[This Transcript is Unedited]

DEPARTMENT OF HEALTH AND HUMAN SERVICES

NATIONAL COMMITTEE ON VITAL AND HEALTH STATISTICS

November 28, 2006

Hubert Humphrey Building
200 Independence Avenue
Washington, D.C.

Proceedings by:
CASET Associates
10201 Lee Highway, Suite 180
Fairfax, Virginia 22030
(703) 352-0091

TABLE OF CONTENTS


COMMITTEE MEMBERSHIP:

  • SIMON P.COHN, MD, MPH, Chair. Associate Executive Director, The
    Permanente Foundation, Kaiser Permanente, Oakland, California
  • JEFFREY S. BLAIR, MBA, Director of Health Informatics, Lovelace
    Clinic Foundation, Albuquerque, New Mexico
  • JUSTICE M. CARR, MD, Director, Clinical Resource Management, Health
    Care Quality, Beth Israel Deaconess Medical Center, Boston, Massachusetts
  • JOHN P. HOUSTON, JD, Director, ISD, Privacy Office: Assistant
    Counsel, University of Pittsburgh Medical Center, Pittsburgh, Pennsylvania
  • STANLEY M. HUFF, MD, Professor, Medical Informatics, University of
    Utah, College of Medicine, Salt Lake City, Utah
  • ROBERT W. HUNGATE, Principal, Physician Patient Partnerships for
    Health, Wellesley, Massachusetts
  • A. RUSSELL LOCALIO, Esq, MS, MPS, MS, Assistant Professor of
    Biostatistics, University of Pennsylvania School of Medicine, Philadelphia,
    Pennsylvania
  • CAROL J. McCALL, FSA, MAAA, Vice President, Humana, Center for
    Health Metrics, Louisville, Kentucky
  • HARRY REYNOLDS, Vice President, Blue Cross Blue Shield of North
    Carolina, Durham, North Carolina
  • MARK A. ROTHSTEIN, JD, Herbert F. Boehl Chair of Law and Medicine,
    Director, Institute for Bioethics, Health Policy and Law, University of
    Louisville School of Medicine, Louisville, Kentucky
  • WILLIAM J. SCANLON, PhD, Health Policy R&D, Washington, D.C.
  • DONALD M. STEINWACHS, PhD, Professor and Director, The Johns Hopkins
    University Bloomberg School of Public Health, Department of Health Policy and
    Management, Health Services Research and Development Center, Baltimore,
    Maryland
  • C. EUGENE STEURELE, PhD, Senior Fellow, The Urban Institute,
    Washington, D.C.
  • PAUL TANG, MD, Chief Medical Information Officer, Palo Alto Medical
    Foundation, Palo Alto, California
  • KEVIN C. VIGILANTE, MD, MPH, Principal, Booz-allen and Hamilton,
    Rockville, Maryland
  • JUDITH WARREN, PhD, RN, Associate Professor, School of Nursing,
    University of Kansas, Kansas City, Kansas
  • HHS EXECUTIVE STAFF DIRECTOR: JAMES SCANLON, Deputy Assistant
    Secretary, Office of Science and Data Policy, Office of the Assistant Secretary
    for Planning and Evaluation, DHHS, Washington, D.C.
  • EXECUTIVE SECRETARY: MARJORIE S. GREENBERG, Chief, Classifications
    and Public Health Data Standards Staff, Office of the Director, NCHS, CDC,
    Hyattsville, Maryland

P R O C E E D I N G S (9:05 a.m.)

Agenda Item: Call to Order.

DR. COHN: Good morning. I want to call this meeting to order. This is the
first day of two days of meetings of the National Committee on Vital and Health
Statistics.

The national committee is the public advisory committee to the U.S.
Department of Health and Human Services on health information policy.

I am Simon Cohn. I am associate executive director for health information
policy for Kaiser Permanente, and chair of the committee.

I want to welcome committee members, HHS staff and others here in person. I
also want to comment, at least for the moment, that we are not on the internet,
but we will be I expect shortly, and I will let everybody know when we do get
connected. As always, I do want to remind everyone to speak clearly and into
the microphone.

Let’s go ahead and have introductions around the table and around the room.
For those on the national committee, I would ask, if you have any conflicts of
interest related to any of the issues coming before us today, would you so
please publicly indicate during your introduction.

I want to begin by observing that I have no conflicts of interest. I
actually understand that we also have Harry Reynolds calling in for this
session. Is that correct, Harry?

MR. REYNOLDS: Yes, sir.

DR. COHN: Okay, would you like to start by introducing yourself?

MR. REYNOLDS: [Via speakerphone.] Harry Reynolds, Blue Cross and Blue
Shield, North Carolina, member of the committee and no conflicts.

DR. COHN: Will we see you tomorrow in person?

MR. REYNOLDS: You will see me at dinner tonight. I will call in now and
then I will call in to the standards and security breakout and then I will
leave from the airport.

DR. REYNOLDS: All right.

MS. GREENBERG: Good morning. I am Marjorie Greenberg from the National
Center for Health Statistics, CDC, and executive secretary to the committee.

MR. ROTHSTEIN: Mark Rothstein, University of Louisville School of Medicine,
member of the committee, no conflicts.

DR. WARREN: Judy Warren, University of Kansas School of Nursing, member of
the committee, no conflicts.

DR. TANG: Paul Tang, Palo Alto Medical Foundation, member of the committee.
I do chair AMIA, whose report is going to be presented later on this afternoon.

MR. HOUSTON: John Houston, University of Pittsburgh Medical Center, member
of the committee, and I have no conflicts.

DR. CARR: Justine Carr, Beth Israel Deaconess Medical Center, member of the
committee and no conflicts.

MR. LOCALIO: Russell Localio, University of Pennsylvania School of
Medicine, member of the committee, no conflicts.

MS. TRUDEL: Karen Trudel, Centers for Medicare and Medicaid Services,
liaison to the committee.

MS. MC ANDREW: Susan McAndrew, Office for Civil Rights, privacy liaison for
the committee.

DR. W. SCANLON: Bill Scanlon, Health Policy R&D, member of the
committee, no conflicts.

DR. STEUERLE: Gene Steuerle, member of the committee from the Urban
Institute, no conflicts.

MS. MC CALL: Carol McCall, member of the committee. I am with Humana, no
known conflicts.

MR. HUNGATE: Bob Hungate, Physician Patient Partnerships for Health, no
conflicts.

DR. FITZMAURICE: Michael Fitzmaurice, Agency for Health Care Research and
Quality, liaison to the full committee and staff to the Subcommittee on
Standards and Security.

DR. HUFF: Stan Huff with Intermountain Health Care and the University of
Utah in Salt Lake City. No conflicts.

DR. STEINWACHS: Don Steinwachs, Johns Hopkins School of Public Health, no
conflicts.

DR. STEINDEL: Steve Steindel, Centers for Disease Control and Prevention,
liaison to the committee.

MR. BLAIR: Jeff Blair, member of the committee, director of health
informatics at Lovelace Clinic Foundation. I am not aware of any conflicts.

MR. J. SCANLON: Good morning. I am Jim Scanlon from the DHHS office of
planning and evaluation and I am the executive staff director for the
committee.

MR. SCHUPING: Jim Schuping(?), chief staff executive with WEDI.

MS. CHAPELL: Jody Chapell, American Optometric Association.

MS. JONES: Kathleen Jones, CDC, National Center for Health Statistics.

MS. PICKETT: Donna Pickett, National Center for Health Statistics, CDC, and
staff to the Subcommittee on Standards and Security.

MS. BICKFORD: Carol Bickford, American Nurses Association.

MS. HORLICK: Gail Horlick, CDC, and staff to the Subcommittee on Privacy
and Confidentiality.

MS. JACKSON: Debbie Jackson, NCVHS staff.

MR. BRUCKNELL: Mark Brucknell(?), Academy of Managed Care Pharmacy.

MR. KRUGE: Andrew Kruge, Academy of Managed Care Pharmacy.

MR. AFANO: Bill Afano(?), Blue Cross, Blue Shield Association.

MS. BEEBE: Susan Beebe, ASPE and staff to the Subcommittee on Standards and
Security.

MR. BROWARD: Roger Broward, Rx Benefits Coalition.

MS. BUENNING: Denise Buenning, CMS, lead staff, Standards and Security
Subcommittee.

Ms. GRANT: Good morning. Miriam Grant, Office of Minority Health, staff to
the Committee on Populations.

MS. FRANKLIN: Angela Franklin, American College of Emergency Physicians.

MR. TOBIAS: I am Matt Tobias. I am a reporter with Modern Health Care.

MS. Nook. I am Marilyn Sigmond Nook(?) with American Health Insurance
Plans.

MR. HUFF: Good morning. I am John Huff from the National Center for Health
Statistics.

MS. BEALE: Allison Beale(?), American Health Information Management
Association.

DR. COHN: I want to welcome everyone to this last meeting of the year, and
obviously happy post-Thanksgiving. Before we move into the agenda with you, I
have a couple of opening comments, as I normally do for these sessions.

There are a couple of different topics that I want to sort of bring up and
discuss briefly. First, this meeting marks the beginning of a transition.

We have three members of the committee for whom this will be their last
meeting as NCVHS members. I want to take a moment and acknowledge them for
their participation and dedication to the activity, knowing that we will be
having additional comments as the day goes on, and obviously dinner this
evening.

Those three members are Russ Localio, Bob Hungate and Stan Huff. I actually
just want to really thank you all for your dedication and hard work and
participation on the committee.

You will be missed and I guess I am hoping that you will all join us for
dinner tonight and be my guest at a dinner I think in honor of your retirement
from the committee.

[Applause.]

I also want to announce that Don Steinwachs and John Paul Houston have been
re-upped for another four years. Additionally, we have new members whose terms
actually begin on December 1, which is on Friday.

We will see at least potentially one tomorrow visiting, but all of them
will be participating for the next full meeting and probably some of them will
be beginning to show up at subcommittee meetings that may be occurring either
later on this month or into January.

Those new members include Garland Land, who is executive director of the
National Association for Public Health Statistics and Information Systems,
which is a large mouthful.

We also have Leslie Pickering Francis, Dr. Larry Green, and Dr. Mark
Overidge(?). Those will be new members, as I said, starting on Friday.

Now, we will, obviously, at the February meeting, deal more extensively
with introductions. We will be introducing them as well as asking them to talk
a little bit about their background and interests, and we will be doing some
orientation for them between now and the February meeting.

Next, I want to take a moment and thank the members of the ad hoc work
group on the NHIN. As you know, the NCVHS was asked by ONC, to review and
synthesize the results of the first ONC forum and the functional requirements
identified by the NHIN prototype consortia contractors and, by the end of
October, to find a minimum but inclusive set of functional requirements for the
initial definition of the nationwide health information network.

In this work, we established an ad hoc work group. I chaired it. Jeff Blair
and Harry Reynolds were vice chairs. Other members included John Paul Houston,
Kevin Vigilante, Judy Warren, Stan Huff and Paul Tang.

Mary Jo Deering was the lead staff for this activity and I want to thank
the many other staff members from the committee who participated in this work.

We also want to acknowledge Margaret A(?), the consultant on the project,
and of course we want to thank John Muntz, who is not here for acknowledgement,
but was the one who actually asked for the work to begin with, and we really
appreciated his ongoing participation in the activity.

Now, this work has now been delivered to both the Secretary and the Office
of the National Coordinator and has been posted to the internet, and I think
you all know was approved during an open conference call at the end of the
October.

With the passage of the report and its work done, I will be dissolving the
ad hoc work group, which as you know has always been the intent, to create ad
hoc work groups for specific topics and then dissolve them at the end.

In my tenure, we have not actually dissolved anything. This, I think, will
be the first time. So, I thank you all for your service, and depending on what
the work looks like going forward, we may need to have another group like that
or similar, as I said, going forward.

Finally, given that this is our last meeting for 2006, I want to take a
moment to reflect on the good work in progress this year.

First, the activities of the privacy subcommittee continue at a fast pace.
I think we need to reflect on their very good work this year.

Certainly, their document that was approved at the June full committee
meeting on privacy and the NHIN is a very excellent document.

I think we are seeing it increasingly used in the wider community on a
primer on the issues as we move into the NHIN.

Obviously, their work continues. We have had hearings since and I think
continue with the hearing at the conclusion of the meeting tomorrow extending
into Thursday morning. Obviously, we look forward to more work and we obviously
want to thank them for their work this year.

The populations subcommittee has had a number of conference calls over the
summer and fall and had a hearing this fall on data linkages, and I believe is
planning hearings on surge capacity, as I understand.

The population subcommittee today is coming forward with a letter on MMA
Part D and data issues that we will be discussing later today.

