR: Yes. It’s exciting hearing that CMS is following on with pilot
tests of a number of the e-Prescribing Standards that were not implemented in
this last round adopted in this last round.

One of the areas, you may remember that in 2006, I think it was. We had an
awful lot of hearings in a very short period of time to try to identify the
standards that, by that the messaging standards, identifier standards,
terminology standards for e-Prescribing. The industry has moved forward with
those.

One of the areas which was a gap, was controlled substances. Which if I
recall the estimates were between 12 and 15 percent of all prescriptions were
controlled substances. So, even though we go forward with e-Prescribing, it
means that a physician would have to have another process to handle controlled
substances.

There was quite a bit of effort between CMS and the Department of Justice,
specifically the Drug Enforcement Agency, which has jurisdiction over
controlled substances, to try to have the process for prescribing a controlled
substance be consistent with those that are in place for e-Prescribing right
now.

Six weeks ago or something like that, I don’t remember the exact date, the
Drug Enforcement Agency did in fact issue an NPRM addressing this issue to a
certain extent. Our Subcommittee, the Standards Subcommittee has prepared a
letter reiterating the recommendations that we had with respect to controlled
substances, and of pointing out that we still feel as if the recommendations we
made were appropriate. If it has an echo back with respect to consideration in
the NPRM process.

That is the background of this particular letter that the Standard
Subcommittee is bringing to the Full Committee for your attention. Our
Subcommittee has reviewed this letter. Denise Benning, are you here? Denise
patiently and professionally drafted the first and second version and got
feedback from the rest of us for additional modifications. Thank you for being
the author for us of this letter, and doing the research for it. That is the
background, and I will turn it over to my Co chair, Judy. Unless there are any
questions.

MR. REYNOLDS: Jeff, on this here. Let me make one comment. Remember, we are
just reissuing a letter and previous findings. This is not special hearings.
This is not anything else. Please, as you listen to this we are just sending
forward information that we had sent forward before in a timely fashion based
on the duration between when it was originally adjudicated, and the fact that
there is something going on right now. I ask you to listen and adjust the
letter accordingly, Judy.

MR. BLAIR: You notice that when the do the seating on this they keep Judy
and I separated, so that we can’t do our private conversations during the whole
Committee.

DR. WARREN: I also told Jeff we control the corners of the table. For new
people, the way we do these letters, is we read a paragraph so that people can
follow us and then stop and ask for comments or any edits.

Our byline is Electronic Prescriptions for Controlled Substances. Dear
Secretary Leavitt, the National Committee on Vital and Health Statistics,
NCVHS, is directed by the Medicare Prescription Drug Improvement and
Modernization Act of 2003, MMA, to develop recommendations for uniform
standards to enable electronic prescribing, e-prescribing, in ambulatory care.
This letter will constitute our comments relative to the Department of Justice
(DOJ), notice of proposed rule making, the NPRM regarding its Drug Enforcement
Administration’s, excuse me, the DEA intent to revise its regulations to
provide practitioners with the options of writing prescriptions electronically
for controlled substances. Any comments?

MR. REYNOLDS: John?

MR. HOUSTON: How much wordsmithing do we want to be doing here?

MR. REYNOLDS: I would like the first reading to be anything substantive, and
then I would like you to get any comments you personally have about a word
being moved in a sentence to the Co chairs, who have clearly announced
themselves. This will be dealt with by the Standards Committee this afternoon
and brought back for final reading in the morning. Okay, let’s do it that way.

MR. HOUSTON: I don’t have a comment.

MR. REYNOLDS: Okay, Judy?

DR. WARREN: Next paragraph. Prescription writing is a critical factor in
patient care and patient safety. The National Association of Chain Drugstores,
NACDS, estimated in 2006, 3.4 billion prescriptions were written with another 2
billion refills and renewals processed, amounting to $249 billion spent on
prescription drugs, of these it is estimated that 11 percent or 374 million
prescriptions for controlled substances are written each year. Any comments?

MR. REYNOLDS: Okay, continue.

MS. WARREN: Okay, next paragraph. Time and again, the health care industry
has stated through both NCVHS testimony and discussions in public forums that
the inability to electronically prescribe controlled substances is a major
barrier to overall e-prescribing adoption by providers. In March 2005, the
NCVHS made recommendations to you specifically addressing the need to include
controlled substances along with other drugs in e-prescribing. Comments?

In that letter we acknowledged that — I’m sorry, Leslie?

MS. FRANCIS: Does it make sense to put the reference in there of the
recommendations? That is the actual, so anybody who reads this letter knows
exactly where to find the recommendations?

DR. WARREN: That is probably a pretty good idea. We can put a footnote at
the bottom of the letter referencing the dates of the letters that we sent.

MS. FRANCIS: And the website and the URL.

DR. WARREN: Any other comments? In that letter, we acknowledged that
controlled substances are medications that have the potential to cause
addiction, be abused by certain individuals, and be acquired illegally. The
U.S. Department of Justice (DOJ), Drug Enforcement Agency (DEA) has regulatory
authority over the prescribing and the dispensing of controlled substances.
Most importantly e-prescribing networks, software developers, providers,
standard developer organizations, and prescription transactions standards
developers, all expressed concern to the NCVHS regarding the use of public key
Infrastructure or PKI, a framework of policies, protocols, and digital
signature technology, in e-Prescribing.

I am going to stop there and see if there are any comments.

MS. FRANCIS: I found the transition from end of acknowledgements to this
paragraph, totally confusing. I just didn’t know where all this– is this
another one of the things that got acknowledged, or is this part of the
testimony that we heard in developing the recommendations? Anyway, some kind of
transition that gives the context of where this paragraph comes from.

MR. BLAIR: It was from testimony, but if you know that, is that the
transition you are looking for or is there something else?

MS. FRANCIS: That would be fine. You could say in the hearings that led to
our recommendations of March 2005, most importantly in the hearings that led to
our recommendations of March 2005 we heard from this testimony.

I think the reason it probably seems weird to me is that I wasn’t around in
2005. Lots of people who read this letter will not–

MR. REYNOLDS: That is a good thing. That is why we like new perspectives,
Michael.

DR. FITZMAURICE: One thing that might help with Leslie’s issue that she
brought up and that is that we talk about the testimony, then we talk about the
letter. Then we go back to the testimony again in the next paragraph.

If we took the sentence in March 2005 NCVHS made recommendations and put
that after the bulleted paragraphs on the second page and right above NCVHS
recommended that. Then we are talking about the testimony. Now we will talk
about the letter that we sent. Now we are talking about what we are telling you
today.

MS. TRUDEL: I’m sorry Mike, could you repeat that? I did not get the first
part.

DR. FITZMAURICE: I would suggest in the paragraph on the first page that
begins, time and again. The second sentence is in March 2005, NCVHS made
recommendations. I would take the block of that plus the bullet points about in
the letter we acknowledged that, and move that to after the bulleted points on
the second page so that we are talking about the testimony in the two
paragraphs.

Then we are talking about our letter. Then we are talking about what we tell
secretary today. From in March 2005 down to the U.S. Department of Justice et
cetera, prescribing and dispensing controlled substances. I would move that
down to after the next paragraph including the bullets where we are still
talking about the testimony.

MR. REYNOLDS: Walter.

DR. SUAREZ: Before we do that major surgery in the letter, can I suggest one
thing. I think the problem that we have — I like the flow on the first page. I
think the problem that we have is in the second page we jumped from the overall
aspects in the first page of what this is about e-Prescribing.

We jumped into a very specific detail issue of PKI. That is where the
connection is missing. I think if we before in the second page, before we have
that paragraph of most importantly. If we introduce among the issues that were
raised during the hearings we had this, this and this, and one of them is PKI.

Then we go down into the PKI issue. I think that is where the disconnect is.
I don’t necessarily think that the flow in the first page is wrong. I think it
is the introduction of the PKI issue in the second page that makes the
disconnect.

MR. REYNOLDS: The committee can take that one and work on that transition
for us. Denise you comfortable —

MS. WARREN: For right now let’s not move it Denise. I’ve got a note on mine.
I think I agree with Walter that we need an introductory couple of sentences.

MR. REYNOLDS: Walter is on that subcommittee.

DR. WARREN: Where I am going to start is they concluded the PKI would, there
at the last line of that paragraph.

They concluded that PKI would impair the ability of e-prescribing networks
to reformat or update the version of prescription before it is sent to the
dispenser, creates severe performance problems in e-prescribing networks due to
the complexity and overhead of managing PKI across disparate entities. Impose
significant additional cost for e-prescribing networks which are struggling to
establish an adequate business case for their services. Delay the adoption of
the use of e-prescribing as a result of the cost and burden to install and
maintain the PKI and not provide significant incremental security protection.
Testifiers indicated that there was no evidence that current security methods
are inadequate over e-Prescribing networks, relative to fraud and abuse.

Any questions on that? Yes, Leslie?

DR. FRANCIS: I just want to be sure that it is absolutely clear that this is
a summary of the testimony, not what NCVHS did.

MR. BLAIR: Very good point. That is an important point.

DR. CARR: It might be wordsmithing but when you say the concluded that PKI
— I would say the testifiers observed that. On the fifth bullet, I am a little
bit confused. Testifiers indicated that there was no evidence that current
security methods are inadequate over e-Prescribing. Is that a comparison? What
does that mean exactly? There is no evidence that current security methods are
inadequate. As compared–

DR. SUAREZ: To be used over.

MR. REYNOLDS: When used is what they actually said. It was being testified
by people that were using it.

MR. BLAIR: A friendly amendment, that it is e-Prescribing methods are
perfectly adequate.

DR. SUAREZ: I think the issue is–

MR. REYNOLDS: What we will do is — amendments are not -what we need to do
is make sure that we know exactly what the testimony is. I think that is a good
point.

DR. WARREN: I think what Justine is talking about is the word over talk can
be used in many different ways. I am struggling right now to think of another
way to talk about something going over a network. That is the intent here. Not
as a comparison.

DR. HORNBROOK: You are still struggling for the wrong idea. I think the idea
here is that fraud and abuse can defeat any kind of PKI or other things,
because fraud and abuse is something over and above that. At current levels of
security you will not see any difference in fraud and abuse because you are not
really addressing fraud and abuse.

MR. BLAIR: That actually is true, but that’s another point. I think the
point in this sentence was the testimony. They were indicating that if somebody
uses e-Prescribing, there is no evidence that had been obtained. When we were
hearing the testimony, there was no evidence that e-Prescribing didn’t have
sufficient security.

DR. WARREN: Plus, this is a letter taken from our previous letter and from
the testimony that we heard. I think what you are addressing was not something
that was in either one of those. I agree with you. Those are issues but not
here. I would have to go back and–

MR. REYNOLDS: Jim?

MR. J. SCANLON: Let’s see. PKI is not a part of the current proposal, so we
are referring to an earlier DEA proposal at the time? Is that why we are–

MR. REYNOLDS: That is correct.

MR. J. SCANLON: Can we say then that regarding PKI as a proposed body, DEA
whatever it was at that point. That is why we are reacting to that part.

DR. TANG: Along with that I guess as an overall comment. I am a little lost
why we delved right into PKI which isn’t part of the imperium(?). Also why when
we are talking about electronic prescriptions for controlled substances, the
authentication I think is the topic we are talking about. This seems to be
looking only on the security as it is transmitted over the networks, when
actually the bigger authentication issue is at the time of prescribing.

MR. REYNOLDS: Denise, were you going to make a comment?

MS. BENNING: Again, what we are trying to reflect here or the
recommendations or the points that were made in the previous letter. That is
why we are going back to that PKI issue again. Prior to that also, if we are
making recommendations for changes just make sure I capture them. I have heard
a lot of conversations going on. I don’t know that I have gotten everything.

MS. WARREN: Especially Jim Scanlon’s comment because I did not capture it.

MS. BENNING: I did not capture it either.

MR. J. SCANLON: I think I would just somewhere in here. I’ll just go back.
The overall concept here is that there were very great concerns when everyone
looked at the original and early DEA proposal, relating to their authentication
and security requirements.

One of the reasons was that they focused on PKI. That’s what we are focusing
on here. We can at least reference. It sounds like we are focusing on, like
they have PKI as a current proposal, which they don’t. All I would say is that
at the time, DEA, however you want to say it had proposed a number of security
and authentication requirements including PKI. Then you can say what everybody
thought about that. I will give you a wording.

MS. BENNING: Thank you, Jim.

DR. FITZMAURICE: Commenting on the same sentence. I agree with putting it in
there because sometimes you say they didn’t put it into the NPRM and therefore
it is gone. You get a couple of comments coming in, oh we put it back into the
final rule because we had all these comments. It is important to reiterate this
just as a countervailing to someone who may write in.

Secondly, it could read, testifiers indicated that there was no evidence
that current security methods of e-Prescribing networks are inadequate when
used for preventing fraud and abuse. I certainly want to put the word
preventing in there. In the Committee we can discuss how to phrase it.

DR. WARREN: Is that something we have agreement on to make that change?

MR. REYNOLDS: That is a change you can go forward to the subcommittee. Not
the full committee.

MR. WARREN: I understand that. I am just saying, do you want me to make that
change here so you can–

MS. CARR: Just put them all as comments.

MR. REYNOLDS: Alright. Judy?

MR WARREN: The NCVHS recommended that HHS and DEA work together to reconcile
different agency mission requirements, in a manner that will address DEA needs
for adequate security of prescriptions for all controlled substances without
seriously impairing the growth of e-Prescribing and support of patient safety
as mandated by MMA.

Finally, we repeated the need for HHS to evaluate emerging technologies such
as biometrics, digital signatures, and PKI for higher assurance authentication,
message integrity and non repudiation in a research agenda for e-Prescribing
and all other aspects of health information technology.

DR. SUAREZ: One comment on this. The word repeated, it seems to me– did we
back then repeat it or are we repeating here something that we said then? It
gives the impression that last sentence that back then when this letter was
being sent we were repeating something that was before that letter was put
together. My sense when I read this letter first was that we were repeating
here in this letter what we said in that previous letter. It is the repeating
that is a little confusing.

MR. REYNOLDS: John.

MR. HOUSTON: A couple things. I think there is a little bit of a conflict
because we talk about in the last bullet point up above at least a testifier
observed that there is no evidence that current security was inadequate. Now we
are talking about the needs to evaluate additional security without PKI I guess
is what we are really saying. That is one concern I have about this paragraph.

At the end as we are talking about different types of authentication
measures, integrity, et cetera. We say in research agenda for e-Prescribing and
all other aspects of health information technology. If this letter is on
e-Prescribing, let’s stick to e-Prescribing. You are opening a can of worms
when you are talking about security in health information networks.

MR. REYNOLDS: Are you recommending a period right after e-Prescribing?

MR. HOUSTON: Yes.

MR. REYNOLDS: Okay, Judy. Last paragraph.

DR. WARREN: We believe that many of these observations and recommendations
are still relevant, and ask that they be considered for inclusion in any
comments that the Department of Health and Human Services may make in response
to this notice of proposed rulemaking.

DR. FRANCIS: The implication of many of these is that there are some that
aren’t.

DR. FITZMAURICE: The PKI may not be.

DR. FRANCIS: It seems to me that’s just too vague.

MR. REYNOLDS: We are just saying that these recommendations, these
observations or recommendations. No more no less. Don’t look into it any
further.

DR. FRANCIS: If you believe they all are.

DR. WARREN: Steve has a comment because he debated the word “many”
quite a bit.

DR. STEINDEL: The problem with eliminating the word many and is that DEA in
my mind and some other people’s minds, actually went a long distance in this
NPRM. They did not go far enough. They went a long distance in that they
dropped PKI.

Most of our previous comments dealt with PKI, as we have discussed a few
minutes ago. If we say all of these observations or anything like that, what we
are telling DEA is we didn’t read your NPRM because you dropped PKI.

We have to acknowledge the fact that they did make the step. Being as you
point out, many is a vague word. Introducing that concept at least we are
acknowledging the fact that they did make some steps in the right direction.

DR. FRANCIS: Would that be fixed if there were a better frame earlier in the
letter?

DR. STEINDEL: In all probability, which is related to discussions we were
having before.

MR. REYNOLDS: We are talking about acknowledging upfront their movement
against original thoughts.

MR. J. SCANLON: Again, I think to make the transition complete would be to
say that why, you could even say while the DEA current proposal does not
include PKI proposal, security and authentication requirement framework that is
proposed contains many of this and would result in many of the same obstacles.

DR. STEINDEL: Just as an added comment to what I made, Leslie. One of our
problems is timeframe. Many of the points that we would like to make concerning
what we see as issues in the new proposal, were not covered in the previous
hearings. NCVHS has no testimony that we can rely on and would require the
holding of hearings.

The comments are due in when, about a week or two?

DR. WARREN: September 25th.

DR. STEINDEL: We are under a timeframe crunch and we would like to get
something in the record that NCVHS has looked at these NPRM problems.

DR. FRANCIS: Why don’t you just say then along the lines that Jim was
recommending that, we believe that these observations that although PKI isn’t
in the new proposal. we believe that many of the observations, concerns, and
recommendations that were raised in the earlier testimony and our earlier
letter were made relevant to the current proposal. Ask that they be considered
for inclusion.

MS. CARR: I’m sorry I’ve been a little bit out of the loop on this
discussion. I say that ahead of time because I should be better prepared, and
I’m not.

Could we on the earlier letter that we are referencing, is it one or many
letters? Could we just take what we said before and the pieces that we still
believe and just outline them here? I think it would just be easier to just
say, what we said it before and we are saying it again. These are the things
related to the current letter, the current NPRM.

MR. REYNOLDS: Judy and Jeff, I think you would need to take that under
consideration this afternoon.

DR. WARREN: Yes, we will take that under consideration. One of the kind of
concerns that we had and what we tried to design was a summary of the letter
before because the first letter was fairly lengthy. We wanted something that
was no more than two pages to go forward. We will go back and take a look and
see what other listings there are?

DR. CARR: Maybe just if we said, in 2005 NCVHS made these recommendations
and we believe them to be relevant today to the NPRM.

MR. REYNOLDS: Okay, any other comments. We will assume that this will go to
your subcommittee this afternoon and come back having answered all the
questions raised today. We will read it tomorrow and hopefully pass it and or
forward it to the Executive Subcommittee. We do need to get this in.

Alright, moving on to our next presenter, Dr. Charles Friedman from the
Office of the National Coordinator.

Agenda Item: ONC Update on Strategic Plan, Current
Activities, and AHIC 2.0 Successor

MR. FRIEDMAN: We are actually a team of three.

MR. REYNOLDS: –and his friends. We do recognize his friends quite
prominently. Again the subject of this is the update on the Strategic Plan,
current activities, in AHIC 2.0 successor as they relate to the Office of
National Coordinators. Dr. Friedman, thank you.

DR. FRIEDMAN: Thank you very much. Speaking of the Strategic Plan, I could
not resist bringing you all a handout which is a copy of the synopsis of the
Strategic Plan. Not the whole thing, which is downloadable from the web using a
URL that is in the synopsis.

