[This Transcript is Unedited]




March 5, 2004

Hubert H. Humphrey Building
Room 505A
200 Independence Ave., SW
Washington, DC

Proceedings By:
CASET Associates, Ltd.
10201 Lee Highway, Suite 160
Fairfax, VA 22030
(703) 352-0091


P R O C E E D I N G S (10:07 am)

Agenda Item: Call to Order – Dr. Lumpkin

DR. LUMPKIN: Good morning. I sat in the back of the room for the privacy
discussion. It’s good to see that they are going to be ready for us this

We’re going to start off with introductions.

[Introductions were made.]

Great. We’re going to start off today, we somewhat flipped our agenda, so
we’re going to have our report from the department today, although we usually
have it the first day.


Agenda Item: Update from the Department – Data Council – James Scanlon, ASPE

MR. SCANLON: Thank you, John, and good morning everyone. It’s a pleasure to
be here this morning, and let me give an update on a number of activities and
data policies and NHII-related issues that have occurred since we briefed the
committee in January.

In general, I’m happy to say that these kinds of issues, NHII-related
issues have become a real priority here at HHS, and other federal agencies as
well. And many of the initiatives that we started here in the committee and at
HHS are coming to fruition.

I’m going to talk a little bit about — I know I did a little tap dance at
previous committees relating to the budgets, but now I can report that we
actually have a 2004 budget, and a president’s 2005 budget, so I can be a
little more explicit. And there actually is good news, both on the NHII and
standards side, as well as the population statistics side, even though
generally the budgets are fairly tight.

So, let me start first of all though with bringing you up-to-date on the
study that Dr. Lumpkin alluded to yesterday, a study that was mandated by
Congress for HHS to fund a study at the National Academy of Sciences to look at
the adequacy of race and ethnicity data in both public and private sector
systems, the adequacy to carry out those functions, whether it’s insurance,
public health, health care, and so on.

And as I have reported previously, we went and funded the study. Dr.
Lumpkin is a member of that committee at the Academy. Ed Perrin(?) — I think
many of you know Dr. Ed Perrin — is the chair. The workshop report was
released. I think we have provided this to the committee in December. And it is
actually quite a very interesting report.

There is a section on private sector issues, and it’s actually quite
complicated. This problem is not going to be solved by mandating that people
report race and ethnicity. It is much more complicated than that, as Carl and
others alluded to yesterday.

So, I think we have already given copies of the workshop report to
everyone. But the Academy projects that the full deliberative report will be
available in April, next month. And again, we’ll arrange — I’m hoping for a
sophisticated and nuanced kind of a presentation and set of recommendations —
and we’ll arrange a briefing for the full committee next month. Dr. Lumpkin
won’t give us any previews of the full report.

MS. GREENBERG: Are we likely going to be able to have a presentation at the
June meeting?

MR. SCANLON: I would plan on one for the full committee, probably I think
by then. And there will be a fair amount of fanfare I think, with the release
of the public report. There will be a press release at the Academy, and we’ll
have a briefing within HHS probably before then.

Let me go on. As I mentioned previously, we formed a Council on the
Application of Health Information Technology within HHS, made up of all of our
agencies. It’s pretty much meeting on a regular biweekly basis now, and this
again reflects the priority of health information technology standards and HII,
and the kinds of issues the committee here has been dealing with for quite a
while now.

And it’s sort of a place to coordinate our investments, try to develop one
voice on many of these issues, both within HHS, and as HHS deals with public
and private sector partners in the research community as well. Dr. Lumpkin sits
in as the chair of this committee, on that committee as well. And actually, it
looks like things are going over pretty well.

Currently, the focus there is on health information technology initiatives
that are more or less in the pipeline, that are coming to fruition. Less so on
new initiatives, but that will be the next step for the council, and some
strategy as well.

Again, some progress, the secretary announced last week actually, and the
department released the final rule for bar coding standards for human drugs and
biological products and blood products. This was a major initiative. It’s one
of those instances where actually groups within the industry, including the
American Hospital Association, came to HHS to move forward on bar coding.

The hope here is that by creating the foundation of bar coding information
literally packets of medications, that this will support the infrastructure for
a number of the bar coding systems, and patient safety systems that you have
seen in hospitals and other places as well — nursing homes, hospitals, and so
on. So, again, this is one piece of the puzzle that has come to fruition as

It was a final rule. I think once the rule is effective, or new drugs —
that’s drugs approved as new — they are to have the bar coding I think within
60 days of that approved. For currently approved drugs, and obviously there are
many in the pipeline, I think they have up to two years to come into
conformance with the bar coding regulation.

Let me turn now to budgets, both the 2004 budget, the year we are currently
in, and the 2005 budget, which the president sent up to Congress back in
February. We do have a 2004 budget, and it actually includes a number of
initiatives in NHII, data standards, and in data policy and population
statistics that all of us have been working on, and I think we’re actually
pleased to see these move. And I mentioned some of these previously, so I’ll
just remind you of what they are.

But let me start at the departmental level in the 2004 budget, that’s this
year. In my office the budget includes an NHII initiative of about $3 million.
This is really meant to be kind of the glue to help things move forward.
Obviously, we are not going to implement the NHII with $3 million, but this is
meant to be overall strategy, leadership, outreach, and convening activities,
as well as some cross-cutting and gap filling kinds of activities with the

For example, this is the funding that is used to support the annual
conference on the NHII, which we now have scheduled for firm dates, July 21,
22, and 23, here in Washington at the DC Convention Center. So, the committee
has already been working with our own NHII group. I know we have a plan to
follow-up on a number of the activities that were identified, and the
directions were identified at the first annual meeting last June. We hope to
have the secretary there as well, and we’ll follow-up on a number of

The budget for 2004 also includes a joint initiative between my office,
ASPE, and AHRQ, and Mike Fitzmaurice actually holds the portfolio in AHRQ as
well. And this is for standards, $10 million. We were very fortunate to get $10
million included in the HHS budget for the kinds of clinical data standards and
message format standards that again, we have all been recommending and talking
about moving forward on.

And Mike and I and the other agencies are working together. We are
developing individual projects to be funded. But we are looking at the
recommendations that the NCVHS forwarded to us relating to legal data
standards, medication data standards, RxNorm, Daily Med, medical device
standards, and the kinds of mapping priorities among the standards that the
committee has recommended, and that we have identified in our CHI working

So, we are fortunate to get that, and actually I think this will actually
help to stabilize and support some of the standards upon which many of our
strategies rest. So, we are very pleased there as well.

And then again in AHRQ, in the 2004 budget we have a $50 million initiative
for a variety of grants, demonstration grants. I think Mike, it includes
planning grants as well, and evaluation grants. The focus here is how to
improve patient safety through health information technology in hospital, and
also ambulatory practice settings as well.

The requests for applications have already been issued, and we hope we’ll
get a good response. I think, Mike, the proposals are due in April?

DR. FITZMAURICE: April 22nd is the due date. And you can get copies of the
RFA on AHRQ’s Web site. Just go to ahrq.gov, and then look under funding
opportunities to get the RFAs.

MR. SCANLON: This initiative, the $50 million that Mike just spoke of, that
is continued in the president’s 2005 budget as well, as is the $10 million for
standards. So, we are actually getting some continuity. It’s not a flash in the
pan one year, and then disappear. It’s actually meant to provide some
continuity, predictability for some of the activities. In the case of the AHRQ
demonstration grants for IT, the secretary I guess may give preference to
smaller rural hospitals as well.

In the 2005 budget, the president actually announced that we were doubling
that amount. So, in the 2005 budget not only will we continue the $50 million
AHRQ, but an additional $50 million is included in our office, the Office of
the Secretary, for demonstrations of the network side, the community and the
regional and the local health information infrastructure and data exchange side
of the equation.

So, the focus here is on the actual data, interoperable data exchange at
the community and the regional level. Again, the 2005 budget is just the
requested budget, so we will see how that goes with the Congress as well.

On the population statistics side, we actually have some very good news.
Even though the overall budget for 2005 is — HHS on the discretionary side of
the budget really received an increase of only about 1.2 percent. And this is
general across the federal agencies. This is not a big budget growth year. And
by the way, even though we have a budget of about $580 billion normally, most
of that is not discretionary. Most of that is mandatory.

The discretionary side of the budget is about $67 billion, and that’s the
NIH’s and the CDC’s and the FDA’s and the other parts of the budget. So, it’s
that part of the budget where these things really take place. And as I said,
the growth there is just 1.2 percent. But it does accommodate some things that
are very positive for population statistics.

And at our Data Council meeting in February, we had a round-table to look
at where on our major data statistical systems and research systems and
databases, where were we in 2004 and 2005 in terms of funding and support and
new directions. And in general, again, given the tight budget, I think we were
more or less — the good news was that virtually all of our major data systems
will continue at their current services level through 2005.

There are no major curtailments envisioned. There is some issue with the
National Children’s Study, which is not really funded fully anyway, and HHS
won’t do the full funding for that survey anyway. So, there are all these
questions about how that will be funded, but other than that, it looks like
most of our major statistical systems in 2004 will continue at the current
services level, which is actually quite an accomplishment.

And in addition, there are some small improvements planned here and there,
a little more oversampling, and some initiatives aimed at improving the
analysis and the dissemination of data, but in general, no major new
initiatives there, but more or less continued support, nurturing of those basic
data systems.

But the highlight here is a very large increase for the National Center for
Health Statistics. I think it is almost a $25 million increase in the
president’s fiscal year 2005 budget for NCHS. We asked NCHS what’s the
professional judgment of what is needed to bring the NCHS core data systems up
to kind of a stable level, as well as some improvements, and clearly some of
them need transformation as well. Spending the money just on restoring the old
ones is probably not the best idea on some actual transformations.

And the estimate was $25 million. This was the highest priority
recommendation for the HHS Data Council. And the secretary agreed, and OMB
agreed, and the president’s budget includes that kind of an increase for the
NCHS budget. So, it’s up to Congress now, but it’s a very positive move. It’s a
recognition of the importance of these core data statistical systems.

I think the focus there will probably go on the four major systems: vital
statistics, the health interview survey, NHANES, the health care provider
surveys, and on methodological research as well. So, again, it’s very positive
news. In a budget year that otherwise is pretty tight, I think this is a very
unusual and a very positive kind of a proposal.

Let me stop there and see if there are any questions.

DR. MAYS: Is there any update on the letters that we sent to the secretary,
which actually fit into this notion of population — in which we actually asked
for potentially additional targeted surveys and the health plans?

MR. SCANLON: I have all of the recommendations as well. Let me start with
the recommendations. There was a whole set of recommendations from the
committee dealing with the CHI, basically endorsing the CHI standards. And
those have all been shared with our CHI Council and others, and those are now
being — in fact, Maria will probably update you on where we with the CHI.

But of the 21 standards were set out as the targets, I think we are
virtually — 2 sets have already been adopted, and the others are being
processed through the review system. They have been presented to our various
councils, and before long I think the whole set of about 21 I think will be not
really adopted, but identified for use in our federal health care enterprise.

The recommendations of the committee dealing with overall PMRI priorities
and standards, that’s been shared with the Data Council, and our KHIT(?). And
as you can see, we are already implementing some of those projects through the
resources that we have.

On the population side, I think we were holding enough responses until we
could say something about the budget. But I think in terms of the target — one
of the recommendations of the committee dealt with kind of restoring and
protecting the HIS and related surveys. And there I think what the 2005 budget,
now that we can actually announce the budget, I think we can actually be fairly
positive there.

On the targeted surveys, I didn’t see any plans within NCHS for targeted
surveys specifically, though it is my expectation that some of the funding
would be used either through the NHANES or through other targeted surveys as
well. And we had a short discussion at a Data Council meeting on what other
agencies could do on targeted surveys.

And these are largely — Vickie, I guess the thrust of the recommendation
was it’s fine to do national surveys and administrative data and vital
statistics, but run out of numbers, and you run out of practical survey designs
for some of these population groups, and you need special targeted surveys. And
it’s always been a part of the HHS strategy, it’s just that resources were not
available. But I think there are plans, though I have to see the specifics, of
some surveys and some epidemiology studies and others directed at targeted. And
I think we’ll have to follow-up on that.

I think we have almost caught up with the other recommendations, am I

MS. GREENBERG: Right. There are two letters under Tab 9. One is the
response to the letter on ICD-10-CM and ICD-10-PCS. And the other is on
departmental participation in promoting standards for information technology.
That one you may have already seen, the December 16th one, but this January
21st, the response is included under 9.

MR. SCANLON: Privacy recommendations, I think we are almost caught up
there. Those are shared with OCR directly, and I think we have caught up with
most of the responses there as well. We couldn’t really deal until the budgets
were released. I think the idea was to hold up responding until we could see
where the general direction would be.

I would have to say that if the requested 2005 increase does not
materialize, it is going to be quite problematic on NCHS.

DR. LUMPKIN: What I’ve been seeing for the rumors in Congress, it does not
look really overly good. There has been some feedback, at least in the various
newsletters that circulate about Congress looking for public health programs as
places to make cuts in the coming year. So, if we were an organization that was
involved in lobbying or raising public issues, we might suggest that people do
things, but we don’t do that.

MR. SCANLON: I don’t think that is permitted for advisory committees.

DR. LUMPKIN: That’s right. That’s not an appropriate role for an advisory

Any other questions? Okay, thank you, Jim. Let’s move on to Maria, CMS.

Agenda Item: Update from the Department, HHS
Implementation of HIPAA, Data Standards, CHI Update – Maria Friedman,

MS. FRIEDMAN: Good morning, everyone.

I’m happy to update you on the fact that we published the national provider
ID regulation on January 23, 2004, long waited by everybody, including us. The
effective date is May 23, 2007, and I think it’s a year later for small
providers. The reason for the delay was that we could not issue the contract to
get the database awarded until we got the budget situation sorted out.

Now, that we have the budget, things are moving along. And I don’t know
exactly where that is. I know that there are people in CMS who are working on
that, and I’m sure there will be further announcements on it when more work has
been completed, and they can say what the process will be.

If anybody is interested in the regulation, you can get to it off our Web
site, which is www.cms.hhs.gov/hipaa/hipaa2.

On the Medicare side, the numbers of HIPAA-compliant transactions are about
two-thirds that are coming in right now. It crept up, and has stabilized a
little bit. And we are hoping for even more upward growth in that area.

We have also announced a change to our contingency plan last Friday on the
27th. We instructed our carriers and FIs to lengthen the payment cycle for
providers submitting non-HIPAA compliant claims from 14 days to 28 days. That
goes into effect July 1, 2004.

MR. BLAIR: Maria, could you repeat that last part for me?

MS. FRIEDMAN: Sure. For providers submitting non-HIPAA compliant claims to
Medicare, the payment will be pushed back to 28 days from 14. And that goes
into effect July 1, 2004.

As far as CHI goes, we really don’t have too much to report other than they
are working now to develop their phase 2 work plan, and I’m sure you’ll hear
more about that when they have that together.

And finally, an enforcement. We have had a total of 66 complaints come in.
Of those, 13 really weren’t ours. Some were privacy use. Some weren’t valid,
whatever. So, that leaves us a total of 53. Of those, 13 were closed at the
complainant’s request. So, we have 40 basically in process that we are working
right now.

That’s all I have to report.

DR. LUMPKIN: I have a question on the provider ID. I think there was a
request from Simon at the last meeting about the ability to get a low number
ID. I think he wanted 007. We didn’t see a response on that.

DR. FITZMAURICE: Do we have plans to put out the NPRM on the national
health plan identifier this year?

MS. FRIEDMAN: Yes, and in fact, we have three NPRMs that are on the
regulations agenda. One is for the plan ID, one is for claims attachments, and
one is what we call modifications II, which is kind of a clean up on some of
the policy that have emerged.

I don’t know exactly when they will be published. I’m sure it will be later
this summer. Some things got pushed back already because of the need to focus
on Medicare reform.