The quality work group has been active and is forging a strong relationship
with AHRQ. We will be talking later today about hopefully a breakout session or
some way of handling the issues that are coming up for them during this
meeting. It is not currently on the agenda, but I am sure we will be able to
announce that by the end of the day.

The Subcommittee on Standards and Security has been very active this year,
holding hearings on NPI implementation, e prescribing, and HIPAA lessons
learned.

They are coming forward with three letters for action today, one on NPI,
another on the last consolidated health informatics phase II recommendation,
and then finally a letter responding to an FDA NPRM on structured product
labels.

Of course, this is against a backdrop of significant congressional and
department activity this year, which I will defer to Jim Scanlon a little later
on to discuss more, since it has been sort of an interesting year, both from
the congressional and department perspectives.

Obviously, as I comment on that, though, Secretary Leavitt continues to
consider promotion of interoperable HIT to be one of his key priorities, and
his involvement in leadership on this issue has bene, at least to my view,
phenomenal.

Of course, in all of this, the NCVHS continues to play an important role,
advising the Secretary and department directly on many of these issues,
including advising and participating in AHIC work groups. So, I want to thank
you all for that additional liaison activity.

With that, let’s move on to the agenda review, and we have a pretty full
agenda for the day. This morning we begin with department updates. Jim Scanlon
will lead off, followed by Karen Trudel and Susan McAndrews.

Then we are pleased to have Rob Kolodner, the acting coordinator of the HHS
Office of National Health Information Technology here.

Rob, as you know, has been the chief health informatics officer for the VA,
and the visionary behind VA’s Vista EHR system.

Following the morning break, we move into beginning our discussions about
the letters being brought forward. I think we will handle the standards and
security letters first.

After lunch we will continue with the discussion of the populations
subcommittee letter being brought forward. Then, at that point, we will talk
about the HIPAA report.

I will leave it up to the committee, given that many of you have not had a
chance to see the HIPAA report previously and have not gone through
subcommittee discussion about whether this is something that is being brought
forward for action today or more discussion and coming forward in February for
action, and that will be part of the discussions on that particular work item.

We also this afternoon going to be taking a few minutes and begin
discussions related to current and planned work of the various subcommittees
and work groups.

As you will remember, we decided as an outcome of our strategic planning
session this past June, to expand discussions of the activities of the
subcommittees and work groups, with the hope of providing greater cross
fertilization, as well as providing committee guidance earlier as work plans
are being developed, as well as early in work product development.

So, this will be a conversation in which we will ask the subcommittee
chairs and work group chairs to sort of talk about what their plans are going
forward, as well as reflect on any of their work products.

Finally, we are very pleased to have a presentation from the American
Medical Informatics Association on the subject of secondary uses of health
data.

I think this is an issue of great interest to us, one that we have written
previous letters on, and I think that the AMIA work helps move that discussion
forward. So, I want to thank them for being here and willing to participate and
brief us on their document.

At about 3:30 we will adjourn the full committee and break into work group
and subcommittee sessions for the remainder of the afternoon.

I will discuss, at the end of the day, additional meetings for tomorrow
morning, depending on what we need to have happen.

The NCVHS dinner will be at 7:00 p.m. tonight, and we will be talking about
that later on this morning or the beginning of the afternoon, as well as
getting interest from the members about who will be attending.

With that, let’s begin our department update. I do want to note to everyone
that our clock, for whatever reason, no matter how long I talk, it still
remains 8:00 o’clock, which is good. Time stands still at the NCVHS meeting.

I think my understanding it is about 9:20 in the morning. We will obviously
stay on time. We are also intending to adjourn the full committee by 12:00 noon
tomorrow. You can count on it, plus or minus about four minutes. With that,
Jim, why don’t I turn it over to you.

Agenda Item: Update from the Department.

MR. J. SCANLON: Thank you, Simon, and good morning, everyone. Since we met
in September, we have had a number of developments occurring related to data
policy and health IT issues.

Karen will update us on HIPAA issues, Sue on privacy issues, and Rob
Kolodner will be coming by later today to update us on the work of the national
coordinator and the AHIC.

Let me just update everyone on other data policy issues. On the legislative
front, the 109th congress, as you all know, is winding down.

There was a fair amount of interest in health IT legislation in the 109th.
It doesn’t look like, though, that any of it will be enacted in the remaining
days of this session.

By every indication, it looks like the 110th Congress, which will begin in
January, has a lot of interest, a lot of members interested in health IT. So,
we are very likely to see some number of bills introduced then.

Several of the bills, you will remember, would involve the NCVHS in some
new responsibilities, particularly relating to a streamlined process for HIPAA
updating of standards. So, we will look forward to January and see what that
brings as well.

Similarly, on the budget side, here we are in fiscal year 2007, which began
in October, and most federal agencies have a continuing resolution, not
unusual. HHS does as well, while congressional deliberation occurs on the
President’s 2007 budget.

You will remember that, in the President’s budget request for 2007, it
included about $169 million for health IT. That was an increase of about $58
million over the 2006 level.

About $116 million of that would be for the Office of the National
Coordinator for Health IT. AHRQ would get $50 million for continuing its grant
programs, and my own office, ASPE, for evaluation and economic analysis and so
forth, would get about $4 million.

Now, again, we don’t know where the budget will end up for 2007, and the
chances are we will have a continuing resolution until January or February.

In the 2007 budget, in terms of population health data, at least in the
President’s budget, it looked like most of the major HHS statistical systems
were being funded at straight line levels which, as I said previously, is
actually an accomplishment in a fairly tight budget year.

We are just beginning work on the fiscal year 2007 budget, so really not
much to report there.

On the Data Council side, in terms of data planning, the council, in
developing the fiscal year 2008 budget, as it does every year, looks at all of
the data investments being proposed by agencies, and looks at opportunities for
coordination and cross cuts and data estimates and so on.

In addition, as part of its activities, the Data Council was focusing on
what are we currently doing and what is planned in the budget to address and
support the top 10 priorities that I described at the last meeting of the
committee, and I believe that you have a handout of what those 10 priorities
are as well.

At our November Data Council meeting, we had a round table discussion. We
got through about half the agencies in terms of what they are doing, their
planning, directed at the priorities. At our December meeting, we will continue
on with the other agencies.

There are three projects — I think I have told you about a couple of them
previously — that, under the auspices of the Data Council we started, pretty
much at the end of last fiscal year, we are just getting rolling.

We have initiated a project with the National Center for Health Statistics
and other statistical programs, to look at the potential uses of electronic
health record data for health survey and statistical purposes.

So, this relates to the secondary uses discussion that the committee has
had previously and we will hear later today, but actually the department has
bene thinking about this for quite a while.

It actually started even before HIPAA where, for our health care surveys,
the department has always looked at the role of administrative data that can be
linked to those surveys. So, there is a long history.

We will now be looking, for the family of health care surveys at NCHS for
other provider based and plan based surveys that we do, what is the potential
role and what is the potential road map, and how do we do this in a smart way
for the fruits that electronic health records will some day bring us, to the
point where they can be used in surveys and research.

We will clearly involve members of the committee who have been involved in
this as well. I think we are thinking of probably a little background paper and
probably a workshop, that we would invite the relevant members of the NCVHS as
well.

Secondly, I think I have mentioned this before, there was great interest
last year in looking, for our data systems and our surveys, at how do we
collect income data and asset data, and how does it compare among the various
surveys, how does it compare to bench marks. How does it compare to other
distributions of data.

Income data, you will remember, is one of the policy variables on most of
the surveys, poverty level, general income levels and so on.

A survey that doesn’t collect that is really very limited in terms of
policy uses. So, we have started an evaluation and we will be looking at that.

We will be looking at probably 10 of the major federal surveys that already
collect income, to some extent asset information.

We will be looking at how useful and what quality that information is, and
what improvements might be identified moving forward.

A third, one additional one, that ASPE, under the Data Council auspices,
just initiated last year during the summer, actually — again, there has been
great interest in this area. We just needed a little while to get it organized.

We will be looking at how can we improve the utility of our HHS data and
statistical systems and products for the policy community, the health and human
services policy community.

The focus here will be on how are the results of those surveys being used
now, how useful are the data products and services, how do policy analysts and
policy users use that data, and what could we do to make that more useful.
Again, we will be involving the NCVHS members in that area as well. Let me stop
there and leave enough time for other reports.

DR. COHN: First of all, let me announce that we apparently are on the
internet now. I want to welcome those listening in.

We are just in the process of updates from the departments and Jim Scanlon
has just presented. Are there any questions from the committee before we move
on?

DR. CARR: Just a question. There are 10 goals? We have nine on our lists.
Is there another one?

MR. J. SCANLON: I haven’t updated the last one. The 10th one is
international health diplomacy and it is actually in a formative stage.

At the moment, it includes some very specific activities that are really in
the developmental stage. The 10th is international diplomacy and we don’t quite
have an update of that.

DR. W. SCANLON: Jim, can you talk about what I guess the sticking points
were in terms of the IT legislation, why we don’t have a bill?

MR. J. SCANLON: Yes. There were probably more than a dozen bills introduced
at various times in the 109th congress.

The two that had legs were the House bill that was a combined bill that
included the streamline process for HIPAA, would codify the Office of the
National Coordinator.

It would have required the adoption and implementation of ICD-X and it
would have included a streamline process for updating already adopted HIPAA
standards. The committee would have been involved right in the middle of that
process.

A senate bill had — again, these were moving targets — a senate bill had
a number of grant programs and other financing assistance.

So, the discussion, I think, between the Senate and the House and the
various staffs were, well, what exactly — I think if there wasn’t
disagreement, there was some uncertainty about the adopting of ICD-X.

I think there was a fair amount of support for the streamline process for
HIPAA, HIPAA updates. In terms of should the legislation include grant programs
and other financial assistance, again, I think there was a disagreement and I
think there were privacy issues as well.

I think that, in the time that was available, it just wasn’t possible to
work these out. I learned with HIPAA to never say that legislation won’t occur,
because it actually did when everyone around the table was predicting it
wouldn’t, there wasn’t enough time.

If the health IT bill isn’t enacted, and what exactly it will contain, it
clearly will pick up the interest in January.

I think there were too many issues. There were cost issues. CBL had to
score some things. It got more complicated and I think there just wasn’t time
to work it all out.

DR. STEINDEL: Jim, I think you should mention that, in addition to ICD-X,
it was also focused on the introduction of 5010. So, there were two issues
associated with it.

MR. J. SCANLON: The bill would have required the adoption and
implementation of the ICD-X and there was some disagreement about the dates
that that would occur.

Frankly, the health industry itself was divided. There were some folks who
wanted to press forward as soon as possible.

There were others who raised significant cost and implementation issues and
wanted more time. So, when there is not unanimity or consensus in the community
itself, it just makes it harder to be worked out there.

As Steve said, there were also — it would have required the bill, the
adoption of the new version, the 5010 version, of the administrative data
standards as well as, Steve, I think the NCPDP next version.

There was a time line that was included in the bill in which those would
roll out, and then the other issues as well. There were too many issues to sort
of work out. More time was needed.

MR. ROTHSTEIN: Just a brief comment. I wanted to follow up on Jim’s point
about the Data Council considering the use of information from health studies
and the like in policy development.

Thursday morning the Subcommittee on Privacy and Confidentiality will be
holding a hearing on how would you design a system to study the effects of the
HIPAA privacy rule, and we are consulting with various experts to give us some
insights on how we could do that if it were done, with a goal toward policy
development.

DR. COHN: With that, Karen, why don’t we move on to your presentation?
Thank you for joining us.

Agenda Item: HIPAA: Data Standards.

MS TRUDEL: Thank you. I will start out by providing a short HIPAA update,
and then move on to the standards of e prescribing. Then I would like to kind
of get off the topic a little bit and speak about some of the activities that
CMS is undertaking in terms of personal health records.

So, with respect to HIPAA enforcement — and every time I say this Sue just
kind of breaks up — since October of 2003, we have a grand total of complaints
related to transactions and code sets of 521, of which 96 remain open.

None of the open complaints affect payments to health care providers. Most
of them pertain to issues that relate to the complexities around trading
partner agreements.

With respect to security complaints, we have a grand total of complaints,
since April 2005, of 162. Ninety-four of those remain open.

They are more difficult to investigate and more than 60 percent of the open
complaints are also considered to be dual provision complaints, which means
that we are investigating them in partnership with OCR.

In other words, there is an implication that there has been both a privacy
and a security complaint engendered by one action.

Normally they have to do with the alleged unauthorized access of electronic
PHI by a third party. So, we do look at them in concert with OCR.

We have not received any complaints related to the use of the employer
identifier, but we are gearing up at this point to handle potential complaints
related to the national provider identifier use, because that standard goes
into effect on May 23 of next year.

So, we are re-tooling our system so that it can accept complaints related
to the NPI. We are training investigators so that they can handle the
complaints, they know what to do, developing new FAQs to help the industry
comply. So, that is pretty much the status of enforcement.