MR. REYNOLDS: Even though it’s the first time we have heard from you, we do
like you.

DR. FRIEDMAN: Were they loaded into this machine?

MR. REYNOLDS: We would like you to do it but we hid them.

(LAUGHTER)

MR. FREIDMAN: Let me begin by saying that I am delighted to be here with you
this morning. This presentation is an update of ONC activities. I have been
accompanied for purposes of this presentation by Mary Jo Deering, who I believe
is known to many in the room, and Morris Landau of the ONC staff.

The agenda is divided into four parts. I will discuss the Federal Health
IT’s Strategic Plan. We will then discuss, or I will then discuss the
Nationwide Health Information Network. This will be followed by an update on
the AHIC successor, that Mary Jo will present and that in turn will be followed
by an update on ONC privacy and security activities that Maurice will present.

Let me say a few words to begin about the document entitled, ‘The ONC
Coordinated Federal Health IT’s Strategic Plan 2008-2012.’ Maybe that title was
so comprehensive that I don’t have to say very much more about the document.

A few things, to elaborate on the title is that it does lay out the health
IT agenda from the point of view of the Federal Government. It lays out a plan
for coordinated federal activities, many of which do engage the private sector,
but it does not explicitly describe activities which must originate in the
private sector. In that sense it is a Federal Health IT Strategic Plan.

The structure of the plan includes two goals, eight objectives, four under
each goal, and 43 strategies distributed under the objectives. Each objective
has a measure and each strategy has a milestone associated with a date. The
plan also includes the complete plan. You will not see this in the synopsis
that I handed out.

Detailed current activities related to Health IT of all Federal Agencies
that participated, which is almost all the agencies that have active program
relating to Health IT. Incidentally the plan was released on June 3rd, 2008
after passing through federal clearance.

There are many reasons why we created this plan. Certainly it was done to
provide clarity and guidance and through the expressions of measures, a way to
measure our progress. We also developed a plan in response to requests for it
from several sources including the Presidential Executive Order that created
the position of the National Coordinator, in 2004.

If you go back and read that Executive Order it did explicitly call for a
strategic plan. There was a Strategic Framework released during the summer of
2004 that was in many ways a precursor of the Strategic Plan but did not rise
to the level of being a plan itself.

The Congress has called on several occasions for this plan and the
observations of the several organizations including the Institute of Medicine,
provided further motivation for the plan’s creation. There were some other
motivators included, as I mentioned. Since time passes very quickly and
information technology is a sort of natural obsolescence of the 2004 Strategic
Framework. Although it was an excellent document in many respects, we were also
motivated by a perceived need for increased collaboration across the Federal
Government. And a need for a kind of clarity of thinking about Health IT which
we hope the plan will facilitate by virtue of its structure.

This leads me to some characteristics of the plan which somewhat follow from
the motivators. The plan was highly collaborative. Every optive and
stafftive(?) of HHS participated in this creation. Yes, Blackford?

DR. MIDDLETON: Chuck, would you like questions held to the end or along the
way?

DR. FREIDMAN: Questions now are fine.

DR. MIDDLETON: Could you return to the prior slide? I guess I am just struck
looking at the motivation and having had a chance to look at the plan document.
Motivation pertaining to the business drivers impacting healthcare are not
addressed.

Things like Value Based Purchasing, compared to effectiveness research,
improving quality in patient safety, and reducing waste, I think are
fundamental drivers that you need to articulate. I would suggest is part of the
reason for HIT in the plan from the ONC.

DR. FREIDMAN: That is a fair and excellent comment and probably should have
been added to this slide. It certainly was behind the thinking that motivated
the plan.

Among the characteristics of the plan that we would offer to you; I
mentioned that it was collaborative. I think an important feature of the plan
and I hope this will be clear when you see it in a structure that is more
detailed, is its integrative character.

We try to stress in the plan the importance of creating one infrastructure
that serves all of the objectives and in particular serves the needs of both
large goals expressed in the plan. We make a bold statement in the plan that
it’s complete. That is a somewhat dangerous thing to say. We do believe that
the eight objectives together lay out at least a comprehensive framework to
improve the quality and efficiency of health care in Population Health, through
the mechanism of Health IT.

We also believe the plan is disciplined. It has got a very tight structure.
While we have not yet begun talking amongst ourselves in numbers, our
responding to the strategies and milestones in the plan, it does provide that
kind of structure which can be very facilitative of communication. Particularly
in a field that changes very quickly.

The plan has two goals. The first goal is to enable patient focused
healthcare. I won’t read you the goal in full, but I will emphasize the word
enable in there, which emphasizes the fact that Health IT by itself cannot
transform health care. It can potentiate the transformation of healthcare. The
plan seeks to outline the steps which must be taken with respect to Health IT
to effect that potentiating.

A corresponding and coequal goal is the improvement of Population Health.
You see the word enable there as well, serving the same purposes. I would also
note that we introduced the concept of Population Health as an overarching term
to embrace four activities which we would argue fall under it. Activities
traditionally associated with Public Health, activities via medical research,
activities specifically related to quality improvement and activities directed
to emergency preparedness.

All four are explicitly included under this rubric of Population Health
falling under Goal 2 which has a coequal status with Goal 1, yes?

MS. MCCALL: A brief question playing off your use of the word
“enable”. Technology is an enabler. My question is do the goals and
objectives and strategies that you have here or technology, map to– There is a
piece of paper one pager that we were handed earlier to the HHS Strategic Plan,
goals and objectives the next five years which also has four goals and four sub
objectives under each.

They explicitly tie number one and number two. Will you be talking about how
this plan here enables what these goals are as well?

DR. FREIDMAN: That is a very good question. We did a crosswalk at one point
and satisfied ourselves that there was high level of consistency between the
two as you might expect. I don’t have the instant command of that crosswalk to
do that for you. If you write to me I would be happy to do it.

This chart conveys the basic structure of the plan. The basic structure of
the plan introduces what we call themes corresponding to channels of activities
comprising a complete approach to Health IT. What we call the Health IT Agenda.

You see these as the columns of the chart. The four themes relate to privacy
and security, interoperability, adoption, and collaborative governance. Each
row corresponds to one of the goals and each objective exists at the
intersection as a cell, existing at the intersection of one row and one column.
Objective 1.1 is the theme of privacy expresses the theme of privacy and
security as it relates to the goal of patient focused care. You had a question?

DR. FRANCIS: I had a question about the way Objective 1.1 and 1.2 are
formulated, in comparison with Objective 2.1 and 2.2. I guess I can ask the
question first of all by saying, 2.1 fronts privacy, 1.1 doesn’t.

When I read 1.1 and 1.2, I was puzzled by what the difference was because
1.2 is about enabling movement, 1.1 also talks about something that looks like
the same thing, facilitating movement while protecting privacy and security.

While I fully recognize that there are two issues here. One is how do you
get the information to move, and the other is how do you do that consistently
with privacy and data security. I was just puzzled by those structural
elements. It didn’t look like privacy was quite getting its full billing in
Objective 1.1.

DR. FREIDMAN: That is fair. I am going back as you speak quite honestly
through the evolution of the language of these objectives. I think the phrasing
tried and I can recollect how we differentiated them.

I think the phrasing tried to emphasize for Objective 1.1 the issues of
access and well, I am finding myself restating what the objective says. Let me
speak to 2.1 and why we made that different.

I think we felt that the issues surrounding Population Health uses of data
which involve aggregation were issues where perhaps the applicable policies,
principles, and procedures were not quite as mature in thinking about them
would be one cut at that. I am hoping into the past a little bit here as to the
evolution of the terms.

There was certainly no intent to deemphasize privacy and security in either
one. I think what we were trying to capture was perhaps nuance issues of the
different ways in which these principles enter in to each hall.

MR. FITZMAURICE: Chuck, when I read it, I had a slightly different
interpretation but I felt the same way that Leslie did. When I looked at the
patient focused healthcare, get the benefits while protecting the privacy and
security of my information. I may have different feelings that the people
around me. I will have choices to make for protecting my own personal
information. You can have this but you can’t have that.

In regards to Population Health, somebody has to advance the security
policies and principles determined with the population as a whole can agree
upon. I thought that was the emphasis of the object of 2.1 is, what can we all
agree upon, and 1.1 is do we have to provide for individuals who don’t agree in
general but they want something specific for themselves.

DR. FREIDMAN: I can’t disagree with that. I just want to emphasize the
presence of privacy and security as one of the four themes as a way of keeping
front and center the importance of those principles as a key component of the
agenda.

I am going to accelerate here a bit. If you think time is such that we
should–

MR. REYNOLDS: Please continue. I will control a little bit of the
questioning if it continues at such an enthusiastic pace. We will adjust.

DR. FREIDMAN: Here is just an explication of one of the objectives. The
Objective 1.3 dealing with adoption and a selection of three of the nine
strategies which are expressed under that objective, to give you a sense of
what the strategies look like.

Here in the next slide is shown for the next objective and one strategy
specifically relating to a topic near and dear to my heart. You will see the
associated milestone with a date attached. The plan also includes even one
level further down which you can see in this same plan. Exemplary action steps
which could be used to support strategy. Even though I haven’t explicitly
described the plan goes four levels down from goals to objectives, strategies
to actions.

This next slide illustrates another feature of the plan and that is it’s
description of the full array of federal activities which we actually indexed
relative to each objective or for each agency. You see this here in a sample of
a matrix which is Appendix B of the full plan which shows the full list of
these federal activities broken down by agency and aligned with the eight
objectives of the plan. It goes without saying that several of these activities
align with multiple objectives. Que

This final slide gives you a sense of the descriptions of these federal
activities that are included in Appendix C of the plan. One of the aspects of
the press that the plan received since it was released, I am proud to say
someone called this listing of federal activities unprecedented. We are
particularly proud of that.

This completes what I wanted to present about the plan. I hope you enjoy
reading the synopsis. We are having very much more attractive versions of this
printed. We hope they will be ready soon. They weren’t quite ready for
distribution today. We will be distributing them as soon as they are. Should we
take any further questions?

MR. REYNOLDS: We will take a few more. I think the other thing we can
consider as a committee is obviously ONC gives us regular updates and so as we
review this if we decide that we want to put it back on to have further
discussion as we get more chance to digest it individually and as a group or as
subcommittees, whatever we want to approach it, that would be a good thing to
do rather than — Thank you, good synopsis. Questions anybody has right now,
Paul?

DR. TANG: Just a comment. As a confirmed lumper, I really like the idea of
the patient centered and the population and the way it captures really
population captures a whole lot, but that’s the lumper. I think your themes are
very crosscutting. I particularly like that matrix the 2X4 because it really
was able to, you can get your hands around that and understand how it crosscuts
and how it serves each of those two major goals. I appreciate that and you are
down to actual milestones and timelines are also very helpful.

MR. REYNOLDS: One other thing I think that would be helpful I think to the
committee and I think to Walter is, obviously if there are ideas of anyways
that we can help move this forward. You have got the four major categories. As
you go back and work with Rob and others, if there are ways we could be of
assistance that would be helpful. We are establishing our 2009, 2010 planning
and making sure again we all kind of stay coordinated on doing some of this
would be good. Walter you had a question?

DR. FRIEDMAN: Could I just respond to that. Thank you. We will certainly
take you up on your offer. I should point out some things I didn’t point out
before. In his array of activities that we describe in the plan, the activities
of two federal advisory committees are described. One is the AHAC and the other
is the NCVHS. Your activities are described in this plan.

MR. REYNOLDS: Walter?

DR. SUAREZ: I actually have read the whole document and one can only realize
the significant challenge of the Office of the National Coordinator to
coordinate the many. You only listed the Federal activities going on that cut
across all the different activities.

It is very impressive. I agree with Paul. I think the approach to this
strategic plan is a very good one with the two goals and the four objectives,
or the two goals and the four cross cutting areas dimensions. One thing I think
is a little more challenging is the inter relationship between the four
dimensions or domains. I think there is interoperability on privacy and
security. There is adoption privacy and security and there is adoption on
interoperability.

Those are the kind of challenges that we are facing in the organization that
are set to actually do this. There is in the interoperability HITSP in the
adoption, CCHIT or you could create some in the collaborative governance. There
are some activities and it is the relationship across those that has been
proven to be one of the more challenging aspects. I wonder if you could talk a
little bit about how that is expected to continue to be enhanced or–

DR. FRIEDMAN: That is a superb question and thank you for asking it. We are
developing out of the Strategic Plan as you might imagine we would, a more
operational plan for the implementation. It is at the level of the operational
plan that we are going to weave together these interactions.

It is in the nature of any kind of hierarchical design of anything that it
emphasizes differences and separations between things by putting them on
different branches. In fact, this branch over here profoundly relates to this
branch over here. You need a way to capture that and also have that
relationship guide what you actually do.

Our operational plan, and actually we have got some prototypes for how this
might look, explicitly captures those kinds of relationships which are lost
really event though we know they are really there in this kind of
representations. That was an excellent point and when the operational plan
comes out that will be clearer.

MR. REYNOLDS: Okay, we have Leslie, Paul, and Mark, and then we will move
on.

DR. FRANCIS: When I read the plan also, I was struck by the fact that it
sets out — Since there is going to be a framework for example with respect to
the privacy and the security. It doesn’t say what that framework will be. That
is an enormous task. Therefore this is by way of an offer of help.

DR. FRIEDMAN: Yes, and it is a Strategic Plan and the Strategic Plan makes
appropriate statements that there will be things and maybe some things are said
about those things that gives you a sense of what they will do and what they
will look like. It is in the nature of the Strategic Plan to only have a
certain level specificity and authors of the systems are always appreciated.

MR. REYNOLDS: Paul?

DR. TANG: This is a look through the four themes. It has policy written all
over it, which is one of the main focuses of this committee. The other piece is
data. I think this will be– Data might be the third dimension to this matrix
and I think it will relate very tightly to the data stewardship presentation
that Justine is about to make this afternoon. How does NCVHS with it’s policy
focus and data middle name fit into this matrix? I think it will work very well
together.

MR. REYNOLDS: Did all of you notice that since Paul’s part of that committee
that he is now given the committee middle name? I am not sure we have adopted
that yet, but we have noted that the comment was made. Mark.

DR. HORNBROOK: I am just wondering whether it would be important to convince
patients that data sharing is in their best interests. Most of the time when I
do research studies our patients believe that the only person who opens their
chart, is their doctor. Nobody else in all of Kaiser ever sees their chart.

That is a total misnomer for how the world is actually operating. They have
a tremendous information education challenge to teach patients across the
country that data sharing is actually going to help their health. We haven’t
done that very well yet.

DR. FRIEDMAN: Just a quick response to that. I completely agree with you.
There is actually a strategy and I believe it is under Objective 1.3 which
deals with the need to educate consumers in valid and appropriate ways. If you
drill into the synopsis I think you will see that under 1.3. We are very aware
of the need for education and that is reflected in the plan.

MR. REYNOLDS: Garland did you have a comment?

MR. LAND: I was looking at the examples of data systems or systems, and how
it relates to the plan. I notice that there is no mention in here of
particularly I guess if you are going to the inoperability column of vital
statistics and how it relates to surveillance activities. You have pandemic all
hazards preparedness, now there is discussion about death certificates being
used for pandemic flu surveillance. There is no mention in here of how the
Vital Statistics System and all of the work that has been going on at the
National Center for Health Statistics for reengineering those systems, relates
to this plan.

DR. FRIEDMAN: Could you flash what you are looking at? Okay, you are looking
at the table. Two responses to that. Certainly I can’t disagree with you or
with your statement in terms of what is and isn’t in the plan.

First of all what is that table reflects what the agencies are doing. What
you have in that table is the heading title, the activity. I think if you went
in the fore plan to Appendix C which spells out those activities in detail, I
think you will see some of the elements you are describing, in the more
detailed descriptions of those programs.

MR. REYNOLDS: Blackford, I think you had a question but what I would like to
do is hold it, keep it. I would like to hear the next two portions of the
presentation, and then if we have got a few minutes at the end, please jump in.

DR. FRIEDMAN: I was going to say a few comments about the Nationwide Health
Information Network and then hand the microphone to my colleagues.

A quick update on the Nationwide Health Information Network. It seems very
timely because at the AHIC meeting I will describe in more detail in just a
moment. On Tuesday, a significant portion of the agenda will be devoted to the
so called trial implementations of the NHIN, which are quite well along now. I
thought I would take a few minutes to talk about what’s going on in the NHIN.

I think this slide is pretty much self evident about the purposes of the
exchange of electronic health information. Implied need to educate, not just
consumers but really many stakeholders about the value that inheres in this.

The common elements that are required to realize health information exchange
in a secure fashion on a national scale. Emphasizing the importance of
standards so that the approach can scale. A Nationwide Health Information
Network can’t be built on a series of point to point connections, and one to
one agreements.

The number of those agreements grows as the square of the number of parties
engaged. It is not a scalable process. Our approach to the NHIN is scalable and
based on a shared set of standards and agreements such that any party adhering
to those standards and agreements will basically be able to exchange
information with any other party also adhering to those standards and
agreements.

The network can be schematized like this. It is built on the commodity
internet. It invokes as I said a set of standards, specifications, and
agreements for secure exchange of information. It is a network of networks. The
entities that attach to the NHIN are health information exchanging
organizations which is an important point to emphasize.

As you will see in the next slide this health information exchanging
organizations that attach to the NHIN can be of three types. This is an
important development in the thinking about nationwide health information
exchange. I think in the beginning of the process of developing the NHIN, the
focus was on what we call geographic networks. RHIOs and other geographically
defined organizations which support nonproprietary exchange among a set of
entities within a defined geographic area, either a state level or regional
across states.

In perhaps the past 12 to 18 months, two additional types of networks which
the NHIN is being built to accommodate, have emerged. The so called,
“organizational networks” which are defined around large integrated
delivery systems or hospital chains. These can attach as entities to the NHIN.

A third type seen on the bottom row of this chart, are networks formed
around organizations that support personal health record kinds of initiatives.
Organizations or undertakings such as those being advanced by Google Health or
Microsoft Health Bolt could, they have not yet but could attach in much the
same way as the other types of organizations to the NHIN.

An important development has been the diversification in the kinds of
organizations, the kinds of networks that will attach as entities, this NHIN
which at its core is a network of networks. The NHIN is being developed in
three steps. The prototype step resulting in a set of prototype architectures
for the NHIN is a step that has been completed in prototype architectures were
demonstrated to the AHIC early in 2007.

The success of that step led to the step in which we are engaged now which
is the actual trial implementations. This will lead from here to the NHIN in
some manner not yet fully specified of going into regular production.

A few more words about the trial implementations. To conduct the trial
implementations, an organization called the NHIN Cooperative, it is not a
formal organization. It is more of an informal consortium, was created to
implement tests and demonstrate the basic NHIN information exchange core
services.