DR. FITZMAURICE: Let me follow-up with that. If HHS is going to put out the
provider identifier, you had mentioned earlier that you couldn’t issue the RFP
until CMS got the budget for it. Are you now saying that CMS does have the
budget to implement the plan?

MS. FRIEDMAN: Yes, we’re moving forward with that.

DR. FITZMAURICE: It’s not a budget problem then?

MS. FRIEDMAN: It’s not a budget problem. Everything is fine. It’s going to
take a while to get the database developed and all of that.

DR. LUMPKIN: Perhaps once you are a little bit further along, at the next
meeting, if we could also include an update on some of the impacts of the
Medicare reform law that may have some significance for us. I’m not asking this
time, because I know that you are still scurrying and trying to figure out what
have they done to us now?

Any other questions for CMS? Okay, then we are going to move on —

MS. BEREK: Before you go on, do you want us to get you somebody who does a
real briefing on the full implications of Medicare reform?

DR. LUMPKIN: Obviously, we really looked at it in detail, the prescribing
provision, but I think for someone to look at the other provisions,
particularly as they may affect health informatics. The quality team I think
would be fairly interested in the pay for performance and other quality aspects
of the law.

MS. BEREK: We’ll work on getting you a presentation. We might get you like
three people to cover all the pieces you might want.

DR. LUMPKIN: A tag team, yes. Good.

Okay, I’m sure that Susan, as usual, when we have these updates, CMS goes
first and talks about 46 complaints, that your eyebrows go up and say, gee,
that would be great. So, take it away.

Agenda Item: Update from the Department, HHS
Implementation of HIPAA, Privacy Rule Compliance Update – Susan McAndrew,

MS. MC ANDREW: Actually, I don’t have a lot to update from the last
committee meeting, but to start with the enforcement numbers. We have, as of
the end of February, over 4,755 complaints that have been filed.

DR. LUMPKIN: Last month?

MS. MC ANDREW: As of the end of last month. We are not even through our
first year yet. So, we are aiming for that 5,000 mark.

We have closed 43 percent of those cases. There is really no change in the
profile of the types of complaints that we have been getting in. It still is
heavily in allegations of information being misused or improperly disclosed. We
continue to get complaints about inadequate safeguards, and inability of
individuals to access their information.

So, there really hasn’t been any change in that, nor in the types of
entities against whom complaints are filed. It still is largely private
practitioners, hospital situations, and group health plans is in fifth position
in the top five. Complaints continue to be generated largely where the patient
and the doctor are interacting, either in the office setting or in the
hospital, in some facility.

In approaching our first year, we do have some compliance dates that are
coming up. It is the second year, so the one year extension for small health
plans means that all small health plans must also be in compliance by April 15,
2004. And also, it’s the end of the grace period that we gave entities to get
their business associate contracts in place. We gave people with existing
contracts one additional year to conform those contracts to the privacy
business associate requirements, and that one year grace period will be up in

Looking forward, later this summer we will be dealing with the Medicare
drug card sponsors as a new group of covered entities that will be subject to
the privacy requirements. And so, we are working with CMS now to see if there
are any particular policy issues that we should be addressing in advance with
this group of new covered entities.

And also, trying to estimate the impact it may have on our enforcement
efforts. We don’t think that the numbers will be particularly significant, but
it does represent another avenue of potential complaints from Medicare
recipients. So, we are trying to balance that.

Other than that, we are looking forward privacy, year two, where we can
focus our efforts on managing our compliance case load, continuing to work on
guidance. We haven’t slacked off at all in trying to answer questions through
our frequently asked questions. That database continues to grow. We have over
200 questions up there now. We have more in the pipeline.

We are actually trying to work with the other optives within the department
to try to rationalize and prioritize the clearance process, not only for the
materials, but CMS and OCR are developing directly, materials that the rest of
the department is interested in talking to their populations about HIPAA
privacy or the transactions and code set, and making sure that departmental
clearances of those HIPAA-related materials all goes smoothly.

We are continuing to get out as much as possible in the community, and do
outreach and public education on privacy, HIPAA. Rick Campanelli(?) will be
talking next week before the HIPAA Summit up in Baltimore. We have been asked
to participate in a panel at the end of this month before the Secretary’s
Advisory Committee on Human Research Protections. And we have tried to address
the privacy concerns that continue to exist in the research community.

We have been invited over the spring and summer to a number of agendas
around the country with the law enforcement community, in an attempt to address
some of their concerns.

And we are looking forward to the Privacy Subcommittee’s report that is
coming out of the hearings that were held last month. We are very anxious to
see your recommendations, and hope to address them.

MR. HOUSTON: I think I had sort of asked before, and I know you don’t have
any specific information, but I’m really interested in trying to get statistics
on if you have a breakdown of complaints, again by provider type, by type. I
know I have asked other individuals from OCR at these meetings, just to get
some statistics on what the breakdown of this information is. Again, I would
really like to understand where the complaints are coming from, and where they
are focused at, and what types by some type of empirical percentages.

MS. MC ANDREW: We would be happy to work with you on exactly what it is you
would like to see, and what our system may be capable of.

MR. HOUSTON: I think the past I had asked that I would like to see what the
breakdown is by type of covered entity, including physician office versus
hospital versus health plan, to see the statistics that way. And then also look
at them by type of complaint.

MS. MC ANDREW: Just the raw number?

MR. HOUSTON: Well, raw numbers or percentages, I don’t much care, but it
would be interesting to see type of complaint by type of entity, sort of get
almost like a grid that would allow us to understand that.

DR. STEUERLE: This is somewhat related, although even tougher. Is there
anywhere in the department, some effort, maybe not right now, but of how to
figure out ways of assessing what are called the benefits and the costs of
these efforts? The benefits being is there some increased sense of privacy that
is really coming about? Are you getting a lot of complaints you might have had
anyway, but you now have a procedure to deal with them?

And on the cost side, and again, much of it might be qualitative, whether
this is changing practices in terms of the way people do record-keeping. I’m
not sure how to gather it, but I’m more or less asking you a question, rather
than recommending how to do it. But I’m imagining Congress comes back two years
from now and decides it wants to address privacy again, and says, okay what did
we achieve?

And I’m not sure just listing the number of complaints — you might be able
to prove the HHS handled the complaints fairly well, but it doesn’t tell me
whether the law itself is achieving some set of benefits, and what cost would
they be imposing. Again, I don’t know exactly how to do this, perhaps a survey
or something else, but I’m just curious whether there is some parallel effort
related to what you are doing?

And of course, John’s question says I think you might be able to tease out
some of this stuff if you could break down the data too.

MR. HOUSTON: Having the data is helpful to get some sense of where the
problems are and issues.

MS. MC ANDREW: I think that is a question that would be better addressed at
the departmental level. I mean OCR really doesn’t have the capability of
developing any kind of meaningful survey technique.

DR. LUMPKIN: If I could maybe suggest that that might be an issue that the
Privacy Subcommittee could address, and we can send a communication. There are
surveys that are ongoing. I forget the name of the survey that happens when you
do the immunization survey and there is no kid there, SLATES(?). But SLATES
might be for instance a survey where you could tack on a question in certain
rounds and ask about privacy or perceptions of privacy.

So, I think if we can formulate the question for the department, there
would be appropriate communication from us to the department.


MR. BLAIR: I would like to first indicate that I think that the work that
you have been doing in OCR is really to be commended. This is a very, very
difficult situation, because there is confusion and misunderstanding, both on
those folks that are concerned about violations of their privacy rights, as
well as those that feel as if the efforts to protect the privacy of patients is
too burdensome or bureaucratic.

And it’s almost an impossible situation, but I think you are going at it in
a very orderly manner. And the mechanisms are pretty much set up within OCR to
be able to address valid concerns, orderly concerns. My concern is the
irrational ones. The ones that may not be coming through the system, but are on
the Internet, giving disinformation about the intent of the privacy
regulations. And they are spreading.

And I’m very concerned that because they are false and irrational, that we
are ignoring them. And I think we have to begin to take those seriously. It is
not that hard to see what’s on the Internet, to see the misinformation. So,
it’s not that difficult to identify the organizations and groups that are doing
this, and doing damage unnecessarily, and scaring people.

And I think that it is appropriate for the educational campaign to not only
include reaching out to health care institutions and providers to make sure
they understand what they should and should not be doing, and what the law is,
but I think we need to reach out to the general public, to help the general
public understand what is true and what is not true about the privacy
regulations, even down to the basic intent of the privacy regulations. And that
would be my suggestion.

MS. MC ANDREW: We do pay attention, and try to rebut whenever possible,
erroneously information about privacy, particularly when it reaches us through
press reports and the like. We have done our best to combat the misconceptions
about the rule, and to try to get the record set straight.

I take your point about listservs. I’m not sure whether it is humanly
possible to keep up with all the chatter of the servs. But we do dip in to that
pool from time to time, and try to find out what’s going on and what’s going
wrong. It is a challenge about how to reach these audiences, and how to make
sure that the proper information about the rule is getting out.

We are going to try to concentrate in the coming year on reaching the
general public, the consumer, with some consumer-oriented materials. But we are
aware of that problem, and we certainly would like to get the record set
straight. And we would love to enlist all of your efforts in trying to get
corrections done, or get to the folks who are spreading this information, so
that we can actually deal with, as you put them, the real problems, as opposed
to those that are just created for somebody’s politics or profit.

DR. LUMPKIN: Okay, we have time for one more question. Harry?

MR. REYNOLDS: I would like to echo a little bit of what John and Jeff both
said. The industry, I believe, is hungry for facts. So, the complaints that you
get are a little bit different than John’s. The complaints that you get, and
the answers — for example, you mentioned that there are some that come in that
you don’t think are worthwhile.

Knowing what types they are, and that they are not worthwhile, everybody
got ready, they think. But until there starts to be some information coming
back, so if you had X amount that were truly violations, you don’t need to say
who it was, but the fact that you identify those as violations, it starts
building people’s knowledge of whether or not they actually did get there.

Because everybody is sitting around right now, they spend their money, they
did their effort, and they think they are compliant. But not until we either
get case law or get maybe some answers, the FAQ thing almost, that we get a lot
on the transactions and code sets, those types of things on the Web site, I
think then the industry is going to pluck them off.

And I know people will work with employers, people will work with doctors,
people will work with hospitals. And you will have a lot of friends helping
you. So, if you could just put that as a central point of we’ve got these 10,
and they are not violations. That helps people draw that, okay, I’m okay there.
These 10 were, and you don’t even have to say why, you just need to say that
they were. It starts putting real information behind the myth that is what is
privacy compliant.

That’s the scariest part that I think we all face right now, because you
don’t want to be the one that ends up realizing what it meant.

DR. LUMPKIN: If I could suggest that perhaps the Privacy Subcommittee,
working with OCR, to help develop the kind of report that would be useful. I do
want to just correct one term. Worthwhile probably isn’t the best term. Having
run a regulatory unit, usually the first question you have to ask, if the
complaint were true, would it be a violation?

And in those questions where it says, yes, even if the complaint were true,
it’s not clearly a violation, I think would be the category of those that don’t
get investigated. And they may be very valid complaints, and the person that
submitted them may actually feel that they were wrong, but that doesn’t mean
that the regulation would prohibit that activity.

MR. HOUSTON: I agree with your recommendation. Unfortunately, I guess there
are not too many Privacy Subcommittee members here today, including Mark. I
would be willing to take that back to Mark, but I think it’s a good think for
the committee if OCR is willing to work with the subcommittee to talk about how
do we structure a report to get that data, and meaningfully convey it. I think
that would be real helpful.

DR. LUMPKIN: Great, thank you.

DR. ROBINS: Just a follow-up. You might as well get ahead of the curve,
because you know at some point, Congress is going to come back and ask you
these kinds of questions. So, you might as well start at the beginning to get a
data set organized, that can be then developed as time goes on, and you see
what kind of other questions you might get.

DR. LUMPKIN: Given Congress’ leadership in implementing the requirements
they set upon themselves under HIPAA, I’m not exactly sure I’m worried about
Congress touching this one in the near future. But I think that there is
certainly significant utility to the industry of having this sort of analysis.
And should Congress ever come looking again, having it prepared would certainly
be in the best interest.

MR. HOUSTON: Just one question. I’ve never seen any surveys pre-HIPAA that
quantitatively tried to describe patient privacy. And I think the reason why I
say that, is it’s difficult now to try to quantify what the improvement has
been, or what the effect of HIPAA has been. Now, maybe it’s because I have
never seen them. Were there ever surveys, or were there any quantifiable data
that would all us to go back?

DR. LUMPKIN: There have some opinion-type polls that have asked people what
are their levels of concern about privacy. But to the extent that if there were
a survey to be done that looked at SLATES data or something, I don’t think that
there have been any studies of that degree of quality. And so, yes, I don’t
think there is a real clear baseline.

But on the other hand, if we are looking at over a period of time, doing it
now and seeing the change, and going prospectively into the future, there may
be some demonstrable change over time, or not.

Okay, we’re going to move on to the patient safety report from the
Institute of Medicine.

Welcome. And Simon is going to make some introductory remarks while we are
getting set up.

DR. COHN: I think while we are getting the computer set up here and the
Power Point going, I have a comment or two. First of all, I think as you all
know, I was a member of the IOM committee. I actually wanted to first of all,
thank Phil for coming and joining us. He was the main staff on the work group,
and he did an exception job, both of keeping the committee in check, as well as
helping facilitate and moving us towards what I think is actually a very good

Now, we are in sort of what I would describe an awkward time for an IOM
report in that, at least as I understand, it is being talked about, but it
hasn’t been published yet.

DR. ASPDEN: That takes a while.

DR. COHN: So, people talk about it. We see the executive summary, but
nobody has seen actually the book yet. So, I actually tried to get to Jeff
Blair, a chapter that may have some relevance to the Subcommittee on Standards
and Security, and I was unable to direct him to a site to actually get that
information, but hopefully, that will be out soon.

There are only really a couple of points I want to make about this, and I
know that Phil is going to be going into it in more detail. But I think the
important pieces of this work are number one, that there is really actually an
expanded, and I think a very exciting vision of patient safety that comes out
in this report. And I think it’s something that we should think about as we
talk further about patient safety.

And obviously, from that are data standards, as well as recognition of gaps
to support that expanded vision. Now, the other good piece is that I think
overall I find a lot of consistency between the work of the IOM in this area,
and really I think our own thoughts and previous recommendations, which I think
we all think is a good thing.

But in addition, I think there are also some very specific recommendations
that the IOM is making to help accelerate progress, that once again, I think
are helpful to the government, and probably to us also.

Now, the other key piece, and once again, I know Phil will be talking about
this one, is work that was sort of given to this committee in the midst of its
deliberations. And that had to do with EHR functional standards.

And effectively on very short timeframe, this group was asked to come
together, and in addition everything else, to sort of do a couple of days work
trying to put together a framework for EHR functional standards. Which I know
is not the same as what HL7 is doing, but has basically been a key input
document into the work, as they actually try to come up with a standard on all
of that.

So, anyway, Philip, I’m delighted that you are here and joining us. Once
again, thank you for some very good work.

DR. LUMPKIN: And if you could comment while you are doing it, as Simon
said, you played an excellent role keeping them in check, and we would like to
know how you did that.

Agenda Item: IOM Patient Safety Report – Philip Aspden,

DR. ASPDEN: Well, thank you very much. As Simon said, my name is Philip
Aspden. I was the study director for the Institute of Medicine study on data
standards for patient safety. This morning I want to go through Paul Tang’s
presentation. Paul Tang was the chair of the committee, so to insure absolute
authenticity with the message that the chair wanted, I’m going to go through
his presentation.

First of all, I would like to just look at the committee. It’s quite a
large committee for an Institute of Medicine study. There were 15 or 16 people,
a wonderfully sort of coherent group. I’ve been on committees which weren’t
coherent, so I know the difference.

It was a very IT savvy group, and also had a lot of experience in the issue
of clinical data standards. As you can see, there are many clinicians on the
committee. We also had experts on patient safety and the delivery of quality
care. And there was also a patient representative.