With respect to regulations, we are working actively on assessing the very
complex comments we received on the claims attachment proposed rule.

We are talking for the first time about using both HL7 and X12 and also
using LOINC in one standard transaction.

As you can imagine, the technical comments that we received are pretty
complicated and we are working with the appropriate groups to get through
those, as well as looking through some of the policy issues in terms of, the
six attachment types that we proposed, were they the right ones. Are there
additional ones. Are there ones that we should take off the list. So, there are
policy issues that we are addressing as well. I believe we are scheduled to
publish that final rule at some point late next year.

With respect to the national provider identifier, at this point, 1.46
million NPIs have been assigned. As best we can estimate — and it is a little
difficult to estimate what the denominator is because we don’t know how some
organizations are going to enumerate their subparts, we don’t know how many
additional NPIs people are going to need.

We think it is about 63 percent of the total of individuals who are going
to need NPIs by next May. With the monthly rate that we have been receiving
requests and issuing NPIs, we think that everybody who needs one will have one
in time.

There have been a lot of discussions — and Simon, you alluded to that —
in terms of will the industry be completely ready to process NPIs only as of
next May.

We have partnered with WEDI and other industry organizations to craft some
additional messages for health care providers, explaining why it is important
for them to get their NPIs well ahead of time. Don’t wait until the week before
May 23 of next year.

Why it is important to convey those to their health plans and to begin to
use them and test them in HIPAA transactions, again, well before May of next
year to make sure that the claim flow and their reimbursement flows will not be
interrupted, and to get the health plans time to build the cross walks between
their legacy identifiers and the new NPIs.

That is not a trivial task and, if there is one message I can send to
people, it is that. We are all very serious about this and we are really
sending out the word every way we can to begin to do this now and not to wait.

We are continuing to do a lot of environmental scanning. CMS is looking at
our own fee for service experience.

We will be talking with our Medicare advantage plans and our Part D plans.
We are doing a lot of outreach with the Medicaid programs, and we are also
partnering with others like WEDI and HIMS to do some environmental scanning and
surveying, to looking at the preparedness of various efforts. So, we are very
much on top of that as well.

Let me move on to e prescribing. We have completed our site visits to all
five of the e prescribing pilot sites.

We are very excited about a lot of the work that is going on out there.
They are getting a lot of very, very valuable information for us.

The evaluation contractor is now at work. They are doing their own site
visits and data collection, and they will be providing us with their input on a
flow basis through January, so that we can begin crafting the report to
congress, which is due in April, as quickly as possible.

We will also be developing — we believe that even the initial results of
the pilot are telling us that there are some additional standards that are
mature enough for us to move forward with.

There are others where we need to go back to the drawing board, collaborate
with some of the standards developing organizations, share some of the lessons
that we have learned, and work with them to maybe go for a round three.

We do believe that we will be able to propose some standards in an NPRM, a
proposed rule, which again, we are targeted to get out the door in April.

In addition to that, though — that is obviously not anywhere near the end
of the process — we need to develop — and we are very close to developing —
a road map for CMS in how we move forward with e prescribing, to leverage what
we have already done, to look at some additional partners and ways to promote e
prescribing among the physician population, how can we work with our quality
improvement organizations to do that, as we move into their ninth scope of work
that is being contemplated now.

How do we work with AHRQ to develop a research agenda to continue to move
additional standards. How do we work with the Office of the National
Coordinator to see if we can leverage the standards experiences that we have
learned CMS and inside the Part D program and expand them to potentially a
national use case. Those are some of the things we are thinking about.

A slight departure to talk about personal health records, but over a year
ago we published a request for information about what Medicare’s role in
personal health records should be.

A lot of the input we got said that Medicare shouldn’t be in the business
of building PHR products, that what we should be in the business of doing is
enabling the sharing of Medicare data when there is appropriate authorization
by the beneficiary to other existing PHR projects and products. Of course, we
are also supporting the AHIC’s consumer empowerment work group.

The first thing we did was develop a proof of concept project, where we
took a very small view of what we could do, and have two contractors that are
working on the not-so-simple process of taking Medicare claims data and seeing
how it can be displayed and used in existing PHR products.

We contracted with two organizations that already had access to Medicare
claims data, and they then partnered with organizations that already had
existing PHR products.

We have had some demonstrations from them. The project ends in the middle
of December, and they have given us a number of use cases that show exactly how
Medicare claims data can translate into existing PHR products, the value that
that data brings, although it is certainly by no means the universe of data
that you could put into a PHR, but how it contributes to a PHR, and how you can
translate, for instance, ICD-IX codes into clinical terminologies, clinical
terms, that can be reader friendly.

The results of that will feed into some increasingly robust activities as
we begin to look at the aspects of authorization and the authentication that
would go into building up this kind of translation, and what requirements we
might want to put against someone who had a PHR product that we would be
willing to actually share our beneficiaries’ data with.

We are also working with the Office of the National Coordinator to look at
some of our Medicare advantage plans and to study some of the PHR products that
they already have in place for Medicare beneficiaries, to look at that in kind
of a more rigorous way and get some ides about usability. So, that is pretty
much what we are doing in the PHR area. Thank you.

DR. COHN: Thank you. Michael Fitzmaurice and then Paul Tang and Justine.

DR. FITZMAURICE: Karen, three questions. First of all, with regard to the
national provide identifier and the priority of sharing their NPIs with the
health plans and the health plans being able to verify it, is the mater file
available to the health plans so that they can verify the numbers that they
receive from the providers? If not, what are the issues involved with getting
that out?

MS. TRUDEL: The data dissemination notice — thank you for bringing that
up, it is an important issue — the data dissemination issue that explains what
data we will share from the NPI file has not yet been published. So, on, the
master data bases are not publicly available at this time on a wide basis.

The issues — I think I have mentioned this before — are the need to
balance the need of plans and other covered entities, to have this information
so that they can incorporate NPIs appropriately in their processing systems,
and the need to protect some of the information that relates to individual
providers.

We do have already, ready to go, a number of different data dissemination
mechanisms. Some of them are large files. Some of them are small files that, as
soon as the notice is published, we can kind of have out the door and ready to
roll.

DR. FITZMAURICE: The second question is, you said the five site visits are
completed and you found some very valuable information.

Have there been discussions about extending these site visits maybe to
further test additional standards or to get additional information about
electronic prescribing, or is it when they are done, they are done?

MS. TRUDEL: These particular contracts were limited funding, limited time
line. I think what we have been talking with John White at AHRQ about is how to
proceed from there with another what we call research agenda.

We need to do another round and we recognize that, but the initial funding
that we received won’t take us there.

DR. FITZMAURICE: Very good. The last question is, you talked about Medicare
shouldn’t build a PHR product that allows sharing of the Medicare data with
other products.

I can imagine a member of the public saying, well, if these are my data and
the Medicare program is willing to share my data with me, can I access them
only to a commercially sold product, or can I download them into my Excel
spread sheet?

In other words, am I tied into one of the few commercially available
products, or can I have just have a dump of the data into my spread sheet and
then look at the variable names and definitions for Medicare and say, all
right, now I can understand a little bit about it, maybe not as I could have
with the commercial product, but it is cheaper.

MS. TRUDEL: When I talk about a PHR, I am meaning one with the full types
of functionality that the consumer empowerment work group has been talking
about.

The kind of spread sheet type access that you are talking about, I think
that we already enable, through what we call the Medicare beneficiary portal,
which is mymedicare.gov.

So, there is already access to claims type data and claims status data and
reminders about preventive services that are available in mymedicare.gov.

What we don’t feel that we will be in the business of any time soon will be
building a fully functional personal health record.

DR. FITZMAURICE: Thank you, great answers.

DR. TANG: Thanks, Karen. My question has to do with the PHR, a follow up of
Mike. You mentioned that there is a proof of concept evaluation going on.

It sounded like it involved looking at patient friendly terms of these
medicare diagnoses and claims. Is there any work going on to examine the
accuracy of claims data versus clinical diagnoses that you might find in a
medical record?

MS. TRUDEL: That is a good question. This was a very limited proof of
concept and it was done with medicare fee for service data, with no clinical
data against which to measure it.

I think that that is one of the things that we need to talk about as we
move forward into some of the other aspects of where we are going. I think it
would be very interesting to talk to AHIC about what they are doing in that
regard as well.

DR. CARR: Thanks, Karen. Back to e prescribing, I am wondering if, in the
initial studies, there were any evaluations of the impact on physician or
clinician time in writing a prescription electronically versus jotting it on
paper, and whether there has been any analysis just in terms of time for the
individual prescriber.

MR. TRUDEL: The pilot participants have been looking at not just the
standards and how they work. They have been looking at impact to work flow.

They have been working on trying to quantify return on investment and cost
benefit. So, yes, I think we will get some good data on that.

I haven’t been to all the pilot sites myself, but I did go to the one in
Ohio and they did say that, while in some cases the physicians themselves are
not interacting personally with the e prescribing software, they are doing so
in very close communication with their medical assistants, and that the
practices are just happy as anything about how well it is going. I think there
is a lot of savings there.

DR. COHN: Paul, do you want to join us for standards and security later? We
can talk about it. Karen, will you be at the subcommittee meeting this
afternoon? Okay, good. We will continue the conversation this afternoon. I am
trying to keep things relatively on schedule. Sue McAndrews, our last
presentation, and thank you.

Agenda Item: HIPAA: Private Rule Compliance
Update.

MS. MC ANDREWS: Since the complaint system went on line in April 2003
through the end of October 2006, we have received some 23,270 complaints. We
have closed approximately 76 percent of those claims.

I am taking the opportunity of the subcommittee hearing on Thursday morning
to present a more detailed look into what these closure cases are like, as a
way of what kind of data may be available from the complaint system in terms of
measuring the HIPAA compliance activity.

I will say that by and large, of the closed complaints, somewhere in the
area of a third to maybe 40 percent of those closed cases warranted an
investigation. The others were closed for administrative, jurisdictional
reasons.

Of the cases that we did investigate, close to 70 percent of those were
closed after achieving some corrective action on the part of the covered
entity.

So, there has been a lot of effort continuing to go into our compliance
efforts. We also had late summer, early fall, some media attention in the area
of dumpster cases, where pharmacies were taken to task for having protected
health information as well as meds thrown out in dumpsters that were
unprotected and accessible to the passers by.

That investigative reporter has subsequently gone back and done a follow up
report, not only in Indianapolis where this all started, but has gone dumpster
diving across the country behind pharmacies and has found substantial protected
health information as well as medical waste disposed of in an improper and
unsafe manner.

So, we are giving some attention and will continue to give some attention
to these dumpster cases, as well as trying to pay some attention, in the coming
months, to getting some wider spread corrective action and attention focused on
record abandonment and improper disposal of large masses of protected health
information.

Curiously, one of our very first complaints that we got back in April of
2003 was a dumpster case, and they just have continue to crop up from time and
time, and we think this is something that is relatively easy to solve, and we
are hoping to get people to focus a little bit of attention on these kinds of
activities. There just is no reason for it.

Other than that, I thought I would just use the time to review some of the
collaborations that we have been involved in and continue to be involved in
recently.

Certainly we have spend a good deal of time coordinating with ONC and the
AHIC on their various HIT initiatives, including working with the consumer
empowerment work group on personal health records, as well as the
confidentiality, privacy and confidentiality work group.

We have paid a good deal of attention over the summer, and it is likely to
continue well into next year, working with disaster planners in preparing for
responses to pandemics and other natural disasters.

We have a tool up on our web site to help emergency responders and
emergency response planners, understand how to properly access information that
is protected by the privacy rule.

We continue to evolve and expand that tool in response to continuing
questions from the emergency response community.

So, we expect that collaboration will continue, and response, as well as it
being a high departmental initiative.

We are wrapping up our work with the White House task force on identity
theft. They I believe now will be making recommendations to the White House in
February of next year.

The report had been due in November, but they gave themselves an extension
in order to solicit input from some of the private stakeholders that may be
impacted by some of the recommendations.

Finally, we have been working on a number of fronts and collaborations with
the research community. We have joined a task force that is department wide
that is looking at harmonization of the HIPAA privacy rule, the common rule,
and the FDA research regulations, to make sure that we are not working at cross
purposes, and that we can create a superhighway, or at least one road, many
access but one road for researchers traveling down this path.

We also did some collaboration this last quarter with the office on human
research protections, who were looking into guidance on the definition of
research, and trying to untangle the mess you get into as research creeps into
quality improvement activities and other kinds of operational studies as well
as FDA surveillance and just public health activities as opposed to public
health research, and trying to shore up those lines.

I will say that those were — when you think of the definition of research,
what an esoteric term. There was lively debate.

So, we are continuing to work on several fronts with the research
community. We have no particular time line that I know of in terms of those
products, but we are hopeful of making the world safer for research. I think I
will stop there.