This demonstration to occur in September of 2008, and specifically next week
on September 23. The key core services that will be demonstrated include
support of consumer access controls, the look up and retrieval of clinical
information. The look up and retrieval of information about a specific patient.
The identification of the specific patient on the network. Third, once a
patient has been located and identified, the exchange of patient summary
records. These functions will be demonstrated next week.

The mechanism of supporting several of the entities in the NHIN Cooperative
has been through contracts and grants. Our contract and grant recipients in
this process have included 13 geographically oriented health information
exchanges, and two organizationally oriented integrated delivery systems. I
will show you those in a moment.

In addition, several federal agencies and departments that participate in
healthcare and population health are also collaborating and will be major
participants in this activity. The NHIN Cooperative, and I need to be specific
on this. These are the cooperative members who will be participating in the
September trials next week include the nine contract recipients listed in the
upper left of this slide.

The ones in bold are geographic organizations that have statewide span. The
others are regional. On the right we have six additional health information
exchange organizations including the Cleveland Clinic and Kaiser Permanente,
which are organizationally based who will join the cooperative via additional
grant awards. We list below the four federal agencies that will be
participating in the trial implementations. Here you see what I think is a very
impressive and diverse array of organizations that will be participating in
this initial trial of the NHIN.

What will specifically happen next week, if you can’t make it in person I
would encourage you to watch the live webcast as a presentation of the core
services as I mentioned of patient look up, primary record exchange, and
implementation of consumer preferences.

These will be scenario based. What you will actually see demonstrated is
something clinically relevant happening in the world that will make sense as a
story that has a motivation and a business case behind it. While things are
still a little bit in motion, we expect that most and maybe all of the 20
organizations that you saw listed on the previous slide will be directly
participating in this activity.

On December 15th and 16th there will occur an activity that occurs
periodically called the NHIN Forum. At the NHIN Forum there will be the second
phase of the NHIN trial implementation activity. That will be the presentation
of information exchange specifically to execute information exchange activities
necessary to execute the first seven AHIC use cases, including medication
management, quality, bio-surveillance, and others that have been the focus of
standard setting and other AHIC relating activities.

These demonstrations in December will not only demonstrate further the
capabilities of the NHIN, but they will tie the NHIN activities to other
interoperability related activities that have been ongoing as part of the
National Agenda.

MR. REYNOLDS: I have a question back to your slide 16 which is a different
network model. We have HITSP, we have CCHIT. These are categories. I know a
number of entities on that list and some of them self proclaim themselves as
whatever an HIE is and whatever an organization is, and whatever. Are you
hoping to build any structure around these three titles, or can people self
proclaim themselves to be one of these?

For example in North Carolina, you see Enchica(?) listed but there are
seven HIE’s in North Carolina that have different capabilities and structure.
As we really try to move towards a Nationwide Health Information Network, I
think it would be helpful especially to those of us in the real world who want
to align to something, to not have eight of them in a state, and to have
whoever is selected or self proclaims themselves, or wins a bid or does
something else, is an entity that people would in fact align to.

As we try to build this, I like your three categories. I really like them a
lot, but structuring it in some kind of way that you can understand what they
are and what the characteristics are so that a lot of people that are asked to
join maybe more than one even in their own state would have some sense of what
this really means.

DR. FRIEDMAN: Excellent point. Just a couple of comments in response. First
of all as you might have surmised from things I said and maybe things I didn’t
say. The NHIN is kind of self organizing. We are not in a prescriptive way
saying who can join and who can’t. We are even agnostic on the specific
software implementations that are being used by each HIE to implement the
specifications for information exchange. As long you comply, how you program it
to happen is largely up to you.

The classification here is a sort of post hoc label that we have put on
these emerging diverse kinds of organizations that are evolving as the world
self organizes. I just want to emphasize, we are making no value judgments
saying any one of these has any superior features to any other. We are just
saying these are all equally eligible to attach to the NHIN and they are
fundamentally different in the way they came to be.

DR. SUAREZ: I have to raise a big issue with this particular chart. I think
it is very risky to categorize the first and the third as HIE’s. We have to
remember that as I understand it, what we are trying to do here is the NHIN
which is the series of policies and agreements and specifications. That is
NHIN, and NHIN is the internet with a bunch of specifications and agreements.

To it, there are HIE’s that attach. There could be HIE’s such as in North
Carolina a statewide HIE or in Rhode Island a statewide HIE. What distinguishes
an HIE from the Mayo Clinic or the Cleveland Clinic, is that the HIE includes
totally independent organizations exchanging data within the HIE and then
needing to attach to NHIN to exchange data with other HIE’s. That is what
distinguishes it.

Mayo Clinic is a large network just like Cleveland Clinic and any others. To
consider them to be an HIE would create the perception that the type of
interoperable standards that entities like HITSP are developing and creating
and that the Secretary is adopting and recognizing, will be in fact needed to
be incorporated inside the private networks that are created inside an
organization. When they for whatever for however purposes they have, they can
do internally many different things. It is when they communicate externally
with other entities through an HIE that this interoperability standards are
required.

The third one personally controlled. It seems to me that those are notes.
They are not really HIE’s. They are not a network. For example, Microsoft
Health Vault or Google Health, or Health TRIO. We are going to hear about the
personally control health record. They are notes, they are not really a network
in the sense of an HIE.

It is very, and this is an emphasis that I really have to make because it
really creates a lot of confusion about– In North Carolina there might be 15
private networks or corporations or organizations. There could be one HIE. That
HIE connects to, or there could be three regional HIE’s. Inside each HIE there
are 15 or 20 private networks.

That is the kind of confusion that exists out there that creates the
challenge of what is it that we are doing with respect to the interconnections
that I was mentioning earlier of privacy, security, interoperability adoption,
and governance. It is very critical to avoid that type of confusion and define
in the framework exactly what we are talking about and what the scope is.

DR. FRIEDMAN: Excellent point. We are obviously dealing with an evolutionary
process here. I don’t know how many of you have read the HEMA report to
addressing the definitions of six key Health IT’s terms. There is a proposal
there that a new term be created called an HIO, a Health Information
Organization of which a regional HIE would be one type.

That proposition seeks to deal with exactly the point you are making. We
have I think associated with the term HIE certain characteristics, a different
set of characteristics exist in an organization that is eligible to attach to
the NHIN, and what do you call that. Excellent point and we are working on it.

MS. MCCALL: Walter’s comment which I thank you greatly was really incredibly
illuminating. I think it is really important that we understand what the new
entities are. That seems to be one of the big challenges. What are they? What
are their rights? What are their responsibilities that accrue? How are they
different from some other role? Even a friendly suggestion, that the picture
that is up on that slide, go back there. Those are all lumped together and they
are not differentiated from the types of entities that that they are and the
roles that they play. I could wear more than one t-shirt at a time.

I think that can be enhanced by beginning to define some and saying what
they do and the role they play and beginning to articulate that so everybody
begins to understand it more naturally.

MR. GREEN: Let’s keep that slide up there. What is your thinking about where
a small physician practice fits? Where does it show up up there? What is the
thinking about whether they belong in this in any place or not? Where and how?

DR. FREIDMAN: Good point. The NHIN is a network of networks. It is a network
to which health information exchanging organizations belong. An individual
practice would connect to the NHIN through connection to one of these kinds of
organizations. Specifically, either to an organizational HIE, so if it were a
practice associated with an integrated delivery network. It could connect to
the NHIN through the Health Information Exchange node of that organizationally
based HIE, or and there is no rule about which it would necessarily have to do.
It could connect by virtue of existing in a region which had a regionally based
Health Information Exchange in it. We don’t anticipate that practices would
create connect directly to the NHIN.

MR. GREEN: Just to flag an issue. If I heard you correctly we are as a
nation from a federal perspective, proceeding with the assumption that each
physician practice is going to select or choose a network which say are going
to belong or participate in the NHIN. Is that correct?

DR. FREIDMAN: It shouldn’t make a difference in terms of National Health
Information Exchange. Everything is governed by the same set of standards and
agreements which path they take. Ultimately an orderly world would require them
to belong to one.

MR. GREEN: That is a great phrase. Let us capture that. An orderly world
would require them to belong to one. Let’s not lose sight of that, okay?

MR. BLAIR: Thanks so much for being here and explaining these things to us.
I think this has a lot of interest to a lot of us. There is two pieces here
where I am going to maybe attempt to address some of the concerns that have
been mentioned. I will probably raise another one of my own.

One is in respect to the fact that many different HIE’s could connect to the
NHIN as part of the process this trial implementation. A new designation was
made while an NHIE with the N being in front of the Health Information Exchange
meaning that the HIE is able to work interoperably with the NHIN.

Two things are required for that to happen, for an HIE to be designated an
NHIE. One is that they are able to communicate with the interoperability
standards specified by HITSP or subset of those that are necessary for
communications of the NHIN. The other is that a legal agreement be signed
called the Data Use and Reciprocal Agreement, D-U-R-S-A which specifies the
privacy constraints, security constraints, and data ownership constraints, to
be able to work with the NHIN.

That was really helpful. Those agreements have been worked out or are still
in the process of being worked out. I think in part the two points that I just
made may partially answer who could connect to the NHIN in a particular area,
and who would be designated in the NHIE.

Now that I have cleared that up, let me add some things that make it
difficult again. That is that when NAHIT, National Association of Health
Information Technology, or National Alliance I think is what the A stands for,
or used to.

When they were asked to come up with definitions, their definition of an HIE
was so broad that a HIE could be an e-Prescribing network, it could be a
network like Enchica where it’s communicating between providers, payers using
X12 Standards and Clearing Houses. It could be a Health Information Exchange
that focuses on clinical data and clinical use cases where you have a master
person index in the front of it to be able to identify all of the records that
a patient may have over many different institutions.

Those are three different architectures. There is different data, different
architectures, and even different users. When NHIT came up with this very broad
definition of an HIE, I’m not sure that was helpful. Those are my observations
and I wonder Chuck, if you have any thoughts? Am I on the mark, off the mark,
or is that useful?

DR. FRIEDMAN: Very, the first way in which it was useful, you pointed out
that I misspoke when I said that the study that offered the six terms was done
my HIMA, that was a misstatement. It was done by NHIT, I apologize to NAHIT and
I stand corrected.

More substantively, I think and also thank you for reminding me and telling
the group about the NHIE status which is the formal way we and the folks who
are running the NHIN cooperative are designating a Health Information Exchange
Organization that is capable of connecting to the NHIN. You put the N in front
of it.

I think we are all trying to deal with this same problem of a dynamic self
organizing and rapidly evolving world for Health Information Exchange. A
rapidly diversifying set of reasons why health information is being exchanged.
The need to get our minds around this I think as and anticipate where the world
is going to go from here.

NAHIT in defining these Health Information Exchanging Organizations, perhaps
went even beyond the three categories we created here. Probably although I am
not absolutely certain of this, included some organizations for which it would
be a bit of a pull to become an NHIE, directly capable of connecting to the
NHIN, as opposed to as I was describing before doing it indirectly by virtue of
connecting to an NHIE.

You are making excellent observations. You point out in more detail than I
did from an important different perspective how we are all trying to make sense
out of things that have just started to happen, are complex, are important but
fundamentally unpredictable. At the same time, we want to embrace this
diversity.

We don’t want to create something which prevents an important health
information exchanging entity from attaching. We are trying to create an NHIN
which will meet everyone’s needs that is added to the challenge. It is
certainly added to the terminological challenge. This is what we are after and
I think we are all acknowledging that it’s hard.

MR. BLAIR: Let me add one other thing which also addresses part of this
problem. That is that the CCHIT is in the process of coming up with the
criteria for certifying regional health information organizations, specifically
HIE’s. I think that probably will help because part of the criteria is
interoperability, another part is privacy, but another part has been the
structure and organization and governance. I think that is going to be another
help.

MR. REYNOLDS: I am going to go ahead and cut this off right here, and I
would like to have the rest of it done by 12:30 if we could. Thank you, good
discussion and this is one that obviously this committee has spent an awful lot
of time on and could talk on for a long time. I’m sure this will be a
continuing item on our agenda.

Thank you very much.

DR. FRIEDMAN: I appreciate the excellent questions, and let me turn this
over to Mary Jo.

MR. REYNOLDS: Mary Jo, welcome back and please introduce yourself since you
weren’t officially introduced. We want you on the record.

MS. DEERING: I am Mary Jo Deering and I am currently in an acting position
as the lead for the AHIC Transition Activities in the Office of the National
Coordinator. I have been there a little over two weeks, replacing Kelly Conan
who many of you know, had a bouncing baby girl just a little over two weeks
ago, and doing fine.

Again in the interest of time, perhaps it is best if I just go through my
slides. I am going to gloss over some of them fairly quickly because you have
them in front of you so that there would be time at the end for any really
important questions you want to raise.

Next slide please. Just to remind you that it was just at the beginning of
this year that the Secretary recognizing the inevitable transition coming up
wanted to be sure that the important work of the AHIC could stand free and
could carry forward. A cooperative agreement was established with a total of up
to $13 million is going to be provided over the course of three years and phase
two which was $5 million will be completed by the end of this calendar year.

Again there was an enormous army of volunteers which included probably a
number of people in this room who participated in various planning groups that
were stood up by LMI and Brookings. Their work constituted – provided
recommendations for governance, membership, sustainability, and helped frame
the work of what is the new organization, which I am going to get to in a
minute.

Let’s go past to the next slide. The scope I think is probably more
important to you right here. What I want to point out here is that the first
two items on this scope statement are really very much in keeping in what the
A1 has done. It is looking at promoting the harmonized standards. It is
prioritizing stakeholder’s requirements. Those have been I think a lot of the
bread and butter of the A1.

I think what is interesting though in the next two bullets on there. The
third one just opens it up a bit and says this no longer a FACA that exists
only to provide recommendations on prioritization and harmonization to the
Secretary. It has a broader goal of promoting interoperable and Health
Information Exchange. It has now the freedom to consider in its mission what
other activities and types of work products, might help advance that.

Finally in its cooperative agreement, is to oversee and facilitate the
Nationwide Health Information Network. I want to get to that later because I
think it really touches on the discussion that we just had here.

Next slide. What I want to particularly mention about this slide is to point
out that a third from the bottom that work is going on right now to craft
bylaws for this new organization. There will be a public vetting process
sometime in October – probably somewhere in the first half of October. It is
very important that stakeholders have a chance to see these bylaws and weigh
in.

The Board of Directors has been assembled but not officially announced. I
will get to that in just a moment. I think probably many of you may have
participated in the process of nominating individuals to serve on the Board of
Directors. Finally in October, our next slide please, the Board will be seated.

Again, it is incorporated as of the 17th of July. The AHIC Successor, Inc.
is the formal name of this organization for now. Laura Miller, who was a long
time veteran of the Veterans Health Administration, retiring I believe as an
Under Secretary, Deputy Under Secretary of Management. A delightful competent
woman, is a midwife to this organization for now. I am working with the three
incorporators who are, we call them the three Johns. John Glasgov(?)of Howard
Partners, John Tucker, and Jonathan Perlin(?).

Next Tuesday, at the AHIC meeting, you will learn who the members of the
Board of Directors are. They are 13 at large members, two slots are reserved
for consumers, two slots are reserved for federal representatives. The first
Board meeting will be held October 27th, and they hope to have another meeting
before the end of the calendar year.

Next slide please. It will be an organization of organizations at this point
in time, although there still may be an issue of whether individuals were
joint. This gives you an idea. While they have not written into either the
membership or the voting these rigid categories, this will indicate to you what
they have initially identified as important stakeholder groups. When they talk
about diversity of representation on any committee et cetera, this is what they
will have in mind as they look forward.

Next slide please. In terms of transitioning, the work of the current AHIC
and those were groups again I suspect that there are people in this room who
have been working there. The Transition Planning Group set up by the early
phase of the A2 helped work with the workgroups and extract specific
recommendations for unfinished work going forward.

By the way, some of you may know that these workgroups had both specific
charges and broad charges. All of them completed the specific charges. The
unfinished work or the work that they would like to see carried forward came
under the broad rubric and any other given areas as to additional work areas to
be pursued. (Inaudible) is also taking a look at those recommendations and with
other input. We are going to be coming up with a prioritized list for the first
calendar year of activities that we suggest that the A2 take a priority look
at. We may suggest some organizational models for them to follow.

Next slide please. What is especially important here is that we are not
focusing on transitioning the workgroups, per se. We are focusing on
transitioning the work of the workgroups and especially the intellectual
capital. Again there was extraordinary amount of expertise donated volunteers
on those workgroups. We want to come up with there is a way in which this work
can be continued, but perhaps under an entirely different framework that there
won’t be a quality work, there won’t be consumer empowerment. There may be but
there may not be the freedom to reorganize is there.

One of the innovative approaches that some of you may have had in
introduction to prior presentations by the A2 Leadership, is this notion of
value case. The essence of a value case is that it is a higher level construct
and it must include the notion of the business value to or the value to a
stakeholder entity, stakeholder categories.

The value cases could be brought forward and should be brought forward,
independent of the A2 itself. Like collaborations of stakeholder groups who
have a perceived need in a given area and say, we know this is important. Not
only do we think it is important, but we are ready to pay for it and we are
ready to stand behind it and execute it and implement it when it’s done.

I think it covers that final step which has not been present in A1 which is,
having done all of your interoperability specifications and put them on the
shelf, then how do you ensure that they actually are taken up and used? Among
the areas that people are looking at are clinical research, radiology, just a
couple of examples.

I would also like to make the point that recognizing that there are certain
public areas, population aspects of population health for example. The Federal
Government and its partners would also be bringing value cases forward and
saying these are important areas we need to look at and we are going to stand
behind them when we are done.

The incorporator’s briefed the Secretary on Friday. He was very pleased with
the direction that this was going. I think it’s important to note that he
blessed the notion that it’s not a transition of AHAC1 intact, one to another,
but it’s a transition of the work. With that I guess will carry on and take
questions at the end.

MR. LANDAU: I stand between you and lunch, so I will be very brief and very
quick. I am Morris Landau with the Office of Policy and Research at ONC. In an
effort to save some paper as well, I just want to give you a very quick update
on privacy and security at ONC.

First of all, GAO had come and visited us to do an update and we met with
them for the last couple of months. They have been drafting a report that will
be forthcoming fairly soon. I can’t give you an exact date, but they have
drafted a report. We have looked at the draft and we have given them some
feedback on that.

In addition, as Leslie mentioned, we are working on a Privacy and Security
Framework, and it ties to the strategic plan and the milestones that Chuck had
mentioned. It will be coming out. I can’t give you an exact date on that, but
we are working on it diligently.

Also, the Confidentiality Privacy and Security Workgroup at AHIC had come
out with its final comprehensive letter. It is in draft form but it is on the
web. We are looking closely at those steps particularly as it involves PHR’s. I
know that you all are very interested in that space.

The State Alliance is coming out with its first report of e-Health to deal
with consumer protection and harmonization of state laws. We hope that will be
coming out soon. We hope at the end of September. The audience is basically the
State Governors, and recommendations at State level to develop State policies.

