[This Transcript is Unedited]



Subcommittee on Privacy and Confidentiality

Hearings on Privacy and Health Information Technology

June 8, 2005

Hubert H. Humphrey Building
200 Independence Avenue, SW
Washington, D.C. 20201

Proceedings By:
CASET Associates, Ltd.
10201 Lee Highway, Suite 180
Fairfax, Virginia 22030
(703) 352-0091


Introductions and Opening Remarks — MARK ROTHSTEIN, Chair 1

Panel V — Third Party Payers

Pharmaceutical Care Management Association — Philip A. Rothermich, Vice President, Business Development, Express Scripts

ERISA Industry Committee – Edwina Rogers, Vice President, Health Policy

Society of Professional Benefit Administrators — LaRea Albert, Chief Operations Officer, Health TPA, Texas (via telephone)

Questions, Answers and Comments

Indiana Health Information Exchange — J. Marc Overhage, M.D., Ph.D., CEO

MedCom — IB Johansen, Danish Centre for Health Telematics (via telephone from Denmark)

Subcommittee Discussion

P R O C E E D I N G S [9:07 a.m.]

Agenda Item: Introductions and Opening Remarks – Mark Rothstein, Chair

MR. ROTHSTEIN: Good morning. My name is Mark Rothstein. I’m the Director of the Institute for Bioethics, Health Policy and Law at the University of Louisville School of Medicine and Chair of the Subcommittee on Privacy and Confidentiality of the National Committee on Vital and Health Statistics.

The NCVHS is a Federal advisory committee consisting of private citizens that makes recommendations to the Secretary of HHS on matters of health information policy.

On behalf of the Subcommittee and its staff, I want to welcome you to today’s hearings, the second day in our two-day hearings on national health information technology. We are being broadcast live on the Internet, and I want to welcome our Internet listeners as well.

We will begin with introductions of the members of the Subcommittee, staff, witnesses and guests. The Subcommittee members should disclose any conflicts of interest that they might have with regard to today’s matters. Other guests and witnesses need not disclose any of these conflicts.

I will begin by noting that I have no conflicts

of interest, and I invite Dr. Cohn to be next.


MR. ROTHSTEIN: Welcome to all of you.

Invited witnesses have been asked to limit their remarks to 15 minutes. After all the witnesses on a panel have testified, we will have time for questions and discussion. Witnesses may submit additional written testimony to Marietta Squire within two weeks of the hearing.

I would request that witnesses and guests turn off their cell phones and other electronic devices that could interrupt the hearing. Also, because we are being broadcast over the Internet and recorded for transcription, we need to remember to speak clearly and into the microphones.

As I mentioned earlier, this is the third round of hearings on the National Health Information Network held by this Subcommittee.

We started in February with a hearing on privacy and confidentiality and heard from experts in that field as well as representatives of consumer organizations.

At our second round of hearings in Chicago at the end of March, we heard from a range of health care providers to get their perspectives.

At this third round of hearings, we had four

panels yesterday and one this morning address issues from the perspective of integrated health systems, health plans, international health systems and regional health information organizations.

A fourth round of hearings is scheduled for August in San Francisco when we’ll hear from technical experts on health information network design. Additional details about this hearing will be published in the Federal Register and it will appear in our website as soon as our plans have been finalized. Later this morning, we will be having a Subcommittee meeting to discuss those plans for our August hearing.

Let me briefly mention that the Subcommittee and the full NCVHS are very interested in the issue of the National Health Information Network and the effect that the Network is going to have on privacy and confidentiality of protected health information.

Some of the things that we are specifically concerned about include whether the health information network that we are establishing will in fact reduce costs, improve efficiency, increase access, reduce errors, and as well we are concerned about how existing measures can shed light on the steps that should be taken to protect privacy and confidentiality such as the rules that should be established to decide whether certain material is included within electronic health records and health systems as well as the procedures for disclosing that information, whether it can be collected, maintained, disclosed in segmented form et cetera. So your views on that would be very greatly appreciated by the Subcommittee, and then the full Committee will be notified of our findings and will discuss with us any recommendations which we hope to get to the Secretary sometime this fall.

I’d like to proceed to what’s listed as panel number five, our panel for this morning, which includes third party payers.

We have two witnesses in person here and we also have, via telephone, a third witness, and we will hear from you in the order listed on the agenda, if that is okay with you, beginning with Mr. Rothermich to discuss pharmaceutical care management.

Agenda Item: Presentation – Phillip Rothermich

MR. ROTHERMICH: Thank you. I’m happy to be here today. As I mentioned, I’m here on behalf of PCMA, which is the trade industry group for the pharmacy benefit management industry, and so my remarks really have more to do with PBMs generally and certainly are not intended to relate specifically to Express Scripts.

I wanted to start with just a little bit of context, to talk about why privacy and HIT is relevant to PBMs.

As many of you know, three of the large PBMs, Express Scripts included, about four years ago created RxHub in an effort to create infrastructure and transaction standards for electronic prescribing, part of which included the provision of drug history information that we’re able to provide by virtue of being aggregators of prescription drug claims.

The NPI at RxHub contains roughly 150 million specific individuals through those three large PBMs, and hopefully in the future, other payers and PBMs will join to make that an even more robust information source.

Just a little bit of a sideline from there — the service that RxHub provides really is just a record locator service. It’s finding an individual, finding out where their benefit is, and then they send a transaction to the specific PBM involved. So there is no central database of claim information or personal health information at RxHub.

Again, the value that we can provide is providing drug history information to physicians at the point of care in an effort to avoid drug interactions and additional adverse drug events that may occur either from oversight by physicians or from just a lack of information.

There are other checks in the system. When drug claims are filed at the pharmacy, there’s drug/drug interaction checking that’s done at the pharmacy. When claims are filed from the pharmacy to the payer, drug/drug interaction is done again. So there’s a number of places in this chain where interaction checking can be done.

But there’s really more to it than just drug/drug interactions, and while providing that information at the point of care isn’t a perfect solution, it’s certainly an additional benefit that we think worth pursuing.

In that context, PBMs aren’t really a direct stakeholder in the sense that we have any vested interest in providing this information or pushing any particular agenda with respect to the provision of this information, except to the extent that we believe it enhances care and we believe our job is to enhance the safety and efficiency of the prescription drug process. And so in that context, we think it’s a valuable service.

There’s a number of different approaches we could take, and I’m going to go through some of those, but wanted to just start with the premise that each piece of information that doesn’t get provided to the physician is a lost opportunity in the sense that if there’s something a physician knows, they can act on it; if they don’t know it, they can’t act on it.

And a good example of that is one class of drugs that people are sometimes concerned about, psych drugs, and psych drugs in particular have a specific profile of a lot of drug/drug interactions. And so to eliminate that class entirely from what is provided to physicians is really taking away a big piece of information that can be very useful in prescribing other agents as well as other psych agents.

Another premise that needs to be put on the table is that individualizing the approach is really not administratively feasible. Express Scripts alone serves in the neighborhood of 50 million lives, and so aside from the systems issues of not really being able to customize what we provide for each individual, just the administrative load, flipping switches for lots of different drugs by individual, is just not possible.

So we have to find sort of a least common denominator approach, and in that regard we have to balance, and I think the system needs to balance, the interests of individuals, the regulatory framework.

And one of the issues I’m going to be talking about is the significant problem of the variation in state law which actually may be beyond the scope of what the Secretary or the Committee can do anything about, but I think it’s the significant barrier that needs to be addressed to solve this problem.

Typically what is suggested as an approach to solving the privacy problem in drug history is somehow carving up what we provide.

As I mentioned, some people would like us to not provide psych drug claims. But it’s easier on the surface than it is when you get into the details.

In other words, there’s a few classes that you could sort of reel off as those that might be eliminated — HIV kinds of information, psych drugs, family planning kinds of issues; there’s probably a few others.

But when you get into the detail of that, it’s not so easy, because drug claims typically don’t come with a diagnosis, and even if they did, there’s very few drugs that you could generalize about what they are used to treat. In other words, if you eliminate a certain drug from all drug histories because you think it may be treated for HIV, for instance, you may also not provide that drug in cases where it’s being used for something.

And so different P&T committees actually may reach different conclusions about even if you agreed on the conditions or the classes of drugs to exclude, it’s not so easy necessarily in practice to come up with a list that everyone agrees on.

From there, then we can sort of get into some of the specifics.

The overarching premise, obviously, is HIPAA when you’re talking about providing personal health information, and in that context we really don’t have an issue, because typically whenever we’re providing this information, it’s in the context of treatment, payment or health care operations, and so there’s really not an issue there.

A lot of the issue comes from state privacy laws, and those are all over the map, as you might expect, and again, interpreting what the impact of those laws isn’t necessarily easy.

A good example is many states have specific consent laws with respect to HIV type of information. Some of those laws have additional considerations about the age of the patient, and there’s a lot of things that you may need to know that we don’t know.

One way that the system typically deals with this is the contracting provisions downstream typically lay the burden of collecting the appropriate consents on the physician, and the assumption is that the physician has gathered what they need to gather.

I think that works, but a more efficient approach would be to have a national scheme where everyone agrees on what’s provided and what’s not provided and there isn’t variation by state about what you can or can’t provide or what sorts of consents need to be achieved.

The problem is that when you start to carve up what you send, and particularly if you started carving it up in different ways by state or if different payers or providers of information take different approaches to providing it, what you’re left with is the physician on the other end doesn’t necessarily always know what they’re getting.

And so the primary value of providing, or coming to some sort of uniform standard both with respect to state law and with respect to sort of what’s in and what’s out, is that the physician then would know what they’re getting and what they’re not getting.

In every case, drug history information isn’t perfect, and we’ve had some conversation about this in the context of standards for e-prescribing, but there’s a lot of things that may not get into our drug history because either a patient pays cash, either because they’re traveling and they don’t have their card or because they don’t want a record of that drug in the system.

Sometimes if the co-pay is higher than the actual cost — some generic antibiotics are very inexpensive, and if you’re got a $10.00 co-pay and the drug costs $6.00, it’s possible the member just pays for it and doesn’t bother to submit their card.

Most of the pharmacy systems now know who your payer is and they file those claims automatically and the pharmacies under our agreements are required to file those claims even if the co-pay is above the cost of the prescription. But there are things that don’t necessarily get in there, so it’s important for physicians to understand that what we provide as drug history isn’t foolproof, and they should continue to do what they normally do as physicians, which is to talk to the patient and ask them about what they’re taking or not taking.

Clearly, just because something’s in the drug history doesn’t mean they’re taking it, and just because something isn’t in the drug history doesn’t mean they’re not taking it, so that’s an important sort of asterisk to this whole thing.

But if physicians knew in every instance that what they got included — for example, all antibiotics — and never included — antivirals, for example — they would know that there are certain questions they should ask that maybe they don’t ask routinely, or that they shouldn’t rely on this drug information for certain things, and so getting to that sort of uniformity is extremely important.

I tried to create a list of potential approaches here and evaluated them, trying to find sort of what might be the best approach.

Individual opt-ins and individual opt-outs — again, when you’re talking about millions of people, just really aren’t feasible.

And so if you got to a point where you wanted for people to have to opt in or you wanted people to have the right to opt out, the end result could be that this information just isn’t available anymore.

In other words, if it’s too difficult to administer that kind of a permissions list, it may be that the sources of that information just have to choose not to provide it at all, which is a lost opportunity.

Again, sort of similarly, if you tried to do opt-outs by class — in other words, I don’t want my physician to know I’m on an antidepressant — it becomes unworkable both from the patient perspective because patients aren’t necessarily always going to know how to designate what they don’t want their physician to know and it also becomes really unworkable for physicians because they’ll never know what may or may not be in there, and so they may start to disregard the information all together.

Sending everything for everyone I think is a viable approach in that, again, the only people asking for this information are physicians with a patient in front of them, so there’s a good reason for the physician to have the whole picture.

And I think from a system perspective, if you step back from sort of the individual, if you’re looking at

HIT as a means to provide efficiency in the health care system and enhance quality and everything else, I think the argument can very easily be made that full information at the doctor’s office is vital. And again, any piece of information, any piece you take away, is a lost opportunity.

Another approach would be to get some sort of consensus across the industry or the government to say certain things will never be provided on a 50-state basis; we can create a list of drugs and they’re always filtered out. And that’s the thing that can be done, because if you do it uniformly across the system, you can program the systems to just filter out certain things that you can’t do on an individual level.

The last approach would be to not send anything for anyone, and again I think it’s certainly possible when you just stop doing it, but I don’t think that that is the right approach and that there’s so much lost opportunity both in quality and cost savings.

So, in summary, I think the key here is just balancing.

I’ve been in some of the hearings where we had consumer advocates here, and I understand that there are people who are concerned about providing certain kinds of information without individual consents. I’m not sure I agree with the approach that keeping information from your physician is your right in that the impact on the health care system I think needs to be considered.

I think it’s important if everything is provided, to make sure that we have laws in place that the misuse of information or discrimination based on that kind of information is protected against.

But the individual privacy considerations need to be balanced against the potential savings, the potential safety and efficiency gains.

And again, ultimately whatever solution is arrived at needs to be workable from an administrative point where the people who are actually providing the information can provide it feasibly and without adding cost to the system because, again, if you came up with an approach where people had to rewrite information systems, I think the end result would be that people just sort of got out of a business of providing this information.

Again, we’re not directly a stakeholder; we don’t have any real need to provide it. We think it’s valuable, we think it’s the right thing to do. But if you start asking people to change the way they do business in order to provide it, the end result may be that certain people just opt out of doing it all together.

I noted here, I alluded to it before: I think key to solving this problem, key to any, I think, of the solutions for HIT, is having a uniform system across the country. I think that requires standards, and I think it requires Federal preemption.