Interestingly, we had a representative from overseas, Joe van der Schaaf,
who is an expert in near miss analysis. The Institute of Medicine has, in the
last year or so, been interested in bringing foreign members onto its
committees, and basically flying in somebody from the Netherlands is cheaper
than flying people in from California, so this is not a big expense.

I think also I would like to put the work in some sort of context. As
probably everybody around this table knows, the Institute of Medicine has been
working in the issue of quality, quality of care for a number of years now. It
all started out with what was known as the Round Table on Health Care Quality.
This was followed up by a major study called — the report was called To Err
is Human
, which had those figures on number of people who are estimated to
die in hospitals associated with errors, which really raised everybody’s
awareness of the issue of patient safety.

This was followed by a report called The Quality Chasm Report, which
attempted to try and look forward on how we can produce a safer system which is
focused more on the delivery of quality care. And one of the recommendations of
that study was that improvements ought to be channeled through major areas of
care. And in a subsequent study knowing a the “Priority Area Study,”
identified the sort of 20 top areas or conditions that should be attacked
first. And as a by-product of that too, this particular study on data standards
for patient was set up.

What I have up here on the screen are some important words out of the
Quality Chasm Report. It basically says if we want safer, higher quality
care, we will need to have redesigned systems of care, including the use of
information technology to support clinical and administrative processes. And
the committee was very strongly of the view that the way to improve quality was
definitely through greater use and implementation of information technology.

So, we were asked to provide basically a detailed plan to facilitate the
development of data standards applicable to patient safety. And in particular,
to look at some of the standardization issues associated with the priority
areas that I mentioned earlier.

And as Simon mentioned, in the middle of the study we were asked to sort of
take time off and spend about six weeks looking at the whole issue of standards
associated with electronic health systems. I will talk a little bit about that

Paul had in his presentation, some basic information which really sort of
puts some of these issues into perspective. He highlighted this particular
study. An earlier study had projected that there were 98,000 associated with
errors in hospital care. As you probably already know, there was another study
also reported in that report which put the figure at 44,000. So, that was the
origin of the range 44,000-98,000.

I think one of the major important developments of the study was that
earlier study really related to adverse events in the hospital setting. And the
committee moved in two important dimensions in addition to that. First of all,
there were some figures quoted on adverse events. Another case I think is
nursing homes and ambulatory care. And secondly, and possibly more importantly,
the committee moved down in the direction of looking at the whole issue of
error of omission, not just commission but of omission.

And just while the study was being carried out, and important piece of —

DR. LUMPKIN: I’m sorry, do you have a question?

MR. LOCALIO: I need to make a correction on your previous slide. I’m sorry
to interrupt you. Could you go back to your previous slide?

I’m Russ Localio. I was a co-investigator for this study, and two issues.
First of all, it was designed to pick up adverse events that were caused
outside of the hospital, but the assumption was that adverse events that were
serious enough, would end up in a hospitalization where they would be counted.

So, it was definitely not confined to adverse events that occurred, that
were caused in a hospital. And actually, the report goes into some detail on
the breakdown of the percentage of the adverse events that are counted in that
study that arose out of causes that were outside the hospital, were in previous

The second thing is medical management was not confined to areas of
commission, not at all. In fact, the details of this study go into trying to
compare the frequency of errors that may have been the cause of an error of
commission, and errors that were caused by omission, for example, missed
diagnosis. Those were also included in the 3.7 percent. Those were also
included in the 98,000 annual deaths.

So, I know this is in your report, and I know it is in your slide, but I
can tell you I’m the person who wrote the program that drew that sample of
30,195 people. So, I’m very familiar with this study.

DR. ASPDEN: Right, well, I’m sorry that I’ve obvious misquoted what you
said. And I think looking at the slide, it doesn’t actually say that, does it?
It doesn’t say that these were limited to just hospital error, does it? In
actual details of the slide, does it say that?

DR. COHN: And Russ, maybe I should jump in here also. First of all, I’m
very impressed, because I think that was one of the very important studies over
the last number of years. I had no idea that you were involved in it.

I think it’s actually very important for you to comment that you looked at
errors of omission as well as commission, because that is actually something
that has been lost in a lot of the patient safety vision over the last 20
years. Because really, my comment about this one is that the vision really
moves back into that issue of omission, as well as commission, recognizing that
for the last several years we have been primarily talking about adverse events,
things that somebody did something to somebody, and had a bad outcome of it
when we talk about patient safety. So, I’m actually glad in this report we are
sort of getting back to some of the earlier work.

MR. LOCALIO: I’m sorry, but I had to correct that.

DR. ASPDEN: No problem.

Well, as I say, Paul, in his presentation, had this information on a number
of studies. But during our study, there was published some work by Beth
McGlynn. I believe it was Rand study, which came to the conclusion that only 55
percent of patients — and I think that was both inpatient and outpatient —
received the appropriate type or level of care.

So, this led the committee to essentially modify some earlier definitions
that were used in previous studies. The original errors report had the
definition as follows: “An adverse event is defined as an injury caused by
medical management, and by implication an error of commission, rather than by
the underlying disease or condition of the patient.”

This was just altered to the following: “An adverse event results in
unintended harm to the patient by an act of commission or omission rather than
by the underlying disease or condition of the patient.” So, we make
explicit, this issue of omission.

The other dimension that the committee was very concerned and interested
about was we have talked about adverse events. The committee believed that
there was not nearly enough work or discussion of near misses.

The next slide is a definition of a near miss. An act of omission or
commission that could have harmed the patient, but did not cause harm as a
result of change, prevention, or mitigation.

The reason why the committee was so interested in this was really
three-fold. One, near misses are widely believed to be precursors of actual
adverse events. Two, there are many more near misses than adverse events, and
therefore, it is easier to actually collect enough data to carry out some
proper analysis. And thirdly, implicit in near misses are recovery procedures.
So, analysis on near misses can provide insights to recovery procedures.

Here again, this is again from Paul’s presentation. He introduced some work
that he had done himself on the lack of quality in patient information. The
second bullet says the mean number of DDU per case equals 3.7. This is not a
commonly used term. This is a Paul Tangism. I believe it is deficient data or
defective data unit per case.

And then he quoted some further studies, which we really haven’t got time
to probably go through in detail.

So, to get to the first recommendation of the study, basically, the
committee felt that a new health care system is needed, one that can both
prevent errors, and learn from errors as they take place. And in particular, an
NHII is needed that can provide immediate access to patient information
decision support tools, and capture patient safety information, adverse events,
and near misses as a by-product of care, to design safer care delivery systems.

So, at this point, I would like to digress to talk about the electronic
health record study, which Simon mentioned. The background to this is as
follows. Health and Human Services was looking to introduce incentives to
encourage people to invest in electronic health records. And the thought was
that can we link, or shouldn’t we link incentives to functionalities of
electronic health records?

So, the obvious question is, what are the care-related functionalities of
electronic health records? And we were asked to look at this in four case
settings — inpatients, outpatient, nursing homes, and community. The last one
we had some concerns or reservations about. And so, that was transmuted to the
personal health record.

So, just really some sort of definitions of what the committee took to be
as an electronic health record. Basically, it consists of complete patient
information, a longitudinal collection of electronic health information for an
about patients. It requires secure and ubiquitous access. And also has
implicit, a number of decision-support tools which will allow both the patient
and providers to access external information. And also lastly, an electronic
health record should be a part of an effort to improve the efficiency of

In terms of deciding the criteria, the committee came up with four real
headings: to prove patient safety; to support delivery of effective patient
care; and facilitate management of chronic diseases; and to improve efficiency.

The committee also looked at the issue of the timeframe for implementation,
recognizing that: (a) some of the functionalities may not be fully developed,
certainly not in software; and (b) that many care settings will not be able to
move as fast as some of the leading care settings, say in a hospital

So, there were time phases, an immediate, which basically means it should
be available; near-term, 2006-2007; longer-term, 2008-2010.

The key capabilities were grouped under eight headings and these are
displayed on this slide: health information and data; results management; order
entry; order management; decision support; electronic communication and
connectivity; patient support; reporting on population management; and
administrative processes.

And we produced a report which is here, and is available on the Web. Maybe
many of you have already seen it.

Simon, do you think it’s a good place to stop here to consider talking
this, or shall I move on?

DR. COHN: I guess we can ask people, are there any major questions about
this one?

MR. HOUSTON: What do you mean by patient support in this last slide in the

DR. ASPDEN: Access to information that the patient might want to know about
his disease or whatever.

MR. HOUSTON: Does it also include like a portal for the patient to engage
or provide information regarding like medication usage and things of that sort?


DR. COHN: Actually, under all of these things were relatively specific
bullets, not a zillion of them, but typically five or six. And then issue got
to be when you started talking about well, is this a near-term, mid-term, or
long-term implementation strategy by type of setting. So, it gets to be sort of
an issue.

MR. HOUSTON: I guess I’m more concerned about how much is the patient going
to actually interact with providing meaningful data to this type of

DR. ASPDEN: Well, you’ve got to remember that one of them was the personal
health record. And so, that patient is very much involved in providing data for

DR. COHN: And I think it was the view of the personal health record, which
I’m not sure is exactly — that is sort of an ambiguous term. I think that we
were in many ways talking also about a portal for the member to their
comprehensive record, recognizing that sometimes people talk about a personal
health record as something that is complete and separate and different, or
partial and separate and different from everything else.

And I think the vision was once again, this idea of the NHII, where people
had, based on their skills and their credentials, they had opportunity to look
at the complete views of the patient having as much information as possible
about their health care.

DR. LUMPKIN: Other questions about this portion?


MR. BLAIR: One of the other things that I think may be of interest, since
HL7 is going to be arriving very shortly with its second ballot of its EHR
functionality model standard, is that HL7 took this information as input, and
the results that HL7 will be coming forward with basically have the same
information in it that the IOM put forward, and many of the similar categories

The major areas where you probably will see differences would be in how you
deal with decision support, because decision support could be looked at, at
different levels, and could fall into capturing data, reporting data, analyzing

And then the other one is work flow or clinical processes. So, that
sometimes gets characterized differently, because some of that is
administrative. Some of that is part of direct patient care.

And then a third piece is that the HL7 model has a separate section for
information infrastructure. But you know, basically it relied heavily on the
input from the Institute of Medicine, and then accommodated it to a little bit
more an information technology perspective of how do you deliver those

Steve, you were also heavily involved in that HL7 effort. Maybe you have
some other contributions to make.

DR. STEINDEL: No, I think you summarized it, Jeff. There will be an HL7
ballot coming out relatively soon, probably within the next week or two, at
least that’s the plan. And it does follow a lot of the recommendations here,
and changes from the previous ballot.

DR. DEERING: The ballot should open on or about March 15th. And what is
unique in this situation is that any individual may register by paying $100 to
vote on this ballot. You do not need to be an HL7 member.

So, if you have any interest in this at all, you are encouraged to go to
the HL7 Web site, hl7.org, and vote. And we got it down to 128 functions as of
this morning. So, that’s 1/10th or 1/20th as few as there were before. So,
encourage everyone to participate.

DR. ASPDEN: So, as Jeff mentioned, and as I should have said earlier, our
report was input to the HL7 deliberations.

So, after that digression, we go back to the issue of patient safety. The
committee stressed the importance or the indivisibility of patient safety in
the delivery of quality of care. They could not draw a distinction between the
two. And moreover, they felt that safety could only be insured through the use
of information technology. And this has implications for the need for a wide
range of clinical data standards.

And in particular, the study examined three types of clinical data
standards, data interchange standards, terminology standards, and knowledge
representation standards. And then looked at standards specific to patient

So, not surprisingly, the committee was very keen that NHII should be
established, and that the federal government should play a leading role in the
development of such an entity. In addition of course, many providers are going
to have to make the appropriate investments to implement the NHII.

The committee also looked to strong leadership from the federal government
in this area. There had been a vacuum of leadership in the clinical data
standards area. They felt that the group who should step up to the plate was
the federal government. And we looked to see at a strategic level, endorsement
on the following levels.

One is endorsement of the whole of idea of what we are trying to achieve.
Secondly, certain seed money or funds to get the standards developed and
implemented. And thirdly, a commitment to come back to this issue, to review it
again, to make sure the whole process is on track.

In addition, the committee also felt that the CHI initiative was probably
the most important event that had taken place in this area in the last decade
or so, and extremely supportive of the efforts of CHI, and looked to foster
them as best they could.

So, on the basis of that, the committee felt very strongly that CHI should
work very strongly with this body here to identify data standards for adoption,
and gaps needed to be filled. And the other members of the government AHRQ, NLM
and others should provide administrative and technical support for this
combination of CHI and NCVHS.

Provide financial support and oversight for standards development
activities, and insure development of tools to implement data standards. And
lastly, to coordinate activities and maintain a clearing house. In particular,
the NLM should be responsible for mapping and distributing terminologies, which
it already does today.

So, that was the overall view. And there was for each of the groups of
standards, where the committee made some recommendations. In front of such a
body as this, I’m not sure I want to go through some of the detail, because it
really meshes quite — should have been meshing quite well with the work of
NCVHS. So, there is a lot of replication here, which you probably are already
very familiar with.

So, looking at clinical data interchange standards, the committee felt that
the CHI standards should be incorporated into contracts and regulatory
requirements. And that AHRQ should provide accelerated completion of HL7
Version 3, CDA specifications and implementation guides, and analysis to
address the unique health identifier for individuals.

Perhaps I can stop and say a little bit more about that. I think if the
committee had been allowed to, it would have made a recommendation that there
should be a unique health identifier. But quite sensibly, they drew back from
that and felt that the whole issue should be re-opened again not that certain
security and safety standards were either in place, or about to be implemented,
and that this whole issue should be reviewed again.

In particular, the committee I think felt that a voluntary unique health
identifier was something that was probably worth examining. I guess that was a
fairly controversial part of the report.

So, moving into clinical terminologies, here again we are sort of hopefully
meshing quite well with NCVHS’s work. AHRQ should support the creation of
integrated, non-redundant core terminology set that includes patient safety
requirements. This is very consistent with what the NCVHS is doing. And in
particular, we should begin to look at the requirements for the 20 IOM priority

NLM should provide mappings from existing terminologies to the core
terminology set. This is also consistent with what is going on at the moment.
And in particular, the NLM should accelerate the completion or RxNorm.

Moving to knowledge representation, the committee viewed this as a
standardizing approach for representing clinical knowledge in a computer-usable
format. So, for example, it would be used to convert clinical guidelines into
computer-usable software.

This on the whole, seemed a much less developed area than the other two I
just referred to. And the recommendations here were that NLM should support
development of standards for evidence-based knowledge representation, and that
AHRQ and NIH, FDA and other agencies should support development of generic
guideline representation model to facilitate use by EHR decision support tools.

DR. COHN: Philip, if I can join in on this one. This is actually going to
be an area, as we move into e-prescribing, that we are probably all going to be
revisiting and getting a lot smarter on. I was impressed during the
deliberations that there seemed to be a lot of acronyms for evolving standards
in this area.

But in the business case, I think up to now, maybe has been a little
vacuous in terms of exactly what people need. And there seems to be a lot of
work about figuring out how people can move knowledge representation and
decision rules from one place to another, but there is no agreement about how
you actually instantiate them in a system once you got them.

And so, I think we all sort of were scratching our heads on this one, and
feeling that it’s going to be a — it’s one thing getting some focus, and I
think with the e-prescribing piece, as mandated by the Medicare Modernization
Act, it may provide the industry some increased focus on exactly what it is we
need in this area.

Comments or questions? We’ll all be talking about this as the year moves

DR. ASPDEN: Well, in addition to recommendations associated with clinical
data standards, the committee also wanted to take a higher level view of the
whole issue of patient safety. And it felt that all care settings should
establish comprehensive patient safety programs.

And in Chapter 5 of the report — this is the released version of the
pre-published — has a considerable amount of detail on a model for executing
that based on case finding, which is identification of potential adverse events
or near misses, analysis of the events, using the analysis to identify system
fixes, testing these system fixes, and then deployment and implementation.