Lastly, the Health Information Security and Privacy Collaborative has
deliverable coming out forthcoming in March. Again, dealing with policies and
procedures regarding Health Information Exchange.

Lastly, ONC is hosting on October 15th, a National Town Hall Meeting on
medical identity theft. That will be at the Federal Trade Commission
Headquarters and will also be on the web. That is a very quick and dirty view
of the Privacy and Security.

MR. REYNOLDS: Thank you. Excellent job by all three of you. Thank you very
much.

MS. DEERING: May I just take the liberty of adding something that I didn’t
have time to but as sort of a heads up. I mentioned that the A2 is to take on
the issue of an in-governance. Well we recognize as has been said previously,
this is really an evolving area.

We expect to be looking at a process by which the input and perspectives of
different people can be brought in to define what is governance. What are the
governing authorities, plural, that need to be exercised? Which organizations
might be the appropriate organizations to exercise those at any level? We look
forward to that being a process that gets input as well.

MR. REYNOLDS: Thank you. A couple of administrative things. First if you
notice on the 3:30 to 5:30 breakout on the Subcommittee on Populations, that it
is going to be joined by the Quality Group for the first hour, to discuss
exactly what we are going to do with the crosscutting issue of patient centered
health. Marjorie will ask a little bit about dinner tonight?

MS. GREENBERG: Yes, we are having our usual first night dinner. I think that
you were informed when you got your agenda books is going to be at Clyde’s,
which is right near Gallery Place. I just wanted to see by show of hands of how
many people are going to be able to join us. Okay, great. Let me just remind
you that the time is 6:30.

MR. REYNOLDS: Again, I know we ran over a little bit this morning, but today
is education, so we want to make sure we let everybody ask questions. We are
going to plan to be back at 1:15, so 45 minutes for lunch. Then we will proceed
from there and continue the agenda, so thank you.

(Whereupon, a luncheon recess was taken)


A F T E R N O O N S E S S I O N (1:00 p.m.)

MR. REYNOLDS: I’m going to kick off this next section, and my comments will
really relate to the next two speakers.

So, Jeannine, if you’d put those up for a minute I’d appreciate it.

Again, as part of our education today we really want to stay aware of the
industry progress, anticipate future direction and policy, continually baseline
needs and capabilities, understand strategic direction, and keep current, and
then keep current again. Because I think you can see everything is moving fast,
it’s moving very fast.

We have a good mix today. We have federal activities, and then we have some
non-federal activities as it relates to vendors, an example of a vendor
approach and the states.

We heard from ONC already, and then some current PHR capabilities relating
NCVHS activities and recommendations. Because if you remember, and I’ll hearken
back to Debra Peel actually presented to us and made the statement, there is
technology out there to do these things, and other people have said there is
this and there is that.

Just to show a quick synopsis of some of that, just so you understand why it
is extremely important for us to continue our journey, because we will show you
one of the buses that’s at the station and you’ll find out that the states have
buses, too. They’re doing a lot of things that we need to make sure we’re aware
of.

Again, just nothing but education, and no way are we endorsing anything, and
no way are we talking about anything specific. You could have had any one of a
number of vendors in, anybody to talk about these things.

Again, our goal is to make sure that we really have a good idea of some of
the landscapes, because each of you are going to be breaking out into your
breakout sessions today, tomorrow, and then the Executive Subcommittee is going
to be getting together deciding what the next steps are. So we want to make
sure everybody, with so many new members and everything, we kind of get
ourselves to the same level of at least acknowledgment of what’s going on, not
necessarily understanding or complete education.

Just some things I’ve pulled out from the different things that we’ve done
as a group. Under privacy we talk about patient consent, sensitive data,
patient control, patient understanding of technology and health information and
uses, and what kind of flexibility would be available there for people and
others to use it.

In the Standards group, we’ve talked about the CCR, we’ve talked about the
CCD, the continuity of care records and the continuity of care documents.
SNOMED, you’ll see that today. Interoperability.

Then obviously we move into ICD9 and ICD10, and especially if you look at
ICD10 as to how we can really take advantage of it as everybody being involved,
and whether or not people that have been using ICD9, vendors and others, for
these PHRs and everything, how they’re going to deal with 10 and some other
things. Those are key things.

Under quality health data needs, emerging technologies and patient
reminders, and some of those things when you look at some of the things that
could happen there.

Under populations, disease management, medical home coordinated care, what
are the kinds of information that are going to be needed.

In general, also remember the idea that as we talk about this there are some
cases where to make a difference you may need to push information out to
people. To others, you may want them to pull it. So this whole idea of who
actually is initiating the answer or the information is another key item that
we do. There’s a lot of stuff that’s already in productive use, the policy
standards and best practices, what should we look at to make sure we drive as
thoughts for NCVHS. I think that’s it.

Again, that’s the whole purpose of these next two presentations is to
continue this reminder of what’s going on out there, and it’s not to
necessarily talk about any one specific situation or anything else.

However, I’d like to introduce Dominic Wallen, and I’ve had Dominic present
to me, and he’s a technologist with a vision as to what they’ve done.

But the key point is I’ve asked him to really structure this not as a sales
presentation for them, but as a presentation to show you the kind of things
that are out there, especially consent and other things, so that you’ll get a
flavor that it is real, it is on the street, and it’s the kind of things that
are there and you need to be aware of as we continue to adjudicate.

One that I’ll specifically point out: this whole idea of sensitive
information. As we talked today, when Karen mentions twenty vendors that bid
for something for CMS, all of them have decided what sensitive information may
or may not be, and what it looks like.

So, Dominic, with that, thank you very much for joining us, and we look
forward to your stuff.

AGENDA ITEM: Technology for PHR, Practical Examples from
the Field

MR. WALLEN: Great, thank you, Harry, pleasure to be here.

I’m Dominic Wallen with Health Trio. We’re a small organization, very small
organization focusing on e-healthcare industry especially for health plans. We
have about 100,000 physician offices that use our solutions, as well as
represent about 4 to 5 million patients through our solutions across the
country through about 25 different health plans.

Harry asked me to come in today and talk to you a little bit about a couple
of the solutions that we have put into our product, and it’s really more about
innovation than it is specifically about what we’ve done inside of our product.
I really wanted to focus around what are the types of things that we can do
with technology today that can help assist us get to where we need to be with
privacy and consent, as well as some additional features.

So looking through the minutes of previous Committee meetings, you’ve beat
the PHR and the EHR to death, and so I won’t go into any of that.

[Laughter]

MR. BLAIR: But you noticed they’re not dead yet.

MR. WALLEN: But what I did want to point out here to start off with is the
importance of bringing all of the information together.

We talked about the National Health Information Network, we talked about
local and regional data hubs and so forth. The focus of those is really to
begin to bring the data together, bring all of the information together, so we
can centralize that information around the care of a patient.

The work that you do here and the work that we do in our organization is
actually very similar from the standpoint of what our goals are. We’re all
trying to improve accessibility of the information, we’re all trying to improve
patient safety, we’re all trying to improve the ability for the information to
be dispersed to those people who need it and when they need it.

So this is the type of information. You’ve seen the slide a hundred
different ways, and there it is one more time. But the important thing that we
decided as a vendor is absolutely key in bringing all of those sources of data
together is how you tie that data together once you receive it, how do you take
that information and put it together.

This is where we feel like we’ve distinguished ourselves a little bit, in
that we take every bit of information from all of those different data sources:
you look at prescription data, lab data, self-entered data, enrollment data,
all of those different data sources, there’s a lot of different codes, there’s
a lot of different standards, there’s a lot of different information that is
captured inside of those different types of transactions.

So one of the things that we’ve done is we have SNOMED encoded all of that
data. If you’re not familiar with SNOMED, it’s simply just a coding structure,
a health terminology if you will, that brings together many different standards
into a single mapping, is the easiest way to look at it. But it’s truly a
health lexicon.

So what we do is as we receive ICD10, ICD9, CPT, NCD drug codes, LOINC, and
the other different coding systems. As we receive those we translate those into
SNOMED data, and we store it at that level.

DR. TANG: A question on the SNOMED mapping. How do you go from ICD9 to
SNOMED, whose mapping are you using?

MR. WALLEN: There are several different mappings that are available from
ICD10 and from the other coding structures. We have taken the standards that
other organizations have already completed, so SNOMED has completed some of the
mappings themselves, the College of American Pathologists. There has been quite
a bit of mapping work that is done in Europe and the UK, and there are
companies whose sole purpose in life is to go out and map them.

We’ve taken those mappings and we’ve actually extended those with our own
team of nurses, and we extend those mappings to be more relevant. And I’ll show
you one of the ways in which we make that data more relevant.

SNOMED is a coding infrastructure that allows you to extend it itself, as
well.

DR. TANG: So a follow-up question. It sounds like you’re taking some
structured terminology set and creating your own proprietary mapping.

MR. WALLEN: I don’t know if it’s necessarily proprietary. It is certainly
within the bounds of what SNOMED offers. SNOMED offers that standard mappings,
but it also gives you that flexibility to extend it. I’ll show you some of the
ways that we’ve extended it. It still stays within the bounds of the
specification itself.

MR. REYNOLDS: Steve and then Marjorie.

DR. STEINDEL: I noticed you have CPT, LOINC, NCD.

MR. WALLEN: Right.

DR. STEINDEL: Using the U.S. extension of SNOMED, those would be very
difficult if not impossible to do. But using the UK extension they’re totally
probable. Are you using the UK extension?

MR. WALLEN: We’re using SNOMED CT currently. We’re not using the older RT.

DR. STEINDEL: Well, no, it comes in two flavors. It comes in an American
flavor and an English flavor, and we have access to both.

MR. WALLEN: We’re actually using the European. I have to tell you –

DR. STEINDEL: The English flavor, good. Yes, that makes sense.

MR. WALLEN: The reason that we’re doing that, we were part of the initial
efforts for the UK spine, trying to put together a national health information
network there, and our solution was basically built on top of that, and SNOMED
was the technology to do that. We extended that European model as well.

MR. REYNOLDS: Marjorie.

MS. GREENBERG: I just wanted to clarify for Paul, I mean you’re correct,
there’s not a mapping between SNOMED or either ICD9, well, ICD9CM I assume
you’re talking about, or ICD10 or ICD10CM, that has been endorsed by both
parties, which is sort of the gold standard for a map.

There is the UK map. By both parties I mean the people who develop the
standards. So it may have been endorsed by the UK, but it hasn’t been by the
World Health Organization.

But as you said, you’re using what’s out there. And of course that mapping
that the National Health Service did between SNOMED CT and ICD10 is the
foundation for the map that is going to be developed by WHO and ISO, so they’re
not going to be radically different probably. I appreciate your need to move
ahead as opposed to waiting until everybody’s ready.

But you’re right about that, Paul, there’s not a standard right there that
everyone can pick up and say this is what we’re using.

MR. REYNOLDS: Again, this is one example. It’s not about this product; it’s
about the fact that every one of these subjects up here is something that we’re
dealing with. And as we continue to move forward and make a difference with
them there are plenty of people that are out there using them.

So this is just a reminder to everyone that things are happening. This is
not an evaluation of one or the other, this is talking about how. So everything
you see up there –

MS. GREENBERG: Don’t take us as critical, we’re just trying to learn.

MS. WARREN: I just wanted to add, I sit on IHTSDO’s Quality Assurance
Committee, and we’ve just approved a quality framework that would be applied to
the mapping efforts that IHTSDO is doing between SNOMED and ICD. It’s the same
kind of quality metrics that need to be done when you take it and translate it
into Danish, into German, or any of those. So we really are at a point in doing
all of this where we’re learning what the metrics of goodness are and
rightness.

I think they’ve done remarkably well to get what you’ve done, having worked
with it for years.

MR. REYNOLDS: Go ahead, Dom, keep going.

MR. BLAIR: The question that I had is, and maybe Dominic or somebody else
here can answer it, I thought that the National Library of Medicine with UMLS
was building all these maps over these last several years. So could somebody
help me understand why it was necessary for you to initiate your own or go to
other sources?

MR. WALLEN: Sure, absolutely. All of these are great observations. And the
observation basically is that there is no standardized set of maps in place
yet. There’s more activity over in the European continent than there is here,
but there are no set of standard maps yet. As such, what we’ve elected to do is
to move forward with what we have in order to grasp this particular standard
and then integrate in the other components of the standard as they become
available to us.

We haven’t use the NLM mapping yet, and frankly, the mappings that we have
from the existing organizations are not complete and they are not well tested
in industry. So we have had to make modifications necessary in order to make
this something that can be applied to commercial technologies today.

MR. REYNOLDS: Please continue.

MR. WALLEN: The second piece of that standard that’s very important to what
we do is interoperability. Certainly the CCR and the CCD are extremely
important interoperability standards for us. Both of them support SNOMED, and
both of them allow us to begin to create the type of interaction, not just
between the stakeholders we’ve been talking about here, hospitals and physician
offices and so forth, but the member themselves and caregivers and nurses and
so forth.

These are the types of things that are absolutely critical to the software
vendors like us in order to be able to make sense of that data. These standards
are what allow us then to be able to categorize that data into standard
terminologies like SNOMED.

Certainly following your work and the work of a lot of other legislative
bodies in defining exactly what a PHR is and what it should be doing and what
are those components, is something that we are following very carefully.

I spoke a moment ago about the very critical need to tie the information
together. Down in the bottom is what I described earlier, the ability for us to
take a given concept, and let’s just say asthma, and take that SNOMED concept
and map it to all of the different coding structures that are out there; not
just the ones that are the most prevalent, such as CPT and ICD, but also
extended coding structures that may not be standards.

For example, we work with LabCorp. LabCorp has elected not to use the LOINC
standards for their lab results. At least they’re not quite there yet. So we
utilize the LabCorp codes in the same exact way that we utilize the LOINC codes
from someone like Quest.

So it’s very important that you have an infrastructure that allows you to
extend the model to be able to reach out to those areas that are nonstandard as
well, because frankly, as much work as you’re doing here a lot of the standards
won’t hit industry for three or four more years and become widely adopted. So
the model that we put in place right now has to look at the current
technologies that are available.

Just above that is the example of our master patient index, and we view that
as being very much the same. Just like you need to know what every healthcare
transaction from a healthcare coding standpoint must be, you also need to know
who the individuals are that are involved in that transaction. So you have to
have uniqueness in the patient, you have to have uniqueness in the physician,
you have to have uniqueness in the facilities, and so forth.

It’s not just about tying together data that is coded, it’s also tying
together all of the information that you can possibly tie together. You’ll see
why that’s important in just a second here.

So what did we do? We took SNOMED and we did all of this mapping and we
undertook a bunch of other activities that allowed us to tie together other
types of data like MPI. We actually call ours MEI, it’s a master entity index.
We tie together the patients, we tie together the physicians, we tie together
the facilities, because we’re getting data from all of these different
locations, right, we’re getting them from labs, we’re getting them from
pharmacists, and they don’t always have the member ID or the lab code or
whatever it might be. You’ve got to be able to tie all of that data together.

Once we’ve tied it together, the most important thing that we realized we
needed to do to be an e-health vendor is to be able to secure that data. No one
is going to use a personal health record if they think that their data is
suspect out on the web. We took extraordinary pain in making sure that we built
a solution that allowed that information to be not only secure on the web, but
also secure to the level where the patient could understand what they were
securing. We took huge, huge steps to make that happen.

About 60 percent, by the way, of our code is related to security and
auditing, 60 percent of our code. It’s a critical component of what we do.

These are the pieces that we tried to undertake, protecting that sensitive
data, patient consent and control, patient understanding. There are a lot of
models that are out there right now for protecting data that allow you to do
things like go into your medication that you got prescribed yesterday and say,
yes, I’ll share this, or no, I won’t share this, or yes, I’ll share this with
my doc but not with my sister.

There are a lot of models out there that work like that, and those are fine
except then new data comes in tomorrow and I have to go out and do it all over
again. Also, what is that medication, what is Flomax? I don’t know what it is
as a consumer necessarily.

So I need to create a model as a software vendor that allows me to have the
patient pick what their preferences are without having to be a physician,
without having to know all the terminology of healthcare. Understanding what
they’re protecting is an important piece as well.

Then, of course, it has to be flexible. As a patient, I need to be able to
protect my information across all of the different entities that might touch
that data: my physician, my family, my health plan, other authorized
representatives, and even extending that out into the larger category of, I’m
looking for the word, but it’s basically sharing that data across all entities.

Let’s talk about just very quickly what we’ve done inside of our solution,
once again, just one way of implementing this. Utilizing SNOMED we’ve created
these protected data classes, and these protected data classes, and you can’t
read them very well, I apologize to the back of the room there, but over in the
protected data class area here we’ve created data classes that are well
understood by the patient themselves. It’s something like drug use or abortion
or mental health. And we’ve mapped those to SNOMED, and SNOMED is also mapped
to each of the individual entries that are inside of our personal health
record. Guess what? The patient doesn’t have to know exactly what they’re
protecting. All they know is the category that they’re protecting.

They can go out there and they can say, and you’ll see on this tab we’re
saying “for my family,” and I have my spouse sitting up there, which
I may have different permissions for than my dependents, I can go out there and
I can say for my spouse I can specify that this protected data class of mental
health is restricted. Guess what? The software utilizing SNOMED goes out and
figures all of those transactions inside of the personal health record that are
protected.

The same exact thing applies to my providers and my health plans and the
other users of my data, the ability for me then to go out and say, well, I want
these docs to be able to see everything, but I only want this doc, who is my
lifelong PCP, I don’t want him to know about my sexually transmitted disease,
or whatever it might be, mental health or what have you.

You have a very broad model for giving the patient with very little
understanding of healthcare very, very powerful means to protect their data. I
don’t care if my physician goes off and sees my office visits, or I don’t care
if they see my – I don’t care if they see my lab result relating to a
blood count, but I do care if there’s anything related to my mental health that
shows up there.

So it’s a protection mechanism that allows you to create very broad
protections for those things that you really care about. Of course then you
also need the rest of those things, which is at a different level I want to be
able to protect my medications as a whole, or I want to be able to protect my
plan for health as a whole, or whatever it might be. So you have a
multi-pronged model that allows all of those things to be protected.

In our model the patient can specify their permissions, or the patient can
also allow their health plan or their physician to specify these permissions on
their behalf. What you get in the end is you have total accessibility, even if
it’s not necessarily a user who can utilize the web, you have the ability then
to give your consent through the same model. If you have heard of Health Trio
you probably know that we’re doing the CMS Medicare pilot down in South
Carolina. So in that model we have a lot of aging populations and the
physicians can access the health records, but perhaps the patient themselves
cannot. You still need the ability for that patient to be able to specify those
permissions through some other. That’s one use of the data, and that’s one
reason to go through and SNOMED it and encode all of that.