And, again, I know those are sort of sensitive areas sometimes, but I think for us to get anywhere with a national system that has any level of efficiency, it has to be one system that has to be nationwide.

And there I’ll take questions. Or are we going to wait till the end?

MR. ROTHSTEIN: Yes, we’re going to take questions at the end. But thank you very much for your comments. I know we’ll have lots of questions for you.

Our next witness is Edwina Rogers from the ERISA Industry Committee.

Agenda Item: Presentation – Edwina Rogers

MS. ROGERS: Great. Thanks very much.

I was on my way into the building this morning; I ran into some colleagues. And they said, “Well, Edwina, what brings you to HHS this morning?” And I said, “Well, I’m here to talk about ERISA preemption and state privacy laws.” And they said, “Well, that sounds really awful.”


MS. ROGERS: So I hope inside this room you guys don’t think that that’s an awful subject matter.

But thanks again. I’m Edwina Rogers. I’m the Vice President for Health Policy for the ERISA Industry Committee. And on behalf of ERIC and all of our members, we would like to thank this Committee for allowing us this opportunity to give input on issues pertinent to privacy and health information technology.

Just a little bit about our trade association, who we are. We’re a nonprofit trade association committed to the advancement of employee retirement, health, incentive and compensation plans for America’s major employers, mainly Fortune 100 companies. ERIC members provide benefits to tens of millions of active and retired workers and their families.

The widespread adoption of electronic medical records will be a boon for the U.S. health care system, increasing efficiency and accuracy, while decreasing paperwork and aggravation.

Electronic records also pose challenges for the system, and to major employers there are important issues that must be addressed under the Employee Retirement Income Security Act (ERISA) and the Health Insurance Portability and Accountability Act (HIPAA).

Major employers will need access to these electronic records and to whatever system is devised so they can continue to deliver state-of-the-art health benefits to their employees. But today we must look at the privacy and security concerns these challenges will bring.

In the process of transitioning to a system of secure electronic health records, large employers that provide health and wellness benefit plans to their employees have a significant and difficult role to play.

The current state of laws governing both medical data and benefit plans make for a great burden on companies that voluntarily provide medical coverage for their employees. One company may be subject to different laws in every state. It may be unclear as to which of those state laws are preempted by Federal law, and it may be unclear as to which standards of privacy and security one must adhere. But the confusion and frustration are not as compelling as the desire that employers have to maintain healthy employees.

Just a little bit about the ERISA preemption issue. It’s not what it used to be.

To the extent that employers-provided health plans are subject to Title I — this is under the Department of Labor requirements of ERISA — ERISA Section 514 preempts state laws that are “relating to” an employee benefit plan. However, laws relating to insurance, banking or securities matters are “saved” from ERISA preemption under ERISA 514(a) and (b). The term “state laws” includes all laws, decisions, rules, regulations.

However, the ERISA preemption power that allows the Federal government to set the standards governing employer-sponsored benefit plans has been severely eroded in the wake of several court decisions that have led to a distinction between “partial” ERISA preemption and “complete” ERISA preemption.

As you can imagine, the key here is the interpretation of which state laws “relate to” an employee benefit plan.

Under current case law, even state laws that may pertain to benefit plans, but are not related to ERISA benefits due to a participant per se, may not be preempted by ERISA.

While these partial and complete preemption concepts are an important part of fully understanding ERISA preemption, the distinction between these concepts is not as important as the fact that the law has evolved to see fewer state law claims preempted by what was once thought of as an expansive ERISA preemption doctrine.

To simply, and perhaps over-simplify, the state of ERISA preemption today, one could draw from the case law that claims brought under ERISA 502(a) to recover benefits due under the terms of the plan are completely preempted by ERISA.

For example, an employee’s state breach of contract claim against an employer who fails to provide benefits due under the health plan will fail due to ERISA preemption under current law. Furthermore, state claims that are related to the plan, but are not for benefits per se, may not be preempted by ERISA under the partial preemption doctrine. Be aware, however, that this is a vast oversimplification of the law. ERISA law regarding preemption is very convoluted and uncertain. There are few bright line rules, and several jurists have called on Congress to set clear ERISA preemption boundaries.

And with regard to ERISA preemption and electronic records, which is what we’re here to talk about today, if ERISA is amended to mandate that employee benefit plans transfer health data electronically to health providers, there is question as to whether more stringent state privacy laws could bar or severely restrict this practice or would ERISA preempt.

You also have this problem with the privacy rules under HIPAA because Section 264(c)(2) of HIPAA provides that contrary state laws that relate to the privacy of individually identified health information will not be preempted by the Federal requirement if they are “more stringent” than those requirements.

This means that HIPAA’s Federal privacy protections act as a floor, not as a ceiling, on privacy protection. State laws cannot lower the standards, but can be more restrictive.

In contrast, Federal laws mandating the transfer of health data electronically should have a ceiling, and inconsistent state laws that would inhibit this practice would need to be preempted to insure the objectives of such laws will be met.

However, given that the scope of ERISA preemption is being narrowed and not widened, there is an increasing chance that ERISA’s current preemption provisions will not suffice to preempt state privacy laws once current case law interpretation is applied.

Because one could argue that such state laws regarding health care privacy rights relate to the plan, but are not related to benefits per se, such laws may mot be preempted by ERISA under the courts’ current interpretation of the law. Therefore, we strongly argue for one national standard that includes ERISA plans and preempts all state laws.

A little bit about the HIPAA dilemma. The millions of Americans employed by large employers constantly have their health plans threatened by over-zealous state laws that go beyond and above HIPAA-based requirements in varying ways. Because there is not a uniform standard but rather simply a uniform base, and different and more stringent state laws, varying widely state, an employer who operates in multiple states may find it necessary to conform coverage in all states to the strictest privacy and security standards available.

While this may sound positive, in fact it amounts to a waste of time, resources and legislation; after all, if the Federal HIPAA standards are not sufficient to protect patients’ medical records, why should HIPAA even exist as a standard?

It is more than likely that the transition to a system of electronic health records will face its most burdensome barrier in the form of varying state privacy laws. For example, a Texas-based company may be eager to achieve the administrative and efficiency cost savings inherent in moving to electronic health records. They will have to thoroughly examine whether the specifics they develop will be legal in Maine. Iowa and 47 other states.

Some concerned parties are turning to accrediting organizations to help them achieve compliance with the targeted privacy legislation currently on the books, organizations like Utilization Review Accreditation Commission (URAC).

URAC’s HIPAA Privacy and HIPAA Security accreditation programs outline a framework of best practices that describe the operational policies and procedures necessary for an effective compliance program and are designed to accredit many different types of health care organizations, including both plan sponsors and the payers.

URAC accreditation demonstrates good faith efforts to meet HIPAA requirements to current and potential business partners and assures customers and patients that appropriate steps are being taken to safeguard protected health information.

HIPAA itself is so unclear and conflicted when faced with state laws and regulations that companies often have no idea whether or not their efforts to comply have been successful, thus necessitating the help of outside experts who can evaluate whether or not they have put in good faith efforts. It would be too much to decide whether or not a company was actually completely in compliance — that would remain anyone’s guess, considering the changing state laws.

Employers do play a critical role in health care electronic medical records.

Employers have two reasons for providing voluntary health care benefits to their employees. They desire both to attract the best employees by offering the best compensation and benefits and also to retain healthy employees that don’t succumb to illness which would lead to absences and loss of productivity. While the first goal can be accomplished simply by pursuing the most efficient and accommodating plans, the second has led employers to get intimately involved in their employees’ health care.

In order to keep employees healthy, some companies started by an outside fitness center memberships for their employees. This has led to less outsourced methods being used, including companies providing their own health and fitness facilities for employees.

And why stop there? Large employers now often offer employees their own pharmacies, drug therapy centers, smoking cessation programs, obesity curbing programs and other health and wellness amenities that both help employees stay healthy and also increase the necessity of employers having access to their employees’ medical records and histories.

This health information must be kept confidential and contained, meaning that other parts of the employer may not have access to the health records which the pharmacy and drug therapy units will have access.

We are not aware of any health record breaches by major employers at this time.

While there is the distinct possibility that a new medium for medical information will require increased vigilance and new means for procuring security, it is likely that employers will be more than willing to make accommodations in order to best serve their employee.

The key to instituting a successful transition to electronic records will be including employers, and in doing so, helping them comply with security and privacy necessities by creating uniform standards that are not the baseline but the end-line.

Employers are involved in many aspects of health care and they require clear, concise goals and rules in order to accurately deliver the services these employees are demanding.

And we just wanted to mention that we often survey our members at ERIC and so if this Committee would like for us to design a particular survey, we could send it out quickly to our members and get a response.

Thank you very much.

MR. ROTHSTEIN: Thank you. That’s a very interesting offer we’ll have to talk about.

We are now ready to move to our third witness, who is going to testify by telephone. I hope she’s with us — Miss Albert?

Agenda Item: Presentation – LaRea Albert (by telephone)


MR. ROTHSTEIN: Go ahead, please.

MS. ALBERT: Thank you. I’m LaRea Albert, Chief Operations Officer at HealthFirst TPA, located in Tyler, Texas. For those of you that aren’t familiar with Texas, that’s about two hours east of Dallas.

I’m testifying today on behalf of the Society of Professional Benefit Administrators, SPBA. SPBA is the national association of third party administration TPA firms that provide employee benefit management services to clients and benefit plans. It’s estimated that about two-thirds of all the workers with the benefits in non-Federal plans receive some kind of services from TPAs.

Every size and format of employment and plan is represented, including union, non-union, large/small state, county and city employees.

As a TBA member, TBA funds operate much like a CPA or law firm providing continuing professional outside claims and benefit plan administration for several client employers and benefit plans. And if you don’t think we have a role in this function, there’s over 280 TPAs alone just in the state of Texas. We have a very active, vocal association as well as the national association.

SPBA greatly appreciates the opportunity to testify today on health information technology. We have been supportive from the start on health technology considerations and we look forward to continuing this discussion as the extent of TPAs in this area evolves.

So far, TPA was one of the pioneers in implementing EDI to our operation with great hope in a huge return on the investment of the time and the resources involved to complete this implementation. The excitement of taking a paper plane and converting it into an electronic style was very challenging at the time.

What we did not take into consideration was the fact that after a costly investment on our software and workflow — and believe me, we had to revamp our entire operation — the provider world had no requirements to submit the claims to us electronically.

I can sadly report that as a TPA with 150,000 employee lives with business in almost every state, had been able to receive claims electronically for several years, even before we had HIPAA transactions set. Today, we are only receiving about 45 percent of our medical claims in an electronic format record. Not much return on the investment there.

It’s been only in the last few years or so that some of our partners in TPO networks have stepped up to the plate, and that was basically because of the competitiveness with their competitors, and implemented the ability to receive our EDI filing we provided in the claim against their electronic database without having to print the claim out to paper first.

And of you that aren’t in the claim business, when a self-funded employer elects itself on your plan, they contract with a network to not pay retail dollars to the providers and get a discount, so therefore the claims have to be repriced against that database.

To simplify this process, we have outsourced this load to a vendor because they have the ability of accommodating many networks, so we don’t have to maintain that ourselves.

The most challenging piece about HIPAA and EDI and the privacy rules that have happened to our business, the TPA business, is the relationship with our stop loss carrier, or re-insurance carriers. Most of our clients have our protection above and beyond a benefit that’s called a specific that protects them over a (?) claim, depending on the size of the client, from either $50,000 to $100,000 to $200,000. And this is basically what we call “re-insurance.”

In order for us as a TPA to receive the best quotes, this re-insurance carrier wants to know any possibility of a large claim that they’re going to be on the risk for. And in the past, the employer usually knew this information — who was this, what was wrong with him, what the diagnosis was.

Not today. And the stop loss carriers are not letting the TPAs get away with the fact that they want to know who it is — they don’t want to just know that an employee has a heart condition or has cancer, AIDS, or whatever; they want to know who it is. And if we can’t supply them with that information, then it affects the quotes that they give us. But that’s probably been the largest burden on our operation.

We actually have an M.D. and several RNs on staff; they’re able to get this information for us most of time. But some of the smaller TPAs can’t afford that luxury.

And if it’s new business, then they usually are not able to get it at all because the incumbent will not release the information. We can’t get it from the provider. So, everyone blames it on HIPAA — we can’t release this information for HIPAA.

And then there’s the new concept that we’re trying to implement, disease management. We think, as a TPA operation, disease management is the thing of the time that says if you could manage those illnesses before those claims accelerate — the main one is COPD, chronic obstructive pulmonary disease.

Those kind of things can be managed, but you have to be so careful when you do those HRAs, those Health Risk

Assessments, what you do with that information. The employee doesn’t want the employer to know it, so you have to be very careful in the way that you handle that to help the employee manage their disease. There again, HIPAA has put a burden on that.

The harsh reality of all this is that we’ve invested millions of dollars, reformatted our business flow, and as each new law was passed, it moves us further and further from ever seeing the return on this investment.

The specter of burdensome state proxy rules looms large for us as well. Currently, there’s limited state activity on the privacy of protected health information, though this is mostly on sensitive health conditions and disclosures that held information by the providers.

We anticipate much more state action in the proxy action. The cost to analyze new rules which are often embedded in various unrelated pieces of legislation and perform a preemption analysis with the Federal privacy rules will be staggering. Assistance from the Federal government in this ongoing challenge will help all payers and help information technology.

There needs to be a focus on incentives to encourage all payers to embrace health information technology. Today, an estimated $1 billion has been spent, mostly by payers, to create that. The funding came from the employers and other payers of health care costs.

Companies like TPAs had to absorb most of this expense internally and as just the cost of doing business. It’s hard to tell a client, “Well, I’m sorry; we’ve spent a million dollars on health information technology in the last year and we’re going to pass that on to you.” You know, our business is too competitive to do that.