And the last point is, as Brent James graphically called it, holding the
gains. Making sure that you don’t slip back to where you have been before. And
the committee was looking to achieve what it thought was a paradigm shift.
Historically, reporting has been retrospective, adverse event reporting, after
harm has already been done. It has been blame-oriented, targeting individuals.
And it has been focusing on acts of commission.

The future, as far as the committee were concerned, was to go prospective.
To focus on prevention and analyze care processes for hazards. Secondly, to
foster a culture of safety, rather than a culture of blame, and move from
errors of commission to include errors of omission, and also as I mentioned
earlier, the analysis of near misses. And there is a chapter in the book about
the whole issue of analysis of near miss analysis.

In addition to the recommendations about data standards, and also this
desire to get a more comprehensive view of implementation of patient safety
systems, there was an implicit requirement for quite a wide range of research.

I’m not sure I want to go through all this in detail, but it fell into
three categories: knowledge generation, a particular area that some of the
committee members were keen on was to improve database triggers. Today, these
have just been developed for adverse drug events and nosocomial infections.

But developments need to go in two directions. One, more types of systems
need to be developed for more types of events. And also, the existing ones need
to become more specific. As I say, there are three areas, knowledge generation,
tool development, and dissemination. In think in the interest of time I will
move forward. All the details are obviously in the report.

So, we move on to patient safety, eight standards specifically for patient
safety. The first recommendation here is AHRQ should establish a national
patient safety database of de-identified patient information. This, I think, is
a follow on from a previous IOM report.

Coming down to the specifics, the committee recommended that AHRQ should
develop a patient safety event taxonomy. This should cover, as it says in the
slide, adverse events, near misses, errors of commission and omission,
multi-factorial causes, because often in the case of an adverse event, it is
not totally clear what the precursor is, or there may be more than one
precursor. And that this whole standard should be incorporated into SNOMED CT.

The committee went into some detail on what should be included in the
standard. So, the report puts forward a minimum set of data elements, which
would be standardized. There should be specific data available to calculate
prospective risk assessment, which is important in determining whether a
particular event should be analyzed.

The committee that there will always be a place for a narrative description
of an event. We are not going to completely do away with that. One of the
reasons was that we may have a completely different model of an adverse event
in the future, and that we should be able to go back to the narrative event to
recodify the event based on perhaps a new model of patient safety.

We should implement the Eindhoven Classification, the medical version for
root cause analysis. In addition, there should be narrative on the lessons
learned associated with any particular event. And there should also be clinical
documentation of the patient context. That would be more age, disease, and that
sort of thing. And this should be used by the current project that is trying to
integrate all of the federal reporting systems.

So, we are coming to the end now. I’ll just reiterate one or two of the
messages. First of all, patient safety is the prevention of harm due to acts of
commission or omission. Health care organizations should implement electronic
health record systems to deliver safe care. And Congress should authorize and
fund HHS to lead and maintain a public/private partnership for the promulgation
of data standards for patient safety. And HHS should help accelerate the
development of certain standards.

Following on from that, all health care settings should establish
comprehensive patient safety programs, that as I mentioned earlier, encompass
case finding analysis and system redesign. AHRQ should lead an applied research
agenda detailed in the report, which I didn’t go into in much detail. And AHRQ
should develop a national patient safety database containing standard data
elements from standardized reports. So, that was broadly what we recommended.

This is the pre-publication report, so in the jargon of the Institute of
Medicine, the report is released. Whether that means it’s published is a thing
I never quite understood. But the sort of hard-backed version of the report
should be out in the next two months. We also have prepared an executive

So, Simon and I will be able to take questions.

DR. COHN: I did want to make one comment here, and just to sort of amplify,
obviously there are a lot of slides here, and I think we may find different
parts important. I think I want to focus or a minute on this issue of
standardized report formats, because going into this study, I think we were all
aware that there are a zillion people asking for reports around issues around
patient safety, all in disparate formats, all with slightly different data.
It’s sort of the quality reporting issues.

And I think there was certainly a view that maybe this might be a road to
fewer and different types of reports. But the other piece of all of this was
that as we looked, and I know there has been lots of almost religious
discussions over many years ago issues of codified data for everything versus
free text data for everything.

And I think the committee came to sort of a realization that certainly
there is a need for a significant amount of codified data in any one of these
reporting systems. But at the same time, when you really get down to certain
parts, like the description of what happened or how it happened, this sort of
thing, that the richness of free text is really incredibly both useful and
necessary in all of this.

So, I think there was a strong desire by the committee to sort of preserve
that element, as opposed to sort of trying to make everything coded, at least
in the current state-of-the-art. So, once again, as I said, we have all talked
about it ourselves, but there is this sort of religious argument there, and it
just sort of a statement of where the committee came down.

DR. LUMPKIN: Questions and comments.

MR. HUNGATE: I want to applaud the effort. I would do it 17 times it I
could, because I think it’s overdue and essential to what we are doing.

I want to make some observations of concerns that I have that relate to it,
and preface that by giving the background that Paul Tang and I were both
trained in the same corporation, Hewlett-Packard, where he was working on
computerized patient information systems in our lab. I was working in a
hospital supplies business, and became very attuned to the degree of error that
was occurring.

And we had developed bar coding equipment, had both the printing and the
reading kinds of things. And I worked very hard to build a business around
identification of products in hospitals. There was no market for it. And I now
understand better the reasons why that is true.

So, Paul and I learned quality improvement from a corporation that was
judged by everyone to be high quality, but we finally learned we were not, and
had to do something about it. So, we had the hubris that had to be overcome.

The other thing that I have learned is to respect the law of unintended
consequences. And there is another chasm that I’m increasingly worried. And
it’s the chasm that exists between the patient or health seeker, and the trust
of the provider, and the trust of the organization that pays for their costs.

I think there is a growing separation of belief that for instance — I’m on
the Group Insurance Commission in Massachusetts. When we change a benefit
design, it’s not always regarded by our health seekers, beneficiaries as
beneficial to them. We intend it to be, but they don’t believe it is.

An unintended consequence that we’ve got in the public view is the privacy
that they have signed off in every medical office, with every provider that
they have, the perception of that is that it’s for the benefit of the provider,
not for me. That it’s protecting the provider.

DR. LUMPKIN: Or the payer.

MR. HUNGATE: Or somebody else. It’s not to my benefit in the way it’s
presented to me. So, the unintended consequence of that, which we have done to
help patients doesn’t necessarily have the same impact.

My experience with quality improvement is that as you get better at it, you
find more and more things that you identify as errors. So, progress is seeing
more errors. There is another intended consequence that comes out of that,
because people say well, gee, the errors are getting worse. And that’s not
going to increase this trust on the part of patients in what’s going on.

And so, it’s this business of how do we convene to an increasingly
uncomfortable public, that this really is doing something good for you? In a
sense, I guess it’s asking for what are the early deliverables that can show
progress in terms that make sense to people, for them?

Because I see the tension between the regulatory and the preventive, and
agree with the identification of the tension, but I don’t see a response to
that, that leaves me comfortable in terms of the chasm that I’m talking about.
So, that’s just a broad, very general and give me a little help.

DR. ASPDEN: I think the issue that you raise was certainly raised during
the committee, and also is evident in the literature. As soon as you start
becoming very more aggressive, or indeed very aggressive, you find a lot more
errors. And I think that’s about as far as the committee went on that issue.

I don’t think that we — Simon knows better than I do on this — but the
committee went any further than that, just the realization of this observation.
We didn’t really sort of try and think it through, and how we could get over
this other chasm that you referred to.

DR. FITZMAURICE: I would like to say that first of all, this report is
extremely helpful to AHRQ and its patient safety program. And in addition, that
we in the department have $10 million to spend on standards. When you see the
mandates and the suggestions and the recommendations from NCVHS, from CHI, from
the IOM committee, from people out there in the private sector such as the
Markle Foundation, you realize that $10 million probably won’t get the whole
job done but it will give us a great start. And likewise, the IOM report gives
a great start on what we need to do, and some sense of priority.

I want to follow-up on what Bob said, and that is in our patient safety
program, and the anticipated reports that may come out in the future, we expect
to see more errors, a growing volume of errors. But if we are successful in
reducing patient harm from patient safety and medical errors, they should be
less severe.

So, you might see a larger increase in volume, but we should be targeting
the most severe of them in reducing that. So, if we are looking for an outcome
standard, that’s one that is in the backs of our minds.

MR. REYNOLDS: This is good work. I have two or three studies from IOM. If
you think about omission, and you think about EHR, CHI to me has a very good
chance of being successful, because it somewhat of a closed panel of a group
within the VA. So, you’ve got kind of the HMO philosophy almost.

Whereas, when we talk about the private sector getting into this, as you
heard a number of testimonies yesterday, it’s more going to the PPO, freedom to
go to any doctor environment. And trying to build an EHR that is believed by
people, playing off of Bob’s comment, that is believed by people that all the
doctors they are seeing, and they see many, are actually updating a record,
that would then be available to the caregiver in the four settings that were
mentioned here, inpatient, outpatient, and so on, is where I think the chasm

Because if as a country we had bought into the HMO philosophy, where you
had a true, consolidated caregiver that pretty drove the deal, and you may have
a better chance of at least knowing where somebody went. So, it’s an
interesting argument that I have within myself, trying to figure out, so how do
you actually make that go when you have that, without everybody getting there.

And how do I know when I go into the hospital, that everybody got there,
all my doctors or somebody had updated it? Because then you get your omission
again, back to some of the earlier comments. Because as soon as you assume that
record is right, the doctor that you saw yesterday or the day before or last
week didn’t update something, that may be the thing that your next episode is
in. So, that’s not a criticism, that’s a question, because it’s exciting to get
there, but that path is fraught with implementation issues.

DR. STEINWACHS: This is a superb report. I enjoyed the report and the
presentation. But it does raise some interesting roles, it seems to me, for the
patient and the consumer. And so, it took us a long time to get to the point
where we told consumers you have to look at your own credit report. You get
access to the credit report, and you have a way to have some say that says
there is an error or a mistake.

And it seems to me there is a parallel here we are thinking about. And I
don’t how much is the domain of this committee, is how can the consumer or
patient interact with the EHR to say there is something missing here. I saw a
doctor, and it’s not in here. And how do you build that process?

Because I think without that kind of engagement then, there is nothing that
is sort of a counterbalance, because we have no way right now to say all the
places were that the patient went, because you don’t always pay for all of them
either, and so it may fall out of the system.

DR. LUMPKIN: Well, I think if I can jump in there, I think there are a
couple of ways that we’re going to have some involvement in that. First, the
NHII Work Group has focused in on the patient health dimension as being one of
the areas that we want to focus in on.

Second is that the Markle Foundation-led initiative on Connecting for
Health has a major focus in the second phase. And they are very interested, and
the NHII Work Group discussed it, that when they finish with their report, we
are going to have a presentation at the NHII Work Group. Hopefully, some of
those things can lend themselves to being moved forward as a recommendation by
our full committee. So, the issue will come back to us over the next year.

MR. LOCALIO: Again, I’m not usually a critic of what the IOM does, and I’m
certainly not now. I have not read your report, although I gave them my credit
card number. It hasn’t arrived. So, I can only rely on the summary.

But in asking you what can this committee do, I have a comment. And that
is, that in my review of the summary, I get the feeling that you have made the
problem seem overly simple. And instead of using words like the federal
government should pursue a robust, applied research agenda on patient safety, I
would ask, do you think there is enough money anywhere to fund the information
systems, the standards, the evaluation systems to do what we have to do to
reduce, as Barbara Starfield said yesterday, the third leading cause of death
in this country? What can we do?

DR. ASPDEN: Well, for a reason that I don’t understand, IOM studies are not
supposed to put costs on some of these things. I worked in the consultancy
world, and you wouldn’t get away with making recommendations without putting
costs on them. So, somehow there isn’t a cost figure associated, and I’m
probably speaking out of turn on that as well, but anyway. I’m sure the short
answer is there isn’t enough money to carry out all the research.

DR. COHN: I think it’s also picking out the right pieces too. For example,
we see e-prescribing as a low hanging fruit. Obviously, various other sorts of
research will obviously have a benefit.

MR. BLAIR: I have only had the opportunity to read the executive summary.
But after reading the executive summary, I really was very impressed with the
report, and I’m very anxious to be able to read the rest of it. It was, I
think, a 16 or 17 page executive summary.

And the things that impressed was that it was setting directions. It was
recognizing balance. I had the impression that it was not superficial, but that
it was extremely thoughtful of both the human dynamics, as well as the
political and cultural and technical changes that have to be coordinated to
move things forward.

So, again, I can’t comment on the whole report, but if the rest of the
report put some flesh on that executive summary, I think that this is probably
a very valuable and meaningful set of directions and guidance and
recommendations for us.

DR. LUMPKIN: I’d like to, and then I’ll toss it to Jim to kind of respond
to the question of costs. You know, just as we said in quality, we can’t look
upon the role of an individual clinician. You have to look at the system. And
when you look at costs, you can’t just look at the individual opportunity
costs, or what it costs to do development to standards. But you have to look at
the overall impact.

The NHII Work Group has a presentation by Bill Yasnoff at our last meeting.
And they had just finished a study that indicated that if the NHII were
instituted, the costs savings were — the net cost savings, were in the range
of $120 million. And that is based upon extending the model of the Santa
Barbara — I’m sorry, billion, $120 billion.

And that was based upon extending the model from Santa Barbara and
Indianapolis, where by instituting community health data interchange, that you
would reduce the number of duplicative lab tests and other kinds of things.
They did not measure the cost due to patient safety, or to the cost saving due
to public health.

When you begin to think of those models, you actually look at the fact that
there are potential resources to make these kind of changes. One of the issues
that was raised, however, in that presentation, and one which we ought to take
a look at, is the fact that when you look at the savings associated with the
outpatient health record, which is roughly about $34 billion, most of the
savings accrue to the payer, and not to the people who are actually
implementing those, which are the providers.

And so, our question really probably is more apply appropriate to discuss,
how do we appropriately align the cost and the incentives and the rewards in
this sort of system that moves the agenda forward? Because I think
Intermountain, Stan, not too long ago, raised the proposition, and I think
appropriately — I’ll call it the Intermountain proposition — then on patient
safety, the same thing is true.

That if you reduce medical errors, the institutions by and large, don’t
reap the rewards of that. So, if you don’t provide care that is not required,
because a patient didn’t have a medical misadventure, it’s the purchaser and
the payer that get those rewards.

And so, there are certain initiatives such as pay for performance, that are
looking at changing the alignments. And CMS is actively engaged in that. So, I
think we can begin to look, as we think a little bit broader in the work of the
committee, and this will be the work of NHII of saying, okay, let’s look at the
data standards, but also begin to look at some of the financial incentives that
are associated with aligning the costs and the rewards of this kind of


MR. SCANLON: Let me first say that I enjoyed the conclusion of the
committee whereby you basically reaffirmed rather than create a whole new
structure and set of directions, you basically reaffirmed what mainstream
thought is in the information infrastructure. And even though you focused on
patient safety, that could have been a silo of its own, you pretty much adopted
and reaffirmed sort of the mainstream activity relating to standards and
electronic health records and NHII here, which is very positive as well.

And that’s sort of my take away conclusion, that you basically looked at
patient safety, and you see in the general efforts of the National Health
Information Infrastructure, a way of supporting some of the information there
as well.

Secondly, on the cost, and again, patient safety is important, but there
are other issues in health care in the US as well. And I think Russ’ point
really was that there is only a certain amount of resources that an economy can
put into this area. And again, these are individual business decisions that
have to be made by hospitals and providers, and there is a market. And the
market will either make affordable and useful products, or it won’t.

And the government can create standards, and can create the environment
whereby this market can work, but honestly, it ultimately depends on having
affordable, interoperable useful products in the market as well, and I don’t
think we are really there.