Of course, there’s many, many other reasons you want to SNOMED encode all of
that data. Once you understand that data, once you understand that data
interoperates, then there are many, many creative things that you can do with
it in addition to protecting the data class itself.

One of the things that we do is we have alerts that are generated inside of
our software, and those alerts are for the purposes of patient safety and other
things, but it allows us to basically say for anybody with that SNOMED concept
asthma go ahead and send this alert. This is an example actually of it going to
your MSN account, or whatever it is, and then they have to log in to view the
PHI that’s inside of that particular message.

But as a health plan I can say send this message out to all of my
asthmatics, and because I know the data underneath the sheets I know that if
the patient is taking Flomax or if the patient has had a visit to a
pulmonologist with that ICD or the patient has self-specified, I know from all
of these different points of data that I can reach out safely to that patient
and be able to deliver value.

Okay, I think that’s it. A very quick vendor example of how we’re utilizing
it.

MR. REYNOLDS: So before we open the conversation again, I think what’s
important, we could have invited 25 or 30 Dominics in and that chart may have
looked dramatically different for every one of them. The approach may have
looked dramatically different. If I hearken back to what we’ve done in privacy,
for example, where as we went through it and had our significant deliberation
and came up with about six areas of sensitive data, Dominic’s list doesn’t
match anybody else’s list.

If he’s 4 million people and then you have others and you have others and
others, what happens is we basically have the action going on, and it’s being
delivered to people. If we just play off of what Chuck Friedman just had to
say, and we talk about the NHIN, you have this thing which is just as sensitive
and you have two other things that are being used that think they’re sensitive
routing data to somewhere you have a whole different game law.

The point is as we continue to build our portfolio we just wanted to show
you examples of the kinds of things that are going on, again, just because we
needed an example.

Now with that, let’s open it for discussion. We have Larry, Mark, and
Leslie. Larry, go ahead and start, then Mark.

DR. GREEN: I’d like to ask a two-part question. One is in this area, the
personal health record, what’s going on is mental health. Secondly, with your
example, when you are sequestering information that say relates to mental
health, depression, you don’t know you’re depressed, the way you use SNOMED to
search the record for this, could you say a little bit more about how you
actually managed to succeed in sequestering the fact that this person has
depression given that that word might appear in a lot of places?

DR. CARR: Can you speak up, Larry?

MS. GREENBERG: Could you speak up a bit?

DR. GREEN: I could, but I’m finished.

MR. WALLEN: So the question was related to categorizing mental health. So
the answer at a detailed level, I don’t know. We actually have nurses that make
those determinations for all of the different coding structures.

But I can say this, from the standpoint of how we pull data in, the data is
– we sit on top of things like claims, all right, healthcare claims, or
lab data, or whatever it might be, and we basically do those mappings straight
across, so that is to say all of the population, if there is an ICD that exists
and it’s this value then it maps into a certain SNOMED structure.

DR. GREEN: Let me go back to my first question. More generally, what’s going
on with mental health? Let me just beat it to death. Mental health records
often don’t even exist anywhere where you can sit on top of claims data for
them. Is there someone out there taking care of folks’ mental health problems
that’s actually participating in the development of a personal health record
for people who suffer from emotional and behavioral problems? Or is all of this
activity over here in the traditional medical side of what used to be called
physical health, even though we know it’s an obsolete distinction, is this
field at the moment divided such that the mental health world’s not playing? Or
are they playing, if they’re playing, how are they doing it?

MR. WALLEN: Dr. Green, that’s beyond my scope of knowledge, for sure, I
apologize.

DR. HORNBROOK: I have three comments. First of all, let me do full
disclosure here and conflict of interest. I live in a mandated medical records
system where I have an integrated chart. For me, I have no choice of what to
close or open, it’s done by Kaiser, and it’s done by the medical groups.

We used to have a system whereby all your mental health, even your visits,
were suppressed, psychiatrists could see them and the mental health providers.
After a number years of experience, and unfortunately they were adverse
experiences of physical visits, visits for physical problems where malpractice
problems or just bad outcomes because the mental health problem wasn’t known,
we have opened up the chart so that everybody can see your mental health
diagnoses and your visits but not the content the content of your psyche
contents, not what they might write down about your fantasies or about your
specific kinds of behaviors that could be seen as embarrassing or something.
Clearly they can see all my medications, all my diagnoses, and they can see
every doctor I go visit, because of quality assurance issues and continuity of
care issues.

Now having said that, I really worry about giving patients the right to
suppress parts of their record when you are interested in quality of care. I
understand the reason why you want to protect parts of your record for
employment reasons, or life insurance reasons, even for medical underwriting
reasons, car insurance issues, for legal proceedings, although sometimes
discovery will get beyond that. But in any case, there are lots of reasons
people will have for suppressing parts of the records that have nothing to do
with their health but to do with their economic health, or their embarrassment.

I worry about us falling into the issue here without making sure we pay
attention to access to care, national health reform, and continuity, and
quality of care. It’s the best way that people should be getting their
medicine.

So final comment is, would this be useful to me, would these private health
records be useful to me? And the answer would be, yes, if I’m going outside of
a Kaiser area. I can go into any Kaiser facility, they’ll open my chart with my
record ID, or even just my name and a personal ID. So what’s useful to me is if
I get into an accident somewhere outside of the Kaiser service area and I want
them to see my chart to treat me, and of course I should be carrying a medical
alert bracelet in case I’m unconscious so they can access my chart. But Kaiser
hasn’t yet done this issue of the interface between an organized national
health record system and anyplace else that needs to get access into my health
record system.

So I hope that we give this, because it’s the same thing for all the
veterans, they have a national health record system. What happens when they get
into an accident or get into an emergency where they can’t go to a VA facility?
If you go to international travel it’s even more.

So you want to think about these things, from a consumer perspective where
would they be motivated to really understand they need to have access to their
chart in real time to get the best possible quality care.

Thank you.

MR. REYNOLDS: Leslie?

DR. FRANCIS: I guess I come at this from a little bit of the other side.
First of all, I was incredibly decided to see that it’s actually possible,
although there may be obviously some ways that it doesn’t work perfectly, but
that it’s actually possible to identify some categories of sensitive
information, and do it in a quite fine-grained way which I think is nifty.
Because I wasn’t sure it was possible.

MS. GREENBERG: “Nifty” is in fact the correct technical term.

DR. FRANCIS: Yes. So that’s the first observation.

The second is, of course, there are enormous questions about whether it’s
desirable, and if so, how it’s desirable. The example that Mark gave is
particularly course version of it, which no doubt anytime you have a very
course version you’re going to have some problems. I mean we were debating
questions like if there are some sequestered categories should there be a
warning to everybody that there is a sequestered category and so on, which
makes it quite different from the perspective of the provider. I don’t know
what Kaisers look like, but I take it it was all mental health records that
were just out.

So I guess my question for you would be because I think this is a new world
of possibility that I wasn’t sure was there, what kind of data are you
collecting about what’s going on with this? How many people are opting for what
kinds of restrictions, if any, what seems to be the effect on patient care, and
so on? Because those are all the questions about whether it’s a good idea.

MR. WALLEN: Right. So I can tell you the data we’ve collected so far is
fascinating, and yet it’s exactly what you would expect. As a vendor, you can
imagine that if we have 20 different folks on this Committee that we’d have 20
different opinions. So your ability to specify what happens in the case where
if a physician wants to see the record and the individual has specified that
the physician can’t see the record, there are two very wide boundaries there.
If the physician thinks they can’t see everything then they might not even use
it.

From a vendor standpoint what we’ve done is we’ve created a solution that
allows in this case a health plan to specify whether or not the physician can
override the permissions, because frankly the legislative bodies have said that
for purposes of care or administration then can see the data anyway. From that
standpoint we allow that inside of our product for the physician to override
the will of the individual, however, the individual is notified that that
permission has been overridden. They can override at a general level to see the
entire health record, or they can override at individual data levels.

Inside of the health record we actually specify if there’s eight medications
and two of them have been protected we’ll actually say that this is protected
information, and then if they can override it they can say click here to
override that capability.

Now, the data that we’ve collected, getting back to your question, goes
right along the lines of what you’d expect. We have some health plans that say
no, patient wins, whatever the patient says that’s what we’re going to go with,
it’s the safest. And as you can imagine the physician adoption of the
electronic health record, which is our physician side of our personal health
record, is poorly adopted in those cases. Because the physician isn’t getting
as much value out of that record they are adopting it more poorly.

However, we have other health plans that have said, hey, it’s wide open. Any
physician that needs access to this data has access to this data; we have
fantastic adoption in cases like that.

So for us it’s actually no surprise. And if you think it through it’s
actually pretty easy to determine. But the other piece of it is what types of
outreach do you do, and what types of education do you do. We certainly allow
– you said there should be warnings, and we’ve had some different comments
here, there should be some education, absolutely what we try to do is we try to
be able to point out as you do this tell the patient exactly what are the
consequences of what they’re doing. Tell them that they’ve elected to restrict
these pieces but open up these pieces, and here are the constraints now that we
will apply to their health record. So they know exactly what to expect from the
standpoint of someone else looking at their health record.

I think there is, you know, you have both sides of that, but you also have a
lot that you can do in between regardless to be able to favor it towards one
side of that equation or the other, and it especially relates to outreach and
education.

MR. REYNOLDS: Steve.

DR. STEINDEL: Harry, first part of Leslie’s question covered what I wanted
to say. Thank you.

MR. REYNOLDS: Okay. Walter.

DR. SUAREZ: I have two comments. One is going back to the very beginning,
and the discussion we had about ICD10, and SNOMED, and the cross-walks. It
seems like your company is one that has a lot of experience or has done a lot
of the cross-walking. And I don’t mean to put you on the spot, but –

MS. GREENBERG: He will.

SPEAKER: But he’s going to.

DR. SUAREZ: Well, sure, I mean the reality is we need that type of
information in order to make a better sense of the kind of cross-walking that
exists. Now, is that something that you think your company will be willing to
share in terms of the experience, not necessarily in terms of the detail of the
cross-walk?

MR. WALLEN: Yes, absolutely. But we’re one of many organizations that do
this. Health Language does this, and there’s a German company that does this
that does a fantastic job.

DR. SUAREZ: Exactly.

MR. WALLEN: We would most certainly be willing to put some of this into the
public domain and share this information, but we’re one of many.

DR. SUAREZ: Thank you, yes. Well, that’s a good point. But the specific
comment I have is about the challenge that personal health records bring to the
privacy and security arena certainly. It was interesting we heard actually that
you are one of the vendors that is providing the personal health records
service in the project, the CMS project from South Carolina. So I’ll give you
the scenario.

In the hands of CMS the claims data is protected under HIPAA, CMS being a
cover entity. In the hands of a personal health record vendor that exact same
data loses all its protection under HIPAA. So now the same data has been
transferred from CMS, claims records very protected, into the hands of the PHR
vendor is now totally open to the – I’m not saying that it’s open to free
access, no. I’m saying it’s totally open to the decisions made by someone
within a corporation, in this case your company, on how the data gets
protected.

You were just explaining, which is a good internal policy in my view anyway,
but it’s just my view, how you have a policy that the physician can –

MR. WALLEN: Basically override.

DR. SUAREZ: – override a decision about a patient not to share this. That’s
a policy that your company has, and it’s a policy that might not be the one
that everybody has or is the one that, you know, should be followed.

So it creates a unique set of standards which are not really standards, it’s
basically your way of viewing how to protect the data. You created a
classification. The point that I think Harry has been making about the
classification of sensitive data is one good one. But it’s way beyond just
purely the classification of what is sensitive data and all that. It’s really
how personal health records right now are outside, pushed out into a field, an
area that is totally open for whoever does the service, deciding whatever they
choose to provide records.

I’ll give you a final example on the point. In the privacy arena, basically
the way some of us in technology look at this, there are five major factors or
elements that consumers can control: what data they want to allow to be
released or disclosed or accessed, who does the disclosure, to whom the
disclosure is done, when, and for what purpose. And out of those I basically
see about four of those elements. Probably the purpose, if one considers the
last column there, the purpose being the disclosure.

This is all an approach of creating a way to address those five granular
level of consumer privacy controls. I just wanted to hear your reactions about
how do you see this evolving into a much more of a national set of standards
that personal health record products can actually abide by.

MR. WALLEN: Right. And so a couple of comments on your earlier words, which
is for CMS we actually view ourselves to be a covered entity. In that
particular procurement we’re acting as an agent of CMS.

MR. REYNOLDS: Dominic, can I stop you just for a second. I want to make sure
– we didn’t invite Dominic as representing the CMS pilot, so I want to be
careful that we don’t put him in a position.

Karen, if you and Jim will help out here.

Because we invited – that was a sidelight. So I want to be real
careful.

MS. MCCALL: There was a broader he asked.

MR. REYNOLDS: I understand. I’m good with that. MS. MCALL: So he doesn’t
have to answer.

MR. REYNOLDS: Okay, I know, but that’s all. I want to give him a little
cover here. I didn’t invite him to come and talk about the CMS pilot, even
though he’s doing that. I think we owe him a little protection here. But he can
answer the question generally, fine. I just think that’s important as we look
at this.

MR. WALLEN: Thank you. And so to address your question, I would say that
industry is moving exactly in the same direction that standards bodies are. So
you’re absolutely right, there’s the five pieces that have to come into
consideration when talking about privacy, security, consent, permissions, and
use.

As you go through each of those you have to have – the one component
that you have to have is you have to have an understanding of what that data
is, and you have to have access to that patient to allow them to make those
specifications. Certainly by providing those electronic, those types of
electronic tools, we’re providing that access component, and we’re moving
towards allowing the specification of all of those items.

However, if you talk about where we’re going as an industry in protecting
this information, there’s a lot of good models that are out there right now.
And I think that we’re going to see a lot of new innovation. What we’ve done is
cool, and it’s leading edge right now, but I think that moving forward as we do
begin to bring the data together and be able to understand the data better, the
models, the ability for us to capture not only those permissions but also apply
at a more granular level, will become more sophisticated.

MR. REYNOLDS: Justine.

DR. CARR: Thank you. I’m trying to diagram for myself the difference between
the PHR and the HER. If I’m a PCP, just stay with me here, I’m a PCP and I have
a patient and my goal is care delivery, and I order what I need and I document
what I need, and I basically have the information that I need about the care
under my span, if I send to a referring physician they may write me a letter
back what they found, and that’s kind of business as usual.

Now, if I’m a patient and I want a PHR, I’m trying to think about what is
the goal of having that, and there are several. One is that I can keep
organized a compilation over time of what happened when. And a second might be
for sharing in an emergency. And so that PHR is going to have the same
information that my PCP has, and it may have additional information that comes
from personally entered data or doctors I went to see that they didn’t know
about, or prescriptions that I filled that I got from those other doctors.

So I think the PHR is serving the patient’s needs, and the EHR is in the
span of control of the PCP. So the PCP might use that PHR as an adjunct, it
might retrieve something they didn’t already know. But I don’t think the whole
issue of I’m going to occlude or obscure certain information, I mean, you could
do that if you give a history, patients don’t tell you everything. So I don’t
see the PHR as a surrogate for the assessment of the patient, except in this
emergency situation when you can’t talk and no one knows who you are.

So I don’t know if that’s like obvious or that’s helpful. But it’s helpful
for me, because this whole issue about what you obscure and what you don’t is
just analogous to the information you choose to give or not give in a history.

DR. HORNBROOK: Can I amplify, Justine? There’s one more, and that’s the
second opinion. So if you want to get a second opinion you can take all your
information to another doctor of your choice.

DR. CARR: Good point.

MR. REYNOLDS: Okay. Jorge, or I mean Sally, then Jorge, then Blackford, then
Paul, then Mark, then Don, and then stop, and then done. We did exactly what we
wanted to do which is generate conversation, not fix it.

MS. MILAM: I have a quick question, following up on Leslie’s. It has to do
with consumer preferences and granularity. Do these preferences find their ways
to the medication list as well?

MR. WALLEN: Absolutely, yes. They include every single thing inside of the
health record itself, including comments, notes, lab results, anything you pull
in gets SNOMED encoded, including things like the specialty of the physician.
So just by the fact that you visited a physician of a certain type is enough
information for your husband to know you have a certain disorder.

MR. REYNOLDS: Okay, Jorge.

DR. FERRAR: I have a question regarding SNOMED. Limitations of using SNOMED,
you talked a little bit about if you ran into some limitations. When you have a
concept that it didn’t match properly, how did you rectify that, and did you
have a loop back to SNOMED to rectify it, and what was the timeframe in which
that got done?

MR. WALLEN: Sure. So there are actually lots of problems just in mapping in
general that are related to CPT being basically for billing purposes, and we’re
using it for more clinical purposes. The mappings that we initially received,
and I’m sorry I don’t know where we received them from, the mappings that we
initially received were very much billing focused, and we needed to move those
into more of a clinical mapping. So we basically hired a team of physicians and
nurses to walk us through that. That was our biggest initial problem with
SNOMED.

The second problem with SNOMED is it is a medical lexicon. You can chain
together multiple codes and change the meaning of codes. So if you fully
support SNOMED, which we only partially support SNOMED, if you fully support
SNOMED you can actually create complex clinical scenarios using a whole set of
codes strung together. So that is something that is almost impossible, we have
found, to support completely. There may be something like a discharge summary
that lists off 40 SNOMED codes that has something that goes against another
code that is inside of that same exact structure, and so what determination do
you make from the fact that you’ve got one code and another code that goes
against that first code.

We don’t support SNOMED 100 percent because of those complexities. And,
frankly, I’ve not seen anyone that does fully support it.

MR. REYNOLDS: Okay, Blackford.

DR. MIDDLETON: Thanks, Harry.

Thanks very much for coming and sharing a lot of interesting insights and
really interesting, good work.

Having been in the PHR business myself, I have a couple of thoughts and
questions, and maybe I’ll start with a couple of comments, then the question.

I think one thing about the PHR business is certainly the devil’s in the
details. And I know we’re not going to get into those now, and I commend you
for achieving what you have. But the technical issues around using SNOMED in
the coordinated or post-coordinated or pre-coordinated mode, and what to do
about subset classification requirements for particular terminology issues, as
well as what to do about the knowledge, management and update problem when
SNOMED comes with a new release and moves a whole tree from over here to over
here, and what do you do, it gets real complicated. But those are the easy
issues.

The second question or comment, I guess, has to do with our observation and
our research which would suggest that the PHR value is directly proportionate
to its degree of connectivity with the EMR, for all types of reasons. The
completeness of the med list, for example, having access to laboratories and
patient notes, if that’s appropriate, when that’s appropriate. But also perhaps
not just to one EMR but to any EMR. Because the average American beneficiary,
for example, sees greater than six providers per year, it’s ideal if the PHR
can communicate to any number of EMRs that have sources of data that would be
relevant.