There are no incentives, or write-offs. Sadly, only a nutshell of the benefits have materialized from EDI. As I said earlier, there was no mandate or incentive for the health care provider to do their part to prepare and get ready to use EDI.

The incentives for providers came later with the threat of not receiving Medicare payments. However, even this didn’t seem to work for anyone except the larger facilities that knew if they didn’t file electronically, they wouldn’t be paid as promptly.

In preparation for this testimony, SPBA sought feedback from its members. The members are very curious about how the technology for a National Health Information Network will work in the context of their internal systems. The members would like to see a detailed explanation of the demands the National Health Information Network would place on their system.

SPBA is a great organization the TPA members are involved in and they’ve been very instrumental over the years in sharing the latest word on the technology, the EDI, and every new development with its members.

In preparation for this testimony, however, several of the members wanted you to hear the stories, the detailed stories, and I have several of them but I will only share one of them with you unless you’d like to hear more.

But a perfect example is there is an employee that is a member of a trucking company, and based on the health information that the case manager has, we know that this person is a truck driver and he’s not taking his insulin. Therefore, he is having bouts of unconsciousness.

Well, heaven forbid, if you’re facing him head-on on the highway and he goes unconscious because he’s not taking his insulin, based on the HIPAA privacy rules, the case manager doesn’t feel comfortable sharing that information with the employer. So therefore that puts all of us at a risk.

But there’s a million stories like that where the TPA has to make the decision: What do we do? We know this information; do we share it with the employer? And the employer has to be on guard about what they do with that information because it’s vital to the future of our industry.

There’s also a fear that EDI will be forgotten and some new, incompatible new system will be invented. This would punish the entities that believed in health care technology and like us have spent substantial sums of their own money to bring EDI into reality.

EDI has been the demise of several mom-and-pop TPAs with their home-grown systems that just simply could not afford the cost of the technology and were forced to either close (?). The acquisition in the Texas TPA association alone each year has been about 20 percent.

A new system, a whole new system operation that none of us are looking at today, would be probably more than the TPA industry could bear.

Thank you for your time and consideration the Subcommittee has given our comments, and I’m very open to questions and have lots of stories.

MR. ROTHSTEIN: Thank you very much. We appreciate your testimony, and I’m sure my colleagues and I have questions for you as well as your co-panelists who are here in person.

And so the floor is open for questions.

Questions, Answers and Comments

MR. HOUSTON: Why don’t you start, Mark, since you’re the Chairman?

MR. ROTHSTEIN: All right. I have a couple of questions.

First, I want to begin with Mr. Rothermich. When you supply information to physicians about the prescriptions that an individual patient may be taking, is there a time restriction, or a cutoff? So, in other words, do you make it the current meds?

MR. ROTHERMICH: The system allows for up to two years. The software vendors can request a date range, so really the vendors sort of make a choice as to what they want to provide. And the request that comes from RxHub has a date range. But it allows for up to two years.

A question that often comes up is what happens when you change PBMs, and the answer to that is it depends.

Typically, if a client moves from one PBM to another, the incumbent would transfer drug history information for a time period to the new PBM so that there’s some history there that they can do drug/drug interactions and that sort of thing. So typically, there’s going to be at least like a year of claims available.

MR. ROTHSTEIN: I’m just wondering whether you think that an industry standard in terms of the cutoff dates and even allowing for some sort of transfer time would be valuable in assuring patients that there’s sort of a limit on the range of meds that are going to be —

MR. ROTHERMICH: I think it makes sense. I mean, if I took something five years ago, I’m not sure if it’s relevant. It could be relevant, but again, but if physicians know what they’re going to get and what they’re not going to get and they know they’re getting a year of claims, what they’re looking at typically is: What are you currently taking that might affect my decision-making?

If they saw drug claims from five years ago, it may prompt them to ask some questions about your history that they wouldn’t think to ask, so you can’t say there’s no benefit. But again, that’s sort of a balancing act, and I think it makes sense to have some cutoff period so people can sort of sunset their past, if that’s what they’re concerned about.

MR. ROTHSTEIN: John, do you want to just


MR. HOUSTON: Just sort of inject something into his question.

Would it be viable to look at the prescription and look at the dosage and the duration — you know, if it’s once a day for 30 days and that’s what the script is for, to say, okay, the med’s going to be taken for 30 days and absent a refill, after that point in time, we’re not going to provide that information because the patient has completed the prescription? Is that something that you could —

MR. ROTHERMICH: Again, I think if you had uniform rules, people could live with them. I think the more granular they get, the harder it is to administer. So if you have to go into the system and make decisions like that on a drug-by-drug basis —

MR. HOUSTON: You’ve got information, correct — the date of the prescription and the dosage and the duration?

MR. ROTHERMICH: We have that information, but it doesn’t mean that it’s necessarily easy to turn switches at that granular level.

Or if you’re going to say, you’re never going to provide history beyond a year back, or you’re never going to provide drug claim history for certain drugs, that’s one thing. But if you take a certain drug and say sometimes we will and sometimes we won’t, it gets very difficult from a systems perspective and probably becomes unworkable.

MS. ALBERT: Can I interject something here?


MS. ALBERT: I did role model to follow and see what the state of Utah has done.

We just recently went through this with one of our employee’s spouse, and in the state of Utah, anyone that has a license, whether it’s a nurse, an insurance agent, a teacher, anyone that has a license, every prescription drug that that person takes is submitted to the state of Utah.

So we had a situation where a lady was a lady was going to seven or eight different doctors getting prescriptions for Vicodin and Oxycontin, and she lived in the corner of Utah, and she went over the state border because she has a license there. They immediately shut her down.

They found that she went into the emergency room and they pulled up that drug history — I forgot the acronym for it, but it’s the Utah State Drug something

DA — and they shut her down. They do immediately. They pulled up her history and saw that she had been doing this history of getting Vicodin from seven different physicians and shut her down. So if they can do it, why couldn’t we do it nationally?

MR. ROTHERMICH: Well, that’s a good example of why you’d want to provide some level of history.

You know, another example might be a physician might take a different approach if they see three antibiotic claims over the last five months for something similar, so they see a recurring problem. They may treat it differently than if they didn’t know that.

MR. HOUSTON: And what if you say that there’s a certain class of meds that — antibiotics, but, you know, meds that are related to some type of stigmatizing illness. Let’s just say the person’s now no longer on that particular med. I mean, could you exclude that in the broad base on the scenario?

MR. ROTHERMICH: Again, if everyone agrees on the list, I think it makes some sense as long as physicians know what’s on the list. You know, RU486 might be a good example. I mean, people may not want that in their history.

But if physicians know that’s never going to be there and they’re concerned about that in particular, they may know to ask.

MR. HOUSTON: But I’m just saying, though, if the person’s actively on that because there might be some serious side-effects especially if there’s a drug interaction with another drug, but once they’re off of it — and I think a lot of patients would say, “Hey, if I’m currently taking it, yes, I think it’s important for the physician to know. But, boy, if I’m not taking it, and it’s this class of drugs –“

MR. ROTHERMICH: Well, again from a systems perspective, it’s hard to turn things on and off. We either have to have it in or have it out.

So antivirals, I think, are a good example, you know? Docs know they’re never in there, and prescribing something that has a significant side-effect profile if you’re taking antivirals, then they would want to ask specifically: “Are you taking that?”

And if everyone understood it’s not in there, then it’s not in there.

There may be a loss of benefit in not having it in there because it may be that people don’t always tell the truth and they may have adverse consequences because they didn’t answer honestly, and that’s where you need the balancing act from the health care system perspective: Is that the right thing to do, to say it’s okay to withhold information from your physician? And that’s a value judgment.

But I think the rules have to be drug by drug or class by class; it’s either in or out. And it’s not really possible to administer a system where you have changes over time or changes by individual or something. We couldn’t implement it.

MR. ROTHSTEIN: I have a question for Ms. Rogers, and this goes to your testimony on Page 5 where you talk about the wellness programs and health promotions programs of employers and you say that in order to manage populations at risk, certain information is needed to identify these individuals and aggregate information is needed to determine effectiveness of these programs.

Employers are not allowed to have this information unless individuals voluntarily sign up for wellness programs, correct?

MS. ROGERS: Yes. I was mainly talking about third party administrators at this point in the testimony.


MS. ROGERS: Yes, that is true. I mean, people do voluntarily sign up for wellness programs.

MR. ROTHSTEIN: Right. And if they don’t, then under 102D4 of the ADA you can’t get it.

MS. ROGERS: That’s right.

MR. ROTHSTEIN: So I’m a little bit unclear as to what the point is that you’re trying to make, so maybe you could —

MS. ROGERS: Okay. Well, most of our members do have wellness programs and they have MDs that run their wellness programs, and the information that is handled in that program is voluntary, like you said, and it is very much handled by a Chinese screen situation like you would have in a law firm so that that information is confidential.

But there are a lot of employees that don’t want to give a health risk assessment to even an employer that had the wellness program where the information is protected within that one group, an employer. So that’s why most major employers use the third party administrators —


MS. ROGERS: — and they keep the data somewhere else.

So that was what I was trying to say.

And then the third party administrator needs that information to manage populations at risk.

MR. ROTHSTEIN: Right. But it would still be voluntary with the individual whether they want to —


MR. ROTHSTEIN: — complete an assessment?

MS. ROGERS: Whether they complete a health — yes.

MR. ROTHSTEIN: Part of this you could read as saying that employers are going to troll through records to see what wellness programs people need, which they obviously can’t do.


DR. TANG: Thanks for the testimony; it was very interesting.

I have a couple clarifying questions for individuals and then want to drill down on themes. One of the clarifying questions is for Mr. Rothermich, and that is, you mentioned that you require your pharmacies to send you the claim information even if the co-pay is higher than

the actual charge. And why should be that be true?

MR. ROTHERMICH: Well, the plan sponsor wants to know what the drug claims look like.

DR. TANG: I mean, if that person’s paying cash instead of making a claim to the payer?

MR. ROTHERMICH: Right. It’s basically record-keeping. It’s knowing — for one thing, we would pay a dispensing fee to the pharmacy even if we don’t pay for the prescription. In other words, if our deal with the pharmacy is to pay ingredient cost plus a $2.00 dispensing fee and they’re expecting to get paid for the dispensing fee, then we would obviously want a claim to support that. So it’s basically just record-keeping.

DR. TANG: So if a patient paid for a drug that they didn’t want to have paid by the insurer —

MR. ROTHERMICH: Well, then they wouldn’t submit it as a benefit. They wouldn’t say, “I’m an Express Scripts member and I want to — as part of my coverage.”

And if the pharmacy doesn’t know I’m an Express Scripts member, they don’t know to submit a claim. So I’m violating their agreement by not submitting one because they view that person as a cash patient.

DR. TANG: And a clarifying question for Ms. Albert. When you mentioned that there was an organization that insists on knowing the actual name of the individual, let’s say, with cancer or diabetes, is that the employer asking for that information or —

MS. ALBERT: I’m sorry. Could you repeat the question? There was a technology issue.

DR. TANG: Right. You mentioned that there are some times when another party will ask you not just that an employee has cancer, but which employee.

MS. ALBERT: Right.

DR. TANG: Who’s asking that question?

MS. ALBERT: That is the stop loss carrier. Most of the plan members will have a stop loss carrier that will offer a level of re-insurance on a specific level for the employee — say, $100,000. Anything under $100,000, the employer funds; anything over that, the re-insurance carrier is on the risk for and has to pay up to 100 percent. And we’ve had million dollar babies. We have three or four million dollar babies going on right now. Those are the unforeseen ones that the cancer or the AIDS — that stop loss carrier in the past has always had access to that information, who the person is, what is their diagnosis, what is their prognosis, what is their treatment plan?

DR. TANG: Okay, thank you for that. And now I’m going to get to the —

MR. ROTHSTEIN: May I interrupt to follow up that question?

In the stop loss context, even though the potential stop loss carrier might want to know the diagnosis, the prognosis, et cetera, why is it necessary to know the name of the person? Why couldn’t they just supply the information without the name?

MS. ALBERT: That is the question we have been asking them for the last three years: Why do you need to know who the person is? They seem to think that in case another person may come up with that.

There’s a functionality that they do also in our world called “lasering,” and if they know there’s a person with a high risk, they will actually laser that one person with a high specific amount on the net. So therefore they need to know the name of that individual that is lasered.

So it’s just something in the industry we’ve been fighting since HIPAA.

MS. BERNSTEIN: This is Maya Bernstein. I still don’t understand why they need to know the specific name of the employee rather than just that that specific employee that needs to have a higher cost on their head essentially is still employed with the company, unless they’re tracking whether that employee is in fact following a prescribed regimen of prescriptions or some other kind of recommendations from their physician. If they’re tracking that, I can see why they would want to keep track on that, whether or not I agree that that’s proper. But other than that, they just need to know that that high risk employee is still employed by that employer, no?

MS. ALBERT: I agree. I mean, we totally agree with you. It’s just the industry, that is their rule. And like with the laser, that is part of the contract, that John Smith has terminal brain cancer; therefore, he’s lasered at $150,000 where everyone else is at $100,000.

Hundred percent agree with you. It’s just that the industry, the stop loss industry, who are our vital partners to our success — and if we don’t give them this information, then they’re not competitive with the numbers.

And we have actually stood our ground and SPBA has been very instrumental in adopting a standard industry form that “here’s the information we’re going to give you, and that is it — that’s all we’re going to give you.” And I’m not exactly sure where that is at this time, but it would be wonderful if throughout the TPA industry and the stop loss industry we had a uniform databank of “this is all that we’re going to give you and that’s it.”