DR. COHN: We will take a couple of questions here. Jeff and John Paul and
Mark.

MR. BLAIR: Susan, applause for all the initiatives. So, I want to dig
deeper. One of them is with the 23,000 complaints that you have had a chance to
process.

Has there been any breakdown of that to determine what portion of those
complaints is from protected health information that was in paper or audible
versus electronic?

MS. MC ANDREWS: At least since April of this year, if it has involved an
electronic system, those would show up largely in the complaints that we are
forwarding either to Karen to handle under the security rule, or that we will
be handling jointly if it also raises a privacy rule concern as well, beyond
just the safeguarding of the electronic information. No, we don’t — we haven’t
gone back and tried to break out the data, new or old, into those categories.

MR. BLAIR: The reason that I ask, the reason that I am interested, is that
the original intent of the HIPAA privacy law, one of the major intents — I
won’t say the original one — was to help the public have greater confidence in
having protected health information in electronic form.

I think it would be very helpful is that data could be analyzed to
determine the degree of violations or abuses of privacy information, health
care privacy information, to determine whether most of the abuses are when it
is in electronic form or whether it is coming from violations when it is in
paper or audible. Maybe you could consider having someone do a breakdown of
that. That might be helpful.

MS. MC ANDREWS: We can consider that. I think it would require the cases to
be manually reviewed, because it is not an element that we capture through the
data input screens.

The only other caution I would say is that it may well also simply be
reflective of the proportion of usage of electronic systems today as opposed to
any true measure of the relative safety of paper versus electronic systems.

MR. BLAIR: I acknowledge that.

DR. COHN: Before we move to the next question, Bob, I just want to do a
time check with you because we are running a couple of minutes late. Are you
okay for an extra 10 or 15 minutes? Okay, great. John Paul?

MR. HOUSTON: Thanks, I just wanted to make a comment more than anything
else. I think it is good that there is some collaboration going on with the
research community, because I think that is an issue that we all identified as
being something that needed to be addressed.

I am hopeful that what we end up with is, in fact, harmony in that regard.
I think there, for the longest time, seemed to be sort of denial that there was
really an issue there.

So, I am assuming that the intent at the end of the day really is to have a
harmonized understanding of how research is to be conducted under the common
rule as well as HIPAA and other OHRP related documents and guidance; correct?

MS. MC ANDREWS : I am not sure of the actual vehicle that the guidance will
come out in, but it is to identify areas in either — in the three rule making
areas that the department has control over, to identify where there might be
inconsistencies or problem areas, and how best to smooth them out.

MR. HOUSTON: The intent is to resolve that?

MS. MC ANDREWS: Where there are conflicts.

MR. ROTHSTEIN: Very briefly, I wanted to remind some of the newer members
of the NCVHS that, since 2002, we have sent at least three, possibly four,
letters to the Secretary in which we have recommended specifically what is
taking place now between OCR and OHRP. I want to praise you for that
initiative, and we wish you much success and speed in your work.

One brief request — and I think this should be easy to do — is that, when
you compile the data on number of complaints and administrative closures, et
cetera, if you could do a run by month instead of just the aggregate totals,
that would help, at least in my view, in analyzing the data over time. I think
that would be valuable and I think it could be done rather easily.

MS. MC ANDREWS: We have done it by year. I am trying to remember whether it
was calendar year or fiscal year. It is probably relatively easy to break that
down further into quarterly —

MR. ROTHSTEIN: Quarterly would be find. It doesn’t need to be daily.

MS. MC ANDREWS: Monthly, it seems to me, would have a little bit —

MR. ROTHSTEIN: Just to follow it over time. You could develop a variety of
hypotheses in terms of administrative closure should do what over time based on
people’s misunderstanding of the jurisdiction and so forth.

DR. TANG: Thanks, Sue. As you know, there has been increasing media
attention about the whole enforcement of the privacy rule.

Their contention is that there has been I think several hundred that get
referred on to the Department of Justice, and there haven’t been any
prosecutions.

What kinds of reasons would you give for that, and how do you typically
address those concerns, recognizing that, as we go more and more into the HIN
world, we need to have some kind of way of assuring the public that we are
prosecuting these violations.

MS. MC ANDREWS: As of the end of October we have made close to 350
referrals to the Department of Justice. There have been three cases to date of
criminal prosecutions.

I don’t believe any of those three arose out of a referral from OCR, but
from an independent source developed by the Department of Justice.

What accounts for that, there can be a variety of reasons. I will say the
Department of Justice, it is not that they don’t investigate these cases.

Certainly they don’t investigate all of the referrals, but the FBI offices
across the country have taken up a number of these investigations, and we
simply are not privy to how that all works out.

So, I do think many of the referrals, however, are not — are more
technical in nature, given the language in the statute and what comes within
the DOJ jurisdiction, and really wouldn’t register on many radar screens as a
truly egregious criminal act.

Nonetheless, to the extent DOJ does not take up a referral case, we do take
that case back and look at it in terms of whether there are aspects of that
case that are within our civil jurisdiction, and we do try to investigate those
cases, so that it is not something that simply falls through the cracks.

The other thing that we have been trying to emphasize in response to some
of the media requests, is that we do think, to the extent that they are largely
based on the fact that we have not brought a civil monetary penalty to date,
that that is not, from our perspective, a measure of the vigor with which we
investigate cases or achieve enforcement activities, that many of the actions
that we have achieved through voluntary compliance, we consider to be active
enforcement of the rule and we are quite proud of our record in terms of
getting things fixed for individuals as well as others, system wide.

MR. HOUSTON: Is this to say, when DOJ does decide not to pursue, they will
tell you that they are closing a case? So, you do grossly know whether
something is an open case or a closed case that you have referred?

MS. MC ANDREWS: Yes.

DR. FITZMAURICE: Sue, are there any proposed changes to the privacy rule
expected to be announced in the next 12 months and, if so, could you briefly
describe what they involve?

MS. MC ANDREWS: How to put this. I mean, there are discussions ongoing in
terms of how to improve the rule and, based on reports internal or external, in
terms of what we figure is not working, or not working as we intended.

However, I am not at liberty at this point to identify any particular areas
that may come out as a rule making in the next year.

DR. COHN: Sue, thank you very much. Mike, thank you very much for that last
very good question. Not answerable, but a very good questions. Sue, thank you
and Karen, thank you.

With this, we want to move to our final presentation and discussion. Rob, I
want to welcome you and obviously congratulate you on your new role as acting
coordination for health information technology.

We are obviously very pleased to have you here. I introduced you a little
bit and everyone pretty well knows you, but I do want to reflect, obviously, on
your role previously as chief health informatics officer for the VA, and
realize it is the division behind the VISTA EHR system.

I am looking to see whether I am making you blush or not, but we think you
have done a greta job with that, and obviously we are very pleased with you in
your new role. So, welcome, and thank you for joining us.

Agenda Item: Report from the Office of the
National Coordinator.

DR. KOLODNER: Thank you very much, Simon. It really is a pleasure to be
here, especially seeing so many friends around the table and colleagues I have
worked with for so many years. I look forward to helping to advance the agenda
that many of us have been working on for a long time.

It really is an exciting time right now in health IT, and it is an exciting
time for me personally, obviously. I have been very fortunate to have this
opportunity to take on the challenging role, and look forward to hopefully
making some contribution during the time that I am in it.

I also wanted to take the opportunity to thank the NCVHS and the members
for the work that you have been doing, starting with the work on the initial
functional requirements for the nationwide health information network.

Also — and we really do appreciate the opportunity to work together with
the office of the national coordinator and our FACA committee, the AHIC, and I
think that it is the beginning of what I hope is a long and very productive
collaboration where we are able to each bring to the health IT agenda the
strengths that the different committees bring and the abilities to advance the
agenda, and for you to advise HHS in ways that also move us forward.

The goal really is to create these opportunities to work early on and
collaborate together, so that, as we identify things that we are moving forward
on in the AHIC that we want you to participate on, and as you identify
activities and areas of focus that may be of interest to us, that we can keep
engaged.

I know Jim Scanlon and I have been working out how to improve that
collaboration and move it up to the next level, and it is really building
bridges and having more cooperative involvement from the very beginning. I look
forward to that.

I mentioned the NHIN functional requirements also. We have worked together
on two NHIN fora that you have been active participants in.

Those have really been excellent opportunities to inform the constituents
about significant progress in many areas, especially the requirements and
security aspects of the NHIN and what those need to be.

We have got the upcoming participation by Simon and Jeff at the AHIC
meeting in December to present those initial requirements. Hopefully that will
proceed.

That will be occurring while the Secretary is in China, and he plans to
participate at a distance, but to participate and not miss that meeting.

I also wanted to use the opportunity just to highlight a number of the
requirements that we have been able to make in the national health HIT agenda,
and the activities that AHRQ has been responsible for coordinating.

I use that word coordination as very important, because I see this as
something where the role of the office is to leverage all the talent and good
work that is out there and to hopefully synergize those activities in a very
positive way.

So, we have achieved one of the milestones, almost finishing the turn of
the crank that the Secretary talks about with the standards, and that is that
coordination body for standards did deliver the first set of interoperability
standards for the first three use cases, and they did that in October, end of
September, October, of this year.

That includes 30 standards and almost 800 pages of interoperability
guidelines. You know, that last part I think speaks to what is different now
from what we have done before where, oftentimes, as we all know around the
table, we identify standards, but the problem is that there has been enough
variation, enough wobble in how those have been implemented, that it really
hasn’t achieved that interoperability.

I think that the interoperability guidelines are something that I am glad
there are people who are obsessive enough to get down to that level of detail,
and thank you, for all of those who have been a part of it.

It really is taking that so that we can really have, as I say, have a
programmer go off in one corner in one institution and program to their
standards, and another in another corner, and that when they bring it together,
they don’t have to go through testing and everything else because they know it
really will operate because the standards have been specified specifically.
That is no mean feat.

So, on another part of that turn of the crank, that is, the certification
of the CCHIT, the certification commission, continues to expand the electronic
health record certification.

It now has 35 certified ambulatory EHRs, and we expect one more round of
certification to go through testing in this first year cycle, which began
mid-year, around May, June.

We are also finalizing the first inpatient certification criteria to use in
testing in patient systems.

Finally, we are working with the CCHIT to begin their foray into the
specialty EHRs, and we will be beginning to explore that area as well very
shortly.

We also had an EHR adoption report that was published by the Robert Wood
Johnson Foundation where, after many different numbers floating around, we now
have a methodology and a criteria set by which we have determined a baseline,
that about 10 percent of doctors in an ambulatory care setting, are using
electronic health records with four specific functions that we consider to be
important, that are derived from the IOM EHR report.

That is, computerized prescribing, computerized test ordering, the
electronic receipt of test results and electronic physician notes. Certainly
the last one is the one that I think is the bar that is one that will be a
little higher than many other systems.

So, that combination of four functions, when you use that, you get to the
figure of 10 percent of doctors using the notes.

That is one that we believe is sufficiently specified that, in fact, CDC
will be putting it into their inventory in the first surveys on a regular
basis, that we will be able to actually track that number.

It is lower than some of the other numbers that were used, the 24 or 25
percent being doctors who have something electronic, but it is not well defined
whether they are using it, much less what function.

Seventeen percent that have something clinical, again, because it doesn’t
have specificity, it could vary from year to year. That is why we are using 10
percent as the baseline.

There was a final report that HEMA issued with the critical how to workbook
for state health information exchange activities. That also is pushed on the
web and we plan to provide some ongoing support, so that they can address some
barriers and solutions and health information exchange cost models and some
Medicaid involvement analysis.

So, there is continued work. To emphasize that focus now of coordinating
with the states, we recently issued a contract with the National Governors
Association for a state alliance for e health.

That is starting the collaborative process to address the cross state
issues. That is one that they will lead and facilitate and our role is to
coordinate and foster that advance, because a lot of the activities have been,
and will continue to occur, at the state.

The key there is to not have the tower of Babel but, in fact, be able to
bring about a coalescence as we move forward in a variety of policies and other
approaches.

Some upcoming activities that we have in 2007, I mentioned the AHIC meeting
on December 12. There are also some meetings, an AHIC meeting in January, and a
forum meeting related to the NHIN.

At the AHIC meeting on January 23, we will actually be doing the NHIN
prototype architecture demonstrations and some presentations on the business
models. So, we are beginning to move that forward.

We will also have the first state alliance for e health meeting in
Washington on January 26, and that will be an open meeting. So, people are
encouraged to come and attend and participate.

The state alliance is also going to be fostering a number of meetings and
sponsoring a number of meetings. There will be some state learning forums that
will be scheduled throughout 2007.

They have three task forces and the meetings will begin in February. One
task force is on privacy and security, and that is really following on the work
of the ISPIC, and another having to do with the practice of medicine task force
and some of the licensing issues there.