I think actually that might lead to the ultimate value proposition from the
patient’s point of view is that this is the complete record, not so much I can
carry around and solve the clipboard problem as the Secretary likes to describe
it, but to also subject then that complete record to decision support. So that
if I’m doing a medication or action assessment with a new drug from my
psychiatrist, I might as well let everybody know – no, and then with the
drugs that I’m taking from my internist, I’ll have a pretty good assurance that
any chance of drug interaction or what not, and for that matter repeat or
redundant test procedures or duplicative tests that don’t need to be done,
etcetera.

That kind of raises finally my question. In your product, in your business,
can you describe fundamentally the business case, what is the value proposition
and to whom are you selling, and who’s writing the check? My concern is that we
may be seeing the PHR technology in industry, if you will, grow up, and I’m all
for it, but I’m not sure it’s really connected to healthcare yet, and my dark
concern or secret concern as a provider is that we may lose the primary
relationship with the patients because the pair will have the PHR first and
then we’re going to be doing something other than healthcare, we’re going to be
managing the bill.

MR. WALLEN: Right, so that is a very good point. The payer is our customer
and the payer is our customer because it is the place that data is centralized
right now. It’s the place where we can add value today. The EMR has a fantastic
wealth of data, but it’s very restricted data, it’s data that’s only known
inside of that organization, and it doesn’t include the data that is out on the
streets. Not to mention the fact that there’s only 30 percent of the documented
physicians, or whatever the number is, 30-some odd physician, yes, or lower,
that actually has an EMR.

So our approach, we certainly recognize that as the NHIN gets into place,
and the local regional health authorities get into place. And there’s better
connectivity from the individual clinical systems that the need for our
solution is diminished. And we will certainly move in the direction of
connecting to those electronic health networks as well.

However, right now the best place to get data is at the payer, and they’ve
got the claims data, they have access to all of the PBM data. I do get a
complete medications profile right now from the PBM through that health plan.
And I do get a complete picture of the labs if that health plan has a
relationship with those labs where they can get us the data. So I do have the
ability right now to create a more complete view in pretty much every doc’s
office in the country, except for Kaiser, through my health plan instead of
through the physician.

However, if you notice when I started I said we’ve got four million members
and a hundred thousand docs offices, our focus is on adding value for the
physician and adding value for the member. So things like understanding this
data, generating alerts, generating drug/drug interactions and notifying the
physician and the member, sending out alerts as to when the next blood draw
should be done, things of that nature, we are adding a tremendous amount of
value for the physician offices now

And, yes, they do have to go to the plan to get that right now, but for
those physicians that don’t have an electronic health record or don’t have an
electronic medical record, it’s actually a great start. Moving forward four
years, five years from now, it will certainly be diminished in value as we have
that ability to bring all of that, exchange all of that data amongst the
different individual physician and clinical systems. But for right now it’s a
fantastic solution.

MR. REYNOLDS: Paul.

DR. TANG: I’m going to pick up a bit of what Blackford started. Because I
mean I think it’s one thing to talk about what is done with the data, it’s
another to talk about what’s useful for the patient and patient’s health and
healthcare. And I think your closing statement about this being fantastic is
what I’d like to raise concern about.

MS. GREENBERG: This Committee doesn’t talk fantastic.

MR. WALLEN: We do – had your question before I said that.

DR. TANG: So to pick up on the two lumps which ONC left us, which is we
either worry about patient centered health, or we worry about population health
as two buckets. So let’s look at the patient centered health. One is the
question which I think Larry said, which is, okay, is the partnership, is the
healing experience benefitted by having partial and not knowing – partial
data. That’s one point. And you’ve heard a perspective from the professional
side of the house.

Another is just the individual, the advice, you gave an example with asthma,
that your PHR would provide to the patient. Well, from and ICD9 CDM point of
view, knowing they have asthma and telling them they have to be on Flomax would
be incorrect, blatantly incorrect in a very defined way, it just goes against
the guidelines. So is the patient better off or worse.

The other thing you mentioned is drug/drug interaction, which is a very
common thing to do, and you can get the drug names from the plan. You actually
don’t know when they’ve been discontinued, let’s say for an adverse event, but
also 87 percent of the drug/drug interactions are superseded by physicians, a
lot of them – most of them for very, very good reasons.

What is the patient going to do when they, one, get bad advice about their
asthma, or two, get false positive about their drug/drug interaction?

Then let’s go to the population health, and how am I going to figure out
whether my asthmatics in this country are being treated correctly if I have
ICD9, and I have no idea where you’ve mapped it to in the SNOMED world, but
chances are it’s going to generate a lot of these false positives which means
you’ll have a spuriously low score when you’ve basically included folks that
shouldn’t be treated at all. So I’m trying to find, are we back to our roots?
Which is we need to deliver better and monitor better health and healthcare in
the country, not any of us put out the whats.

I guess that goes back to the evaluation. So it so happens that your project
is being used in the CMS project, but the evaluation seems to be so important
that we not only find out do you like the colors, but did it improve care and
what did they do with the information that was given to them, many of which
will be inaccurate because of this unknown mapping, for example, and also the
problems we have in the billing data.

MR. WALLEN: Right. So if you think that through, there’s going to be some
determination at some point in some system about how something should be coded,
right, and regardless of what that is, it’s going to be prone to error. There
will be mistakes regardless of whether you’re pulling this information out of
an EMR, an EHR, or a PHR. So there are certainly going to be false positives,
you’re absolutely right. The system that we have is going to be more prone to
false positives due to the fact that we are typically dealing with billing data
and using it for a clinical purpose.

So that is absolutely true, and we’ve worked into the model the ability for
both the physicians and the patient to be able to specify that this is a
questionable entry and that it can be removed from the health record. And so it
will work itself out in the end.

To the you were discussing related to asthma and your ability to reach out,
I didn’t necessarily need you need to be on Flomax if you have asthma, but you
might want to say hey we’ve got some support centers, inside the produce we’ve
got some support centers that describe what asthma is, how do I know, what are
my diagnoses, when should I see a doctor, how far advanced might it be.
Basically just doing better patient education. What are the medications that
are available? My doctor prescribed Flovent. What other options are there for
me?

So that patient education is really what you want to effect here. Not
necessarily making any clinical determinations. We don’t make any clinical
determinations ourselves. Our product allows the health plan to be able to push
what’s on their formulary, or be able to send out educational information about
specific conditions, but we don’t make any of those determinations ourselves.

The final point I wanted to address is related to the medication profile.
Yes, you’re absolutely right, most drug interactions, most dose range, drug
checking, all of that, all of those interactions are typically caught very
early in the cycle. If it’s not in the physician cycle itself it’s at the
pharmacy or it could be at the PBM, there’s interaction checking done
everywhere. So we’re just one place that that interaction checking might occur.

However, we might be the only place that interaction checking is occurring
for St. John’s Wort making it in here. Certainly my cardiologist would like to
know if the patient has entered that they’re taking St. John’s Wort, but didn’t
think that that was important when they visited their cardiologist in the first
place.

So we may be the only place that I can have that type of impact on the
patient entered information, which is a significant portion of the record.

MR. REYNOLDS: Okay, Mark and then Don.

DR. HORNBROOK: Just a couple of observations here. First a question. On your
system you get textual information and go through a natural language
processing, or is it just coded data that you receive?

MR. WALLEN: We actually do receive textual information, which we can place
as an adjunct to the health record, but we don’t place it into the health
record, we don’t try to code it. Again, we don’t make any clinical
determinations of either results or in this case textual data.

DR. HORNBROOK: What about body mass index?

MR. WALLEN: BMI we do, yes.

DR. HORNBROOK: So you can handle that?

MR. WALLEN: Yes, absolutely.

DR. HORNBROOK: What about pulmonary function, can you handle that, volume or
other kinds of tests like that?

MR. WALLEN: Yes, absolutely. We bring that data, but once again, we don’t
make any clinical determinations, we’ll look at valid ranges and so forth.

DR. HORNBROOK: I think what you’re hearing here though is an argument for
fully integrated approach, there’s data the patient needs to put in the doctor
doesn’t have, and there’s data the doctor has that everybody needs to know. And
the answer isn’t either/or, it’s both.

MR. REYNOLDS: Okay, Don, you got the period on the end of this sentence.

DR. STEINWACHS: Mark may have taken care of one of my points. I guess I was
interested in the interrelationship of EHRs and PHRs, because it seemed to me,
just I think the point you’re making, Mark, is part of the EHR ought to be
something the patient contributes, otherwise there’s never going to be patient
centered care, it’s going to be some physician’s interpretation of who I am and
never a reflection of who I am, because the PHR, realize that.

Just a small point. Historically when people didn’t want information about
mental health or other things, or STDs, to get anywhere, you would go someplace
and pay for your own care. So HMOs traditionally always had a certain amount of
out of plan use for a variety of reasons, one of them being I don’t want it
there.

The other is I assume like on your system couldn’t you just delete things?
Couldn’t I go in my PHR and say I want all these visit records and so on
dealing with X, Y, or Z, to disappear? Or are you saying that since – the
industry, not particularly you – sort of saying I’m not going to have that
much control because of the way things are fed and put in, and I’d never be
able to simply go in there and say make this disappear?

MR. WALLEN: That’s an excellent question, and it’s something that we’ve
grappled with and the other vendors in our space have certainly grappled with
as well. The most fundamental question that you have to ask first is who owns
the record.

DR. STEINWACHS: Yes. But even though some patients think we own our medical
record, we still can’t do this.

MR. WALLEN: And that’s right, and that’s what it boils down to is, yes, in
our model anyway the patient owns their record. It is there record, we don’t
even store it at the health plan, frankly, we store it in a third party
location. So we view the information to be owned by the patient.

However, in order for the physician to recognize the validity of the data
and use the EHR portion of our PHR, you also have to ensure that it’s a
complete record, and that it is a record that shows where the data sources came
from. So what we allow, what we elected to do, is we allow for all the data to
go into the health record, and each data source may change itself, but no data
sources may change each other. So that is to say the patient can’t go out and
change something that came in through a lab result. If I allowed that to happen
then the physician would not view that as a credible lab result. If I allowed
the patient to change my medication list for the medications that I got from
the PBM, suddenly it’s not as valuable to the rest of the entities that are
trying to use that health record.

So what we do allow is we allow the patient to go out there and basically
put a little mark on there. First of all, they can put notes on anything,
“I disagree with this assessment, you know, this says that I’m morbidly
obese but frankly I think I’m doing just fine.” That is certainly well
with their rights to be able to do that. But we also have clinical measurements
that basically say, you weigh this much and you’re this high.

Basically we give the flexibility to say, yes, as a patient I don’t agree
with this entry, and you can basically say I’d like to void this record from my
view. However, the physician will still see it, and they’ll see that there’s a
note on there and that it has been voided out.

MR. REYNOLDS: Okay. Dominic I really appreciate that you’ve been willing to
be subjected to this.

[Laughter]

MR. REYNOLDS: But, again, I think it gave the Committee a chance to see.
We’ve talked a lot about what might be out there and other things, get an
example of what is out there. There are many, many people doing this, there are
many, many people involved in this

So as we look at our agenda items and what we need to do, we have to stay in
front of some of these and make sure that if we want to help with some policy,
we want to help with some thoughts, whatever category of our committees we
have, then we need to keep doing that and not assume that it’s not going on
because it is happening very fast.

So, Dominic, thank you so very much.

It’s been recommended we take a five minute break, and I’m talking about a
five minute break. Please don’t get your phones out. Just go and do what you
need to do and come back. Thank you. If you get your phones out they’ll be
confiscated.

(Off the Record)

MR. REYNOLDS: We just finished hearing one perspective on personal health
records, and now we’re going to get to hear from all fifty states, and just
what they think about the things we’re doing in general. So if you think that
was exciting, get your seatbelts on. It starts to get real interesting from
here.

So I’d like to introduce Kory Mertz, and Kory’s going to talk about –
he represents the state legislatures, and I’ve heard him do this before, and I
think you’ll be fascinated. I was actually quite surprised at all the things
that are going on around the states that if you don’t live in that state you
don’t know it, but yet it does play into the national scheme.

So, Kory, thanks so much for coming, we really appreciate it.

Agenda Item: National Conference of State Legislatures
Update – Current HIT Realities in the States

MR. MERTZ: Thank you very much for having me, I appreciate the opportunity
to be here.

That good?

MR. REYNOLDS: Yes, that’s good

MR. MERTZ: Like Harry said, I’m really here to provide you guys an overview
of what’s happening across the fifty states. I think is an area where people
don’t really give as much attention as it’s probably due, because a lot is
really happening at the state level and I think I’m really going to demonstrate
that to you guys today.

Our members in our organization are very active and interested in working on
health information technology issues.

Just before I start into the presentation I just want to give you a little
background on our organization in case you’re not familiar with us. We’re a
bipartisan organization made up of all the state and territorial legislatures
in the country. We really serve as kind of an extension of the legislative
staff for the states. We really help them figure out what’s going on in other
states, kind of see trends across states, and help them kind of innovate
policy. Then we also have an important role of representing states for the
federal government, mainly around issues about preemption and unfunded
mandates.

So, again, states really view health IT as a vital tool to increase quality
and decrease costs. A number of states are really integrating health IT efforts
into their broader health reform initiatives, because they really see it as a
key way, one of the tools in the arsenal to help bend the cost curve.
Everybody’s facing these rapidly inflating health costs. This is a particularly
big issue for states, and it’s over a quarter of their budgets for a number of
states. This is a very important issue that they get costs under control.

States are really using all sorts of policy levers to address these issues.
And we’ve kind of seen five key trends across the states. I’m going to talk to
you about them today. Obviously e-prescribing, updating privacy laws to
facilitate health information exchange, targeted financing initiatives,
promoting the use of standards based health IT systems, and advancing adoption
and use.

Really one of the starkest ways you can see how much states are doing is by
looking at the legislative initiatives that’s happened in the past two years.
In 2007 and 2008 we’ve seen over 370 bills with health IT content introduced.
Of these bills, 132 have been enacted in 44 states and the District of
Columbia. This is over a threefold increase compared to the similar period in
2005 and 2006.

We have a searchable database if you’re interested in all this, on our
website. We have all the enacted bills from 2007, and all of the legislation
from 2008. I think it’s a good resource. We’re also going to be putting out a
paper kind of analyzing trends across all the enacted legislation. It should be
out hopefully by the end of next month.

Just jumping into the first area, e-prescribing. This is an area states have
been very active on all sorts of different initiatives. I think one of the
reasons is a number of states really kind of see it as more ready for primetime
than some of the other health IT tools, some of the standards are a little
further along in the process in their view. So they think that will help drive
HIT adoption and use.

One of the barriers to this was the number of state laws prohibited
electronic prescribing for various reasons, whether it was you needed an
electronic signature, or a myriad of other things. As of August 2007 all fifty
states allow for e-prescribing. And there are still other barriers around DEA
controlled substances. I know they’re working on that right now, but we’ll see
where that goes.

Just a few examples of what states are doing around e-prescribing.
Minnesota, as you’ll be seeing numerous times throughout this presentation, is
really active in this area. And one of the things they’ve done is they’re
requiring all providers, group purchasers, prescribers and dispensers, to have
e-prescribing systems by 2011. They enacted this through a legislative mandate
this year, and before that they actually did it through their state employed
health plan requiring all network providers to e-prescribe. But that hadn’t
gone into place yet because it was 2011, but they negotiated in the last
contract year.

You’ll also see a lot of e-prescribing initiatives in Medicaid. I think a
particularly good example is Florida. They started with their 1,000 largest
prescribers, most frequent prescribers in the program, and they gave them three
wireless PDAs to e-prescribe with. They found it very successful so they
expanded the program to the 3,000 highest Medicaid prescribers. And this gives
them a 100 day medication history. The state has found approximately $2 million
in savings per month. This is based on comparison between the providers who use
the software and who don’t. There’s a 25 percent reduction in per patient
prescriptions for providers who have these systems versus those who don’t, and
based on that they calculate this $2 million savings, approximately $2 million
savings per month.

And just one other state I wanted to pick out, I could have talked about
many here, but it’s New Hampshire. And I think they’re really aiming to be the
first state where 100 percent of providers will be able to e-prescribe. They’re
aiming to do that in October of this year. I think one of the really
interesting initiatives they have in their state is a public/private
initiative, the New Hampshire Citizens Health Initiative. It’s really bringing
together the healthcare stakeholders across the state.

One of the interesting things it’s doing is trying to create the common pay
for performance standards across payers in the state. There’s a few other
initiatives going on there, the Blue Cross Blue Shield plan of the state is
providing free PDAs any prescribing software and discounted access to wireless
internet access.

I think really the next key area we see is around updating privacy laws to
facilitate health information exchange. I’m sure you guys are all aware of the
issues around this with consumer concern about their data being disclosed and
what’s going to happen if their data is disclosed. Are they going to lose their
health coverage, are they going to lose their job.

Then equally on the other side with the providers concerns about being
liable for accidental disclosure of data, or are they going to be liable if HIE
has the information and they have wrong information, and that provider uses it
to treat or say some data’s missing, are they going to be liable for treating
in this manner that they did based on missing information or incorrect
information.

When we look out across this we really see very different approaches to how
states are addressing these issues. And I don’t think that’s surprising. I
think if you looked at the states now their privacy laws are very different, so
it’s not surprising when they’re trying to update them for this new technology
that they would be different in this area too. I just picked a couple that I
think are particularly interesting and varying examples.

For instance, in Minnesota, they’re going to go for a record locator service
model. The record locator service can be built without patient consent, and
then patients can opt out at a later date, or they can have specific provider
contacts removed from the system. A really important thing they did here to
provide for the real time exchange of data is they’re allowing the electronic
representation of patient consent by providers, other specific things they have
to get, the date that was requested, who the requesting provider is, and a few
other things before they send this. And they have to get a signed form from the
patient. They’re also requiring audit trails for the record locator service,
and they’ve established penalties for violations of the statute.

I feel like Minnesota and Rhode Island have really taken this the farthest
as far as privacy protection side. Rhode Island has gone about it differently.
They’re creating a single statewide health information exchange for the whole
state. And there they are having patients opt either everything in or
everything has to be out at the start. After the patient makes that decision
they’ll be able to go even more granular after that, choosing specific
providers who can or cannot access their data.

If a patient opts into the system there are three areas where they no longer
can restrict their data from. If there’s an emergency, somebody can access
their data if they have a medical emergency, for certain specified public
health purposes, and then for the operation of the RIO, they don’t have control
there either.

They gave patients a number of different rights. I think one of the most
interesting ones is they have the right to go to their provider and try to get
their data changed. It doesn’t really mandate that the provider change it, but
they at least have the ability to go request it be changed. And they have
access to disclosure reports and a few other things.

Now, Nevada really has taken I would say a very different approach than
these other states. What they have decided is if you’re a covered entity under
HIPAA, and you want to electronically exchange patient data, more stringent
state laws do not apply. All you have to do is meet the requirements of HIPAA.
They also included a requirement to allow patients to opt out of the electronic
exchange with their data.