MR. ROTHSTEIN: So I take it you would not be opposed to a recommendation that in the context that we’re talking about that individual names and direct identifiers not be included but the industry would be free to individually identify people, like Employee Number 785 has a special surcharge.”

MS. ALBERT: That would be wonderful. As a matter of fact, that’s what we do most of the time it’s used, and if we have a four-digit number that identifies the employee and we give them that number — and we don’t give them the numbers unless they come back and say, “I’m sorry; we aren’t going to enter the contract without this information.”

And we have of course business associate agreements and the plan sponsor says this. I mean, we will give the information to them before — we just don’t give the information to the plan sponsor anymore, but we do give it to the stop loss partner because that’s part of our business.

MR. ROTHSTEIN: Okay, another clarification — Harry?

MR. REYNOLDS: Are stop loss insurers covered entities under HIPAA?

MS. ALBERT: They say they’re not. And maybe you could help me with this one.

MS. McANDREW: Generally, stop loss carriers, they’re not health plans. They’re not covered entities.

DR. TANG: If they’re receiving PHI, they have to be business associate.

MS. ALBERT: We do have business associate agreements with them. They do not say they’re entities, because they’re not the health plans.

DR. TANG: They would be a business associate of an insurer providing stop loss services with PHI, so they’d have to be. Somewhere they would roll up as a business associate if they’re getting PHI for the purpose of reinsurance.

MR. ROTHSTEIN: They would be a business associate of a business associate.

MS. McANDREW: Well, actually, in the case of obtaining insurance, I think that’s an exception from the business associate requirements because it is not doing an operation on behalf of the entity. It is doing its own insurance thing.

MR. HOUSTON: But to the extent that there would be PHI, then I would argue that it would be directly involved in the payment for the health care of the individual which is —

MS. McANDREW: To the extent that they are processing a claim or doing a payment, they may be able to have access to PHI as a payment activity or as a health care operation activity, but it doesn’t necessarily — I mean, whether or not they’re a business associate takes a different analysis, but I think we’re a little off topic.

MR. ROTHSTEIN: Yes, let me suggest that we’ll take up the — this is a very interesting discussion; I’ve added the stop loss issue to our list for possible hearings in the fall and we’ll talk about that later. So let’s go back to Dr. Tang.

DR. TANG: And I have one more clarifying of that one. So when you do turn over the actual identity of an employee to the stop loss carrier, is that with the employer — at least the employer’s consent?

MS. ALBERT: Employee.

DR. TANG: Get a signed release from the employee.

DR. TANG: Oh, you do?

MS. ALBERT: Yes, we do. We have to.

DR. TANG: Okay.

MS. ALBERT: And most of the time the employee and the level of the employee doesn’t even know who the stop loss carrier is. In their mind, they have insurance and they don’t know. We do have a release that we give the employee to sign saying that it’s a standard form that we’ve made up that says we’re releasing the information to your re-insurance carrier; this information was not shared with your employer.

Now, we do have also, with the stop loss carrier, a form that we have the plan sponsor to sign off on saying

“Employee Number 123 has terminal brain cancer. Employee Number ABC is a premature baby with $1.6 million in claims.”

The employer has to sign off on that disclosure — it’s called a “disclosure statement” — to indicate that he is aware of all of the potential liability the stop loss carrier is assuming.

DR. TANG: Okay, back to the themes. I heard two themes from actually all three of you. One is it would be of great administrative benefit to have uniform laws, period, let alone privacy laws, so that you can configure your systems and administer them in a way that’s consistent and efficient in all states.

The second one really sounds like we’re dealing with secondary uses of information. In other words, for a PBM, your primary role is to get a claim for medication out to the right payer and adjudicate it.

In addition, all three of you are talking about other uses of PHI. One could be as part of a wellness program, HRAs. Another could be for a disease management program.

And I’m trying to understand all of these things and whether each one is known to all parties, including the employee. For example, are there in the PBM industry any disclosures for, let’s say, a business reason? So in the

PBM area that might be somebody sending a letter to a patient saying “there’s another alternative drug that you could be taking; would you like to know more information about that?” I know certainly people get those kinds of letters. Does that come from a PBM or does it come from the pharmacy?

MR. ROTHERMICH: We sometimes send letters like that.

DR. TANG: And who pays for that and who gives you the authorization to —

MR. ROTHERMICH: Particularly the plan sponsor pays for it. It’s very much like when you sign up for insurance with your employer, you sign some things giving the insurance company certain consents to share information for purposes of claims.

When you go to the doctor’s office, they put that form in front of you now for HIPAA which is giving you notice that people are sharing records.

So I guess in my view not very much has changed as far as the way that records are shared within the industry. There are some new notices provided, but my sense is that most people sign that stuff without reading it and so they may not have full awareness of the impact of what they’re signing.

But I think the fact of the matter is today if

you’re a commercial patient, you have very limited choice as to whether to give those sorts of consents if you want coverage and you want your claims paid and everything else, so I think in reality there’s probably a lot of people who don’t have a full appreciation of where records are going. But technically speaking, they’ve had enough notice that they could.

DR. TANG: I think that’s very forthright and honest, and it sounds like when people sign up for any kind of third party payment, whether it’s for drugs or insurance, they’re basically giving a blanket release for the payers and all of the people in between to use the data —

MR. ROTHERMICH: The payers and the providers share information for purposes of administering that benefit, right.

DR. TANG: Would you agree with that, Ms. Rogers?

MS. ROGERS: Yes, I do agree with that.

DR. TANG: So when an employee voluntarily takes an HRA, the employer then has the ability to use that information in whatever ways they see fit.

MS. ROGERS: Well, most of our members, a lot of them have HRAs and starting with HSAs, and we have FSAs, too, but most of our members are self-funded as far as insurance and a lot of them do have the stopgap insurance.

So because of that, they need a lot of this information. I mean, they’re almost running their own insurance company.

MS. ALBERT: And you can’t imagine the impact on our operation when how many of your stop loss to check on your insurance claims. And the first week when we implemented this and we’re saying, “Are you the employee?”

“No, I’m calling for my husband’s claim.”

“Well, I’m sorry; we’re not able to talk to you about this. We’ll be happy to email you a form or fax you a form for you to sign and come back to us. Or, you could get your husband on the phone.”

Well, you can’t imagine the impact that had on our operation the first three or four months. It was horrible, absolutely horrible. But now it’s just standard operating procedure. If someone calls, we have the ability to put communication blocks in. You know, “I’m divorced; don’t talk to my ex-husband about my child’s claim,” that kind of thing. And now it’s standard.

We explain, we go into detail explaining this is for your protection. We aren’t doing this because we want to be mean or because we have to, believe me; it’s for your protection. So I don’t know the impact exactly what’s going out. I think the word “HIPAA” has been thrown around out there loosely by the doctors’ offices and by the drug stores and that kind of thing, and we try our best to explain it so we know it is the employee understands that we’re doing it for their benefit.

MR. ROTHSTEIN: Thank you. Harry?

MR. ROTHERMICH: Can I just add one comment before we move on?

MR. ROTHSTEIN: Oh, sure.

MR. ROTHERMICH: It’s worth noting that even without HIPAA as an overlay, the way the system is structured, there’s really common law rights of action for patients where people who don’t have authority to ask to get information seek to get information.

For example, I might be a licensed physician; I might have access to an electronic prescribing system that gives me access to drug history information. But if I ask for information on my neighbor who’s not a patient of mine, my neighbor has an action against me under lots of things other than just HIPAA.

So the theme that overlays this that seems to get overlooked sometime is aside from having the chain of agreements in place and physicians being expected to have the right kinds of agreements in place, if I go out looking for information and get access to stuff by representing I’m something other than what I am in that capacity, there are rights of action to solve that.


MR. REYNOLDS: Yes, Phil, this question for you. As obviously we’ve all been through the e-prescribing scene many times and we’ve had many hearings on it, with the medication history being a key portion of the discussion on e-prescribing, currently under the process, both the payer and the pharmacist and the PBM have all the information about the patient as to the medications that they have had filled that they have asked to have paid.

MR. ROTHERMICH: There’s a couple of asterisks to that.

MR. REYNOLDS: But generally —

MR. ROTHERMICH: In other words, the pharmacist today has a record of what that pharmacy has filled for that patient, and to the extent they submit a claim that triggers a drug/drug interaction in our system, we may give information back to the pharmacist about that potential interaction, but today we’re not giving them a blanket history.

MR. REYNOLDS: Right. But you would tell them what it was interacting with?

MR. ROTHERMICH: I believe so.

MR. REYNOLDS: Okay. So the only person’s that’s out of the loop in today’s world is the doctor. Well, the patient, being the fact that they signed up for insurance and signed to do things and are getting it paid, as was mentioned earlier, are in the loop. So that’s the way today’s world is.

So under e-prescribing, as has been recommended with medication history and everything, they would get everything — the discussion was whether or not everything would be downloaded. But you would be willing as an industry to discuss putting a limited time frame on that?

MR. ROTHERMICH: To the extent I can speak for the industry, yes. I think the interesting thing is that I can’t say, for example, what today Medco and Caremark do with respect to whether they limit or don’t limit or time frames or everything.

So everybody’s making their own decisions today, and I think it’s beneficial for the industry to have a time frame, and I think everyone would believe that’s a decent way to balance priorities.

MR. REYNOLDS: Well, the other thing is —

MR. ROTHERMICH: And there’s a natural reason to limit. We’re not going to have forever —

MR. REYNOLDS: Right. But, Mark, also what I’m trying to relate to is since there are pilots going on, especially as it relates to e-prescribing and as we look at the security implications, whether or not we would want to consider recommending something about this that could be considered in the pilots so that while a pilot is going on, there were restrictions set. You could see whether or not effectiveness could be dealt with if this was a particular item that was of import to us. That’s where I was going with this subject.

MR. ROTHERMICH: Yes, in the context of piloting that, you may want to design it in a way to the extent it’s possible from a systems perspective but say that you’ve said you’re going to pilot, that you only provide a year’s worth of history. It would be interesting to look at where are there cases where more history would have made a difference.

And I’m not sure how you’d set that up. You’d have to run parallel systems or something and then keep track of what came out on the two-year side that didn’t come out on the one-year side and have somebody go back and look at claim by claim, would it have mattered?

MR. REYNOLDS: Right, but very seldom do we have an immediate platform which are the pilots right now and take some of these things and —

MR. ROTHERMICH: No, I’m suggesting it’s a good idea but structure it in a way that you can get more out of it, where you can figure out what you’re losing.

MR. REYNOLDS: Absolutely.

MR. ROTHSTEIN: Mr. Houston?

MR. HOUSTON: Thank you. I guess I’m going to make a comment and ask for responses. Edwina, I’m particularly interested — I keep rereading your testimony, so I want to make this comment.

I’m a little concerned. There just sort of seems to be this undercurrent that either there’s disclosures that employers are expecting or information employers are expecting or there’s sort of this concept of almost a forced authorization from the patient to disclosure information for re-insurance purposes and things of that sort.

And my gut reaction to that is: That scares me. I mean, I don’t have any pre-existing medical conditions I worry about, but I know a lot of people that do, and I’d be concerned that how much of an opportunity is there for this information to get into hands of people that might make employment decisions based upon that information.

And I know that one of the statements that you made at the end of your testimony is that a key to instituting a successful transaction to electronic records will include employers. And there are other areas where you talk about employers, maybe even on a voluntary basis, having access to employee health information.

And that just scares me a little bit. When I hear this re-insurance issue and wanting to know about people by name and the thought that it could get back to the employer and a small employer may make an employment decision because they can’t afford to be re-insured any longer because they have somebody whose family member has some severe chronic illness.

That scares the heck out of me, and I guess I’d just sort of like to know: How do we know this isn’t occurring, and does the industry attempt to police itself and to what degree does it? And why am I wrong, I guess is my question.

MS. ROGERS: Well, I think that you don’t really have that concern with regard to major employers, and you do have it with smaller employers because I actually have five domestic employees so I know what you’re talking about.

When you’re in the individual market, you have to disclose everything to the health carrier if you go to Blue Cross and you’re an individual and you want to get a plan, and it’s based totally on your medical history, so that is disclosed. It might not be disclosed to the employer, but usually the employer is involved. And that’s with a small business.

But with major employers, they don’t need the actual names per se, but their stop loss company would. Like I mentioned, most major employers that are under ERISA are self-funded and then that puts them under ERISA. And they do have these stop loss health loss re-insurers. And if you an actuary working for that insurance company, you are required to do certain due diligence.

So how could you, as a lawyer, an actuary, try to do due diligence on your very expensive cases that you’re trying to manage and you have no name, you have no information?

MR. HOUSTON: I guess I’m not doubting — I can appreciate there’s — I’m sure there’s some needs, some actual need to do this, but it still, at the end of the day, especially if you’re a smaller — or even if you’re larger — how do you prevent that from either directly or indirectly resulting in an employment decision?

I mean, I hate to say this — maybe I’m being too cynical. But I’m hearing there’s too much information being thrown around and even it’s sort of under an authorization that may or may not be — I don’t want say coerced, but it may be an authorization almost forced to sign as an employee, I can’t help but to think that there’s a lot of opportunity for misuse or for things to affect employees. And the small employers, which is a large makeup of our society today, there’s a lot of those people out there and I just think there’s a lot of opportunity here so I —

MS. ROGERS: Yes, but even if there was a law or

a regulation, if you’re a small business or even a larger business, say you have — I can give you an example — a female that is pregnant, and then she has the baby and she was only seven months’ pregnant.

And so everybody that she works with, they’ll know — or maybe she was only six months’ pregnant — they’ll know that the baby was premature. And is that the employer’s fault that they now know that information that this person had a premature baby, even though it wasn’t disclosed to them through their third party health insurance company?

A lot of that information is just out there because we’re working together.