Finally, the state role regarding the health information exchange and
really beginning to take on some of the issues raised by the HEMA report.

So, those are some of the things that are coming just in this next quarter.
Really, there is obviously a lot more to come.

We have got a very large and challenging health IT agenda ahead of us that
certainly you have bene working on for years and now has become something that
is really moving forward, and Secretary Leavitt is very committed to that.

There are some significant opportunities, I think, for collaboration, not
only among the committees but with a variety of entities, parts of HHS and
other departments, as well as the private sector, and it is really that public
private collaboration moving forward.

So, hopefully we can use these opportunities to work together toward
transforming health care, because that is what it is all about. It is not about
the technology.

It is about transforming health care and making it higher quality at lower
cost, and I look forward to seeing that. At this point, I can stop and take any
questions you might have.

DR. COHN: Bob, thank you very much. I actually just had a qualification
myself, and I think I see a number of hands going around the table.

It actually had to do with the new state alliance, and I think you maybe
have answered the question. Is this the vehicle for moving forward the
recommendations from the security and privacy collaborative work?

DR. KOLODNER: Actually, it does provide part of that. Jody Daniel will be
here tomorrow and can provide more details, since she is the lead director of
that. You can talk with her some more tomorrow when she is here.

MS. TRUDEL: What plans do you have over the next year to identify and
prioritize new use cases?

DR. KOLODNER: Well, we already started that process. There was discussion
at the last AHIC. In fact, one of the concerns was that, with the various work
groups, that we could very easily go down a stove pipe, so that you have the
EHR in one place and the consumer empowerment in another.

What we did is, we brought together their top priorities as well as some
visioning that the early work groups had done.

We created a matrix where what we wanted to do was to identify priorities
that cut across the work groups. What we will be doing on December 12 is
presenting what we call some proto use cases for EBAC from the AHIC members.

The intention is to have another set of activities which then can be used
to generate these cases and, from those, additional standards. We have got a
lot of work to move forward, not to create standards, but to create the
standards that we can get that next round of instrumentation guidelines on.

So, we expect to turn that crank another time this next year is the
intention, so as to do one more time, and hopefully gain a momentum by doing
that.

So, the specific details I can’t give you at this point, but we certainly
plan to move forward and move the use cases to the implementation and
certification.

DR. FITZMAURICE: Two questions. First of all, it is extremely good for the
country that you are in the position that you are in right now, but it has a
time limit on it.

I am wondering, has there been any discussion about extending your interim
stay as director of ONC, or is it expected to be over finally in February?

DR. KOLODNER: There have not been discussions at this point, but they will
be occurring shortly and that would be up to the Secretaries as to whether or
not my detail will or won’t be extended.

DR. FITZMAURICE: So, you do not plan to run for President, but you are not
ruling it out.

DR. KOLODNER: I have learned never to say never.

DR. FITZMAURICE: The second question is that interoperability requirements
include use cases, high level architectures, message standards and data element
specifications, and harmonization across SDOs.

Interoperability requires all of these, but the most important of them, in
my opinion, putting privacy aside, which I don’t mean to put it aside, is data
element harmonization, reduce the wobble in standards that prevents
interoperability.

Will there be a stronger focus in ONC in the coming year on resolving
differences across SDOs and their data element names, definitions and how those
variables are represented?

DR. KOLODNER: As you know, Mike, ONC doesn’t do that, but what we have is a
contract. The whole approach has been to set up a mechanism and a methodology
that we can begin to mature, and one that is trusted and works.

The HITSBE really is that mechanism. So, what we need to do is to work with
HITSBE to see, is that something worth their time. Is that something that is
the band width, or do we allow a mapping to occur between some of the different
names.

I think the key is whether the boundary on those data elements is the same.
It is when you don’t align those elements, and that you may even use the same
name, but they really mean different things, that you really get into the most
problem.

We will be working with HITSBE and certainly, as an active member of that,
you get to have your two cents with that process.

It is one that I think we have developed a relationship where we certainly
can say, these are the things we want you to work on, but there is a certain
amount of independence because we want that process not to be controlled by the
government,b ut fostered and stimulated so that it becomes a process that
everybody trusts.

I think that one of the things that is continuing and will continue to
clarify is when the recommendation comes from HITSBE to the AHIC, does the AHIC
get to override that.

I think they would, if the HITSBE was simply a subset and a part of the
government, but in fact, it is an independent entity. So, we get to say whether
we accept or not, the AHIC, and then the Secretary gets to decide whether to
accept the recommendations or not, but it is really an independent process.

MR. ROTHSTEIN: I have got a brief statement disguised as a question. The
question is, how, if at all, is the NCVHS’ June report and letter to the
Secretary on privacy and confidentiality and NHIN being implemented, in terms
of its effect on the architecture development or the NHIN or other elements of
the system being developed.

DR. KOLODNER: I can’t give you a definitive answer about that. Obviously
that was a statement as to paying attention to that.

What I would suggest that you might do is talk with Jody about it tomorrow,
since she is our lead for privacy and security.

I think at this point in time I don’t know of a direct link between the
recommendations and what we have done so far, but the question is what we will
do in the future.

MR. HOUSTON: A quick comment in that regard, being on the AHIC CPS work
group, I guess. I know I have made the recommendation on a number of occasions
that that letter be considered in some of the outstanding issues, as well as
some of the recommendations be considered as part of that work group, to make
sure that, as they are setting their agenda, that they are also considering all
the work that we did.

I think a lot of those outstanding questions really do need to be resolved,
everything from opt in opt out to some of the other recommendations that we
made. So, I know it is on the table and I think it would be helpful to continue
to push that, because I think it is a valuable letter to use.

DR. KOLODNER: Mark, the answer is, you have a mole.

DR. WARREN: The question I have is, I guess it is one of coordination. We
have talked today about NCVHS has a privacy subcommittee, AHIC is certainly
looking at that.

We have the contract out for the HISPIC to look at privacy and security.
Now we are having a state governors alliance for privacy and security.

What efforts are out there to kind of have these various groups collaborate
or coordinate their work? I am hearing pieces in a lot of different meetings I
go to that are all the same thing, but everybody is working at it from a
different perspective.

DR. KOLODNER: I think it is a good question. Certainly in terms of the
linkage across the NCVHS and the AHIC activities, we are working at the staff
level to define how we complement one another rather than how we compete with
one another.

With the contract this year with the state, the intention with the state
alliance is to leverage and build on the activities that we had accomplished
with the HISPIC, and to have that extend into some of the states because they
have obviously some of the issues across the states that need to be addressed.

Again, because Jody is the lead on that, and I am still coming up to speed
within the office, I would suggest that that might be a question that you
repeat again for Jody, and I think you will be pleased with the answers.

DR. WARREN: I will be sure. Jody will have a lot of questions tomorrow.

DR. KOLODNER: She is expecting them. I will give her warning.

DR. STEINDEL: Rob, thank you, and I am encouraged to hear that there may be
hope for a future in your response to Mike’s question.

What I would like to comment on and question on is, as I think many people
are aware, I wear many hats and some of them are directly involved in what your
office is doing.

I am involved with HITSBE. I am also one of the people that is directly
involved with CCHIT. I am on their interoperability work group this year and on
the ambulatory functionality last year. With my position at NCVHS, I am also
involved with e prescribing, et cetera.

What we have come up with, and what I encourage you to try to expand is
somewhat related to Judy’s question and what has been mentioned.

One of the most exciting things that I have seen recently being presented
in front of AHIC has been your matrix that you brought forward at the last
meeting in initial format, with the intent of trying to create this cross
coordination effort between all of the issues that are facing us.

I really encourage you to try to flesh that out and really create a true
mechanism for discussion. As a big example that we are facing right now in
trying to adjudicate, in CCHIT, and with HITSPE, involves the certification of
interoperability in two areas, laboratory and e prescribing.

One issue that we have run across with e prescribing doesn’t involve the
HITSBE specifications or anything like that. It involves what is going on with
the Medicare Part D pilots, and how far along they are.

I am just pointing that out, not as an obstacle or anything, but just as an
area to bring into your matrix and have discussion in front of AHIC, and make
people aware that there are many aspects of this problem that confront the
interoperability issue.

It is not really, in my mind, the HITSBE standards that are the ultimate
judge that we hand to the IT developers or whoever, and say, okay, build
against these standards.

It is really against whatever criteria is being tested against for
interoperability by whoever. It is probably going to be CCHIT at least for the
initial stages, but there will be other interoperability testing being done,
especially as we get down to specialty levels. Those issues are different.

We need to consider all of this in the mix. What we are try to do is
actually test where the rubber meets the road. Can we exchange this information
between two people and post it into an electronic health record so that a
clinician can use it. Think about that when you are putting your matrix
together.

DR. KOLODNER: Thanks for your comments, Steve, and it is clear that you are
the glue that is tying together all of this.

DR. STEINDEL: No, I am not.

DR. COHN: Any other questions? Well, Rob, I want to thank you very much for
joining us. Obviously, we look forward to increased collaboration and synergies
between all the various groups as we move forward.

Obviously, we look forward to having you, and we will be obviously having
ongoing conversations but also hopefully seeing you on a regular basis at the
full meetings. So, thank you. I also want to thank Sue and Karen and Jim for
help on this session.

We are running a couple of minutes late, so we will adjourn until 11:00
o’clock, and then reconvene on the letters.

[Brief recess.]

DR. COHN: Now, our next set of items are letters. We will be starting on
those in just a second. However, I just want to take this occasion, we have a
new member who arrived during the break, and I just want to introduce him
briefly.

I think I mentioned him during our beginning introductions, but Garland
Land has joined. He, as I said, will become a member starting on Friday.
December 1 his term begins, but he is sitting in with us for today and will you
be here tomorrow also? He can’t vote until Friday.

Just very briefly, Garland is the executive director of the National
Association for Public Health Statistics and Information Systems.

He previously held a number of senior positions at the Missouri Department
of Health. Garland was telling me that he actually still lives in Missouri and
I guess commutes here twice a month.

Hopefully he will now be coming three or four times a month to join our
committee. Anyway, thank you for joining us.

With that, we are going to be jumping into three letters.

Agenda Item: Subcommittee on Standards and
Security Letters.

DR. COHN: We are asking Denise to assist us with the initial reading of
them. I think part of the question will be what letters need to go for
committee discussion this afternoon, get past with word smithing, et cetera, as
we sort of go through them. Now, Denise, what order were you planning on taking
these?

DR. BUENNING: I believe that the agenda calls for the NPI letter first.
Then the CHI disability letter, and then finally the national drug code letter.

DR. COHN: Okay, so we will have an initial reading. I do want to tell
people that the NPI letter will go to committee this afternoon for further
discussion, even though I think the letter is well written at this point.

MR. HOUSTON: Simon, I have a question. I had a real problem with the NPI
letter. I wasn’t sure what the purpose of the letter even was, and I question
whether this committee needs to consider sending it.

It sounds like the letter sort of said that they needed to do more work. I
think this is the one that was the case. Maybe I have my letters mixed up. I am
just wondering why we are sending this letter.

DR. COHN: Yes, Jeff?

MR. BLAIR: Sure. John, your observation, I think, is correct, that this is
not in the character of most of our recommendation letters, where we are
recommending a specific standard or a specific action.

This is a situation — you are talking about the letter with respect to the
national provider identifier; correct?

MR. HOUSTON: That is correct.

MR. BLAIR: This is kind of, I might say, a little bit of a positional
letter. The testimony that was occurring during our subcommittee meetings, we
debated whether or not to actually write a letter.

We decided it was important to write this letter even though we haven’t
completely finished hearing all of the status from the industry on the NPI.

There are a number of things that are problematical on this and we felt we
couldn’t wait until virtually February, since this is the last time the full
committee meets until February.

By then, it is going to be very close to May 23. So, a number of our
concerns are in this letter and it is kind of a positional letter, I would
phrase it as, to say, these are important issues. We are going to continue to
gather information, but we do encourage Health and Human Services to closely
monitor the status of people getting enumerations for the national provider
identifier.

So, if action can be taken beforehand, that is fine. If not, then we will
be coming back to HHS. Does that answer your question?

DR. COHN: John Paul, without going deeply into this conversation, this
letter may actually get a little more content by the end of the day. So, I
would have you hold your view about whether or not the letter is worthy of
going forward.

MR. HOUSTON: That is fine.

DR. COHN: Is that reasonable? What I am hearing from you is not so much
objection to the letter. You are just sort of wondering whether or not it says
anything.

MR. HOUSTON: When I read the letter, one of the last paragraphs says, and
we are going to do more things in January.

I am thinking, okay, if you are going to do more things in January, why are
we even — I just didn’t think the content was there to say, we will send this
letter out.

MR. BLAIR: The answer to that specific question was that getting a letter
out in February is very close to May. So, it is a timing issue.