MR. BLAIR: John, the point that you made is correct, but I think we do need
to be a little bit careful, because the CITL report that underlined what was
presented to us, if you actually look at the numbers, the savings to providers
within the timeframe that they showed, was not that much different than the
savings to payers.

But your point is correct, because in many cases when providers are able to
wind up reducing their costs, then the marketplace then puts pressure for them
to offer services at lower costs, because they happen to know that those
savings are there. And they get eroded, removed, or taken away.

And I think that that’s the area that we have to be very cognizant of as we
go forward, because I think that the fear and the distrust in the provider
community is not that EHRs might now save them money on their investment. It’s
that whatever they save will then be negotiated a year or two later down by the
folks that reimburse them, because they know that their costs are now lower,
and they are in a competitive position to go for contracts.

So, the need for the reimbursement system to allow providers to share in
the benefits of moving into the health care information age on a sustained
basis, not just for one year, not just on an interim basis and then have it
taken away, I think is a very, very critical point. And I think if it is not
properly addressed — I think it is going to be properly addressed.

I think that people are becoming aware of that. And I have a feeling that
the recommendations that are going forward in NHII do understand this. But I
think that’s an important distinction. It’s not the immediate benefits, it’s
the sustained benefits be shared.

DR. LUMPKIN: I think that’s a good point. I would just add one other piece,
and then I’m going to turn it over to Simon to close the session, since you
opened it, and to thank Phil. And that is that we have to recognize that
permeation of technology is not going to be even. And there are going to be
inequities in development in the system.

And what will happen is that first of all, renegotiation of rates is
occurring, even as we speak. And it’s going to be an ongoing factor. And those
entities that do institute electronic health records are going to be better
able to take the changes. As a result, they then have a competitive edge, and
the market forces would then drive those who don’t have those technologies to
either adopt or get out of the market.

And so, there are many, many complex factors that are in play, and our
challenge of course is how to provide the environment in which that competitive
milieu will push the system in the direction that we believe it needs to go
towards more interoperative effective and efficient health care delivery
through the use of information technology.


DR. COHN: I was also raising my hand to make a final comment on the
cost/benefit also. So, how does this all relate together? First of all, Philip,
I want to thank you. I think you’ve done a great job presenting I think what is
going to be a 500 page report. So, this will be good bedtime reading for you
all for many weeks to come.

Obviously, this report is important, but I think during the process of
developing this report, I think everyone on the committee sort of realized that
the low hanging fruit in all of this area is e-prescribing and improvements in
prescribing, medication delivery, errors of omission and commission related to

Recognizing that a lot of the surgical areas, while they are very
important, a lot of them are being already looked at very intensively, and
don’t open themselves up for information technology support in quite the way
that something like prescribing does, knowing what my handwriting looks like,
just as an example.

Now, as we move towards the National Health Information Infrastructure,
there are obviously various strategies and approaches. One of the strategies is
obviously putting a tremendous amount of functionality and pump, sticking it
into a local environment. And certainly, that is not a bad strategy.

Obviously, another strategy is beginning to implement widely across the
country thin veneers of functionality in areas where it really makes a major
business case do, both business and consumer case. And what we are seeing I
think in the Medicare Modernization Act is a strong statement by the government
as we move into standards for e-prescribing, pilots, and then maybe a little
something grayer beyond that, exactly what is happening.

But if you are a betting man, you might expect by the end of the decade
that there might be some greater expectation from the government and the
largest payer, CMS, that there might be more of this happening. So, what we may
see is patient safety, e-prescribing, data standards, NHII all beginning to
converge as all of this comes together.

I think in all of this, obviously, the standards work of the IOM, we’re
going to look back on it and say this was a wonderful foundation to begin to
build all of this structure, regardless of how it all comes out.

So, Philip, you did a great job. We were happy to help you, and thank you.

DR. LUMPKIN: And Phil and Simon, thank you very much for the presentation.
It certainly was food for thought, and now we’re going to break for food for
the stomach.

[Whereupon, the meeting was recessed for lunch at 12:08 pm, to reconvene at
1:00 pm.]

O N (1:07 pm)

DR. LUMPKIN: Okay, the item on the agenda is the HIPAA report to Congress.
We have in front of us handed out the report of the committee. This is a
document that we have seen before. And Simon, if you could walk us through the

Agenda Item: HIPAA 6th Report to Congress – Dr.

DR. COHN: John, as best as I can tell, it’s been completely rewritten. I
think it’s actually a very good document, but it’s unrecognizable from previous

John, can I just make a comment or two? I think overall, this is actually a
much, much improved document, actually very good. There are a couple of
sections as in under four important issues, the first major bullet with a
paragraph or two that I didn’t think made a lot of sense, and probably needs
some revision. But I also don’t think we need to spend time — please, let’s
not spend time wordsmithing it around the table.

And so, I think that probably the prudent thing to do would be to move
approval of this, with the Executive Committee having the opportunity to make
further revisions to the document.

DR. LUMPKIN: We have a motion in front of us. Is there a second.

MR. BLAIR: I second it.

DR. LUMPKIN: They are moved and seconded. Is there discussion on the
document and the motion?

MS. BEREK: We have a few changes that CMS wants put in. So, we’ll just give
them to him, and it’s fine. I just want to make sure you know that. They are
not substantive. They are substantive, but they are not controversial.

MR. BLAIR: May I make a suggestion?

DR. LUMPKIN: They are factual. Why don’t we hear those? And then we’ll get
to you, Jeff.

MS. FRIEDMAN: We would like to substitute the paragraph on CHI to just more
fully reflect the entirety of what went on. And we would like to add a couple
of sentences on our contingency plan.

DR. LUMPKIN: Let me see if I understand the CHI. The contingency plan, I
think that’s fine.

MS. FRIEDMAN: CHI is already in there. We would just like to substitute a

DR. LUMPKIN: Right, but we ran into this whole issue with this report,
because that’s how it stretched into two years. You are going to be looking at
activities in 2003?

MS. FRIEDMAN: Yes, just strictly 2003.


MR. BLAIR: I withdraw. I was thinking of the wrong document.


MS. GREENBERG: I’m not sure if your CHI changes are here on page 8 under
standards of patient medical record information. Probably, but that does need
some revision. There is some confusion. First of all, I don’t think Sec.
Thompson announced adoption of any CHI standards in July 2003. That was in
March 2003, and it was only the message standards.

And there is some confusion that he has announced the adoption of all the
CHI standards, but that’s not the case. It’s only the message standards,
correct, Steve?

DR. STEINDEL: That is correct.

MR. BLAIR: LOINC, one terminology standard.


MR. BLAIR: No, SNOMED was not in the first set.

MS. GREENBERG: No, what he announced in July 2003 was that the federal use
license through distribution of NLM of SNOMED. But that was not an adoption of
SNOMED as a standard. So, this needs to be fixed.

DR. LUMPKIN: Okay, any other?

MS. GREENBERG: Do you want to read it?

DR. LUMPKIN: Yes, I’m going to read it. I think that’s only fair. Roughly
what the paragraph would say is subsequent recommendations by NCVHS in 2003
specified many of the standards which serve as the foundation for standards to
be adopted within the federal enterprise through the Consolidated Health
Informatics initiative.

The goal of CHI is to adopt uniform standards for interoperability of
clinical information in the federal health care enterprise. The work of NCVHS
informed the first set of CHI adopted standards announced in March 2003, by
Sec. Tommy Thompson. These included: Health Level 7; messaging standards for
patient care transactions; NCPDP; Script standard for retail pharmacy
transactions; IEEE 1073 series of messaging standards for device
communications; DICOM standard for imaging and laboratory; and LOINC to
standardize the electronic exchange of clinical laboratory results.

MS. GREENBERG: Do we not want to say anything though about vocabulary
standards? Because the committee has also made recommendations about vocabulary
standards. Is that in here? You made the whole suite for the core terminology
standards. That needs to be in here if it isn’t. It certainly isn’t in this
section on standards for patient medical record information. We just take it
out of the letter or whatever, but it’s not there.

DR. LUMPKIN: Okay, so the preceding paragraph would be enhanced, or do we
know where that is?

MS. GREENBERG: You need a new paragraph after this paragraph that we just
read. You need one about that the committee also made the recommendations in
November 2003 on core terminology standards. And you could even say that CHI is
recommending standards that are consistent with this, but they have not yet
been adopted. Do don’t even have to mention that, but you do need to mention
the November report.

MR. BLAIR: May I suggest one bit of enhancement to what you just suggested,
Marjorie, is that in addition to indicating what the core set was, I think we
should indicate that it also made recommendations for an expanded role of the
National Library of Medicine to be the custodian of the core set, and provide
mapping to the important related terminologies.

MS. GREENBERG: Who is the keeper of this report?

MR. REYNOLDS: Under section 4, important issues, the first two paragraphs,
the date of October 16, 2003, in the first paragraph, and then the extension
don’t seem to match up.

DR. LUMPKIN: What page are you on?

MR. REYNOLDS: Page 14. If the original date was October 16, 2002, if you
are going to say in the next paragraph that the extension was a good thing. So,
those two don’t work out.

DR. COHN: Harry, I don’t know how to fix it, but I agree with you it didn’t
make much sense. I was going to return to the authors and ask them to — I’m
not against the factual content here, but it just don’t flow very well.

MR. REYNOLDS: We’re saying that the extension of 2003, that people couldn’t
be ready. And then we say, because of the extension, everybody was ready. So,
either way you want to write it, but I think it needs to be looked at.

DR. LUMPKIN: Okay, any other? Then if I understand the motion that Simon
made, which was that we would adopt this document. That this document would
have the following three changes, the first paragraph under section 4 would be
correctivized. That under the section on page 8, that the second paragraph
would be substituted with language recommended by CMS on expanding the CHI. And
that there would be a third paragraph that would talk about the vocabularies.

I would like to suggest that the methodology that we would use would be
that it would be sent out by e-mail to the full committee for comment. Those
comments would then be reviewed. And unless there is something deemed
substantive by the Executive Committee, it then will be forwarded to the

MS. GREENBERG: It would go through the Executive Committee?

DR. LUMPKIN: That’s correct, to review the editorial changes. So, the full
committee will have a chance to see the document. You’ll have a week to make a
comment or raise a substantive issue. The comments will be reviewed by the
Executive Committee, and then we’ll move forward.

MR. SCANLON: And an executive summary will be prepared which we could limit
to the body of the report.

DR. LUMPKIN: An executive summary that would, as in past executive
summaries, would pick out individual sentences from the report. And so, it will
not have any new content.

MR. SCANLON: Right, a pure summary.

DR. LUMPKIN: So, it’s been moved and seconded. Is there further discussion?
All those in favor signify by saying aye. All those opposed say nay. The motion

[Whereupon, the motion was unanimously approved by the committee.]

Okay, the next item on our agenda, we going to fiddle a little bit with the
schedule if Privacy is ready. Now, there is a corollary to Murphy’s Law that
says work expands to fill the allotted time. To put that into perspective,
since we finished the last item in 15 minutes, instead of an hour, that then
moves up our adjournment time to 2:45 pm, just so that we understand that.

We’ll take the appropriate amount of time. I don’t want to minimize any of
the work that we do have. But the Quality Subcommittee will have a report, but
the report that was in the document will not be coming before the committee
until the next meeting. And that’s just the editorial changes were a little bit
too extensive, and the committee chose to — and Bob will tell us why.

Okay, Privacy.

Agenda Item: Reports from Subcommittees and Workgroups
– Subcommittee on Privacy & Confidentiality – Mr. Houston

MR. HOUSTON: “Dear Secretary Thompson:

As part of its responsibility under the Health Insurance Portability and
Accountability Act of 1996 (HIPAA), the National Committee on Vital and Health
Statistics (NCVHS) monitors the implementation of the Administrative
Simplification provisions of HIPAA, including the Standards for Privacy of
Individually Identifiable Health Information (Privacy Rule).

The Subcommittee on Privacy and Confidentiality of the NCVHS held hearings
in Silver Spring, Maryland on November 19 and 20, 2003. The hearings, the first
of several to be held, were intended to gather information about the effect of
the Privacy Rule on public health and research, and on health care providers,
health plans, and consumers.

In general, witnesses at the November 2003 hearings reported less anxiety
and confusion about complying with the Privacy Rule than did witnesses at NCVHS
hearings prior to the compliance date. Several witnesses said that materials
posted to the website of the Office of Civil Rights (OCR) were helpful, but
they also stressed the need for OCR to expand its outreach and public education
activities, so that the Privacy Rule can be implemented effectively. It was
noted that not all covered entities and consumers have access to the

DR. LUMPKIN: Okay, the changes that were recommended yesterday have been
put into mostly in that third paragraph. Any comments on that? Let’s move on.

MR. HOUSTON: “A. Public Health

The Privacy Rule explicitly permits disclosure of protected health
information (PHI) for public health purposes without the need for an
authorization. The main issues involving public health are (1) misunderstanding
the Rule that leads covered entities to limit their disclosures for this
purpose, and (2) coordination of the public health disclosure provisions with
other provisions, particularly the requirement to provide an accounting for

In general, the witnesses stated that misunderstanding of the Privacy Rule
by many covered entities was adversely affecting the reporting of notifiable
conditions to public health officials. At least one witness suggested, however,
that some covered entities might be using the Privacy Rule as an excuse to
avoid the burden of public health reporting.

One of the witnesses, representing the Council of State and Territorial
Epidemiologists (CSTE), testified about a CSTE survey of the State and
territorial public health epidemiologists and Centers for Disease Control and
Prevention bioterrorism state grantees on syndromic surveillance systems.
According to the survey, thirty-five percent of respondents said that the
Privacy Rule had caused major obstruction or delay in disease reporting
Further, when asked about the requirement to account for disclosures to public
health, twenty-five percent of the respondents said this “was a
significant problem for their disease reporters.”

DR. LUMPKIN: Why don’t we stop there? Any questions or comments on the
first section on public health?

MR. HOUSTON: I noticed that in the second paragraph, territorial was not


MS. GREENBERG: It doesn’t have to be.

MR. HOUSTON: Well, then the first one is wrong then.

MS. GREENBERG: No, that’s the name of the organization.

DR. LUMPKIN: Okay, we’re not going to debate on capitalizing territory. We
are going to capitalize territorial. It’s there.


“We also learned that immunization is another concern Often, school
officials need immunization information from covered providers to assess
compliance with State laws requiring immunization as a condition of enrollment
in school. State laws vary on whether a school is considered a public health
authority and whether immunization records may be shared without the
authorization of a parent or guardian. Thus, in many States, covered providers
cannot disclose immunization information to schools with receiving a
HIPAA-compliant authorization. A witness reported that inquiries among health
departments found that if authorizations cannot be obtained, some children
receive duplicate immunizations. If OCR could interpret disclosure of
immunization information to school officials as a public health disclosure, the
necessary information could be released without need for an authorization,
thereby benefitting the children.”

DR. LUMPKIN: Okay, anything on immunizations? Okay.

MR. HOUSTON: ” With regard to accounting for disclosures, the
reporting of suspected cases of abuse and neglect has been a particular concern
of social service agencies. In many States, agencies receiving reports of
suspected cases of child abuse or neglect are prohibited from disclosing the
report or the name of the individual or entity filing it. The state
prohibitions on disclosure, however, apply only to the recipients of the
reports and do not extend to health care providers, such as hospitals, that
file them. Under HIPAA, an abusing parent, acting as the personal
representative of the minor child, may obtain an accounting of the disclosures
and learn of the report. This has the effect of discouraging the filing of
reports of suspected abuse and neglect. An exception to the accounting for
disclosures requirement for reports of suspected abuse and neglect would
eliminate this problem.”

DR. LUMPKIN: Anything on this paragraph? Okay.