MR. HOUSTON: No, but if the child is born at term and he has some severe chronic illness that’s going to require a high level of care for the rest of that child’s life, maybe it is, maybe it isn’t known, but I’m just saying I think the impact of this is that I think there’s a lot of opportunity for employees to be discriminated against in terms of hiring practices and retainment.

And I’m concerned because as we go down the road of electronic health record, obviously one of the key concerns out of patients, and we’re all patients, is that — well, I’ll tell you, this is great that we have this health record for the benefit of providing me the best care possible, but a lot of people are saying they’re concerned over where this information goes, and one of the big concerns is specifically with employers.

So I’m hearing things that don’t make me comfortable, I guess.

MS. ROGERS: Well, and a good motto would be the genetic non-discrimination bill that I was working in the Senate last year and that is a bill to keep genetic information out of the hands of the employer and other groups that really have no business with that type of information.

And so if you want to go down that road, you might want to look at that particular legislation. It hasn’t passed Congress yet, but it is out of Committee in the Senate.

MR. ROTHERMICH: That was the point I was going to add, that I think one of the dangers of taking a piecemeal approach to solving this problem which is if you look at the health care system overall, it’s easy to come to the conclusion that more information for all players is better because you can enhance efficiency and you can enhance care and quality and everything else.

But if you’re going to make all information available, you need to make sure the protections are in place that people can’t use information against people. And to your point, the question is whether those kinds of decisions — could you prove wrongdoing? I don’t know.

But it may be that until we get to a point where there are sufficient protections in place for sharing everything that we have to live with carving out some things.

MR. HOUSTON: I think patient confidence is absolutely vital, and I think that we’re moving down the road that if these types of things are occurring on an ongoing basis and it’s happening on a very frequent basis, I think it turns consumers off. Why would I want my information to be available?

And it goes to what you’re trying to do with drug/drug interaction. If a patient doesn’t want somebody to know that they’re on a medication and they go out privately and purchase and it never goes through a PBM, or they do it in a fashion to keep it out of that, then it’s going to hurt them because it can have some type of severe reaction but —

MR. ROTHERMICH: Well, and then you have to look at the macro level, okay, so if they make a decision to withhold a piece of information from their physician and they end up with a bad outcome that puts them in the hospital for a month and it results in a million-dollar hospital bill, is that fair to the system?

And that’s one of the things you have to weigh, I think, when you’re saying we’re going to carve out pieces of information. How might right should persons have?

MR. HOUSTON: Well, I think carve it out — I’m just concerned about —

MR. ROTHERMICH: No, I know, and I think it’s a different decision if you put safeguards in place as to what employers get and how they can use information as opposed to what physicians get —

MR. HOUSTON: I agree.

MR. ROTHERMICH: — and how they can use it.

MR. HOUSTON: I absolutely agree.

MR. ROTHSTEIN: Okay, we have two more questioners, and Harry?

MR. REYNOLDS: Yes, mine’s a comment that I’d like to have the panel respond to.

Since HIPAA went into effect, the industry has also begun to change rapidly — consumer-driven health plans, health spending accounts, health reimbursement accounts, a lot of the disease management is picking up. So the involvement of the employer with the employee as it has to do with benefits and other things are changing almost daily now.

So it would appear that the whole issue of a plan sponsor versus group health plan and an employer account and what information is going where is becoming more blurred because employers are getting much more involved with employees and employees are getting much of a choice.

But that choice also has some, as we’ve heard here, concerns with it. Do you feel that what I said is true and that that is going to continue to blur this idea of who’s who and who has what and under what auspices they got it?

MR. ROTHERMICH: Well, I want to try to help here but I’m not really an expert on HIPAA or on consumer-driven health plans and how they interact.

I think your comment is a fair one. I’m not sure that in implementing consumer-driven health care options that the employer necessarily is getting information, more information than they may have gotten in the past, but I can’t say I know for sure.

It seems to be a valid concern, at least something worth looking at.

MS. ROGERS: I would argue that the employers are not really getting more information through the consumer-driven health plans. Yes, through their wellness programs, but those are very much contained. That information is not going to the CFO who’s in charge of cost-cutting.

And I mentioned earlier that the non-genetic discrimination bill that is in the Senate and the House — when we were working on that legislation last year, we could only find one example of an employee who had been terminated because the employer got some information that was negative about their genetic makeup.

And if there were a lot of cases out there where employees are being discriminated against because of their health status by major employers, we would certainly know it.

In small employers, most legislation has a small business exemption just because of the cost of it. Usually it’s around 50 employees or less.

And with regard to consumer-driven health plans, we’re spending most of our time on trying to arm the consumer with information. We’re gathering information and getting it to them. But it’s not about them or their colleagues; it’s about hospitals and doctors and their quality and efficiency data is what we’re trying to gather so that they’ll have like a consumer report so they can make better choices.

I probably spend 50 percent of my time trying to get that information for the employees and not get their information for the employer.

MR. ROTHERMICH: My sense is that most of these — I agree with you — I think most of these new plans generally are still contracted out. I mean, it’s not like the HR people are administering people’s HSAs or they’re any more involved at the claim level than they were before. There are just new models of going to market with different things.

MS. ALBERT: If this can make you feel a little more comfortable about concern for the employee — before HIPAA came out — we have about 25 employer large clients that are 100 to 300 lives, and as Ms. Rogers said, the employees knew everything about everybody because of their close knitness and out of concern. It was not being nosy; it was just out of concern.

And we still had clients that had Susie in HR, that you would bring all your claims to Susie in HR and she saw all this. So therefore the employer had firsthand knowledge of every single illness every employee had.

We have worked very diligently to explain to them you, in violation of HIPAA, can no longer do this. And we’re very happy to say that no longer have any clients that have a Susie in their HR that file every claim; the employees have to file those directly.

But the consumer-driven education piece I think is a wonderful concept to the industry to one extent but as a matter of fact we had a situation yesterday that in my 23 years in the business we’ve never had this happen before.

An employee at one of our largest partner clients (?) how much education he has, how much a consumer-driven piece, I’m sure, but he had a one pound, four ounce baby and called in and directed our medical staff that he had better not have any problems with his claim, he’d better not get any PPO discounts; his claims better be paid timely, and he’d better not have anything about it not medically necessary.

Now, five years ago, no one would have called and said that.

So, we’ve educated them — yes, we have!

MR. ROTHSTEIN: Okay, Ms. Bernstein?

MS. BERNSTEIN: I’m just wondering if the panelists can tell us whether there are any common, perhaps not obvious, recipients of individual identifiable health information that your members are disclosing that we haven’t already talked about this morning.

So, for example, Ms. Albert talked about the re-insurers that probably most consumers aren’t aware that that’s happening. Are there other examples that come to mind?

MS. ALBERT: Not to me.

MS. ROGERS: Our members — like our smallest member would have 25,000 employees, so they’re really big companies. And they might have 140 different health plans all over the country. And so they mainly work with third party administrators.

They don’t do the type of handling of personal health information internally with the exception of the ones that have the pretty extensive wellness programs.

And we have members that even have their own drug stores, they have their own pharmacies right in their headquarters. So, I mean, technically they’re getting that type of information.

So if you want to look at it that way, maybe, for example, IBM in their headquarters they have a pharmacy there and it might be some of them are actually run by the company, owned by the company; some are subcontracted out to other local pharmacies.

So because of that, a particular unit of that company will have that information. But they have HIPAA compliant safeguards that went into effect in April that they’re taking care of everything that they’re supposed to and that information doesn’t go beyond those that actually need it and are allowed to have it. Like, for example, it would not go over to the CFO’s office who’s worried about costs.

MR. ROTHSTEIN: Well, I want to thank you, and before I let you go, I just want to make a short comment based on John Houston’s line of questioning, about his concern about the employment-related health information and the concerns that individual employees have about the disclosure of that information.

And I think there are two ways in which the law could be changed that would prevent a tremendous amount of the leakage of this information.

The first one is individuals who are made conditional offers of employment can be required as a condition of employment to sign an unconditional release or authorization of all their health information. This is the law in every state except for Minnesota and California.

And that’s why the pending the legislation dealing with genetic privacy, even if it were enacted, would have no value whatsoever because it would not affect the disclosure of information pursuant to a valid authorization.

And what needs to be done is this needs to be tightened up to make it so that only job-related information can be disclosed; then we wouldn’t need this legislation at all.

The second area in which I think there’s a great deal of leakage is the processing of claims which need not be done in an identifiable manner.

We have the technology that could assign individuals a medical benefits number for each company and all the company would need to do would be to cross-

reference it against eligible employees and you would be able to play claims for Employee 285 and you don’t need to know that Employee 285 is Joe Smith. You could get access to Joe Smith’s record simply by using that information.

And I don’t think we’ve explored that nearly enough, especially for companies that are not only self-insured but also self-administered. This is, I think, a particular area in which there’s a leakage of valuable information, but that will be a hearing for another day,

And I want to thank you very much for your testimony today, both the two of you who are here as well as Ms. Albert from Texas by telephone.

We are going to proceed directly to our next witness. You’ll recall yesterday we had a panel on RHIOs and our RHIO panel did not have the full complement of people that we wanted to hear from, and so we’ve invited Dr. Overhage to join us today and talk about the Indiana Health Information Exchange, so, please.

Agenda Item: Presentation – Dr. J. Marc Overhage

DR. OVERHAGE: Well, good morning, and thank you for the opportunity to testify.

My name is Marc Overhage. I’m the President and CEO of the Indiana Health Information Exchange. And because I always forget at the end, I just want to take a moment to acknowledge the AHRQ and the NLM and the

Regenstrief and Fairbanks Foundation as well as the BioCrossroads for all of the support they’ve provided over the years that have helped us get where we are.

IHIE, where I hie, as I may say, because I fall into that, is a not-for-profit venture that’s backed by unique collaboration of Indiana health care institutions. And our vision is to use health care information technology and shared clinical information to improve the safety, quality and efficiency of health care of the citizens of the state of Indiana.

Number two, to create unparalleled research opportunities, using that information.

And number three, to establish a successful model for health information exchange that others in the country may want to emulate.

Our strategy for achieving this vision is to “wire” health care, first in central Indiana and then eventually the entire state, by creating a common, secure, electronic infrastructure that expands communications and information sharing among participant providers including hospitals, public health, physicians and others. And ultimately, this system will give better information for treatment purposes at the point of care and will give researchers a richer pool of data to guide more far-reaching treatment improvements over the longer run.

And importantly, a critical aim of IHIE is to provide a sustainable operating model, and thus users are required to pay for products and services that they receive.

The data-sharing model that we use builds on technology developed at the Regenstrief Institute by Clem McDonald over the last 30 years, and I’m going to use a variant of the Connecting for Health Common Framework diagram that some of you may be familiar with, and I think you have a one-page copy of, so if we need to refer to something, it gives us a picture.

And it’s very simple, actually. And what we do is we take data as it’s generated by operational health care systems — laboratory systems, ADT systems, appointment scheduling systems and so on.

That data is sent to IHIE as HL7 messages, or DICOM messages. We then clean up those messages — make them closer to our standard. And, we normalize the way that the data is represented in terms of the codes that are used, for example, so laboratory results are all mapped to LOINC codes, for example.

And then, each of those results are stored in a specific vault, or edge proxy, for that institution. And so Hospital A has their edge proxy, Physician Practice 1 has their edge proxy, Laboratory B has their edge proxy, Payer Number 4 has their edge proxy that represents their systems for the purposes of sharing information.

Health information exchanges create a lot of privacy issues and questions that we haven’t wrestled with, hence your discussions today. I’m going to highlight a few that seemed important to me, but expect that you’ll dive down into the ones that are important to you when I get finished and have an opportunity for a little discussion.

First, originally we asked patient authorized at each encounter to share information in the future or to share information at the time of that encounter. And that was actually very well received and well over 99.6 percent of patients opted in using that strategy.

However, with the advent of HIPAA, we no longer get patient authorization at the time of patient visits because of the burden the patient authorizations place on the participants, the institutions who get that authorization. Rather, we have embedded consistent privacy language in the privacy statement of each participating institution so that the patients will be well aware of how their information will be used.

And importantly, I think, in our community, because there is common language, patients can begin to understand that. One of the challenges that we had when we were doing individual authorizations was that the patients

often had a hard time understanding what it is we were talking about and what the commonality. We think that becomes easier.

A second privacy issue that I want to mention is that we rely on strong certificate-based encryption of the data as it is transmitted and as it is stored, and we rely on both physical security and appropriate processes to protect the data where it is stored in these edge proxy databases — no-brainer.

Number three, we’ve designed and tested the deterministic patient-matching algorithm which is at the heart of the health information exchange. In order to provide exquisite specificity at the expense of sensitivity — in other words, we vastly prefer to not find some information about a patient and make it available to the provider rather than linking or inappropriately disclosing somebody’s PHI to a provider by making an incorrect match.

We do offer clinicians a limited set of demographic information before they’re shown the patients’ data so that they can see whether those matches meet their personal criteria — but even there we’re careful not to disclose unnecessary information.

For example, while we use Social Security Number if it’s available in our deterministic matching algorithm, we do not display it for the clinician, only providing an

indicator of whether it was available for that patient or not so they would know whether it went into the match or not.

Next, we rely on electronic signals in the form of HL7 messages generated by appointment scheduling systems and ADT systems — Admission/Discharge/Transfer systems — from hospitals, for example, to provide evidence that a specific patient is under care by a provider at that participant institution.

Business rules then define the scope and duration of the data that that provider has access to.

For example, the system wouldn’t allow a hospital list at Institution A to access the patients’ data from the time that an admission is received until 48 hours after the patient has been discharged. That’s a business rule that the community, through the management committee, has decided upon. And there are similar rules for how patient access, ER access, and so on are managed.