DR. COHN: Denise, would you like to read it over, just a first reading?

MS. BUENNING: Addressed to the Honorable Michael O. Leavitt. Dear Secretary
Leavitt:

The National Committee on Vital and Health Statistics, NCVHS, is
responsible for monitoring the implementation of standard transactions, code
sets and identifiers adopted pursuant to the Health Insurance Portability and
Accountability Act of 1996, HIPAA.

The committee has been tracking the implementation of the national provider
identifier, NPI, and wishes to convey to you our preliminary observations on
the industry’s progress toward meeting the compliance date, which is May 23,
2007, for most covered entities.

The committee has heard testimony on several occasions regarding the
readiness of providers, plans, clearinghouses and the software vendors that
support them to use the NPI in HIPAA transactions.

We have concluded that, while significant progress is being made toward
compliance, some key activities may not be completed by the compliance date.

Providers must obtain an NPI and use it for HIPAA transactions by the
compliance date. To date, over 1.2 million NPIs have been issued, which the
Centers for Medicare and Medicaid Services, CMS, estimates represents the NPI
by approximately 50 percent of the total provider universe.

However, few of the providers who have obtained NPIs have communicated
their NPIs to their health plans. Few providers have communicated their NPIs to
the facilities where they practice, and few are sending NPIs in HIPAA
transactions.

Many health plans and clearinghouses report that they are now able to
accept transactions with either legacy identifiers or NPIs.

However, most are still developing cross walk logic to enable them to
associate a provider’s NPI with the legacy identifier already assigned to them
in the plan’s processing systems.

This is critical to assure accurate adjudication and payment, as well as to
connect the provider with his or her historical data.

The plan’s abilities to complete their cross walks depend on having the
NPIs of their provider populations. Plans need time to populate cross walks
with NPIs and to test the cross walks prior to May 23, 2007, to prepare to
accurately process claims and other HIPAA transactions on or after that date.

Therefore, providers who wait until close to the compliance date to obtain
and use NPIs, or if software vendors wait until close to the compliance date to
make changes to support using NPIs, they run the risk of having their
transactions rejected and payments delayed because their plans and
clearinghouses will not recognize their NPIs.

Industry implementation efforts over the next few months will significantly
impact compliance on Mary 23, 2007.

The NCVHS will hear additional testimony on this issue in January. We plan
to obtain input from a variety of provider organizations and health plans,
clearinghouses and software vendors. We will provide more information to you
then.

In the meantime, we recommend that HHS closely monitor compliance
activities and take action as needed to encourage compliance and early testing
by all covered entities. Sincerely, Simon Cohn, chairman, NCVHS, with cc to HHS
Data Council co-chairs.

MR. BLAIR: Simon, did you want to take questions after each letter?

DR. COHN: I think that probably makes the most sense, rather than reading
all three letters. Other than I think probably the very reasonable comment
about, well, geez, why should we even send this letter — I think as I listened
to is, I don’t think there is anything wrong with the letter. It obviously
doesn’t state a firm, strong position on anything. It is more of an FYI sort of
letter. The question is whether the subcommittee wants to add something
additional to it during its breakout this afternoon.

MR. BLAIR: Could we give Harry Reynolds a chance to —

DR. COHN: He is not on the phone right now. He will be coming back this
afternoon. Do others have comments about this letter or the issue? Carol?

MS. MC CALL: More a comment based on the earlier comments about the reason
for the letter. What I would say is, absent being able to provide specific
recommendations and findings, I hear that there is a strong desire, because of
a sense of urgency, to let people know what is going on.

So, when I read the close, in particular the last paragraph, I would
recommend, and I am punching up the sense of urgency with the need to give them
an early signal that things aren’t necessarily on track for a May 23 all clear.
So, more clearly state why this is coming out now absent specific
recommendations.

MR. BLAIR: Do you have any particular wording in mind that would help us?

MS. MC CALL: WE can word smith it off line, but I think in the last
sentence it says, in the meantime we recommend that they closely monitor.

Something in that last paragraph and perhaps tying it to an opening that
says, this is absolutely vital and that is why we are telling you. So, it has
to be more than a recommendation. Maybe, we strongly urge.

DR. COHN: So, I think our suggestion is, we urge HHS to closely monitor.

DR. WARREN: Would it be helpful, Carol, if what we did was put this in the
format of a formal recommendation instead of just having it in the paragraph
the way it is? There is only one recommendation out of the letter. That is why
it was put into the paragraph.

DR. COHN: I think it might look a little awkward, with the nature of the
recommendation. I mean, if there is something more substantive, then you could,
I think, cull it out.

MS. MC CALL: As I was reading the context of the letter, what it reminded
me of is the HIPAA implementation, kind of oh, so long ago.

There is a delightful history of that, actually, in the packet. It says, we
had a date, we had to push back from that date because it took time for people
to get ready.

Then it also went further to say that there were issues in the
implementation, that while we required some covered entities to do it, we
didn’t require other covered entities to submit it.

So, I found myself wondering if this was, in some ways, kind of a repeat of
that. If it is, at least at a high level, it might be worthwhile — we strongly
urge, because of things that we have experienced in the past — to understand
these signals early, the vote early, vote often type of thing.

Is it kind of a repeat? I guess that is a question, then, to the group. Are
there similarities to things that we have learned from HIPAA implementation
around privacy and transactions and the whole EDI?

MR. BLAIR: There are some similarities, but I think this one is more — at
least my perceptions is that this is more a timing piece, that we are so close
that we felt we couldn’t wait until February, to be silent until the full
committee meets in February.

DR. STEINDEL: I look across the table and I see our CMS colleagues are
remaining stoic on this. You know, again, in my multiple hats, one of my hats I
wear is as a public health representative to NUCC, where this has been very
much discussed. So, I have heard this from a lot of sides, as well as from the
NCVHS side.

This is in response to what you were asking, Carol. I think there is a
sense out in the community that every time we have come close to a HIPAA
deadline, it has been extended. So, there is this sense, okay, it is just going
to happen again. We don’t have an urgency.

I think what we can say, and I think what I heard Carol repeat this
morning, even though she may not admit the way I will interpret is, we have had
absolutely no evidence from CMS that they have any intention of extending this
deadline, and that it will happen on May 23.

I am stating this just from my interpretations, and from what I am
interpreting about what Carol said this morning. I will not put CMS on the spot
and ask them to affirm or deny that statement, but I think that is the sense of
this letter.

I think some place we do have to state in there that every indication NCVHS
has is that this will happen and we are pointing out things that should occur
before this happens.

That date is coming very, very quickly, which is why there is a sense that
we want to get this letter out at this meeting and not wait until after the
January meeting because that just even shortens the time frame — or the
February meeting.

DR. COHN: Michael?

DR. FITZMAURICE: There is one issue that I missed before and now I see,
that it doesn’t talk about the desire of the health plans to get access to a
national NPI data base for validating what the providers give them.

I would suggest that, in the third paragraph, that in the middle of it
there is a sentence that reads: Plans’ abilities to complete their cross walks
depend upon having the NPIs of their provider populations. I would add, and
access to the national provider identifier data base or NPI validation.

Now, I don’t know what the name of that data base is. It has a name like
NPES, NPPES. You can just call it the CMS’ national provider data base for
validation.

What that will do, I think, is to start lighting some fires. The fires
would be, do the providers know they have to do this, do the vendors know they
have to do this, do the health plans know they have to do this. Do we know that
we have to get that data base available, because everything is critically
dependent upon this date.

DR. COHN: So, Michael, I am sorry: would you give your suggestion again?
Are you suggesting something be added here?

DR. FITZMAURICE: I would add to the end of the sentence, the sentence that
starts off: The plans’ abilities to complete their cross walks depend upon
having the NPIs of their provider populations and access to CMS’ national
provider identifier base, or NPI validation, or we could spell out the NPPES,
what it means. That was a central part of a lot of the testimony.

DR. COHN: Yes, agreed.

DR. FITZMAURICE: I just missed it before. I should have seen it when we
were reading the letter report.

DR. COHN: Oh, can you write that down where you think it needs to be so
that we can look at it in the subcommittee?

DR. W. SCANLON: I guess I am thinking that the recommendation in some
respects is naive with respect to the timing involved.

I mean, if there are only six months left and you are asking them to first
of all monitor and then figure out if there is a need for intervention and then
presumably figure out what the intervention is going to be and then implement
the intervention, how much time of the six months is left before people in the
community are going to be able to get the notice and be able to respond.

I am wondering, if there are only six months to go before May 23, if we
really shouldn’t be in a position of saying, do something now.

Make the awareness of this date much more in people’s minds, so that they
take the action. In some respects, start an information campaign that you could
argue maybe is not going to be necessary, but it is not going to be effective
if it is postponed several months for there to be the information gathering and
then the development of an information campaign.

DR. CARR: The way I read this, there is an inherent progression that, until
every provider has their NPI, the next step can’t happen.

The way it is set up with the single deadline, is it even feasible? Given
the way it is structured, is it feasible to expect that step two could be done
if step one is due on the same day as step two?

DR. COHN: And step two is use of the NPI?

DR. CARR: Yes, the cross walks, by the payer.

DR. COHN: Karen, do you want to comment on that?

MS. TRUDEL: I think I will stop being stoic. The process is really an
iterative one, in that most plans at this point can accept either a legacy
identifier or an NPI.

Some providers may already have their NPI, they may be using it, and the
plans can accept that. It is a question of when you reach a critical mass of
providers that have NPIs.

At some point in time you need to cut off accepting those legacy
identifiers. If you haven’t reached the critical mass, the providers that
aren’t cross walked yet will have their claims rejected.

This really is a situation that is similar to the original transactions and
code sets. It is not that the plans aren’t ready to accept them. It is that,
until this whole process occurs, a certain number of providers could be at
risk. So, yes, step two and step one can and are being carried out
simultaneously.

DR. CARR: Does step one have to be completed before step two can be
completed?

MS. TRUDEL: For any given provider, yes, but in toto, no. In other words,
if you have one provider that has an NPI, the plan can begin processing that
NPI.

DR. COHN: Carol, do you have some additional comments on this?

MS. MC CALL: Yes, just to kind of continue on this same idea, did you learn
enough information through testimony to be able to make a specific
recommendation that might sound like the following:

Do you know enough to say, look, the cross walk, once you know Dr. Jim has
his NPI, it takes about a month for everybody to go through that cycle.

If the go live date is May 23, Dear Secretary and Dear Campaign, tell
physicians to get it by April 23 or they are at risk come May 23 of not being
able to get something paid.

Is there enough specific knowledge to be able to make recommendations at
least like that, to at least let physicians know, get it by enough in advance.

MS. TRUDEL: If I could make a couple of observations, because I worked with
Harry in drafting this letter, one of the concerns that I think the
subcommittee had after the last discussion was that the testimony that we had
heard had only come from one organization, WEDI, which I will grant you
represents plants, providers, vendors, but there was a sense that there was a
need to hear more robust testimony before actually proposing a specific plan of
action.

WEDI did propose one, and there was a deliberate decision on the part of
the subcommittee not to move forward with that at this time.

That being said, yes, you definitely need — you could say two months,
three months, and I think the outreach material that we are using now is
saying, two to three months is what is needed for the plans to carry out that
process.

DR. COHN: Other comments on this letter? Obviously, I think these are
thoughtful comments for the subcommittee to further work on the letter. I am
hearing suggestions from Michael.

Obviously, the whole committee would like the subcommittee to come forward
with the answers in this time frame. I fear that this is a letter that is meant
to be a step in the process.

I certainly think that, regardless, we should be expecting a much stronger,
more focused letter, which I think is what everybody is wanting for the
February full committee meeting, but that this is not that letter.

DR. TANG: I strongly agree with what Bill said in the sense that
recommending monitoring is just a self fulfilling prophesy to languish and to
delay.

I think we want to, at this point in time, if we are going to stop this
repetitive delay cycle, we need to recommend that the outreach, with specific
concrete actions by specific dates, be put forward to the remaining practices
that haven’t been assigned their NPI. That would have to be probably done in
the subcommittee this afternoon and approved tomorrow.

DR. COHN: Yes, this letter is not put for vote right now.

MR. HOUSTON: That was going to be my comment. You spoke of the February
full committee, and I don’t think it can wait, based on Jeff’s comments.

DR. COHN: Okay, Jeff, work for this afternoon.

MR. BLAIR: Yes, got a little bit of work this afternoon.

DR. COHN: Okay, so that is letter one. Denise, help us with which letter
are we working on now?

MS. BUENNING: We are up to the CHI letter, which is under tab 4 in your
booklet, again, addressed to Michael O. Leavitt, Secretary.