MR. HOUSTON: “B. Research: — now, we have extended the definition
here — Research: The Privacy Rule and the Protection of Research Subjects Rule

The witnesses at the hearing provided frank testimony describing the
detrimental impact of the Privacy Rule’s research provisions on research
activities. The witnesses at the hearing overwhelmingly supported the Privacy
Rule’s intent of aligning its requirements with those of the Protection of
Research Subjects Rule (codified for the Department of Health and Human
Services at 45 CFR part 46), in order to promote consistency and ease of
compliance. In some key instances, however, the Privacy Rule diverges from the
protection of Research Subjects Rule in ways that cause either gaps in privacy
protection or unnecessary obstacles to research. Additionally, due to the
considerable confusion, compliance with the Privacy Rule’s provision on
Research would be helped by clarification and expanded educational

DR. LUMPKIN: Just a question there. Then what we had called in the prior
document the Common Rule, is most appropriately called the Protection of
Research Subjects Rule?

MR. HOUSTON: Let me explain this. We sort of had a discussion as to what we
should call it. The Common Rule is accepted. There is another federal policy —
there was another accepted term for it that was much broader, that encompasses
more than the Common Rule. And there was a concern, what do we call this thing?

Part of me thinks that we could probably within the parentheses, also say
also referred to as the Common Rule, or the federal policy, to make it clear,
because I think it doesn’t seem clear to me that it’s the same thing,
unfortunately, as a lay reader.

DR. STEINDEL: It’s my sense from hearing from researchers that they, from a
jargon point of view, refer to this as the Common Rule. And I think we should
use that term in the letter, for researchers who are reading it.

DR. COHN: John, help us with this one. My understanding is when we talked
about it this morning, it turns out the Common Rule is part of this piece. So,
it’s like part A, and there is a part B, and a part C, and a part D. And I
think the concern was that some of this may be issues that need part of the
overall issue, but beyond the part that is called the Common Rule, is that
right, John?

MR. FANNING: That is correct. It was a question of technical precision
about what rule was in question here. And the term Common Rule does not capture
that effectively.

DR. COHN: So, we could indicate here that the Common Rule is part of this
larger rule.

MR. FANNING: Quite frankly, I think this is quite clear. The people who
read this ought to know what that regulation is. And to start inserting words
in the interest of clarity that make it complicated and require additional
qualification will not help the document, is my view.

MR. HOUSTON: I’m just afraid that people who are dealing with research, and
who deal with the Common Rule, are going to say, gee, what are these guys
talking about? It’s the Common Rule.

DR. STEINDEL: That’s exactly what I’m saying. And, John, I feel that there
are going to be a lot of people who do research, who will not be familiar with
this terminology. Saying Common Rule somewhere in that parenthetical
expression, I think would be helpful.

Now, that part of this is referred to as the Common Rule, to be technically
correct, but just as long as the word Common Rule appears in there, it will
ground the researchers who read it.

DR. LUMPKIN: What was the reference to the Common Rule? Do we know what
that is? We know it’s part 46.

MR. BLAIR: Can you re-read the sentence?

DR. LUMPKIN: Well, my suggestion would be is that the way the sentence
reads, “The witnesses at the hearing overwhelmingly supported the Privacy
Rule’s intent to align its requirements with those of the Protection of
Research Subjects Rule (codified for the Department of Health and Human
Services at 45 CFR part 46).” I thought that we could add to that
parenthesis saying, section blah, which is known as the Common Rule.

DR. STEINWACHS: I think it was Section A, is what I remember.

DR. LUMPKIN: Okay, we can verify that. So, it would say, part 46 section A
of which is known as the Common Rule.

DR. MAYS: The only thing that is confusing, and one, I do research too. I
was the vice chair of the IRB. And I’m trying to think, the Protection of
Research Subjects Rule, it really is kind of confusing, because I don’t anybody
that technically talks about it, even at the IRB. So, it’s almost like I think
you have to put those two things in so people — those are the more commonly
referred to things, which is the Common Rule. And I think if you are going to
do this 45 CFR part 46. Because otherwise, I think you are going to get a lot
of questions about what is this.

MR. HOUSTON: It’s always referred to as the federal policy on research or
the Common Rule.

DR. LUMPKIN: Did what I suggest work?

MR. BLAIR: I support your recommendation, John, that we keep that all in
one sentence. And even though it’s unwieldy, I feel it’s important that it all
be together in one place.

DR. LUMPKIN: And I think what the important part from the committee is that
we need to refer to the entire rule, because researchers, even though they may
focus on the Common Rule, are held accountable to the entire rule.

Okay, so we have a solution? Not your favorite solution.

DR. MAYS: I’m just saying I think if you can just call it either the
federal rule or something. I don’t know, I guess you have to get used to it
being the Protection of Research Subjects Rule. The rule part is what is what
is confusing. And even though you put that in parentheses, it is almost like we
just make it a little easier. But for the sake of accuracy, it is fine. But it
is confusing.

MR. HOUSTON: Why don’t we say aligning its requirements with those of the
rules governing protection of research subjects. And then we can define it to
be —

MS. GREENBERG: You keep referring to it. I think you should refer to it by
its right name.

MR. HUNGATE: It seems to me that this is almost a form of a footnote
relating to the proper reference above. And it would be better to say more in a
footnote and be complete, with just a reference to the footnote. So, people
will use a footnote, some people will use the text.

DR. LUMPKIN: Well, I think why don’t we leave that as a style issue. Having
one footnote in a document may not necessarily be that helpful.

MR. HOUSTON: When somebody in the research community is reviewing it, I
think clarity, as well as something that they are used to really seeing is
helpful, because they will think we’re off our rockers.

MS. GREENBERG: Just for devil’s advocate, if people are responsible for the
entire rule, and aren’t even quite aware of that, or what the full rule is, I
think this serves an educational purpose.

DR. LUMPKIN: I think that — Jeff?

MR. BLAIR: Can I make a suggestion? I think it’s important that it all be
stated accurately and completely, and all in one place. But since it does make
a long sentence that is unwieldy, maybe the editor can break that sentence into
two sentences, so that each of them will be a little more readable.

DR. LUMPKIN: Well, my thought would be is to put a note at the beginning in
parentheses. The note would say the Protection of Research Subjects Rule for
the Department of Health and Human Services 45 CFR part 46 includes a number of
provisions, one of which is most frequently referred to by researchers as the
Common Rule. This document will refer to the broader rule, which contains
additional responsibilities for which researchers are obligated to comply with.
Something along that line. So, we just say it upfront. It’s a nota bene.

MR. HOUSTON: Okay, do you want to move on to the next paragraph then?

DR. LUMPKIN: Yes, please.

MR. HOUSTON: ” An example of the inconsistencies between the Privacy
Rule’s research provisions and the Protection of Research Subjects Rule relates
to “preparatory to research” activities. The Privacy Rule permits PHI
to be reviewed by a researcher for purposes that are preparatory to research
without either the patient’s authorization or a waiver or alteration of
authorization by an Institutional Review Board (IRB) or privacy board. The
concept of “preparatory to research” includes such activities as
hypothesis development, protocol preparation, and certain research recruitment
activities. Specifically, according to the Department’s August 2003 document,
Institutional Review Boards and the HIPAA Privacy Rule, the Privacy Rule
permits a researcher who is a workforce member of the covered entity to contact
potential research subjects for the purpose of seeking an authorization as part
of the covered entity’s health care operations. Even though such contact is
construed as coming within health care operations, the interpretation permits
recruitment of potential research subjects (an element of research) without IRB
approval, and thereby violates the Protection of Research Subjects Rule.”


DR. STEINWACHS: A small question. Is privacy board usually capitalized or
not? About the sixth line down, IRB or privacy board.

MR. FANNING: I have capitalized here. It probably shouldn’t be. IRB is well
known phenomenon, if you will. Privacy board is a bit new. Let me check the
office style manual later and conform it.

DR. LUMPKIN: John, I think that’s a capital idea.

MR. HOUSTON: ” The role of the IRB in reviewing the authorization
forms has also raised questions. The Privacy Rule permits an authorization for
the use and disclosure of PHI in research to be combined with an informed
consent document, although many researchers prefer to use separate documents.
But according to the same August 2003 publication, the Privacy Rule does not
require IRB review of authorizations, either as stand-alone documents or when
combined with informed consent documents. The absence of any such role under
the Privacy Rule has created confusion about whether IRBs, in their role under
the Protection of Research Subjects Rule, have the authority or responsibility
to review these authorizations to use and disclose information for research.
Because the Protection of Research Subjects Rule charges IRBs with considering
the adequacy of privacy and confidentiality protections for subjects, it would
be helpful to have a clarification that there is nothing in the Privacy Rule
that prevents them from reviewing authorization forms in discharging that

Should I keep going?

DR. LUMPKIN: The only change I would recommend in that, it kind of stands
out because we refer to that same 2003 document. I think even though it is
probably redundant, probably inserting the name of the document. Given the
construct of this, these pieces may go separately to different units in HHS,
and it stands on its own better that way.

MR. HOUSTON: Proceed?


MR. HOUSTON: “An area in which the divergence of the two rules results
in burdens on researchers involves general research authorizations. Under the
Protection of Research Subjects Rule, subject to such limitations as an IRB
deems appropriate, a research subject may provide informed consent for future,
unspecified research. Under the current interpretation of the Privacy Rule,
however, an authorization may not be for future unspecified research, and so a
separate authorization must be obtained for each trial or study, or a waiver or
alteration of authorization obtained from an IRB or privacy board.

Unless the HIPAA interpretation is changed, it will be exceedingly
difficult to compile research repositories, including repositories with
collections of biological specimens linked to medical records, which are
essential to many forms of research. While it is clear from the January 2004
document, Research Repositories, Databases, and the HIPAA Privacy Rule, that a
waiver of authorization could be obtained from an IRB or privacy board for
disclosure from the repository, this additional step further complicates the

Only one comment is it seems the language in the first sentence,
“including repositories with collections of biological specimens linked to
medical records,” I’m not sure what the right word is, but with sort of
seems. Obtaining collection?

MR. FANNING: You could just say collections including collections of
biological specimens linked to medical records.

MR. HOUSTON: Repositories containing collections.

DR. LUMPKIN: Containing, yes.

MR. HOUSTON: ” Several other areas related to research also need to be
addressed. Genetics researchers are concerned that any DNA sample, even if not
linked with an individual, might not be considered “anonymous”
because analyzing the sample could reveal the unique DNA identifiers of the
individual. Clarification that unlinked DNA samples are not
“identifiable” would resolve the issue.

Clarification also is needed on the applicability of HIPAA to indirect
participants (individuals who are not research subjects but whose PHI may be
disclosed by research subjects) and multi-institutional studies. The witnesses
also identified some areas in need of additional outreach and education
initiatives to counteract the reluctance or refusal of smaller institutions to
participate in research because of misunderstanding HIPAA and the standards for
the de-identification of individually identifiable information.”

DR. MAYS: This keeps bothering me a little bit, because it keeps being
read. Aren’t we told not to say research subjects anymore, to say research
participants? At the IRB we are told to do that.

MR. FANNING: I don’t know of any regular policy here. There may be such a
policy. I know that change is occurring in that field. What is the sense of the
committee? I don’t know that we have any rule about it.

MR. HOUSTON: I have an opinion. I think participant is somebody who
knowingly participates in research. I think if we are talking about cases where
waivers might be granted, where you might have a repository that would be in
advance of getting somebody’s approval to be involved in research, it is really
they are subjects, at least in some contexts. That’s my only thought.

DR. LUMPKIN: Okay. Anything else on research? Good, let’s go. Covered
entities and consumers.

MR. HOUSTON: “C. Covered Entities and Consumers

Part of the hearing was devoted to testimony by covered entities and
consumers on a broad range of issues. Several witnesses expressed concern about
the Privacy Rule’s requirements for accounting for disclosures of PHI. In
particular, many covered entities believe that the accounting requirement is
burdensome as a result of the many disclosures required by law. Compounding the
burden is the fact that many mandatory reports are submitted on paper because
automated systems for filing the reports have not been developed. At the same
time, the number of requests by consumers of an accounting of disclosures to
date has been extremely small.

Witnesses also expressed concerns about the need to distribute notices of
privacy practices and to obtain and maintain the corresponding acknowledgements
in nontraditional medical treatment settings. For example, cholesterol and
blood pressure screening are often provided at health fairs, and flu shots are
often provided in such nontraditional settings as shopping malls and subway
stations. Witnesses questioned whether it was necessary for covered entities to
provide a notice of privacy practices in these circumstances, or to get and
retain acknowledgements that individuals had received them.”

My only thought here is should cholesterol and blood pressure screening,
should screening be made plural?

DR. LUMPKIN: I think we had somebody just join us on the phone?

MR. ROTHSTEIN: This is Mark.

DR. LUMPKIN: Mark, just to let you know where we are, we’re ahead of
schedule, and we’re on page 5, reading through the document. And so far there
really have been just some editorial changes, but nothing of content.

MR. ROTHSTEIN: All right, thank you. I’m sorry I’m late in calling in.

DR. LUMPKIN: Well, actually, you’re early calling in, and we are just
running ahead of schedule.

MR. ROTHSTEIN: That’s sort of unprecedented, isn’t it’?

DR. LUMPKIN: Okay, we’re so glad you are with us.

MR. HOUSTON: We’re on the last sentence/paragraph of subsection C. Covered
Entities and Consumers, Mark.


MR. HOUSTON: ” A witness representing consumers suggested that OCR
should expand its enforcement activities beyond merely investigating complaints
to include compliance audits.”

DR. LUMPKIN: Okay, we have now gone through the body of the letter prior to
the recommendations. Do we have any additional comments? Okay, let’s go through
the recommendations one at a time.

MR. HOUSTON: “Recommendations. Based on the oral and written testimony
presented at the hearing, NCVHS recommends the following:

OCR should continue to expand its education and outreach activities, and
special efforts should focus on public health reporting.”


MR. HOUSTON: “HHS should regard disclosure of immunization information
to schools as a public health disclosure, thereby permitting providers to
disclose this information to school officials without an authorization.”

DR. LUMPKIN: I like that so much better than the prior one. Thank you.

MR. HOUSTON: That was John’s crafting.

“HHS should create an exception to the right of the individual to
receive an accounting of disclosures in the case of reports of suspected child
abuse or neglect.”

This fourth one was, just as a preface, is a bullet that we wanted to bring
before the full committee for consideration. The Subcommittee itself does not
necessarily endorse this bullet point, but rather wants discussion about it.

“[HHS should consider allowing covered entities to perform accounting
for routine disclosures for public health purposes in a fashion similar to that
currently permitted for research purposes.]”

If there are more than 50, you can simply document what is the particular
research study, what type of records were disclosed. That could be done in a
short form fashion, rather than naming each individual patient.

MR. FANNING: It might be wise to have that explanation in the body of the
text. We can summarize that streamlined procedure.

DR. LUMPKIN: Is that required to be accounted for now?

MR. HOUSTON: All accounting to public health have to accounted for
individually to a patient if they should ask.

MR. FANNING: There is sort of streamlined procedure for research
disclosures. If you have more than a certain number, it can be done on a kind
of batch basis.

DR. LUMPKIN: And can you share with us what the two different positions on
the committee, those for and against? Or is there someone who can — Mark?

MR. ROTHSTEIN: Well, this is a proposal that John Houston submitted to the
committee, which it did not come from the hearing, and came rather late in the
process. That’s not to say that it doesn’t have merit. It’s just to say that it
came late in the process.

And when we had our conference call to discuss this, we only had three
members of the committee. And I thought that it was not going to be unanimously
agreed to. We would need some background information about the nature of the
problem, and why we were doing this in the text itself. And I didn’t want to
either include it or exclude it on say a two to one vote.

And with the agreement of the members of the subcommittee, we just decided
to leave it here as a placeholder, and let John make his case before the full

MR. HOUSTON: Let me say this. This was not a specification recommendation
that came out of testimony that we heard. We heard the problem of accounting of
disclosures. And this was sort of in thinking about it, what could we do to try
to improve the state of things. And this was one thing that I thought might
improve — would make it less burdensome.