And we rely heavily on the participants’ internal processes and — this is a very key component — a multilateral contract that every participant has entered into with each other to insure that only appropriate users have permission to access the information and that minimal levels of process and implementation are in place to protect the patients’ privacy to each of the participants.

Lastly, I want to mention that we have developed methods to query these datasets anonymously in order to begin to unlock that research potential that I mentioned, specifically through the shared pathology informatics network funded by the NCI. We have developed a query tool which allows users to examine specific cohorts of patients, including looking at distributions of various observations, all without divulging any PHI.

So today, our clinical messaging service which relies on software developed by Dr. Mike Barnes at the Regenstrief Institute called DOCS4DOCS is live. The clinical messaging insures the providers have electronic access to clinical results for their patients regardless of where that patient may have had those results generated.

As the network is becoming denser, as there are more participants, the providers are finding it more beneficial, and it will play a role akin to a public utility as a common infrastructure for these participating organizations and vendors to build on.

Having deployed clinical messaging to 2400 out of the 3500 physicians in our 3500 physicians in our initially targeted geographic area and expecting to reach the remainder before the end of 2004 — and we started this work just in November of 2004 — we then plan to expand our concentrically from Indianapolis as well as implementing in other targeted referral center markets in the Midwest over the next year.

We also plan to deploy a new service built on this data by the end of this year that will include providing data to clinicians for purposes of chronic disease management, improve preventive care and other population-based approaches to quality improvement.

And finally, our quest to add additional data sources never ends and will continue as we’re able to add those additional sources.

Thank you for this opportunity to share our experiences. Hope you found it helpful, and I welcome your questions and discussion.

Thank you.

MR. ROTHSTEIN: Thank you very much. And I’m sure our panel has some questions for you, or our Subcommittee, so we’ll start on the end with Harry this time, and then work down this way.

MR. REYNOLDS: Thank you for your testimony. It looks like you’ve done a lot of work.

I worked with NCHEEK(?) in North Carolina —

DR. OVERHAGE: You know how a lot of it is.

MR. REYNOLDS: — so you’ve done a lot of work.

The edge proxy, tell me a little bit more about that.

DR. OVERHAGE: I didn’t refer to the diagram here, but on the bottom, there’s represented an edge proxy, or database. There’s one of those per participant.

It’s essentially — if you want to think of it — it holds the participant’s data on their behalf, controlled by them and owned by them at whatever location they deem appropriate. It may be inside their network, it may be managed centrally on their behalf, and in fact most participants have elected to have it managed centrally as opposed to having it locally within their own network.

Regardless of where it’s managed, it’s their asset, their database, and they own it. But importantly, the data are structured and coded in a consistent fashion across each of those, so there are one of these for every participant in the health information exchange.

MR. REYNOLDS: My other question. You made a comment that because of the new privacy statement that you’re all using throughout this network that patients are well aware.

DR. OVERHAGE: They are better able to understand because it is uniform of privacy language across the statements. I’m sure all of you have had the experience of going to have a health care service delivered and you get this three-page thing, this five-page thing, this two-page. What’s in there is very difficult.

Because we’ve brought a great degree of uniformity to that across institutions, I think the patients have a better opportunity to understand what it is they’re engaging in when they seek health care because it’s similar across each of them, and in fact, large portions of it are identical.

MR. REYNOLDS: Okay. But it’s still just given to them —

DR. OVERHAGE: Correct.

MR. REYNOLDS: — for them to —

DR. OVERHAGE: Correct.

MR. REYNOLDS: — disseminate. Okay. Thank you.


DR. TANG: Thanks, Marc, for your testimony.

Following up a little bit on that, you said you used to have an opt-in for each patient to say “I want my data to be part of your network.” And now you made the comment because of HIPAA, we no longer do that. Is it because that statement would have so much other language that would make it impenetrable or —

DR. OVERHAGE: The fundamental issue that the participants’ legal counsel advised them that having and managing those patient authorizations over time as required by HIPAA would be a very high risk to them. Their ability to actually service the mandates that HIPAA requires when there is an authorization would be beyond their ability to meet.

And so their recommendation was: Explain what you’re going to do with the information clearly, concisely, help people understand that, and do not ask explicit authorization.

DR. TANG: They didn’t require explanation before?

DR. OVERHAGE: No, they did require. We spent a lot of time on explanation and education.

In fact, one of the things I personally spent a lot of time doing was going to registrars because our initial work was in emergency departments, to the registrars in emergency departments, bringing doughnuts and sitting down and saying, “Sally, what kind of things are people asking you about this? Do you know what it is?”

And it’s very challenging to communicate that.

DR. TANG: Okay. And you said, the determinist patient-matching algorithm means versus a probabilistic method.

DR. OVERHAGE: That is correct.

DR. TANG: What’s your batch rate?

DR. OVERHAGE: And the gold standard is extremely hard to determine. In other words: Who’s an accurate match and who is not is extremely difficult to prove what truth is.

But to the best of our ability with multiple human reviewers and so on as gold standards, I think the number — and I’d want to get back with you with the exact number — I think it’s 99.7 percent specificity, and the specificity is about 98 percent.

The place where the sensitivity often gets problematic is that there are a fair number of elderly women who use their husband’s Social Security number for various reasons, but in Social Security death index. You’ll find that as well as in health care institutions’ records.

So now you have somebody with the same last name, a similar birth date — I mean, within a year or two, usually — same Social Security number, who lives at the same address, with a different first name. And the first name may not be that different; it may be Mary and Mark. And so you run into those kind of things. And that’s where the erroneous matches —

Now, we’ve never seen that in the wild, if you will — in other words, we’ve never had that happen in real care delivery environments in careful screening in the 1.7 million patients that we have in the registry with many millions of registrations. That’s what we find.

DR. TANG: As part of your either your common notice of privacy practices or your business practices, do you use the information in the repository, as most of the people are participating in your central depository — what other secondary uses besides the research?

DR. OVERHAGE: Well, the only research is done either is de-identified, but even if it’s de-identified, every case is approved by an IRB. There is no other use.

Medical care and IRB-approved research.

MR. ROTHSTEIN: Dr. Cohn, okay.

DR. COHN: Well, Marc, I thank you for joining us, and it’s a pleasure to see you and actually showing your good work.

This may not be completely on the point, but I was observing as I think as we talked to you today and we saw John Halamka last week from Massachusetts —

DR. OVERHAGE: I meant to wear black, but I’m sorry.

DR. COHN: Because I think we couldn’t tell the two of you apart, but —

But really we talk a lot about privacy and security, and obviously that’s really the focus of I think a lot of our discussions, but in some cases I think we talk about these things almost as surrogates for trust.

And one would observe that the environments that seem to be the most successful, at least to date, start with a basis of trust in the community and a trust by the providers and probably trust by the patients ad that that may ease some of the issues. And that may be something that we’ll just all have to think about, given that a lot of other environments that are seeking to replicate work don’t have the trust basis; they’re new to their environment.

Are these comments correct, or how would you —

DR. OVERHAGE: You’re 100 percent correct — as usual.

MS. GREENBERG: Don’t tell him that!


DR. OVERHAGE: They paid me earlier. I shouldn’t say that! Okay.

Yes, the trust relationships are critical both between provider organizations because when you receive an electronic request or a paper request, facsimile, a telephone request, whatever form it might be, asserting a patient authorization or whatever, you have to have a level of trust with the organization.

And in fact, one of the major issues is I get a query from Indiana Internal Medicine, and I know those 10 guys, and we refer patients back and forth all the time and my level of trust is very high. I guess the same request for the same patient from Joe’s Endoscopy Shack in

Mendocino and I’m not quite sure I want to send that information there without talking to the patient face to face first [laughing]; even over the telephone may not be good enough.

And so I think that is absolutely right.

And the other nuance to that, I think, is having a trusted middle. In other words, just even the earlier discussion about employers and those sorts of things.

For example, we’re using this data for quality improvement purposes. We’ve really had to wrestle with the issue of: What level of detail of information might a payer or employer as a payer have access to in their quest to improve the quality of care?

And our answer today is: None. There was tremendous pressure to do that.

And so I think that that trust — and I use a slide often with a big padlock in the middle with “negotiated access.” It really comes down to, in my view, that every participant has to be comfortable with how the information is being used. And if they don’t trust the environment to protect the information, all is lost.

DR. COHN: Okay. Sounds like we have somebody on the phone —

MR. ROTHSTEIN: We will review that closely, and I hope we can get in touch with you if we have further questions.

DR. OVERHAGE: Thank you very much.

Agenda Item: Presentation — IB Johansen (by telephone from Denmark)

MR. ROTHSTEIN: At this time, I believe we have on the telephone Mr. Ib Johansen.

MR. JOHANSEN: Yes, that’s right.

MR. ROTHSTEIN: Thank you so much for taking the time to talk with us.

MR. JOHANSEN: Yes, no problem.

MR. ROTHSTEIN: This is Mark Rothstein, and I’m here in Washington with my colleagues who are members of the Subcommittee on Privacy and Confidentiality of the National Committee on Vital and Health Statistics. And we are doing research and having hearings on the issue of national health information networks.

And yesterday we heard from folks in Australia and Canada and the U.K.


MR. ROTHSTEIN: And I’m wondering if you could bring us up to date on the efforts in Denmark to have —

MR. JOHANSEN: Yes, I can do that.

MR. ROTHSTEIN: — the information that —

MR. JOHANSEN: We have a health patient network in Denmark, and it’s run on a public basis, and the responsibility for running it is the counties, which is the local governments. Did you get that?

MR. ROTHSTEIN: Yes, I did. So —

MR. JOHANSEN: And this health data network — you see, we have this health system where we have family doctors which you have like in Canada, like in Australia, which is the gatekeeper.

And all these family doctors, we have 3,500. They have electronic patient records. And they are interconnected, all of them, and they are also interconnected to all labs, all hospitals, and all pharmacies.

So all prescriptions from GPs to the pharmacies, they are electronically. And also for all discharge letters, all referrals to and from hospitals, they are also electronic. And furthermore, all lab reports, biochemistry, microbiology, histopathology, psychology,

X-ray descriptions, they are exchanged electronically.

MR. ROTHSTEIN: Are there any —

MR. JOHANSEN: And they are using this health data network. And the key for identifying the documents, it is this patient identifier. We have a national person identifier which is used for everything — taxation, driving license, and also for the health. The whole health sector, they use this patient identifier, or personal identifier.

And all these documents, they are exchanged by using (?) and the new development is that you’ll have access to some of the health information where the family doctors, they have access to the patients’ medication all over the country and the patient itself has also access to this health information.

And there is a national database for all the medication. So all the docs (?) on the pharmacy, it is registered in a central database which is accessible by each individual doctor in Denmark using a national — they have access codes for that, a national certificate for that.

And the patient has the same. They have access to their own medication so they have the last two years of medication, they can access this using this certificate just on a normal Internet line.

So this national database for medication is accessible both for the patient and for all doctors.

And what is the main thing there is that all transactions, all questions for that, all additions on this database, it is locked, so a patient can see in his own file who has been looking at this database and which information has been looked up.

So if a doctor is looking at a patient’s medication, the patient can see who has been looking in it and for which purpose and which information has been looked up. All these things are locked and it is time-stamped.

And we have some pilots where we use the same procedure where you use the certificate and then you can access your health records in the hospitals. But it is not commonly used; it’s only for pilots.

For X-ray wards, or X-ray departments, it is (?) for doctors, for GPs, to access in the original system and also their pictures, the pictures’ archiving system, so they can have a look-up of their different images.

Those are some of the possibilities.

All this information was just run on the Internet. They are encrypted and the key is this personal identification codes. Each person in Denmark has such a certificate. It’s issued by the government and it is free of charge for all citizens.

Another thing is that all the different health records or health information in the public hospitals, which is the most common, they are transferred to a national database where hospital doctors have access to look up and see this information.

And again, they need to have this certificate for doing this. The information is transferred through the Internet or is accessed by the Internet through this health data network, but you still need to have this certificate to access it.

So this is the way this is accessible for running the health sector. For these EDI documents, prescriptions, lab reports, they are normally transferred from the labs to the DB health record automatically and they are transferred in this (?) format.

And this is not encrypted, and we haven’t seen any misuse of it during the last 15 years where it has been running. It started 15 years ago and today we have one document transferred each second in the country.

So we have 80 percent of all prescriptions, they are electronically; all lab reports, 99 percent is electronic; and all discharge letters and the main part of referrals is also electronically.

For the doctors on call, we have call centers for doctors in the evening and night shift and they transfer information every morning to the family doctor, to the patient’s GP, where they send the information about the admissions in this call center or about the calls for each individual patient.

So this is in brief what we are doing and the way we are handling confidentiality and the security.

And again, the health record at the GP, it is possible for the patient to have a print-out of that but it’s not allowed to be transferred electronically. Only in the case where the patient is changing from one GP to another, it is possible to transfer it electronically.

And there it is transferred like an adfax, only from the sender to the receiver. And the receiver has to access a mailbox to receive this adfax message where they have a password and a log-in code to access the data.

Okay. Get all this?

MR. ROTHSTEIN: We’re trying to get it all. But we’ve got some questions.


MR. ROTHSTEIN: One question I have is, in your 15 years, have you studied the effect of the electronic health record system on reducing errors, reducing costs, improving efficiency et cetera?

MR. JOHANSEN: Yes, we have tried. But it has been very difficult because there are many cost benefits for that. Normally, if you ask a family doctor: “Have you shaved your costs by investing in health records?” They normally say no, because otherwise they’ll have reduced their refund. You can follow me in —


MR. JOHANSEN: But we have a few cost benefit examinations where we have done that. I think there has recently been one but it’s not quite clear, the result of it, but there are some benefits of it, of course.