Dear Secretary Leavitt: The National Committee on Vital and Health
Statistics, NCVHS, appreciates your continued support of the consolidated
health informatics — CHI — initiative, an impressive effort to bring together
experts from throughout the federal government to identify standards for the
electronic exchange of health information.

Over the past three fiscal years, the department’s special funding has
greatly enhanced the CHI process by providing rapid enhancement of CHI
recommended standards and for ongoing updating, dissemination and mapping of
clinical vocabulary standards.

To cite two examples, this funding has been critical to the department’s
excellent work on the development and dissemination of the RX norm clinical
drug vocabulary and the daily med standard product label dissemination service.

This recommendation level on the final phase II CHI report, completes the
role that NCVHS has played in the CHI Council acceptance process, i.e., to
provide an open forum for review and an independent assessment of the CHI
standards recommendations.

The committee plans to request periodic updates on the status of standards
recommended and adopted under this process.

Enclosed are the CHI recommendations on the functioning and disability
domain. As recommended by the NCVHS during phase I of CHI, these
recommendations also address standards for patient?client assessment
instruments that contain functioning and disability content.

The NCVHS concurs with these recommendations and recommends approval of the
CHI standards by the Secretary, formal government adoption, and federal support
for U.S-wide use and dissemination of the international classification of
functioning, disability and health, ICF, and the National Library of Medicine’s
unified medical language system, UMLS.

Other standards included in these recommendations are Snomed CT, LOINC, and
Health Level 7 messaging and clinical document architecture, which previously
were recommended for other CHI domains.

We believe that there are many opportunities in the federal health
enterprise that would benefit from the implementation of these standards.

Therefore, we support the recommendations under — — quote — future
considerations on the importance of advancing a use case for the American
health information community, AHIC, and the health care information technology
standards panel, HITSBE, that includes the functioning and disability domains
and associated assessment instruments.

Implementation of the standards in this report are critical to
interoperable data collection and exchange for chronic care, long term care,
patient assessment and health functioning and disability outcomes.

However, at this time, these priority areas are not well represented in the
national standards portfolio. This could be accomplished through a separate use
case or incorporation into use cases for chronic care, problem lists, or
electronic health records.

We encourage the department’s continued use of the collective CHI reports
as the foundation for moving standards forward through the AHIC and HITSBE.

We also strongly encourage the department to continue to maintain a central
fund for high priority standards support and enhancement tasks.

As the work of AHIC and HITSBE drives broader implementation in real world
settings, new requirements for expansion and improvement of these standards
will inevitably emerge.

The ability to quickly allocate resources to address such needs will
sustain the forward momentum toward interoperable electronic health records.
Sincerely, Simon Cohn, chairman, NCVHS, cc, DHHS data council co-chairs and
Robert Kolodner, M.D., and there is a 41-page enclosure which I will now read
into the record. [Laughter.]

MR. HOUSTON: Thematically, I like the letter and I think we have to send it
forward, but we continue to use the word, encourage.

Specifically with regard to the last paragraph, I notice that we encourage
them to do other things. This seems to be in the next item we are going to talk
about, too, we talk about encouraging.

We need to be stronger in some of these recommendations. I guess I am
underwhelmed a little bit by the letters and the fact that they just sort of
don’t stand out there and say, you have got to do this. That is my only
comment.

DR. COHN: So, I am hearing that you would like to see the word recommend
rather than encourage.

MR. BLAIR: There is one other thing that we really should mention. The
process of our relating to the work of the consolidated health informatics
initiative, CHI, CHI has made the recommendation. Our role is whether we concur
with their recommendations.

MR. HOUSTON: I am not talking about that part, Jeff. I am talking about the
last paragraph, where we speak specifically to funding and continued use of
those CHI reports.

I think we can make recommendations in those regards, and I think we
should. I think it is valuable for us to use a stronger word than simply
encourage in these cases.

MR. BLAIR: could you repeat again exactly your sentence?

DR. COHN: I think Denise has got — this is the last paragraph where it is
our recommendation, except that we have used, have somehow lapsed, into
encouraged. I think this is word smithing, rather than probably a friendly
amendment.

MS. GREENBERG: Could you read that sentence for Jeff’s benefit?

DR. COHN: Now, we recommend the department’s continued use of the
collective CHI standards as a foundation for moving standards forward, and I
think I would put a period right there.

We also strongly recommend that the department continue to maintain a
central fund for high priority standards support and enhancement tasks. Is that
okay? Okay, Denise, did you get that?

MS. BUENNING: Yes, I have it.

DR. COHN: Then I guess my question is — other thoughts on this letter? It
will need a little more word smithing. I would observe that somehow we have
turned the very first sentence of the document into something that looks
suspiciously like a run on sentence, which my father might note. When I start
seeing four line sentences, I worry.

This is, I think, a result of our own internal edits, but this is something
that we can handle by editing. I guess the question I would have is, is this
something that needs to go to the work group for further modification, or with
the modifications we have just made, and with further word smithing to be
handled off line, is this document basically good to go? Comments?

DR. STEUERLE: This goes back to something I have comment on before. My
guess is that all of these letters get shipped out and they go into somebody’s
office like Jim Scanlon’s, who basically takes them and highlights two or three
things.

The Secretary probably does not read this, does not even know probably what
a lot of the abbreviations and terminology means, and wants to know sort of the
bottom line, and whether the staff concurs. Probably unless the staff has some
concerns, he probably doesn’t.

I am still not sure that we draft these letters with full cognizance of how
that process works. Having worked in what used to be called the Office of the
Secretary of the Treasury, not HHS, I just know how these systems work.

Sometimes just the highlighting of the bullets and getting to the bottom
line, if you have something you would really want the Secretary to read, make
sure that is just in bold and bullets and highlighted, and the rest of this
stuff is the support stuff that he may or may not read, or the staff may or may
not read.

That is maybe more for the future than now. I think you have got this
letter decent, go ahead and send it. i think it needs a lot more word smithing,
because I don’t sense that it is the Secretary that you are convincing by this
word smithing. You are trying to convince the staff to go along with the
recommendation.

DR. J. SCANLON: There are no surprises here. I refuse to discuss the
intricacies of the organization, other than to say there is a very deliberative
process.

MS. GREENBERG: In the spirit of self criticism, since I have worked on this
also — full disclosure, I worked on this effort for many years and also, at
the request of the standards subcommittee, worked on the letter, in which we
used the format that has been used for all of the CHI letters, however, I would
agree that it takes three paragraphs to say that what we are doing is
concurring with the recommendations of the standards on functioning and
disability.

I think the letter would be clearer if we put that in the first sentence
and then went on with the rest of it. That might not solve all the problems you
are suggesting, but I agree with you on that. This time we really went on for
quite a while before we got to what we were about, not that the other things
aren’t important.

DR. COHN: That is true. I do think that the recommendations toward the end,
in terms of additional funding and all of that, continue to fund it, are very
important also, probably deserve to be bolded or somehow segregated out. I
think I would defer to staff about how we might handle that.

DR. TANG: It is just almost to repeat what you just said which is that, in
addition to ordering, bold is a very useful technique that may help those who
may prepare these statements for the secretary.

DR. WARREN: I guess I have almost a knee jerk response to Gene’s comment.
Yes, our initial consumer is the Secretary, but these letters are on the
internet, and you have no idea the dispersion that this message gets to.

One, all of my students read them. They are required. People who are
looking to see and make decisions about what are we focusing on, if they just
do a google query, they are going to come up against some of these letters.

I think that the work that we do here, we need to make sure that, even
though the initial recipient is the Secretary, it goes far beyond that and
provide some guidance, I think, to the private sector that is trying to answer
and deal with some of the complexities, the issues that we grapple with here.
So, to put some of the history in the letters, this may be the only one that
they pick up.

DR. STEUERLE: My comment wasn’t meant to disagree with that at all. I would
still put it in there. I would just find some way of highlighting it.

DR. CARR: Along those lines, it would see,m then, after these many letters
and these many years, we would have a standard kind of format that the letters
would go in, beginning with what are your intentions, what are your
recommendations and so on, that looks the same, so that anybody looking at them
any time would know where to look.

Secondly, that we have some data definitions around what constitutes
important enough for a recommendation versus an encouragement versus whatever
other words we use.

I think we ought to have some precision in the words so that we all know
what we meant. Perhaps it is a function of how many people weighed in on it or
whatever, but I find it variable and a little bit hard to follow, how the
letters are formatted.

DR. COHN: Justine, I don’t think we will vote on it in terms of this
letter, but you are suggesting a style guide, as my English professor father
would say.

The truth is that different people write different letter and we will see
that in the next couple as we go forward, and probably there will be some value
to that, as well as obviously — I mean, when I read these on the airplane
flight out, I was reminded that we do have an editor on retainer, and probably
a lot of these letters ought to go through the writer, prior to us getting them
in final form.

DR. CARR: I agree with that, on the run on sentences. What I was saying is
more format, that we have an enumeration of bolding, bullets and data
definitions for what constitutes a recommendation.

DR. COHN: Sure, a style guide. We would certainly take that into
consideration. I think Steve has a comment and then we need to figure out what
we are going to do with this letter, or Mike has a comment.

DR. STEINDEL: Simon, I would like to comment. As a drafter of many CHI
letters for this committee, I would like to point out that actually the first
three paragraphs of this letter follow the style of the CHI letters.

There is an introductory paragraph that explains our role, then the usual
second paragraph about what we are commenting on, and then the third paragraph
which says that we concur with the recommendations and then, if necessary, some
qualifiers on that concurrence. So, that does follow the style of a CHI letter,
and that is contained in the first three paragraphs.

What was chosen in this case, because of the nature of the disability
report and it is slightly different than the other CHI letters, were the last
two paragraphs, that encourage the Secretary to go on and use the new process
that he has put into place, to consider adding the new process into this, to
fund what is needed from the process, and to continue using the CHI information
to inform the process. So, that is where the change has occurred.

Yes, we can use recommend or encourage from a style point of view, but also
from somebody who is also involved with those processes as well, the Secretary
and AHIC have already embraced this within those processes.

So, just making our statement reinforces the course that is already being
taken. If you look at the HITSBE contract itself, it says very specifically
that they should look at the collective CHI reports when they are considering
standards for HITSBE. So, it is already embodied in the work that is going
forward.

We have already had a note that we are involved with the use case
processes, and this is just adding another comment on the use case tick marks.

DR. FITZMAURICE: I want to second what you started off maybe 15 minutes or
so ago, Simon, that the letter is pretty much ready to go as it is.

I would split the first sentence up into two sentences, put a period after
initiative, and then start off with, this is an impressive effort to bring
experts together and so forth.

Then I would replace encourage with recommend and perhaps bold those two
sentences, and I would say it is good to go.

DR. COHN: I think we need to get a member, if you agree, to bring forward a
motion.

DR. TANK: I will make that motion.

MR. HOUSTON: Second.

DR. COHN: Okay, is there a further discussion on this, recognizing that I
think Mike has basically described I think the word smithing we all thought we
needed. There might be additional other minor word smithing that may occur,
adding some bolding, as I think Mike has described and I think others have
commented on. Any other discussion about this one? Okay, all in favor, aye?

[Voices heard in favor of the motion.]

Opposed?

[No voices heard in opposition.]

Okay, this letter has passed, then. Congratulations to CHI staff. They have
done excellent work. Okay, now our last letter of the morning is a letter on an
NPRM that is coming forward. I think we need to have you read it.

I have already made a number of clarifications, which I will probably
interrupt you when we get down to the end of the third paragraph and begin to
add some things as we talk through them.

I think you probably need to read it. Just be aware that this NPRM comment
period ends — Randy, maybe you want to come to the table. We are obviously
inviting Randy Leavit from the FDA to sort of join us to help clarify any
questions or otherwise.

So, theoretically we could word smith this one. We could even refer it to
the executive subcommittee for their December meeting to finally ratify if
there are additional changes.

So, we have a little time, is I think what we are indicating here, but he
has intended not that this just be a letter to the Secretary, but a letter also
responding and encouraging a final rule.

MS. BUENNING: Again, it is addressed to Secretary Michael Leavitt. Dear
Secretary Leavitt: The National Committee on Vital and Health Statistics,
NCVHS, is directed by the Medicare Prescription Drug Improvement and
Modernization Act of 2003, MMA, to develop recommendations for uniform
standards to enable electronic prescribing, e prescribing, in ambulatory care.

During the past several years, the NCVHS has focused considerable attention
on the feasibility and desirability of standards that are necessary to support
e prescribing, and the need for standard terminology for clinical drugs to
facilitate automated drug utilization review and decision support for patient
safety.

The FDA developed and maintains the National Drug Code, NDC, a 10-digit
code that identifies drug products marketed in the United States.

The NDC relies primarily on paper-based reports on ingredients, dosage
forms, strengths, labeling and other information from manufacturers,
re-labelers, re-packers and distributors to provide details on marketed drug
products.