DR. STEINWACHS: This would include all reportable diseases. And so, what
you are saying is that if we allowed the research approach, then if I wanted to
track down who reported, I had a reportable disease, I wouldn’t be able to find
that necessarily. Is that what this is?

MR. HOUSTON: What would happen is there would be a list of the types of
reports, just like research. There would be a list of the types of reports that
would be made. The same thing with research. It would be a listing of all the
different protocols, or at least the activities where records were reviewed for
the purposes of the research.

And that if you had HIV or you had some other disease, the list would
simply say that any HIV or any of these types of diseases or additions would be
reported. Then I think if a patient were to look at that list, by knowing their
own health record, would be able to determine whether that that was in fact

DR. STEINWACHS: I’m still thinking about it if there were an error in
reporting or something else, is how you would track it back as a patient
looking — how does the health department.

DR. LUMPKIN: In this, the reporting would go as it does now. It is the
documentation that the provider has to keep to notify the patient if they
should so ask, that changes.

DR. STEINWACHS: That’s what I was asking. If I go to the hospital, would I
still be able to find out if the hospital had reported it on me? Because what
you are saying was no.

MR. HOUSTON: I think that would be more difficult, because that would
become a two step process whereby if you’re a patient and you knew you were at
a particular facility in which a disease or an issue was identified, and you go
to look to see if the list of different types of disclosures that are made. And
I guess from that, and make draw the conclusion that because of that, that’s
how the information was provided, or that the information was provided.

Just a couple of points though, just real briefly. First of all, I think
that’s going to be something that a patient is going to be more easily able to
navigate through frankly than often the research related activities. Because
it’s far less likely the patient is going to be able to understand whether his
or her records were disclosed for the similar purposes for research under the
research provisions.

DR. LUMPKIN: Let me read the sentence for Jeff. “HHS should consider
allowing covered entities to perform accounting for routine disclosures public
health purposes in a fashion similar to that currently permitted for research

MR. ROTHSTEIN: This is Mark, if I may. I was one of the opponents of
including this as a recommendation of the subcommittee. We did hear a
tremendous amount of testimony in opposition to the accounting for disclosures
rule at the hearing. And it’s one of the least popular provisions of the HIPAA
Privacy Rule, there is no question about it.

However, there are a variety of other options that we were exploring at the
hearings to try to deal with the subject, and to make matters less burdensome
for covered entities. It seems to me that there is a very good case to be made
to justify the previous bullet, and that is creating an exception in the cases
of suspected child abuse or neglect.

In this particular instance, I’m afraid that if we create enough exceptions
to the accounting for disclosure rule, there won’t be anything left. And I do
think it’s a very important principle that remains in the privacy rule, that
unless there is some compelling reason why not, you should be able to find out
who has received a copy of your medical records, which would include STD
reports that are required to be filed, et cetera, et cetera. And we shouldn’t
impose additional burdens on individuals to try to track this stuff down if
they want to find out that information.

In the case of research, where you might be using 1,000 files to look at
the prevalence of something, in addition there is an IRB overseeing this entire
operation, making sure that confidentiality is protected, I think that can be

I think we are going too far if we bring public health disclosures in under
the same kind of exception. There will be sort of nothing left. We already say
that if there is disclosure pursuant to an authorization, there need not be an
accounting for disclosure. If we start including public health along with
research, we will have basically killed the entire provision.

DR. LUMPKIN: I’m going to suggest an approach to this, and it’s not because
the merit of this proposal, which I think I actually personally would support,
and I could I think present arguments to refute some of your concerns. My
concern is that we have a recommendation that is sitting here in the document,
and there is in the preceding text that supports it.

I just want to state something that I believe in the function of the
committee. Our recommendations don’t need to come out of comments or testimony
that are made by testifiers. We are a committee of experts. And so, our
deliberations, our synthesis of testimony, or our whatever can lead to a
recommendation which is not in of itself, supported by testimony. In fact, this
recommendation was generated by thought processes that started from the

So, I think in and of itself, even if there weren’t disagreement, it would
have merits to go forward. My concern is that we would then have to try as a
full committee to write the supporting paragraph to support this
recommendation. And so, what I would like to suggest is that we ask the Privacy
Subcommittee to take this on as an issue, to bring it forward if it can pass
muster within the committee in a future recommendation.

So, that we are not actually passing on it, but just sort of a procedurally
moving it back to the subcommittee.

MR. ROTHSTEIN: Well, that would be certainly acceptable to me, John. We are
in the process of beginning drafting the next letter based on hearing dealing
with banking and schools and law enforcement. And should the subcommittee
desire, we can add that provision and the supporting text that it would require
to our next letter.

DR. LUMPKIN: Okay. Steve?

DR. STEINDEL: Obviously, CDC has heard from many of our public health
partners concerning this very issue, and we have raised it with the department.
I’m very happy with the approach that you have just suggested, that the
Subcommittee on Privacy take a longer look at it, and make a very thoughtful

As you are, John, I’m a little uncomfortable with this particular
recommendation. It may be one way to approach the problem, and I think the
other ways need to be explored.

DR. LUMPKIN: Steve, I think that it may be helpful as the liaison to CDC,
if you could provide the committee with some of the documentation on the kinds
of protections that exist at the state level for data collection, because in
fact, protection of this kind of information is generally covered under state
law, including criminal penalties by disclosure of state employees. So, I think
we just need to add that into the mix, and then have the committee discuss it.

MR. HOUSTON: One point, since we did discuss in Section C, accounting of
disclosure issues, do we at least want to in the recommendation section
indicate that because of the complexity of the matter, we believe that we need
to take additional time in order to formulate a recommendation? It’s
conspicuously missing anything.

DR. COHN: This is at the end of C, the first paragraph? Is that what you
were referring to? So, we say the committee plans to further pursue this issue
in subsequent hearings?

DR. LUMPKIN: No, I think that the committee plans to pursue this issue in
subsequent communications.

MR. HOUSTON: I just think we need to close that loop.

DR. LUMPKIN: So, address it in subsequent deliberations.

DR. STEUERLE: Do you want to be even stronger and say that you are going to
ask CDC or other parts of the department to cooperate with you in examining
this issue?

DR. LUMPKIN: I think the more words we add, the longer it’s going to take
us to try to wordsmith this. So, we want to try to be succinct.

DR. STEINDEL: I have hear clearly, and I will communicate with our
appropriate people, and they will get back to our liaison to the Subcommittee
on Privacy with the details.

DR. LUMPKIN: Okay, so, we are going to add a sentence into the end of C
saying that the committee will have further deliberation upon this issue.

MR. FANNING: Tell me again where you want this. Right before

DR. LUMPKIN: No, the first paragraph under C, on page 4.

MR. FANNING: It is mentioned earlier, but this is a good place. There is a
passing reference to the accounting for disclosures in the discussion of public
health, but it doesn’t make any difference.

MR. HOUSTON: No, under paragraph C there is an in depth discussion of it.

MR. FANNING: Yes, there is.

MR. HOUSTON: And that’s where we put it, at the very end of that first

MR. FANNING: So, the concept is that the committee is looking further into
this, and may gather more information?

DR. LUMPKIN: No, I just think a statement saying that the committee will
continue to deliberate upon this issue.

MR. HOUSTON: Should we continue?


MR. HOUSTON: The next bullet point, “HHS should make further efforts
to harmonize the Privacy Rule with the Protection of Research Subjects

“HHS should clarify that nothing in the Privacy Rule requires or
precludes IRB review of stand-alone authorizations for use or disclosure of PHI
for research.”

DR. LUMPKIN: This is probably just an editorial change, but I think that
clarifies nothing in the Privacy Rule. I think really would it be fair to say
that the Privacy Rule neither requires nor precludes?

MR. HOUSTON: Right. Okay, next bullet point, “HHS should consider, for
nontraditional treatment settings, permitting an abbreviated notice of privacy
practices, or eliminating the requirement to get and retain acknowledgements
that individuals received them.”

“We appreciate the opportunity to offer these comments and

MR. FANNING: Mr. Chairman, I have a question about the recommendations. The
first one is focused on OCR. All the rest are focused on HHS. Was there a
conscious choice that OCR should be identified as the group to extend its
outreach activities?

DR. LUMPKIN: Yes, we start off early in the document noting that OCR has
been involved in doing this.

MR. HOUSTON: But, actually, I think John is correct. NIH also provides
recommendations regarding research.

MR. FANNING: That’s correct.

DR. LUMPKIN: Okay, we’ll change it to various places.

DR. FITZMAURICE: But the more you spread it out over a lot of people, the
more it’s nobody’s budget or responsibility to do it. One can always point to
somebody else.

MS. GREENBERG: I also don’t think anybody issues any guidance without it
being reviewed by OCR.

DR. FITZMAURICE: That is correct. So, I think OCR is pretty well
appropriate there.

DR. LUMPKIN: We have a document. I would like to thank the subcommittee for
starting to work late last night, working through the night, and John of course
for his efforts.

Is there a motion? I think I heard Simon say he moved acceptance, and I
heard John second it.

MR. HOUSTON: Can I make a suggestion that it be subject to Mark’s final
approval of that sentence that goes into the first paragraph of Section C? I
would just leave it up to Mark to approve it.

MR. ROTHSTEIN: I think that John Fanning can do it without my —

MR. FANNING: Tell me again what section you are focusing on?

MR. ROTHSTEIN: That extra sentence that we were going to continue to study
the accounting.

DR. LUMPKIN: How about if I review that sentence to see if it’s consistent?

MR. ROTHSTEIN: Yes, John can do it before he signs it.

DR. LUMPKIN: Okay, so we are approving the document with really two
changes. The first change is on Section B, research. We are pulling out from
the first paragraph, the discussion of where you can find the Protection of
Research Subjects Rule into a note at the beginning of that section indicating
that this rule, which is found on 45 CFR part 46 includes what is known as the
Common Rule as part of — some sentence to that effect.

And then just to bring out the issue of the Common Rule upfront, so people
who are familiar with that, but not with the Protection of Research Subjects

And the second one is to add at the end of the first paragraph in Section C
under covered entities and consumers, a statement that the committee will
continue to deliberate on this issue.

DR. STEUERLE: There are still things down here, but I’m wondering if one
single sentence at the beginning or the end might not at least convey that we
believe that something like timely consideration of these recommendations would
lead to an improvement in public health. I’m just thinking something that
states more than we believe these recommendations, but something that raises
sort of very slightly the level of accountability, so you come back six months
or a year from now and say what happened. You say we had a reason for saying
this, and we a reason for asking for some timely consideration. I realize it’s
a subtlety.

DR. LUMPKIN: I think my only response in that is the department has been
very responsive to our recommendations. And we get a fairly quick turn around,
and I’m not sure that we need to put that in there.

MS. GREENBERG: I just wonder though if there doesn’t need to be something
on the first page that indicates that there are recommendations. There is
nothing here that indicates that there are going to be recommendations. It says
we monitor. He held hearings.

MR. FANNING: You could have a sentence at the end of the second paragraph
that says this letter conveys the committee’s findings and recommendations.

DR. LUMPKIN: Okay, so that’s a third addition, accepted by the mover and
the seconder. Further discussion?

MR. HOUSTON: Let me move this.

DR. LUMPKIN: Is there a lead from the original mover to switch positions?
Okay, all those in favor signify by saying aye. Opposed say nay. Great, thank

[Whereupon, the motion was unanimously approved.]

We do have another action item. This was handed out to us, and Simon, if
you will read it.

Agenda Item: Reports from Subcommittees and
Workgroups – Subcommittee on Standards and Security – Dr. Cohn

DR. COHN: The Subcommittee on Standards and Security tries to keep them
brief. This is one page with a sentence on the back.

“Dear Secretary Thompson:

As part of its responsibilities under HIPAA, the NCVHS is responsible for
studying, selecting, and recommending standards for electronic health claims
attachments. To fulfill these responsibilities NCVHS’s Subcommittee on
Standards and Security recently held hearings on standards for electronic
health claims attachments on December 10, 2003, and March 3, 2004.”

Should I continue?

DR. LUMPKIN: Continue.

DR. COHN: “The Subcommittee heard testimony from providers, health
plans, vendors, associations, and standards development organizations about the
need for both basic and advanced functionality in a claims attachment standard.
For example, such a standard should be flexible, so that providers with minimal
infrastructure can electronically transfer claims attachments information to
health plans and clearinghouses. At the same time, the standard should possess
the flexibility to permit users with more sophisticated infrastructures to
fully leverage their investment in information technology. Health Level 7, and
Accredited Standards Committee X12N have been working to develop a HIPAA claims
attachment standard that can meet these requirements.”


DR. LUMPKIN: Continue.

DR. COHN: “The Subcommittee heard the need for demonstration projects
and pilot studies to document the benefits, costs, work flow requirements,
implementation challenges, privacy concerns, and best practices associated with
the claims attachment standard. Testifiers also emphasized the need to provide
an opportunity for the industry to comment on the results of the pilots and
demonstration projects prior to promulgation of the final rule.”

“NCVHS urges the Department to encourage and support several different
claims attachment demonstration projects and pilots that would include a broad
representation of affected stakeholders. NCVHS recommends that these
demonstration projects and pilots occur expeditiously, so that their results
and findings will feed into the development of the Claims Attachments Rule.
NCVHS understands that a Notice of Proposed Rulemaking concerning electronic
claims attachments currently is under development. We urge the Department to
issue this NPRM as soon as possible to provide the industry with initial
guidance and direction. This in turn will help motivate the industry to invest
in pilots and demonstration projects. In addition, we recommend that the
Department provide for public feedback on the results of the demonstrations and
pilots before a final rule is promulgated.

NCVHS wishes to thank you for the opportunity to offer these

End of letter.

MR. BLAIR: I move that we accept the letter.

DR. MAYS: Second.

DR. LUMPKIN: It’s been moved by Jeff and seconded by Vickie. Is there
further discussion? All those in favor signify by saying aye. Opposed say nay.

[Whereupon, the motion was unanimously approved.]

Is there anything else to report from the Privacy and Confidentiality

MR. ROTHSTEIN: No, other than we are working on our next letter.

DR. LUMPKIN: Well, I do know, as was stated earlier, that the Department is
looking forward with anticipation to our hearing results, so, keep up the good

MR. ROTHSTEIN: Thank you, we will.

DR. LUMPKIN: Anything additional from Standards and Security?

DR. COHN: I just wanted to announce our hearing schedules for the remainder
of the year. We talked about e-prescribing, and I think the subcommittee has
accepted the current work plan, at least until its next revision. We have
hearings upcoming on March 30 and 31. The 30th will be a one day sort of
background setting around e-prescribing. We’ll get a number of experts to come
and talk.

And the 31st will be a day where we will talk with the designated standards
maintenance organizations, and WEDI about how the HIPAA Administrative
Simplification Transaction Rules are going, as well as updates and changes that
need to occur to them. And that hearing was already scheduled.

May 25-26 is another set of hearings, which will be delving more into
e-prescribing for both days. Then we have new hearings that are being
announced, on July 29-30, where we will be hearing further from interested
parties and stakeholders regarding e-prescribing. This is followed by
additional hearings on August 17-18, from yet additional stakeholders on the

Based on that, we will be meeting on September 22-23, the dates of the old
NCVHS meeting in September, to take testimony from the standards development
organizations related to their ability to meet requirements as identified by
the users and stakeholders. And in November, we will be presenting the interim

Now, we have also scheduled as a back-up, October 12-13 for subcommittee
meetings in case we have further issues related to that or other issues on any
other topic other than e-prescribing in our life. Finally, on December 8-9, we
are holding dates for hearings on issues to be determined.

DR. LUMPKIN: Subcommittee on Populations.

Agenda Item: Reports from Subcommittees and
Workgroups – Subcommittee on Populations – Dr. Mays

DR. MAYS: The subcommittee is quite thrilled to report that I don’t think
we have had the size of attendance at the meeting since my first year on the
committee. We are finally back. We kept going up and down in terms of members
and staff, but I think we are now back to our size were in year one. So, I
thank you very much, Jim, for the work that actually led to that.