And we have seen the amount of errors in medication, it has been very much reduced because we use electronic prescriptions. There is no handwriting, no misinterpreting, and it’s always use the right dose, send the right indication.

So it has been improved quite a lots. But investigation about how it was before, there’s only been a few of that.

MR. ROTHSTEIN: Thank you. That’s helpful. One last question from me, and that is, do the individual patients have a right to restrict any of the information that is in the records? Suppose they don’t want psychiatric records, for example, to be available to every pharmacist or dentist or —

MR. JOHANSEN: Yes. There is a very strict Danish data protection law. When a patient is admitted to a hospital, they normally send a discharge letter to the family doctor or to the referrer. And in each individual case, the hospital must ask the permission from the patient to send this information, even if it is to the patient’s GP.

So that’s very important, this data protection law. You are not allowed to transfer information without the permission of the patient.

But it doesn’t need to be a written permission. You should just ask the patient. And it is no problem at all. And if the patient says I don’t want this information to be sent to this or that, the information is blocked.

MR. ROTHSTEIN: So a patient would have an opportunity to block individual encounters?

MR. JOHANSEN: To what?

MR. ROTHSTEIN: To block —


MR. ROTHSTEIN: — reports of individual health care visits?

MR. JOHANSEN: Individual lab tests, individual discharge letters. But still it is possible for the patient to get the information. The patient has the right to see all their health records, both on private and in public registers.

MR. ROTHSTEIN: And does this operate as an opt-out? In other words, does the patient have to actually do something to not have their records part of the system or do they have to do something to get their records —

MR. JOHANSEN: Try to repeat it — could you do that?

MR. ROTHSTEIN: Yes. Is this is an “opt-out” or an “opt-in” system in terms of the records getting in the network?

MR. JOHANSEN: Oh, yes, you mean by the “opt-in” and “opt-out” — what do you mean by that?

MR. ROTHSTEIN: If the patient wants to remove or block records, do they have to do something themselves, or do they have to do something to get it into the system?

MR. JOHANSEN: Normally, the patient has an access to the system only for looking up. They cannot write in the system and they cannot remove information. But they can contact the owner of the database and then they can adjust, just say that they want to have this information blocked. It is possible.

MR. ROTHSTEIN: So it’s normally disclosed unless they block it?

MR. JOHANSEN: It’s blocked, yes, but it cannot be removed in a way because — again, if you change from GP to another, the original GP is not allowed to transfer information which the patient has blocked.

MR. ROTHSTEIN: Okay, that’s very helpful.

And thank you so much, and I know it’s getting on to be dinnertime in Denmark —

MR. JOHANSEN: Oh, I’m just on my way home. I’ve been in a conference in the lower part of the country, so I’m just driving home, so I’m not home before eight o’clock, so it’s okay.

MR. ROTHSTEIN: Okay, well, thank you very much.

MR. JOHANSEN: Yes. And if you need further information, just mail me.

MR. ROTHSTEIN: Okay. I assume staff has your contact information and we will do that. Thank you very much.

MR. JOHANSEN: And if I could just make a remark for the investment in this health data network and for the investment in computers with the GPs and the dentists, it is done on a private basis so there is no (?) refund for investing in computer systems. It is only that they have the benefits; they can exchange information electronically.

And the role we play in our organization, which is a public nonprofit organization which is developing the communication standards and get the companies, the private companies, to implement them and sell them, it is like we have more than 50 different systems. We can handle all these different messages.

So it is a complete open market. It has the basis of having this information growing. Okay?

MR. ROTHSTEIN: Okay. Thank you very much.

MR. JOHANSEN: You’re welcome.



MR. ROTHSTEIN: And we’re accepting volunteers for the field trip to Denmark to check it out!

MS. GREENBERG: I had to step out. But, I mean, they all have a unique identifier and it’s another world over there.

MR. ROTHSTEIN: Right. But it is interesting. They do have, if I’m correct, an opt-out which you can exercise on any particular visit.

MS. McANDREW: And any particular data, which is what he said.

MR. ROTHSTEIN: Yes, on any data field.

DR. HARDING: It’s like what was traditional in the United States where if you told your doctor, “Don’t send that to anybody,” that was how you did it.

MR. ROTHSTEIN: Right. Well, let me ask you to take a look at your schedules. We have a break scheduled, but with your permission —

MS. GREENBERG: We do need to take a break. We have people recording it and they can’t leave if we’re here.

MR. ROTHSTEIN: Yes, that’s what I was driving at, and we will take a 10-minute break and resume at 11:35.


Agenda Item: Subcommittee Discussion

MR. ROTHSTEIN: Is everybody back?

MR. HOUSTON: Use your gavel, please.

MR. ROTHSTEIN: You guys ready?

MR. HOUSTON: That was impressive.

MR. ROTHSTEIN: Okay, we are back with our subcommittee discussion session of our agenda, and I want to just talk about our overall schedule and then focus in on San Francisco.

MR. HOUSTON: Is that the meeting where people from Chicago come?


MR. ROTHSTEIN: No. After we complete our work on the NHIN, we have been sort of stockpiling other topics to talk about and have hearings on, and so we are scheduled to have two main categories of things.

One is joint hearing with Standards and Security on the topic of “accurately linking patients to their information.” This is the topic formerly known as “individual identification” formerly known as something else before that. So that’s on our agenda. This is after we finish the NHIN. These are two future items.

MS. GREENBERG: And you will finish the NHII —

MR. ROTHSTEIN: In the fall, and we are hoping to finish it for submission to the full Committee in November.


MR. ROTHSTEIN: The other group of issues that we will be taking up at some point, and this is probably in the winter, and the list can be expanded upon — so far I have on it: Notices and acknowledgments, requests by patients to correct or amend their records, accounting for disclosures, and two that we added in the last two days, health plan access to PHI under health care operations — actually three — minimum necessary, and stop loss coverage under HIPAA.

So we will be busy this winter.

But let’s talk about the final, what I think is going to be the final, hearing on NHIN, and that deals with our meeting to hear from technical experts.

And in a minute I’ll open up the floor to suggestions on topics and people, but let me just say that there are a variety of subject areas that we have heard mentioned even in the last day or two and certainly at our prior hearings that have a technological component and we need to know what our options are, what can be done.

So, for example, we heard about role-based user access in health care. We heard about unique identification and identification in general. Opting-in and opting-out and what that would mean on both a system-wide level — that is, opting-in or out from NHIN — or at a more sort of granular level, opting-in or out from certain disclosures and what are the technology issues in doing that?

Another thing we heard about is limited disclosures pursuant to authorizations or what is sometimes called contextual access criteria.

So these are some of the things on my list and I’m sure everyone else has their own list, and the floor is open first for topics and then for people. Marjorie>?

MS. GREENBERG: I realize I haven’t been able to be in on all of the discussions, but I guess my immediate reaction is, and particularly given some of the things that people that I’ve heard today, is that if you’re going to hear from these technical experts and they are to say what is kind of technically possible, what’s down the road or what might be possible technically or could be done, then it seems that could leave you with some questions about, well, okay, you could do this very elegant sort of parsing and individualized, designer-type of records, but what do you end up with there?

So maybe the Subcommittee itself can just come to that conclusion. Or, you may need to then go back to some of these other people who are the users and hear from them as to — because, I mean, they were kind of alluding to some of that.

It wasn’t clear to me whether certain approaches which is technically not feasible or might be technically feasible or even if they were expensive but worth it from the point of view of privacy, the user wouldn’t know what he had at the end of the day or could be in worst position from the point of view of assuming he had more than he had — you know, a lot of different scenarios.

So I guess I’m a little uncomfortable somewhat as a lay person here, but —

MS. BERNSTEIN: Having that be the last hearing.

MR. ROTHSTEIN: Well, I think you make a good point. What we might want to do is try to reserve some September dates for the Subcommittee to meet. Just hold it open.

And then we would do one of two things — either we would have it as a kind of a joint sort of brainstorming session to see where we are as a Subcommittee in terms of putting together an agenda for, or an outline for, a proposed letter as well as holding open the possibility that we might want to run some ideas past some of the prior witnesses.



MR. HOUSTON: I agree with those comments, but I think a way maybe to avoid some of the thrash associated with that is if we were to be very clear and maybe make some use cases prior to the August meeting as to what we want the technical experts to focus on specifically, based upon all the testimony we have heard, so that they’re not coming in cold to talk about their view of the application of technology in privacy against NHIN but rather if we can give them specific things that we’re concerned about that we’ve heard through testimony that they can then respond to as part of their comments.

So I think maybe that’ll avoid — or at least allow us to focus some of their thinking into areas we’re concerned with.

MR. ROTHSTEIN: I think that’s a very good suggestion, and I’m hoping that we can supply the witnesses with a list of five or 10 areas, some of which I just rattled off. And I’m not an expert on this; I don’t know how focused the experts are. We may assign particular topics to particular experts who can address those.

But I think you’re right, John. We need to ask them particular questions, if possible. Paul?

DR. TANG: I guess I share some of Marjorie’s concerns in the sense that I’m not sure we should limit it just to the technical questions because I think actually the bigger issues are in the policy which are way beyond the technology. Some of the things that were uncovered just this session of the hearings I think were very poignant and need to be delved into.

So on the order of technical, one of the questions that I don’t think we’ve fully explored is authentication, and that is one thing that perhaps technology can help.

Certainly, there has to be a widespread way of digitally authenticating yourself in the consumer areas that health care can feed back on, but that’s come up a number of times — it really depends on the trust of who’s on the other end.

If we do this by telephone numbers, well, there’s got to be an electronic way to do this. We don’t have that method right now. That is potentially something that can be solved technically.

Things having to do with once they’re in the database, how do you control — even, how do you audit? — who’s seen this? It’s one thing to audit who goes into an application, like an HR system. It’s another to know who’s querying what and has been exposed to what data. That’s not actually something that — well, there’s a high administrative overhead in doing that kind of audit. So that’s another technical question, for example.

The notion of ASPs which came up — that turns out to be another area where you’ve got —


DR. TANG: Oh, I’m sorry — Application Service Provider. You heard one of the — Winona uses their vendor, their software supplier, to actually run their database. Now, not everybody has a contract that insures that the health system owns it. In fact, the default contract usually has the vendor owning and able to do certain things with the data.

That’s another loophole that I think people are not, even the health providers, necessarily aware of. That’s another technical thing in the sense of it’s the technology company who has some privileges and accesses that the user, the health care provider, may not be aware of.

So there’s some technical things, but I think there’s also a number of policy issues that warrant perhaps using one of the two days for further exploration.

MR. ROTHSTEIN: The only technical hesitation I have is that I don’t want to get too technical into the sort of the system architecture because I assume that’s what Dr. Brailer’s office is working on — you know, how it would actually work, whereas I think they’re looking to us specifically on privacy.

And so I agree with the issues that you raised, but when we find the experts, we need to keep our focus privacy.

DR. TANG: But some of the questions, yes — opt-in and opt-out; role-based access; the contextual limiting of accessing certain data.

You heard this morning from the PBM person that the system prevents them from even doing that in a practical way. So in some sense, the technical questions you’re asking the technology providers: Well, what is the practical, or feasible — what things can you do practically or feasibly with the limited amount of either human overhead in terms of administering the system and configuring for this individual or that kind of drug plan, or just literally how long your audit files are.

I mean, that actually impacts our policy decisions and the kinds of policies we can have.

MR. ROTHSTEIN: Simon, you wanted to comment?

DR. COHN: Well, actually, I agree with what Paul’s saying, his earlier comment about authentication which gets very close to e-signature. And I just wanted to, having been through a series of six or eight hearings on that in the last year, I just want to comment that it’s not a small issue because it does really reflect on policy and the level of authentication and authentication for what and where are the risks in the system and all of that. And I know that Harry’s probably nodding his head.

But I think one just needs to be aware that looking at most areas that one chooses to look at don’t get very well handled in a panel or two. And so as we think about things, what’s in or what’s out of any conversation, we just need to be aware that we need to be looking at the critical issues.

But as I say that, I sort of agree that this is an important issue, though the question of course gets to be as: Is it in this letter? Is it in the next letter? Or how do we put all that together?

But I guess I do agree that unfortunately as nice as policy is, it occasionally comes down to implementation, and I know John Paul has to be with that a lot in his world and we may have to sort of think about how we want to talk about that.

MR. HOUSTON: Yes, I mean, to Paul’s comments, a couple of them, things like — I mean, you’re talking about the Winona health situation where they outsourced and they had disaster recovery enough time and availability. I guess those are sort of to me mundane. I think if you’re going to implement any HR, you know you need to do those things I guess if you’re going to do it in a prudent way.

And people that don’t do it I think as part of the design and implementation criteria is to insure that you have a strategy for keeping data available.

DR. TANG: I wasn’t talking about disaster recovery, those kinds of things. I was talking about having a third party have access to —


DR. TANG: — your —

MR. HOUSTON: — Well, that was sort of my second thread, too. I think sort of good practice, I guess me being an attorney doing a lot of these types of software contracts — honestly, you know, those are the types of things I see. The first thing I do as a good attorney is strike out any ownership of data or rights to data except to service me as who they’re providing services to.

DR. TANG: Usual practice, though.

MR. HOUSTON: Maybe from my area, that’s something that gets done every time.

But I’m not sure how much of that is a good practice. If you read the journals about software contracting, it might be something you read in there. I’m not sure whether we need to spend time talking about it in testimony. That’s my only point. Yes, you should do it — it’s a real short recommendation. You know what I’m saying?


MR. REYNOLDS: Yes. Since my day job is implementing these systems you’re talking about — the business requirements usually drives it, and I think as we talk about, and you heard from Phil Rothermich this morning, the more you parse the data, the more sophisticated the data access rules have to be. In other words, what does the patient want taken out or in, just like we heard from Denmark.