Just two other interesting examples, California being kind of different than
these. What they did is they extended their data breach notification law to
include health information. A lot of these don’t necessarily include health
information in them. But I think even the more interesting piece of it was they
extended their health data privacy laws to cover personal health record
vendors, like Google and Microsoft, that are not currently covered by HIPAA or
pretty much any other state laws that I am aware of.

Then Oklahoma again took a different approach addressing some of these
issues, I think drawing kind of on the work from HISPC. They noticed providers
were having differing interpretations of state and federal laws. So providers
didn’t want to exchange data with one another because they all had their own
interpretation of what was required under the law.

To get around this they created a standard authorization form for the
exchange of health information. Now, use of the form is not required, let me
put that out there first. But if a provider uses it and they follow the
instructions that the State Board of Health creates, providers are immunized
from liability under state privacy and privilege laws, or the exchange of that
data.

This is a very interesting way they’ve gone about addressing this issue. I
haven’t seen many other people do this, but I think it’s good, interesting way
of doing it.

A number of other states had privacy bills forward this year, the only one
that was enacted was Wisconsin.

Targeted financing is really another area states are working on. I think
you’ve seen a number of states invest really significant amounts of money into
health IT adoption and use. And when state legislatures look out across the
health sector they see certain providers are adopting these tools and certain
providers are not adopting these tools. And states don’t want to replace funds
that the private sector would use to adopt these tools. That doesn’t really
make sense to a state legislator to pay somebody to do something they were
already going to do, especially when they see other groups like community
health centers, small practices, and rural providers are not adopting these
tools. They want to target their funds towards those groups, and also I think
they obviously see a clear need to see public health adopt these tools, get
into the digital age.

States also really see an important role for themselves in allocating the
cost of new systems across interested parties. This kind of gets back again to
the point of certain groups get a lot of the benefit here and certain groups
have to pay for a lot of the implementation of these things. States want to
make sure that these benefits and costs are being evenly distributed across the
groups, I think for various reasons, to assure widespread adoption and to
ensure disparities don’t occur in the systems.

States are really looking to understand financially what the return on the
investment is financially and also in terms of improved health outcomes, and
when will sustainability be achieved, if ever.

We’ve identified six or seven interesting trends across state financing, and
I’m just going to talk through it real quickly here. Setting up study
commissions even beyond the financing piece I think is really your best
practice we’ve identified across the states. This is a really important area to
bring the various healthcare stakeholders together here, and really get them
used to working together and build trust amongst each other. These aren’t
entities that are necessarily used to working together in some states.

So the state can really play a neutral convening role that really helps
these entities get more comfortable and get behind a plan for where the states
are going to go around health information exchange and electronic health
records adoption. And it also helps them I think on a more individual level for
exchanging data between specific entities, if they’re more comfortable and they
know the people there I think it really helps.

States are usually providing funding for these study commissions, and
they’re also including in the charge find sustainable funding models and to
come up with things like that.

Another common thing you see across the states is establishing a health IT
fund, where public and private dollars can be pooled. And these funds are then
appropriated by the legislature before the increasing adoption and use of
health IT tools.

Another important thing you see is a number of states are either creating or
designating a state level health information exchange organization, and this
really confers status and authority on the body. Another thing they’re doing
with that is allowing these entities collect and receive funds, just kind of
adds one more feather in their cap, I would say.

You see a lot of one time appropriations that states are making for all
sorts of purposes, pretty much anything under the sun around this health IT
adoption for tools and other things. State grant programs is an area where you
specifically see states trying to target those groups that I mentioned before,
like community health centers, rural providers, and small practices they’re
seeing having trouble adopt these tools.

In these grants usually a lot of the times there are requirements for
matching funds or requirements that certified systems be purchased. You also
see a number of states looking at tax incentives. Wisconsin’s really the only
one that’s enacted anything like this at the moment for providers to adopt
electronic health records.

Vermont has one of the most interesting examples around health IT financing.
They’re the only state that I’ve seen that has created a dedicated funding
source for health IT. Like the other states they set up a health IT fund.

But what’s different, they created this two-tenths of one percent fee on all
health insurance claims in the state that is going to be paid into the fund.
And it’s only for insurance claims of Vermont members of the plans. One of the
really important things behind this is that it includes third party
self-administered plans.

The stakeholders in the state thought it was really important that everyone
be included in this, it couldn’t just be one part of the healthcare sector,
everybody had to be paying into this fund. And they expect the fee to raise $32
million over the next 7 years, and they plan to target the money towards
non-hospital affiliated doctors, and also they plan to use the funds to help
set up the state level health information exchange. I believe I’ve heard
they’re expecting it to increase the adoption rate to about 50 percent over the
next 7 years.

Revenue sources, states are really looking at all sorts of different revenue
sources. There’s really been no key one that states are picking, but they’ve
looked at dues, bonds, insurers, assessment and user fees. I think there is at
least as far as dedicated revenue sources there’s really nothing that states
would pick up on, and everybody said, hey, that’s a good idea.

States realize that just getting providers to adopt health IT tools really
isn’t enough. If everybody’s buying their own system and they’re not going to
be able to interoperate at a later date, really you lose a lot of the benefit
of this whole purpose of this endeavor. So they’re really taking many different
ways of driving providers towards standards based systems. A lot of the time in
legislation you see them specifically referencing standards organizations like
PITSKI(?) and CCHIT, either in planning or setting up planning committees, and
all sorts of different areas.

Just a few examples. You see Virginia requiring state agencies to only
purchase certified systems, and then any state dollars giving out to grantees
and other organizations also have to only be used for certified systems.

Then Minnesota, which has a 2015 mandate for all providers to purchase
electronic health records systems, they’re requiring that they be certified by
CCHIT or its successor.

Around adoption, advancing adoption and use, we really see three key ways
states are pushing this forward. First it’s mandates, two states have mandated
adoption of tools. Minnesota, as I discussed, has a 2015 EHR mandate for all
providers in the state, and a 2011 e-prescribing mandate.

Massachusetts took a little bit different twist on this. They are just
requiring their hospitals and community health centers, and they have to have
CPOE by 2012, and EHRs by 2015. And they tied this requirement to standards for
facility licensure.

Another way states are driving adoption is through incentives. I think one
interesting thing we’ve seen is Massachusetts as part of their physician loan
repayment program, one of their requirements to be eligible for this is you
have to have a certain level of HIT competency. They haven’t really said what
that standard is going to be yet. Then the tax credits I mentioned earlier and
a number of other different strategies.

You also see states really leveraging their purchasing power. I think this
is another really important way states and the federal government can really
help drive these initiatives. In Medicaid you really see a lot of different
activities. Either half the states either have or are working on claim based
EHRs. A number of them over time are trying to add more things to the systems,
immunization data and other things that they’re trying to build into the
systems.

You also see states trying to drive adoption through state employee health
plans. I mentioned the Minnesota requirement for e-prescribing.

I think really one of the more interesting examples between here, which I
don’t have on here, is the state of Michigan. Their state employee health plan
and their Medicaid plan are both participating in one operational RIO in the
state, that’s in the capital area. And they’re paying a per member per month
flat charge for their enrollees and member data to be exchanged by the health
information exchange. I think this is really the state getting involved at the
ground level of these exchanges, and I think states getting involved like that
can really drive other players to get involved with these initiatives.

Just to go over NCSL’s health IT activities quickly. We have a project
called Health Information Technology Champions. It’s a public/private
partnership through our foundation. These seven organizations are members of
it: AARP, Blue Cross Blue Shield Association, EDS, HIMS, Johnson Johnson,
MAXIMUS, and Quest Diagnostic. The goal of this project really is to increase
legislators’ knowledge and leadership around health IT. This project started in
2006, so I think particularly at that point in time it was really a new issue
on a lot of legislators’ agenda. It was really important then, and I still
think it is important now, trying to help them create better policy around
these issues.

We do a number of other activities, the State Alliance for E-Health is
something we work on. I’ll be talking about that in a second. A lot of what we
do is really just to try to help states do their job better. The State Alliance
for E-Health, if you’re not familiar, I usually like to tell people what it’s
really doing is kind of creating a roadmap for states, for here are the biggest
challenges that you’re facing and giving them strategies for how to move
forward on these areas. It’s the National Governor’s Association is the lead on
this project and it’s funded through the Office of the National Coordinator.
We’re a subcontractor on it, along with the National Attorney Generals
Association. It’s the members of the Alliance.

Just a few other activities I’m sure you’re familiar with both of these
probably. HISPC is working on reducing the variation in state privacy laws. I
particularly like the State Level Health Information Exchange Consensus
Project. We serve on their advisory board, and I think they’re really doing
great work in the state level.

Just in closing here, a few state leaders that I’ve picked. My list is
really based on where state governments are at. You can put a whole different
set of states or organizations on here, I’m sure. And I’ve really talked about
all these, other than I think the work in New York. They’ve put in the most
money of any state that I’m aware of, and I believe it’s over $250 million at
this point in time. Because of this big investment, they’ve been working on
accreditation study lately looking at do they want to set up or work with an
accreditation body to accredit HIEs and RIOs. It’s really a way to help
healthcare stakeholders to feel more confident in the privacy and security and
operation of these organizations.

With that I’ll close.

MR. REYNOLDS: Okay. Questions? Jeff.

MR. BLAIR: Thank you so much for your presentation. I really appreciate the
work that you are doing. One of the things that I’d sort of like your guidance
on or reaction to is I think that in terms of independent funding initiatives,
that makes sense to me. Every state has a different set of limitations and
capabilities and that flexibility makes sense to me.

The one that is a little frustrating is that different states coming up with
different policies for privacy and security of healthcare information. Because
I think your example was Minnesota then Nevada, where Nevada’s using basically
the HIPAA privacy laws, and Minnesota is a little bit more defining in terms of
giving patients options, whether it’s opt in or opt out.

And here we are trying to work towards a nationwide health information
network, and you could have New York, Connecticut and New Jersey all next to
each other, patients get their care in any of those three states, that’s just
one example. But there’s many where you have borders and you have people going
across borders for patient care. And if one state has more stringent
requirements than another state you could wind up not sharing information
because of the different privacy regulations.

So I don’t really understand the way state legislatures work. Everyone seems
so independent, different rules, different times of convening, different
operating rules, different ideas of what their scope should be.

Is there anything that could be done on a national level to try to encourage
either a model for all states for privacy and security or some other mechanism
or ideal for consistency and privacy policies across the states?

MR. MERTZ: Well, I would say that’s what HISPC is trying to work on. They’re
still working, they’re in their third phase, and I want to say seven or eight
groups kind of working on some of those issues trying to identify, to be honest
I don’t remember the specific subgroups, but some of them are specifically
looking at that across state issues. And I know from the people I’ve talked to
there, they’re not looking at creating model legislation around this area, but
what they are going to do is create kind of a tool kit or a set of here are the
issues you need to look at when you’re crafting your legislation, and kind of
try to help them come up with ways to make it similar across the states. If
they know here are the specific areas where you need to work on.

My organization doesn’t do model legislation or anything like that, we don’t
really support those sorts of efforts, I can’t really speak to that I guess. I
mean it is an issue I think how all that’s going to work.

MR. REYNOLDS: Leslie.

DR. FRANCIS: This is just an informational question. Has ERISA been raised
as a problem, particularly for the Vermont scheme? And if so, what’s going on
with that?

MR. MERTZ: It was, and they had, I’m forgetting her name, Pat Miller, they
had an expert on ERISA take a look at it and they came away with saying this
would be okay, this would fly. The exact legal reasoning, I don’t know. But,
yes, they looked at that.

DR. FRANCIS: But it hasn’t been challenged in court?

MR. MERTZ: No, it has not.

MR. REYNOLDS: Blackford.

DR. MIDDLETON: Kory, thank you for a really comprehensive excellent
presentation. The question I have, or two questions, one is the estimate of 25
cents per transaction per year savings, I wonder if you could say where that
came from?

MR. MERTZ: That was 25 percent – the Florida Medicaid?

DR. MIDDLETON: Yes.

MR. MERTZ: It was 25 percent reduction compared to the average of other
physicians not using the PDAs.

DR. MIDDLETON: Is there a source or a reference you can send for that?

MR. MERTZ: Yes, I could, they did a study.

DR. MIDDLETON: Okay. I could just get that offline before you go? And then I
guess the real question is a lot of times I think with electronic prescribing
and HIE we suffer this problem of managing the funds flow, because he benefits
which accrue don’t always accrue to those who are making the primary investment
or the first investments. We’ve talked about this ad nauseum in this group. So
I wondered if you had an overview from the state perspective on how – what
are the leading methods with which one can address local organization for the
specifics of the funds flow across an HIE? There are a lot of different models
in place, Regenstrief and others, Dr. Overhage just joined us, the Indianapolis
Health Care Information Exchange, the Massachusetts E-Health Collaborative,
etcetera. But I think we’re struggling for a sustainable model frankly for
Healthcare Information Exchange, and I wonder what insights you might offer
from the states or what the states might do to support this development?

MR. MERTZ: You’re asking about how states are funding, like thinking about
funding a long term?

DR. MIDDLETON: A business model. What’s the business model?

MR. MERTZ: I think states are probably as stumped as you are. I think the
Vermont example is definitely an intermediate example. And I asked, what are
you going to do after the seven years, and they’re, that’s seven years from
now. No, just to be honest, I think they’re really excited to have this
initiative going, and I think it’s a leading initiative across the country
really for setting up dedicated funding for these sorts of things. I can’t
really think of a good example where they’ve really figured it out.

DR. MIDDLETON: So maybe the way to flip the question, Mr. Chairman, is to
suggest perhaps the NCHL and the NCVHS might think together about what kind of
enabling policy is really called for that then could be driven through the
federal and the state architectures, if you will, to try to get at some of
these issues and establish a safe and reliable and workable mechanism under
whatever structure it is.

MR. REYNOLDS: Okay, we got Sallie, then Larry, then Marc Overhage.

MS. MILAM: I have a comment, really it goes back to Jeff’s discussion of
trying to get states aligned in their privacy decision making and their laws.
And I think if you look at some of the early work of the E-Health Alliance you
refer to the Health Information Protection Task Force you’ll see that there was
a lot of testimony in that area, and a lot of states came forward and talked
about their laws, and what’s important to them. And when you look at when the
laws were written, they were probably written before we had electronic health
information. They were written during a time of paper.

But you also find that the cultures vary from state to state. And one of the
things we explored early on was where we could have similar process options,
not necessarily changing the underlying issue with respect to privacy, whether
or not you want say consent for mental health, but how you obtain that consent.

Because when the National Association of Attorneys General did some research
for us we saw that consent process options differed even in details like we
want black ink versus blue ink, that sort of thing. And what we heard from
states was that the differences were so great that we really were unable to get
to a point of consensus to really get to a uniform standard.

So I think what came out of some of that work, and what you’re seeing with
HISPC, is maybe a model around a choice of law concept where each state has a
different approach with privacy, but we all have the same rules about how we
apply those different laws to the situation.

I just wanted to add that.

MR. REYNOLDS: Thank you. Okay, we’ve got Larry.

DR. GREEN: Kory, could you offer a perspective on what states are doing now
to sustain their vital statistics capacity, and whether or not they are working
on these health information exchanges in other IT things, anyone is doing any
projects about new ways to develop crucial public health statistics from these
systems?

MR. MERTZ: I think New York is a good example where they are, at least New
York City. I don’t know if you’re aware of the work they’re doing. They’ve done
some really – because most of their community health centers actually have
EHRs or VMRs, whatever you want to call them, and they’ve really integrated
that into their public health system there. They’ve been able to see disease
outbreaks before anybody else at the state level there. I don’t have all the
details on that, but I think that’s a good example of that.

I think states are definitely considering it while they’re working through
these initiatives. You see examples like Rhode Island where they’re allowing
access to the HIE, public health purposes for some of the data will be allowed.
Again, I think this is a thing that each state is probably, like many things,
going to take their own way, depending on the culture of the state.

I’ve seen other states where they’re setting up a state level health
information exchange body and they say you can’t provide the data to
researchers. I don’t remember if they specifically said if there is an
exemption for public health or not, but it specifically said not for outside
research. I think states are always trying to balance the perspectives between
how patients are going to react to these things and the very important need to
use the data for public health purposes.

DR. GREEN: Are any states in their legislation or discussions that you’re
aware of using the words “data stewardship?”

MR. MERTZ: Not that I am aware of, but they could be.

MR. REYNOLDS: Okay. We have Marc Overhage. How about introducing yourself
since you just got here?

DR. OVERHAGE: I’m Marc Overhage, I have no conflicts.

MR. REYNOLDS: No conflicts, but plenty of questions. You do have the floor.

DR. OVERHAGE: I’m curious, there is this slippery edge as we look to the
states for funding, and I’m wondering if you have any comments, we’re talking
about the Vermont example, and Secretary Lunderville, Secretary for
Administration, Vermont’s letter to the Vermont Information Leadership Group,
has been working for eight, ten years to try to move this, as I understand it,
which is third-hand press, whatever, is basically ask them to reconfigure their
Board and exchange their entire leadership. You wonder a little bit about the
tradeoffs and tensions that represents at a state level and the provider level.

MR. MERTZ: Yes, I think this is just kind of the nature of these issues
where a lot of them are public/private initiatives. It raises a lot of issues
like this. States aren’t necessarily used to working in this sort of
environment very frequently. So when states put in money they are going to
expect to have more influence than they would over a normal private sector
operation. This particular example, from what I’ve read, they weren’t
necessarily displeased with the people on the Board, but they just wanted the
most latitude for establishing a new Board.

But when I read that it made me think about there are all sorts of issues
around this when the state is providing significant dollars to public or
private interests. States really want to make sure their dollars are being
well-spent and they’re being used in the interests of the public. That’s their
job and that’s what they’re trying to do. So it does raise all sorts of new
dynamics that we’re going to have to work through.

MR. REYNOLDS: We have Walt, Jorge, and then Carol you got the last call.

DR. SUAREZ: Thank you for an excellent presentation. As a former Minnesotan
I like to see Minnesota be highlighted so much.

I wanted to mention, just like nationally we have gone through three or so
iterations of evolution of getting into health information exchanges before
they were called CHINs, and then CHIMEs, and then RIOs, and then HIEs. Every
state, except for a couple of states, every state also goes through some of
these transitions and changes and iterations. Minnesota itself is going through
a third one right now organizing itself into something that would lead to
implementation of health information exchanges.

But one thing that has been consistent across, at least the last ten,
fifteen years I’ve been involved in this, has been the investment that state
has been making in health IT. Now we call it health IT; before it was
electronic health records. It seems to me there hasn’t been a good analysis or
study showing what are – and helping even states to show or to identify
– what are the places where that type of investment is the best in the
sense of the cost benefit.

You mentioned New York $250 million, I actually added up about this year
2008 there’s over $450 million being invested by states from grants of $3-$5
million in Florida to $7-$8 million in Michigan, and New York $250 million. Has
there been any analysis in NCSL involved in studying the investment that states
are making in health IT and trying to give some guidance or tools or evaluating
that investment and some perspectives on what types of investments provide a
better payoff, if you will, cost benefits?