We don’t have schedules yet, but we just have activity schedules. We are
about to start scheduling, now that we have a full complement of people. One of
the projects that we intend to pursue is that of looking at the issue of mental
health statistics. We have brought that up before, and intend to fully move
ahead with that. And that project probably will result in some hearings.

The issue really is that insuring that as statistics move forth, that they
move forth with the notion of mental health as an important aspect of it. And I
think that was really presented very well yesterday by Barbara Starfield, when
she talked about this issue of problems. So, that’s something that we will be
moving forth on.

Of the targeted surveys, I brought that up earlier in terms of trying to
see where we were with that. We have had discussions with our NIH liaison. We
are trying to have some discussions also with NCHS in terms of the data users
meeting. Jennifer and I have a time to talk about that, to see if we can’t
actually begin to hear some presentations about some of the methodological
issues that are concerned with targeted surveys.

It ties into another area that the committee is going to also do some work
on, and that is in terms of geocoding and contacts, because it’s very critical
for really learning more about health disparities and vulnerable populations.

So, it’s going to get us into probably some overlap with privacy and
confidentiality, because that is a concern that we have about some of the
regulations, rules, procedures that come into play. But at the same time, the
need for having those, we think is quite important. But we want to see if we
can’t find a middle ground in terms of being able to have access to more of
that data, and having some data linkages.

I think it’s on our agenda. I think we will probably wait a month or so to
see where we are going to go with it, and that is we have sent a letter to the
secretary encouraging the health plans to collect and report data on race and
ethnicity and primary language. So, that’s still on our plate, and I think we
have a little bit of planning to see where we are going to go with that
particular item.

Last is the committee had talked about, because we had a set of hearings on
the issue of the collection of data on race and ethnicity, and the measurement
of health disparities in various racial and ethnic populations. In particular,
our last hearing was with Native Hawaiian, Asian, Pacific Islanders, and other
groups. And there is the opportunity for us to actually comment on that in a
publication that is coming out.

A journal actually requested that we consider whether or not we want to do
some summary or something about the report. So, given that we were thinking
about doing a report, that actually may work out as a way to do that. So, the
committee is going to talk about that.

And the National Longitudinal Childhood Study, our letter went off. We
haven’t heard back yet, but I anticipate that will be one of those things that
we will monitor.

And that’s it. So, we don’t have our list yet, but I’ll try and see if I
can’t squeeze some days or something. So, that’s it.

DR. LUMPKIN: Any questions? Bob, Workgroup on Quality.

Agenda Item: Reports from Subcommittees and Workgroups
– Workgroup on Quality – Mr. Hungate

MR. HUNGATE: The issue of hearings will come up further as we go on. An
interesting thing happened on the way to the forum, if you would accept that
description of the workgroup’s efforts. When we met yesterday, expecting to do
the editing to bring the report forward, with having done some editing to add
in the substance of our discussions from yesterday, we only made one word
change, and we spent all the rest of the time talking about that.

The word change was to put the word candidate in front of recommendations.
But it went back and forth in our discussion. Now, I don’t know whether — I’m
not a diagnostician, but I’m not sure whether we are seeing evidence of fatigue
or frustration, but there was unwillingness to really go sit down and do all
the rewording of the document that would make it conform to that single word
change on candidate recommendations.

So, what we have decided we should do is ask for the second and third
reading at the next meeting, having asked Susan Cunan(?), who is a marvelous
writer, and has listened to our discussions, to take the substance of the
content change that we have made, and put it in a form that makes sense to us,
and we’ll deal with that at the June meeting. That’s step one.

The other piece of it is that in looking at the list of candidate
recommendations, it appears clear that the first set of those recommendations,
which are stated assessing health care and health outcomes, needs further
hearing work in order to reach any movement from either candidate to real
recommendation or dismissal from the list, or prioritization or whatever is to
take place.

As we look around the rest of the committee activities, it looks like they
are pretty full plates. And while we feel that this ought to be joint work with
standards and security, the sense is that you are pretty busy. And it is our
sense that it’s time that we made our contribution to work through that. We
think it’s probably two days worth of hearings. We would like to do it in June,
because this thing has been going on long enough. We shouldn’t let it drag. And
there is stuff going on out in the field, and we ought to try to make it work.

And so, what basically happened is we started talking about the work we
ought to do, as opposed to the report, feeling that maybe that was where we
would make more difference. So, that’s where we are. That’s where we ended up.

Now, I think what that means is we have to think about what the content of
the hearing is, especially with standards and security to get have we taken the
right approach, have we got the right people, is this the right content, and
then go forward from that.

The other thing that I think I want to thank the full committee for your
patience and forbearance, as well as the participants themselves. It hasn’t
been a terribly rewarding process, but it has been educational. And I think I
characterize the problem this way. Quality is really all of what we are doing.
It’s not just the quality workgroup.

And we have to, as a workgroup, do things that will mesh with what
everybody else is trying to do to make them work better. And that means
spending this time in dialogue here to what’s what. And I think that’s been
very effective.

And so, I think the workgroup itself has a clear sense of how it can
contribute, and is motivated to do so. So, while it has taken a lot of time, I
think it has been very constructive. So, that’s where we are, and John and
Marjorie are our institutional memories, so we rely upon them every now and

DR. LUMPKIN: I think that that’s a good summary. I just might add in that
one of the components of the hearings would be to make the business case. To
work on the business case, and then to invite the SDOs in and present them with
the business case, and suggest how they would move forward, which I think some
of the comments that we have heard around the table.

MR. SCANLON: Were the hearings to focus on that first set of
recommendations, Bob? Or was it the others?

MR. HUNGATE: No, the other recommendations really fall within the content
that is part and parcel of other subsets of the committee. I don’t think it’s
appropriate for the workgroup to try to direct the candidate prioritization
within the other groups. So, we are going to leave that to others to decide.

We are going to deal with that first group, because we think we can and
should. But we think we are going to have some time limits too, so it’s up to
others to see what they should do there.

DR. LUMPKIN: Questions? Okay, so the report, we expect a version of the
report to come back, mostly as we discussed yesterday with the candidate
measures, which set the agenda for addressing the issues related to quality,
the data standard issues related to quality.

MR. HUNGATE: We have talked about all the content things, and there were no
further content discussions.

MS. GREENBERG: We did talk about June 23-24. And the standards meeting was
when in June?

DR. COHN: We’re not meeting in June, because the full committee is meeting
on the 16 and 17. So, you are going to have hearings after the June meeting to
hear about this one, and you are going to bring the full report back to us
without those hearings?

DR. LUMPKIN: Yes, actually the context of the report will say essentially
that what these recommendations are, are candidate recommendations. They are
not full adoption. They are setting the agenda. For instance, there is a
recommendation there on adoption of ICD-10.

DR. COHN: I don’t think we have to rediscuss that.

DR. LUMPKIN: We’re not going to rediscuss that one. That’s a candidate
recommendation that has actually become a full recommendation of the committee.
It sets the agenda for discussion for which the committee will have to
prioritize which issues are going to be discussed.

So, the ones in the first phase, the intent is to do the background work,
and some of them may fall off. Some of them may actually come forward as a
letter. But it really is just to say these are the issues that we think we need
to talk about.

DR. COHN: I guess I’m really confused now, because I had been heard that we
were bringing forward the report, having been informed by these hearings in


DR. COHN: In other words, we are doing nothing for four months. We’re going
to vote on another candidate report?


MR. HOUSTON: We are anticipating that the report will be unchanged in
content from what it is now, to what you see in June.

DR. COHN: I see. And that will be because you haven’t had any hearings on
the topic?


MR. HUNGATE: No, it is not related to the hearings. Assume that our word
creation has gone more smoothly than it has, and that we had all agreed to all
the words. All the words that are said there are these candidates for
consideration, 23 total recommendations.

It is the conclusion of my workgroup that the first 10 of those would
normally be the joint responsibility of standards and security and the quality
workgroup. It is our sense that you are very busy in your work in your
subcommittee, and that we should offer to do the work that we have talked
about, based on the candidacy of these recommendations. Now, in order to make a
candidate into a recommendation, you’ve got to take testimony.

DR. STEINWACHS: I think Simon may be a step behind there. We had discussion
yesterday about how this report that we have produced out of four years of
committee work could be considered a final document, and then we move on. So,
there are two sorts of things on the table. One was saying well, this could
just be a report from the working group to the committee, and be accepted as

Or there was an alternative suggestion that John had made, which was saying
this report, instead of labeling it as recommendations from a work group, is we
would label them candidate recommendations. Things to be considered that came
out of our four years of hearings.

And so, that as John said, the report could potentially be accepted by the
committee as a report of hearings out of which came ideas for recommendations.
And that that was the report. Then what Bob is talking about now is a process
that we would undertake and other committees would undertake to actually
critically look at these candidate recommendations, and make a decision about
is there support for really moving those ahead. They would come back separately
as individual letters and other things.

DR. LUMPKIN: So, let me just add one more piece here, Simon.

DR. COHN: I think I’m seeing the obvious, and I still don’t get it.

DR. LUMPKIN: In other words, the report would say that the — to simplify
it, the recommendation that would add the laboratory results to the 837, that
was a recommendation. We are now saying that that’s a candidate recommendation,
which is an issue that we believe has some quality significance. And therefore,
needs to be investigated.

So, the committee is not going to make that as a full recommendation, which
we are tell the secretary, do that or do SDOs. We are saying to ourselves, and
we are telling other people that we believe this is an issue that the committee
needs to investigate.

That sets 23 items, actually 22, because one has already been completed,
that will be on the agenda. The Quality Workgroup, the Standards and Security
Subcommittee, the Population Subcommittee, the other subcommittees can then
look at that agenda and decide which ones they are going to do when.

One of the ones that the committee has decided is those early ones, earlier
in the report, that the Quality Workgroup will address will be exactly that
recommendation about including laboratory results on the 837. Therefore, what
the workgroup is going to do, saying now that we, as a committee, adopted this
agenda, is we are going to move forward. Let’s evaluate this. We think that
there is a change in environment with pay for performance coming on the scene.
That there is now a business case for that being included on a transaction as
primarily a business transaction.

We are going to conduct hearings, and come back to the committee — let’s
say we just focus on that one — sometime at the end of this year or next year
with a recommendation based upon having a hearing from purchasers and payers,
having a hearing from SDOs and providers. Synthesizing that, and then bringing
forward a full recommendation for forwarding to the department.

DR. COHN: I guess just to make sure that I understand and I’m not missing
anything, basically, the document we saw yesterday, we decided by the end of
that session that this was a candidate list.


DR. COHN: Okay, what we will be seeing in June is a candidate list that
only considers the ones that are the first?

DR. LUMPKIN: No, all of them are candidates.

DR. COHN: All of them are still candidates, and the only difference in
what’s happening over the next four months is that there is a little bit of
clean up going on, is that right?

DR. LUMPKIN: Yes, that is correct, on the report.

DR. COHN: So, I guess my question is given that we had decided that
yesterday, and we had to read through it over again, do we have to go through a
full committee process to do that? Is that an executive committee process? I’m
happy to have us go through this again.

DR. LUMPKIN: Simon has made the motion —

MR. HUNGATE: And I will second.

DR. LUMPKIN: It’s been moved and seconded that the revisions from the
Quality Workgroup will be reviewed by the Executive Committee. And given that
determination that they are not substantive other than to change and clarify
the concept of candidate measures, will then be adopted by Executive
Subcommittee on behalf of the committee.

All those in favor say aye. All those opposed? Okay.

[Whereupon, the motion was unanimously approved.]

Thank you, Simon, and with that, we can move on. Two other committee
reports, and then we just review the meeting.

Agenda Item: Reports from Subcommittees and Workgroups –
Executive Subcommittee – Dr. Lumpkin

DR. LUMPKIN: The Executive Subcommittee did not really meet between the
last meeting and this, so there is nothing to report, except that we do have a
retreat scheduled for August 6 once again in Princeton, New Jersey, because we
can’t meet in Chicago anymore.

Agenda Item: Reports from Subcommittees and Workgroups –
NHII Workgroup – Dr. Lumpkin

DR. LUMPKIN: The second one is the NHII Workgroup, which has not met —
actually, we have met since our last meeting. We had a full day of meetings
where we discussed with staff from HHS on planning the conference, and also
putting out our agenda. We have another date, which is April 9, which we will
meet, and we will continue on our agenda of putting forward our 7-10 year

Just as a heads up to the committee. One of the issues that sparked a fair
bit of discussion was the issue of the architecture of the NHII. And we will be
continuing to delve into that subject about how as we move forward in our
agenda, we create an architecture that will allow the NHII to grow without
being overly restrictive.

And that’s it for the NHII.

MS. GREENBERG: Yes, let me just say in regard to the NHII that those of you
who were on the committee last year know last year we supported any members who
wanted to attend the NHII conference. That included travel and the registration
fee. And we will do that again this year. So, it’s July 21-23.

DR. LUMPKIN: Right. And on the morning of the 23rd, there will be a hearing
conducted by the workgroup. That hearing will consist of reports from the
various breakouts sessions during the NHII conference. After the hearing, the
conference will conclude, and the subcommittee will continue to meet after
lunch of that morning. And of course, any of you who attend the meeting are
welcome to participate in the subsequent meeting the NHII Workgroup. So, if you
are making travel plans, and you would like to attend, we would hope that you
would decide to leave a little bit later so you can join us.

Agenda Item: Future Agendas for NCVHS Meetings – Dr.

DR. LUMPKIN: The next meeting is June 16-17. And then we have additional
dates here on your agenda.

MS. GREENBERG: Right, these are now confirmed dates, September 1-2, and
November 4-5.

DR. LUMPKIN: Okay, do we have anything else on the agenda?

MS. GREENBERG: Well, just that currently we have scheduled for the June
meeting, we expect to have a presentation from someone from the director’s
office of CDC on the Futures initiative. We talked about having a presentation
on the IOM report on race and ethnicity, which they think is going to be out in
April, so that will be timely. I think Judy offered to organize a presentation
from CMS on the Medicare reform legislation.

As for action items, we have completed the action item related to the
quality report. We may have a report from the Populations Subcommittee, from
your hearings. And we probably will have another letter from Privacy


MS. GREENBERG: Any other action items?

DR. MAYS: Can I just ask a question about the Futures? Because we are going
to have the presentation in June. But where are we with the process?

MS. GREENBERG: It’s ongoing, as it turns out.

DR. MAYS: So, will a contribution after June still be okay?

MS. GREENBERG: Yes, John and I, we didn’t report on that, but we went down
to the Advisory Committee to the CDC Director in February, and all the chairs
of committees that are affiliated with CDC and their executive secretaries were
invited. And there was a presentation there.

I asked the people in charge of the process about this, because if the
window was closing, we were going to try to get someone, even though Dr.
Gerberding wasn’t available, to present at this meeting. And they said, it’s an
iterative process. They have some findings or recommendations at this point,
but they are vetting those, and June would in no way be too late. And they
would like to comment. So, it should be fine.

Is there anything else I’ve forgotten? I’m sure some things will come up,
but for the June meeting?

MR. SCANLON: Another possibility if the committee members are interested,
the NIH has also just completed a strategic planning effort called the NIH
Roadmap. It’s basically an effort to strengthen the relationship between basic
research and clinical practice and the bedside. Some very large projects, some
interdisciplinary research, an informatics component. So, if the committee is
interested, we can schedule a briefing on the NIH Roadmap, I would think the
full committee.

DR. LUMPKIN: It sounds like a full agenda.

DR. STEINWACHS: CDC is funding the building of environmental health
tracking with states linking in health data with environmental data. And
thinking of the diagram that Barbara and others showed, it seemed to me it
might sometime useful to have a briefing on those projects, and where they lead
us as we think about trying to enrich the national health data.

DR. LUMPKIN: Probably September or November we can do that.

MS. GREENBERG: Want me to work with you on that?



DR. LUMPKIN: Okay, well, thank all you. See you in June, and some of you

[Whereupon, the meeting was adjourned at 2:45 pm.]