Then you get into the situation of how much logging and monitoring do you have and everything else.

So I think, and as we all have faced in all of our committees here, as you get down to the smaller users, that sophistication, that ability to parse, that ability to deal with that information, that kind of a granularity gets lost quickly.

I hope that in one of the next meetings that we talk about that, that we take maybe a couple hours to discuss all this as a committee and put all this together, not just what we heard but what we think, because I know a lot of stuff that I’ve heard in the last few days, I think we could go any way of six ways. And I don’t have a feeling what two or three other people on the committee think.

And then at that point, we may want to ask a few people: If we picked Option 1, 2 or 3, give me a degree of difficulty. Kind of like a dive off of a diving board. How many flips are we doing? Are we going straight in the water or what are we doing?

And so maybe before we get actually ask some technical, we get a sense of where we fit from a philosophy standpoint and from an agreement standpoint on what we think the issues are and just how we’d like to see them play out.

MR. ROTHSTEIN: Let me see if I can help clarify at least my views on what I want to get out of this technology hearing, the technology experts hearing.

I don’t want us to design a system that we think is going to be terrific. That’s not our role. That’s not our collective expertise.

What I want to get from the experts is whether the things that we are thinking about in terms of helping to protect privacy are in the ballpark.

So, in other words, suppose we are thinking about an opt-in or an opt-out system for something. I want some experts to say: Yes, that’s doable. It’s not going to shut down health care. It’s not going to require millions of dollars worth of software for each health care entity or provider to do.

And I want to ask them —

MS. GREENBERG: Or the alternative.


MR. HOUSTON: I agree with you, but with Phillip Rothermich this morning saying how it will be very difficult to do certain things, my first impression was nah — doesn’t sound like it’d be that difficult to do.

And, yes, you want to throw this out in front of them to see if there’s — right.

MR. ROTHSTEIN: So the level of sort of sort of expertise and detail that personally I’m seeking from the people in San Francisco is not maybe the level that two experts would communicate in.

I just want to ask them: Okay, if we did this, what would be involved? Is this doable? Would it be prohibitively expensive? Would it be impractical? Would it take too much time? And so forth.

That’s the kind of information so that the recommendations that we provide to the Secretary are realistic and are feasible but not necessarily in exhaustive detail. Simon?

DR. COHN: Well, I was going to comment — and obviously I have no idea what your list is, and I think we’ve all been listening to hearings and sort of wondering, well, where are we going to go here and what are the dimensions upon which we’re talking about?

But these examples you gave me — yes, technology may be part of the issue, but it’s more like, well, what are the costs to organizations to implement that are like way beyond technology questions.

And sort of like: How many Sutter need or Permanente or hospitals in North Carolina to implement X, Y and Z solutions? Not whether they’re technically feasible or not.

And so we need to make sure that, I mean if indeed that’s where you’re going, which was sounding very reasonable, we need to know that there’s more than just technology at stake here.

MR. ROTHSTEIN: Right. That’s my idea, and maybe we need — I don’t even who the people are that we would need to talk to. You know, maybe vice presidents in charge of IT or something from big companies. Harry, help me!

MR. REYNOLDS: What I would say, Mark, is if we came up with what those questions were and we had three people that already have electronic medical records who have already implemented them, they kind of can play in the space.

We also have — Phil was here as a PBM, which is going to play heavily in the space because of electronic e-prescribing that’s going to go on.

They have tended to be able to deal with the subject full scale, not just be technologists, and I agree with Simon. For example, I know in listening to e-prescribing hearings, if it is decided that a significant number of the patients will significantly eliminate some of the medications from showing up to their doctor, then all the savings we want to get out of e-prescribing from the standpoint of cutting down errors and everything else starts to get eroded.

So when you look at the whole package — you know, as we look at privacy, privacy is a piece of this whole package, and so the three people that testified to us yesterday, two here and one on the phone and then the people from the PBM, really are the ones that — and then if you got a couple people in practice management, because at some point the practice management systems have to get into this, and that’s the number one slowest implementers in the whole HIPAA game. So just in the standard HIPAA transactions they were slow.

So that to me is your playing field. And if you take that playing field, then the big people can deal with it. I mean, whether it’s the big payers or — it’s whether or not the little people, the PBMs and the people that do these electronic medical records really can buy in to this degree of parsing of the data and logging and monitoring and the other things that really get into who touched what, it’s really I think your question, and then how it plays on the rest of their business.

And I think all these people that implemented that probably could talk about the rest of their business, too.

MR. ROTHSTEIN: Marjorie?

MS. GREENBERG: I’m going to have to, unfortunately, go to another call, but I really agree with what Harry said, which is that the Subcommittee really needs some time to talk about sort of where people are on some of these issues based on testimony they’ve heard and where they’re coming from as well as sort of what is the role of the Subcommittee — and what types of recommendations. And there may be several types of recommendations the Subcommittee wants to make.

But, I mean, it really strikes me that we have a huge educational issue here also. At the end of the day — I think if a lot of people are going to want to do this, it could kind of shut down any utility to the system — you might have a rather small percentage of people who — and I don’t know; this is my assumption, but I think we need to know this better — after they’re told, well, you will lose all of these benefits of quality of care, drug interaction if you do this, but, I mean, that’s your choice. Basically, people have the choice to commit suicide, you know, to the extreme.

But I think you’d end up maybe with a small number of people. I mean, John tells some stories about that — oh, if you really mean that, yeah, then take my information.

But the problem there is such a low level of understanding of all of this in the public right now and there are several sides of it.

One is, if people knew how their data were being used now, they’d be a lot more upset than they are. But I don’t personally feel ignorance is bliss, but I think that is kind of the way we perceive.

On the other hand, if people also understood what some of the protections that could be built into systems, what the downside is of parsing and opting-out and opt-in here and being so designer-oriented, and what can be built into systems to protect inadequate or inappropriate access and all that, they might also have a higher comfort level.

But I don’t see any activity going out there really trying to raise the level of understanding so that always the loudest voices that you hear are the people who don’t to share anything et cetera. And they have some legitimate concerns; I’m not demeaning those concerns.

And then we do have problems, as Don Detmer pointed out, that everyone doesn’t have access to the health care system, and there are the employer issues. I mean, these are real concerns.

But that whole area — I mean, to me — is one that we’ve talked about for years about the National Committee, what kind of role would it play? It certainly relates to this issue of accurately linking patient information.

And I would really like to see the Subcommittee talk about that along with these other issues and sort of see kind of what types of recommendations it wants to make, see if you’re on the same page in some of these areas, and where you would need more information, or where you just really fundamentally disagree so that you’re probably not going to end up with consensus recommendations — I don’t know.

What do you have planned for your breakout? Do you have a breakout session at the June meeting? I think you do.


MS. GREENBERG: It’s not that long, I guess, but I don’t know what you have planned for then.

MR. ROTHSTEIN: Well, we actually don’t have a plan for June breakout session yet.

MS. GREENBERG: You have a breakout session, but you don’t have a plan —

MR. ROTHSTEIN: Correct. We have it set up —

MS. GREENBERG: Then maybe that time could be spent — or if it’s in the morning, maybe we could start a little earlier, I don’t know —

MS. BERNSTEIN: It’s at 8 a.m. right on the 30th, the second day.

MS. GREENBERG: But, I mean, maybe that would be a good way to spend that time.

MR. ROTHSTEIN: Well, we might be able to focus areas of inquiry for our August witnesses, which is what I had in mind. Paul?

MS. GREENBERG: Anyway, that’s my contribution.

DR. TANG: I think I agree with the previous comments, and maybe I can sort of distill into three themes, and I’ve been a Committee member for a very short period of time, but the three themes of the testimony I’ve heard are the following:

One is the need for uniform privacy laws and regulations because there’s such an administrative overheard or it’s not even feasible to have 50 different kinds of settings. But more importantly, it tears down the privacy protections that you do have when you can’t administer 50 different variants.

The second is this whole notion of secondary uses of legitimately acquired data. We heard a lot of that this session and I think we heard it the previous session as well. And dealing with that is a big policy — and the accountability for the uses is a big policy issue that has technical implications.

The third one Marjorie just mentioned, just the whole public education on what’s actually happening now and what are the benefits of linking data.

And perhaps, as Harry was suggesting, if those are three themes, maybe there’s five themes, we develop recommendations or tentative recommendations, then we can check against technology folks whether our policy recommendations are practical and feasible.

And actually the technology folks I think you’re going to be talking to are the applications providers. Ironically, that’s probably not mostly in Silicon Valley, which is part of the assumption of why we would do it in San Francisco, because the vendors of these EHR systems and the PBM systems are elsewhere.

But it seems like we do need to have the policy recommendations based on a Subcommittee analysis of the themes put before us, case scenarios to comment on, before the applications providers.

MS. BERNSTEIN: I wonder if we even have a hearing with sort of technologists of some sort whether what they’re going to tell us is what they can do today and our recommendations are also going to be longer term — I mean, two years, five years from now when the recommendations are likely to be implemented, I mean technology will change very significantly.

I’m starting to think as we talk about the other issues it may be that that’s not really what we need to hear or that what we need to spend our time on because I’m not sure that it will actually get you information that will actually be helpful in making your longer term recommendations. Am I off on that or —

DR. TANG: And I think actually we heard this session is that technology isn’t the issue; it’s really the HR expense of implementing that. You could theoretically write all of these programs to go down to the individual data element and create rules on them but you don’t have the human labor available to even administer that.

So the technology discussion is perhaps very subservient to the policy and operational.

MS. BERNSTEIN: But I think you’re identifying the rules that we want to have. It’s much more complex than making the technology fit those rules.

MR. ROTHSTEIN: Right, right. So, I mean, the questions that I had hoped to ask were perhaps too simple for the brain power that we are contemplating inviting, and all that I’m trying to do is to help as much as possible Dr. Brailer and his folks because I think what they’re counting on us to provide is a sense of having had these hearings, heard from so many groups of interested stakeholders, what the sense is of individuals and providers and other covered entities about the privacy and confidentiality issues in the National Health Information Network.


And that’s what’s what we need to do, to provide some direction on what privacy elements need to be built into the system. John?

MR. HOUSTON: Is it a value maybe to try to get some time with Brailer’s office in order to get their understanding based upon their now publication of the summary of the RFI to sync up what we’ve heard against maybe what they read and to see whether there is any disjoint or where there may be areas of commonality that we should further pursue? Or maybe the alternative is maybe we just all need to go back, read the summary, and see where those areas of overlap or need are.


MS. McANDREW: I’m not sure that it would necessarily be so informative with regard to the RFI comment or summaries which wasn’t terribly enlightening in this area.

However, they have the new contracts that they have put out, one of which goes directly to the state variances and what those variances are and what implications those variances will have for HIT, and privacy is at least one, if not the primary component of where these variances occur, although it seems to me security is another area where they come up frequently.

MS. BERNSTEIN: Let’s make clear that we mean RFPs — request for proposal and not contracts.

MS. McANDREW: Right, yes. All the same to me!

So, Brailer’s organization has those irons in the fire. It seems to me the Subcommittee did obtain a lot of comment in that area.

It may be possible to have some recommendations that may shape or give some context to the data that comes in under those proposals, but assuming those proposals actually come to fruition.

MS. BERNSTEIN: I’m not sure that we’ll be able to see any — we won’t be able to see any of those proposals or they’ll be proprietary.

MS. McANDREW: Just knowing that they’re there. By the time you will be making your recommendations, I would assume that those proposals would not even be awarded, nor would the data be available.

But in terms of spending a lot of Subcommittee time in coming up with very identifiable recommendations is probably not worthwhile in advance of that data.

MR. ROTHSTEIN: Well, I have a proposal to make. I’m going to be meeting shortly with Simon and then tomorrow there’s an Executive Subcommittee meeting, and I propose that we will address in the Executive Subcommittee the prospect of setting up a meeting with Dr. Brailer.

Maybe Simon, Dr. Brailer and myself can meet over the next couple of weeks sometime and discuss the issue of what level of recommendations, what kind of recommendations, coming from the full Committee but generated by this Subcommittee would be most valuable to him and his staff in structuring their recommendations to the Secretary, and then we can talk about that at our June meeting, which is in three weeks, and we’ll have time to identify individuals. We’ll have close to two months between our full Committee meeting and the San Francisco meeting in August.

DR. TANG: Maybe in interim you can raise this as a trial balloon with Dr. Brailer that they’re going to let these contracts out by September 31st, whatever it is. Since that is before our November letter, I wonder if there is value in having some kind of interim letter that describes some of the questions that it would be useful to include in their contract, particularly as it relates to states; that was clearly one of the messages we heard.

But there may be questions that we think are relevant for that privacy study or value analysis.

MR. ROTHSTEIN: Well, we certainly can discuss that. We’ll see where he wants to go.

Is that an acceptable strategy?

MR. HOUSTON: I think it’s great.

MR. ROTHSTEIN: Okay. Maya?

MS. BERNSTEIN: If you’re satisfied with that, I have another question related to the August hearing —

MR. ROTHSTEIN: Oh, okay.

MS. BERNSTEIN: — which is, is there anyone that we know is in California that you particularly do want to hear from? We’ve been talking about Kaiser, Bentley, CalPERS, the California RHIOs and so forth. Are there other parties that you haven’t heard from yet that you know are there that we might be able to get for that hearing? Are you prepared to talk about them now? We can also defer that.

MR. ROTHSTEIN: How about if we defer that until our breakout session at our June meeting, okay?

If there’s nothing else, I want to thank Kathleen Fyffe in abstention and Maya Bernstein for putting together the witnesses for this hearing, both foreign and domestic, and thank you all.

We’re adjourned.

(Whereupon, the meeting adjourned at 12:15 p.m.)