MR. MERTZ: Yes. NCSL hasn’t done anything like that. I think New York,
actually I forgot to mention this in the talk, but one of the things they’ve
put in their grant is the requirement for evaluation, and they set up High
Tech, an organization at one of the universities there that is going to be
evaluating the outcomes of it, all of those grants, all the projects funded
through those grants.

I’m not really aware of any national level anything looking at that. I think
there are a lot of state experiences. You always hear about pilot projects.
I’ve heard a number in Vermont and other places where there aren’t necessarily
published data on what the results are. But obviously they’re moving forward
with these initiatives, so they’ve had good results on it. I think that would
be a valuable thing to get more out there, but no, I’m not really aware of
anything published giving states a better idea of where they should be putting
their dollars.

MR. REYNOLDS: Jorge.

DR. FERRAR: Kory, that was an excellent presentation. Was the cost savings
in Medicaid Florida initially based on hospitalization or was it based on
e-prescribing information delivered to the physician that allowed them to have
a more fine view of the formulary cost savings at the prescribing element?

MR. MERTZ: This is the interesting thing how they calculated this savings.
It’s not based on any of that. Really they were surprised when they did this
because they found a reduction in the – they looked at the average
prescriptions per patient per physician, and providers who had the wireless PDA
once they got it they were prescribing 25 percent less prescriptions per
patient compared to providers who don’t have the tool.

So they took that and they came up with an average cost for prescriptions,
and then from that they calculated the savings just based on that alone. They
didn’t include things like, you know, they had the numbers in their report on
the alerts and things like that, but their cost savings is only based on the
reduced prescriptions.

I think they were surprised by how many people didn’t pick up prescriptions
and things like that, that led to a reduction.

MR. REYNOLDS: Okay, Carol, take us home.

MS. MCCALL: Well, as you know, we put the “Vital” in Vital Health
Statistics, this group did. So I’m going to go back to a comment that Larry
made, and it really is around vital health statistics, things like population
health, monitoring outbreaks, you’d mentioned that, and also things around
safety monitoring and surveillance, a great example being adverse drug
reactions and pharmacological vigilance.

It was interesting your comment that for all the wonderful things that
you’ve talked about today, and they are fantastic by the way on HIT, it’s a
related but separate topic to talk about uses of data for that. There’s a group
here, an ad hoc group, that had done some wonderful work that is sometimes
alternately called secondary uses of data.

But it is vital, and I would say it creates very important feedback loops
for our healthcare system. So I think there’s an opportunity here. Because it’s
different than HIT it’s going to demand different skills, different
competencies to begin to use this and think about it naturally and become
naturally fluent in these.

There’s an opportunity in two ways. One is for us to work together. So that
as states are beginning to think about what to do we can, as we advance our
work, begin to set a framework for the states.

The other is an analogy to Blackford’s comment, which is really kind of
looking for some sort of risk adjusted financing for health IT, which is a
mechanism maybe to create some interesting partnerships. Maybe this is a
mechanism around this next level, this vital uses for federal and state
projects and partnerships around that, so if you do things in a particular way
according to and within a certain frame around promoting these vital uses of
health statistics and enable them that there’s money. And that there’s one of
the things at a federal level could happen, set the frame of the funds, and
that could be something we could partner with.

MR. REYNOLDS: Okay, Kory, thank you, excellent for a second time.

Next we’re going to turn it over to Justine and Paul to present a little bit
on data stewardship. But, again, the purpose up until now has been to remind
you that there is a whole lot going on, and it is happening all day every day
at a lot of desks and a lot of meeting rooms and in a lot of different
environments, and we may be all individually aware of. So I think the key thing
is that we do have a lot of customers out there for the policies and the things
that we’re trying to do, and some of them may be more visible than others.

As we figure out what we need to do and each subcommittee tries to make a
difference, you can see that we have to get out in front of these on some of
these, we have to continue to build like e-prescribing, we’ve already had a lot
to do with building some of it. We need to continue on other things, we need to
get out ahead of it and at least think about these things.

I just wanted to get everybody level set. With that, I’ll turn it over to
Drs. Carr and Tang.

MS. TRUDEL: The lumper and the splitter.

MR. REYNOLDS: And I promise you we may sit Jeff and Judy together, we will
not sit Paul and Justine together.

[Laughter]

Agenda Item: Data Stewardship Framework

DR. CARR: We don’t have a lot of time. I think we’ll use this time to just
introduce a concept.

Over the summer when we were beginning to put together our work plans and
think about how we might address topics and what are important topics, the term
“data stewardship” came up repeatedly. We were trying to fit it into
Harry’s famous grid, and really we struggled with it because the more we
discussed it the more we realized data stewardship is not necessarily a topic
that you study but almost a framework with which you study.

Through our various discussions with great input from the Quality
Subcommittee and some leadership in this configuration from Paul, we came up
with a figure that’s behind tab 3. It’s just a starting point, a way to think
about it, and definitely open to input.

As you see in the middle of the page there’s a circle that says “data
stewardship,” and under that are attributes or things we associate with
data stewardship.

The first one is data accuracy completeness and comprehensiveness. As we
think about that, we thought about it in terms of each of our subcommittees. So
in the case of data, the Quality Subcommittee completeness has more of a
clinical connotation. Or it might mean criteria for clinical quality
measurement and implications for data sources, identification of gaps.

In the case of Populations, data accuracy completeness would be more of a
statistical analysis. And in Standards we might think of it in terms of the
technical completeness.

So moving down, the next one is data integrity. I know that’s a word that
Bill always struggles with, but it’s really a statistical concept not an
ethical one.

[Laughter]

DR. STEINWACHS: Bill’s very happy to explain this.

DR. CARR: So as Blackford has pointed out repeatedly, that the quality of
our data is impacted by whether we have complete numerators and complete
denominators.

Moving on to reuse, as Carol was just alluding to. In terms of quality we’d
be thinking about the data interoperability, this shared common useful meaning,
or perhaps appropriate data creation use and reuse. In the case of Standards
that might mean that we have content standards and we have exchange standards.

Then going on down, permissible use restrictions, confidentiality
protection, authentication, auditability, obviously very much relates to
privacy and security. I think one of the things, I’m revisiting this document a
little bit, but we were trying to think about one other thing was as we think
about de-identified data and how do we approach a topic like that. We thought
well Populations might think about it in terms of limited data sets, what level
of identifiability is required for population health reporting. Whereas,
Standards might contribute to the definition of de-identified data and privacy
to the use of de-identifiable and de-identified data sets.

So, Paul, let me turn it over to you to comment further on this.

DR. TANG: I’m going suggest Tine, even though she went through the details,
this is actually a lumping technique.

[Laughter]

DR. TANG: So we managed to squeeze into two words the third dimension to
what ONC presented. It really is a part of our fabric in how to reuse this, as
Carol said, this data, but it’s only good if in the workflow it is captured
accurately, efficiently, then it can be reused with adequate protections for
privacy and security.

And that’s my lumping summary.

MR. REYNOLDS: So do you want to move forward with what – are you
finished, or do you have a recommendation, or?

DR. CARR: Actually, I’m not sure that this is an action item so much as a
kind of backdrop framework for us to think about as we approach different
topics within the Committee.

MR. REYNOLDS: Right. I think a couple things. If we decide that out of all
the work we did last year that data stewardship is a subject for this
Committee, then each group is going to have to take it up in one way or the
other, or we’re going to have to have an ad hoc group to do it. So we’re going
to have this one, and then there’s going to be some discussion on the patient
centered medical home, whatever we end up calling it.

Those two are subjects that are on the table right now that are not
something we can send a particular committee off, go have a nice day and come
back tell us if you’re going to have hearings or what you’re going to do. So it
was presented in open forum to the full group because it’s not going to go away
from the full group at least from a discussion as to how we would adjudicate
it.

I would ask everybody when you go into your breakout sessions this is not a
subject you can ignore. Please take it accordingly and keep it in your mind.

John and then Mark.

MR. HOUSTON: Just one, I’m looking through this and I think there’s
something missing, and I couldn’t figure out what it was, and it goes back to
the conversation Leslie and I were having. I think at some level in sort of
this middle circle here, there needs to be the concept of accountability.
Somebody has to be accountable for data stewardship, it’s not an unfunded or
not unstaffed mandate. I know when I think of data stewardship in an
organization like mine somebody’s accountable for data. They have the ultimate
responsibility for whatever.

When we look at data stewardship in this model here, I think overall,
especially in privacy, there has to be accountability, and it has to be clearly
defined. It’s one of the areas that when I listen to everything going on with
NHIN and otherwise that people are missing that there has to be somebody or
something there to account for or be responsible for the stewardship of the
data.

MR. REYNOLDS: Carol, you want to follow up on that?

DR. CARR: I think it’s a great point. And I think it links to what you’re
asking the groups to do in the next day or so, Harry, which is this is a great
draft. And yet it hasn’t been created by the entire group. So when you go back
that could be part of what you do.

MR. REYNOLDS: Right.

DR. CARR: What’s missing when you look at through the lens of, in this case,
privacy, what would you add?

MR. REYNOLDS: Right, agreed. Mark.

DR. HORNBROOK: I was just looking for the concept of ownership, because it’s
somewhere underneath the layers of the paper but it didn’t make it to the top
in the ink, because somebody owns and is accountable for the data, and then you
have to decide who has the right to use the data for what purposes. In some
cases the patient grants free right to everybody, I mean you get into a
clinical trial and you sign on the consent form all your data goes to the FDA
and they know who you are and what happened to you throughout the whole
clinical trial, and that data goes into the record. And as long as it was
proprietary before it’s approved, it’s secret, but after it gets approved it’s
not secret as much anymore.

Then the concept of leasing. I like to think of the fact that I can use
medical record data for research, but I’m leasing it. By putting it into the
research framework I don’t own the data, I’m just using it for a specified
purpose and then I have to return it back to the original owner.

MR. REYNOLDS: Paul, you had a follow up? Then Steve and Blackford.

DR. TANG: On the concept of ownership, this was discussed last year, and a
lot of this work, or one of the reasons this phrase came up is through Amy’s
work originally on secondary use. One of their salient conclusions was the
concept of ownership was not as important as the concept of data stewardship in
all of its glories, and part of it relates to your leasing comment.

You are granted the right to access and use it for the purposes you got that
consent. But then you also inherit the responsibility and the accountability to
act responsibly. And that seems to be the overriding concern, rather than
figuring out this legal term called “ownership,” which we didn’t get
too far.

DR. HORNBROOK: Except I’m sitting in a HIPAA entity, so my job and my
professional career is at risk if the data goes out, as you said,
inappropriately. I’m the one that created the problem.

DR. TANG: That’s part of stewardship.

MR. REYNOLDS: Steve. Jeff, I got you.

DR. STEINDEL: I’d like to comment on a comment that Carol just made, which I
take is kind of a format type comment. Yes, I mean this has not been discussed
by the full committee. There’s probably minor modifications, modifications that
we want to make on a one-page picture of data stewardship.

But I also think that there’s going to be a lower level of granularity
that’s going to exist within each one of the subcommittees as they define how
they look at data stewardship, that’s going to go much further. But I still
think we need the one-page picture, and we ought to look at it that way.

MS. MCCALL: I’m in just ecstatic agreement. The question I think for the
group and maybe its Executive Subcommittee would be what are the documents, as
it were, what are the policies, what are the principles, the guiding principles
that actually would emerge out of something like that, and is that something we
want to charge ourselves with creating?

MS. GREENBERG: I would just suggest too that in addition to looking at this,
which I think is really great, and there’s more than enough here for full
employment obviously, but to think if you have an alternative suggestion.
Because we really are going into this for a different framework.

That doesn’t mean that everything is going to have to go into one particular
framework, but obviously Harry has set some expectations with the Executive
Subcommittee and with the full group to do some strategic planning. Now it’s
obviously new members, new leadership, it’s a good time for that, lots of other
reasons that we talked about last year.

But one of my favorite subjects, we are looking towards the 60th
Anniversary and it would be good to have some kind of galvanizing thematic
effort that we’re working on across the different committees. On the other
hand, you don’t have to do that. But there are a lot of things that are sort of
arguing for it. So if you don’t think this is the one, do you have another
alternative? I think everything’s on the table. Do you agree? I’m not saying
you should reject this, but I think it would be good to stimulate those kinds
of thoughts.

MR. REYNOLDS: Blackford.

DR. MIDDLETON: So, Marjorie, I guess the only other one I would suggest we
consider is the one I mentioned this morning, and that is this knowledge
management problem, which I think is pervasive in cross-cutting, so I’ll leave
that for further deliberation.

I guess Paul and Justine on this one we had a chance to chat this summer a
little bit, I just want to return to this idea that Mark raised, because I
think one of the things we really haven’t gotten our hands around is this
ultimate objective which may be uniquely American, but maybe not, that at one
level these data will need to be monetized for better or for worse, and I think
oftentimes for better, to actually have a mechanism of data sharing be
incentivized by the flow of dollars and the flow of value.

So therefore I think actually the leasing concept and the existing framework
and principles with which we manage data probably do not suffice. And I’d love
to play a lawyer on TV, and I’m not a lawyer.

I wonder if we need a property framework for data. I wonder if we actually
need to wrestle down the issue of ownership. I wonder if we actually need to
get those principles identified and then identify liability issues of recovery,
issues of discovery, and what not, so we can actually create then a value chain
for data across information exchange that makes sense and actually gives us a
legal framework with which to do it, and a legal framework with which to
protect those whose data are being exchanged. And in fact, there may be a
reward that belongs to the patient whose data are being shared.

So I want to put that on the agenda for deliberation.

MR. REYNOLDS: Got it. Okay. Bill and then, Jeff, you got the last word. Oh,
I’m sorry, Leslie, we’ll let Leslie have the last word. Bill.

DR. W. SCANLON: My comment in part relates to the issue you raised to Harry
about interaction among the subcommittees. I look at this chart and I think of
sort of the right-hand side, the quality and the population side, in some
respects is the demanders, these are the people who create the wish list of
what they would like to sort of have. And the left-hand side in some respect is
the enablers, the standards group and the privacy and security group.

I think part of I would say a difficulty that since I’ve been on this
Committee, is those of us in Quality and Populations have operated over here
with very little interaction with Standards and Privacy. Really this is where
in the future we need to move, because we’re not alone in Quality and
Populations in terms of dreaming up what we’d like. There’s all kinds of other
groups out there that are doing the same thing. There’s not anybody else
besides NCVHS that I know of that is really working on this issue of how do we
enable this, because it’s the enabling that’s key to making this move forward
quickly.

A lot of good ideas end up sort of dying because they’re implemented either
poorly or too slowly, and they just get discredited. But they were good ideas.
If they had ever been done right they might have survived.

So I think we need to be concerned about that. In some ways this would be
recreate the Vietnamese Peace Talks in Paris, we should have a circle here
where everybody is around and there’s not two columns, it’s like there’s
continuous interactions among the four.

MR. REYNOLDS: Right. The reason we started this way if you remember is we
did some things with ad hoc, and that pulled people from every one. We’re
trying not to make too quick of a decision on this one or a couple others that
are in play, as to exactly how we want to take it, and if we leave it like this
then, for example, one other option is as we have Standards meetings we may
have people from this right-hand side join it, and vice versa. So we make sure
we’re much more of a homogeneous group whatever committee we call it, but as
soon as we make ad hoc it kind of changes the whole structure, and it kind of
takes the pieces maybe a little differently. So most of us have served on both
kinds of those, and that’s why we just listed it like this.

So your point is exactly right. But once we make a decision on how we’re
going to handle it then that decides how we think as a group and what group
brings it forward. So that’s what’s really key. I agree totally. Jeff.

MR. BLAIR: It’s interesting, because I listen to Marjorie and she starts to
touch on what I’m about to say, and then Blackford actually came up with an
example of what I’m about to say.

We’ve sort of gone through a thinking process, and we’ve had data
stewardship and we’ve sort of took a look at that and looked at the elements,
and we did splitting, and we split it into the standards group and we split it
into components. This is an area we’ve struggled with for years under different
names and under different perspectives.

We just had testimony from the National Counsel for State Legislatures,
Conference, and one of the things that is just so abundantly clear is our
nation deals with these issues from a number of different perspectives and they
don’t have tools for coming to consensus. We might be, and I think Blackford’s
suggestion was an example of some of the tools we need, because if we come up
– and I always use the word “criteria,” what is the criteria for
making a decision on privacy, what’s the criteria for making a decision on data
accuracy or completeness.

If we could come up with a set of tools, maybe not for us but for state
legislatures, and for ONC and for the rest of the country, to start to move
towards consensus on these issues, then we could have contributed something of
tremendous value. The truth of the matter is that this diagram is one of the
foundations that’s needed, it’s one of the knowledge bases that’s needed I
think for us to start thinking of what those criteria are.

And I don’t know who, maybe it was Sallie, who would up saying guiding
principles. That’s another word for what I’m suggesting. What are the guiding
principles or criteria that when used moves the population towards consensus on
these issues?

MR. REYNOLDS: Okay. Leslie.

DR. FRANCIS: I was just going to observe that this is like a map that you
can lay over lots of different kinds of data, everything from we heard about
EHRs, we heard about PHR, there are all different kinds of data sets, and those
are only just a couple.

So one of the things we need to think about is if one group does standards
for one and another group does quality questions for another, and still we have
to worry about whether we are laying this over the same space as we think
together.

MR. REYNOLDS: Help me with that. I’m not sure I caught that. In other words,
standards for one and quality for another, I’m not –

DR. FRANCIS: What I meant is that there are lots of different kinds of data
out there, and part of why – take ownership, for example, the data that’s
in a state health department about hospital discharge data, the data that’s in
the PHRs that WebMD has, the data that are in whatever system, the Kaiser
system or the VA system, or whatever, they all involve individuals and their
health that somehow get aggregated. That’s the basis. But what we might say
about any of those with respect to what – we need to use all of these
questions, but how we might answer these questions, whether ownership even
matters, for example, is going to be very different depending on the kind of
data and what it’s collected for.

So what I was saying was that if one group worries about standards in one
context, and another group worries about privacy and security in another
context, we still have the risk of a mismatch.

MR. REYNOLDS: Right, and that’s why we brought this in. Because need to
decide what our charge is and how we’re going to approach it, not just send
everybody off with a general topic called data stewardship. What do we want to
do, where do we want to make a difference, what do we want that to be?

So with that, Mark, I know you have a question, but I think so we can give
to the committees that we’ve just asked to do something time to do it, I’d like
to go ahead and cut this off.

That is going to be the conclusion of our main session today. I hope it got
you thinking, and it’s going to give you something to do when you get into your
breakout sessions.

The Populations will be meeting here, and the Standards will be meeting in
305A.

So with that, we’ll see everybody back here tomorrow morning.

(Whereupon, the Full Committee adjourned)