FDA uses this information for drug safety and other regulatory purposes.
The NDC is used by dispensers to identify packaged drugs, but is not
appropriate for prescriber use because it does not describe the clinical drug.

In previous reports , the Committee documented NDC deficiencies, most
notably the concern about perceived weaknesses of the current NDC data base and
linkage of the NDC to RxNorm concepts.

The committee expressed the acute need for harmonization of terminologies
in the drug area to eliminate incompatibilities that impair drug utilization
studies and patient safety.

DR. COHN: Again, basically, where it says drug utilization studies in
patient safety, I think minor word smithing where it says, drug utilization
studies, and may negatively impact patient safety.

MS. BUENNING: It impairs patient safety. I was wondering, does this impede
or impair.

DR. COHN: I said, negative impact. That is just to clarify that, but
continue

MS. BUENNING: Let me just review that, then. The committee expressed the
acute need for harmonization of terminologies in the drug area to eliminate
incompatibilities that impair drug utilization studies and may negatively
impact patient safety.

The committee advised that HHS include the National Library of Medicine,
NLM, clinical drug terminology, RxNorm, in the 2006 e prescribing pilot tests
to determine how well the prescriber’s intent is represented or preserved when
the RxNorm information is translated from the prescriber’s system into the NDC
at the dispenser’s system.

The FDA responded by providing the NLM with structured product labeling,
SPL, which includes the content of labeling and drug listing data elements.

DR. COHN: We really need to modify that sentence. Randy and I were talking
about this one. i think somehow we need to annotate that basically it provided
the NLM with structured product labeling information, which included the
contents of labeling and drug listing data elements, basically including
elements necessary for mapping between NDC and RxNorm, which was the point of
that sentence.

That will need a little word smithing. I am becoming a victim of run on
sentences myself here, but we need to somehow include that concept in there.

The FDA also established collaborations with, among others, the Veterans
Health Administration, National Library of Medicine, Agency for Healthcare
Research and Quality and the National Cancer Institute, NCI, for purposes of
clarifying federal medication terminology.

This included working with NLM to link clinical drug to NDC and
distribution of structured product labeling through DailyMed, and working with
NCI enterprise vocabulary services to establish the NCI thesaurus as a source
for FDA terminology.

The committee also encouraged the promulgation of FDA’s drug listing rule
to improve the integrity of the NDC and support the correlation of NDC with
RxNorm.

In recent testimony before the NCVHS Subcommittee on Standards and
Security, the FDA confirmed that the current NDC data base is not
authoritative.

Additional testimony from NLM confirmed that RxNorm linkage to NDC is
currently complicated by this lack of an authoritative source.

On August 20, 2006, the FDA published a Notice of Proposed Rule Making,
NPRM, in the Federal Register, volume 71, Number 167, Docket 2005N-0403,
recommending changes that would allow FDA control over the NDC and would result
in a complete and authoritative source of NDC numbers.

The proposed rule would make a complete list of drug products marketed in
the United States readily accessible electronically, providing for accurate,
unique and unambiguous DC numbers for each drug.

This would allow electronic systems to reliably and consistently link the
NDC number to the appropriate drug labeling through structured product
labeling, SPL.

The drug labeling would supply the drug ingredient and other information
necessary to support the development of medication terminology standards for
electronic prescribing.

As such, the proposal would provide important support for the full
implementation of the electronic prescription provisions of the Medicare
Modernization Act.

The NCVHS commends the cooperation of the FDA and NLM as they address these
issues. The NCVHS recommends that the proposed rule be adopted as soon as
possible, so that it can foster the resolution of those NDC issues previously
identified as problematic. Sincerely, Simon Cohn, Chairman, NCVHS.

DR. CARR: What does it mean when it says, current NDC data base is not
authoritative.

MR. LEAVIT: The current list of NDCs is not complete because it relies on
the companies who assign their own NDCs to report their NDCs in a listing
process. So, our list is not necessarily complete, up to date, because of that,
that companies assign their own NDCs.

MS. CARR: Could we just say it is not complete?

DR. TANG: There is a question that it may also conflict. I thought one of
the complaints about NDC is that there is a re-use of code.

MR. LEAVIT: That is another issue. There are a number of issues with the
NDC.

DR. TANG: So, if the FDA were to be the authoritative source, then it would
be the only source.

MR. LEAVIT: It would be the source, right.

DR. COHN: Would that solve the problem of re-use? I am actually looking to
Randy to respond. So, does this solve the problem of re-use?

MR. LEAVIT: Yes, this proposed rule proposes a solution for re-use.

DR. COHN: For re-use, okay. Russ, did you have a comment on this one. Do
you want to help us with authoritative —

MR. LOCALIO: Well, I have some practical experience in this area. I was
trying to, several years ago, when I was a member of this committee, merge the
prescription drugs in the Pennsylvania Pace Program, with the FDA’s data base,
and it just was not helpful at all.

So, the only way you can actually get an idea of what is being used is to
go to the private sector and use one of their data bases. It is quite
expensive.

Steve and I had some discussions about this. My understanding of what the
FDA is trying to do is, for the first time, to have a data base that has all
the drugs that can be prescribed on it. Is that correct?

MR. LEAVIT: All marketed drugs.

MR. LOCALIO: All legally marketed drugs.

MR. LEAVIT: All marketed drugs.

MR. LOCALIO: I think, if you put it in that perspective, I think there are
data bases that are probably about as authoritative as they can get, that they
are not under the control of the FDA and, if you try to use the FDA data base
today, it just doesn’t work. Does that help?

DR. COHN: It does and I think it puts the exclamation mark there. I am
wondering if we need to — I am actually looking very hard trying to find the
word authoritative and where it appears first.

MS. BUENNING: It is in the second to last paragraph.

DR. COHN: Is that the first time it appears?

MS. BUENNING: I believe so.

MR. BLAIR: Does it appear to be a consensus that we do want to change the
word, authoritative, to complete? My thought is that, if we do that, there are
other aspects. It isn’t just like, well, is the list of drugs complete.

I think the word, complete, in this case is multi-faceted. I am afraid that
will be lost. Authoritative, as long as we know what authoritative means, might
be a more appropriate word.

DR. COHN: I guess the question is, do we put a parenthesis with a couple of
e.g.s of what we mean by authoritative, to help clarify what we mean.

DR. CARR: I apologize if I am not sophisticated in the use of the word,
authoritative, but it is hard to intuit what is the comprehensive coverage,
what does it mean. So, yes, a couple of e.g.s would be helpful.

MS. BUENNING: I think that if you look at the use of the word in that
paragraph, it is used three times. In two of those instances it seems with
reference to source, as it being the authoritative source. I think in that
regard, it probably is appropriate.

Where it is maybe not appropriate or subject to interpretation is where we
talk about the current NDC is not authoritative.

MS. GREENBERG: Would it be correct to say that it has not been validated,
not complete, whatever you want to say.

MS. BUENNING: So, in that instance, then, what I think I am hearing is that
reference to complete.

MS. GREENBERG: it sounds to me that it is not just that it isn’t complete,
but that it maybe over — it hasn’t really been validated, it sounds like. I
don’t know. Complete just sounds like there are things missing.

DR. COHN: I am not sure not validated — I don’t know if that helps us
either.

MS. GREENBERG: That may not be correct either, but I am not saying it isn’t
complete.

MS. BUENNING: If there is a dependence on the manufacturers or whoever is
reporting this information, in that regard you could say it is not complete,
because they are depending on an outside source for it.

DR. COHN: You know, for the purposes of a letter like this, the word,
complete, might actually be fine for the first authoritative, and then you can
use authoritative later on. Michael, did you have a comment?

DR. FITZMAURICE: The authoritative is in there and it is important because
it says that, if it is authoritative, it is under timely, central control.
Somebody is in charge.

It is spread around to manufacturers who get around to reporting that they
have assigned a number to a drug. This says it is under timely central control.

Now, you might not like central control on a lot of things, but I like to
know there is somebody in central control of the labeling of drugs that my
family and I take.

DR. STEUERLE: Perhaps the FDA confirm that the current NDC data base is not
adequate for use as an authoritative source, period. Additional testimony, and
so on and so forth, complicated by the lack of any authoritative source, or an
authoritative source, it is clear that what is going on is two things are going
on.

You are trying to make the data base more adequate to be an authoritative
source, and you are trying to make an authoritative source.

DR. COHN: Okay, everybody is nodding their heads that that is a very good
solution to this particular issue. Other comments about this letter?

I was going to also suggest a new paragraph. This starts later on in that
paragraph. It says, on August 20, 2006 — I mean, noting the NPRM right in the
middle of the paragraph, it seems like it is a paragraph in its own right, but
that is once again word smithing.

MR. HOUSTON: Two things. First of all, nobody really defines what the
proposed rule is, although I am assuming that it is —

MR. BLAIR: A little louder or to the microphone?

MR. HOUSTON: There is no real definition of the proposed rule other than,
in one sentence, you talk about the NPRM and then the next sentence you start
off by saying, the proposed rule, which is half way through the first paragraph
on the second page. I guess I am assuming that the MPRM is the proposed rule.
Therefore, it might be good to clarify that.

Secondly, I hate the fact that we are in the very last sentence of the
letter where we make our recommendation after a fairly wordy discussion.

I guess I question whether we should try to figure out a way to push
forward the recommendation to the start of the letter in some way, and I am not
sure how to do that.

I know that we typically — to Justine’s earlier point, which is that, in
having a style for these letters, maybe put a subject line on the letter that
says something to the effect that we recommend the proposed rule be adopted,
and there was reference to the NPRM or the Federal Register number. Again, it
is just a way to get the recommendation some more clarity, because it is in the
last sentence.

DR. COHN: The NPRM is not mentioned until the second page.

MS. TRUDEL: The recommendation really needs to be that the NCVHS recommends
that the final rule be published as soon as possible.

The notice of proposed rule making is already published, and then it is
followed up, after a comment period, by a final rule.

DR. COHN: So, the final rule be adopted as soon as possible?

MS. TRUDEL: Published.

MR. HOUSTON: As far as we agree with the proposed rule, which we are. So,
you really want to have both pieces of that. We agree with the proposed rule
and we ask that it be published in final form as quickly as possible.

 

MR. BLAIR: Now, help me out on this a little bit, because I can’t see the
letter, but I thought that our recommendation begins with the fact that we
support the publication of the proposed rule, but that it goes further than
that and asks for support or funding. No? It does not? Oh, so that was changed.
Thank you.

MR. J. SCANLON: Procedurally, again, is this meant to be a comment on the
proposed rule, a letter or support for the proposed rule? Would it go into the
docket, for example, and would it be used in support of the proposed rule? I
think probably address-wise, we need to make it clear that that would be the
case. This would be a letter in support of the proposed rule.

Secondly, I think you are right, Jeff. I think we should start off by
saying that the NCVHS means to support the proposed rule. Start out by saying
it is a favorable comment in support of the proposed rule.

MS. TRUDEL: The NCVHS commends the cooperation of the FDA and NLM as they
address these issues. The NCVHS agrees with the provisions of the proposed
rule, and recommends that the final rule be published as soon as possible.

MR. HOUSTON: I think we need to move it up also, because that is the last
sentence.

DR. COHN: Maybe it is there and maybe we need to say something at the very
beginning as well as at the end.

MR. HOUSTON: Yes, and then we can go back to it.

MR. LOCALIO: I just want to make sure that we all understand the time table
here. The proposed rule becomes final and then there has to be some delay of
time between then and when the people who have the NDC code are required to
make them available to the FDA, when the data base becomes complete and
authoritative, and when e prescribing takes effect.

Unless the time table is correct, we are going to have the situation of not
having e prescribing in force and not having the availability of a complete and
authoritative data base to support that activity. Are we announcing that the
time table is going to work or are we just waving our hands at that?

MR. BLAIR: To answer that question, maybe Randy could tell us if the
proposed rule includes a time table and request for appropriate funding to
expedite the availability of the structured product labeling?

MR. LEAVIT: It has a time table, that companies have nine months to make
sure that they have listed their products. After nine months, if their products
are not on the list, they are not considered listed. As far as funding, I don’t
think there was anything in the —

DR. COHN: Proposed rules don’t typically include funding. So, it is a nine
month — that sounds pretty good to me. We should get that with HIPAA
sometimes, but that is another conversation. Russ, does that help? It actually
sounds like it is a good —

MR. LOCALIO: Yes, I wanted to make sure that was on the record.

DR. W. SCANLON: This may be overkill, but just having seen final rules come
out that don’t reflect proposed rules, or are missing key components of
proposed rules, I guess it is more than publish the final rule.

We would like the final rule to reflect the proposed rule that we were just
endorsing here, some language a little bit beyond what Karen had in terms of
publishing a final rule.

DR. COHN: That is a statement based on experience, I suspect. Karen, can
you incorporate that?

MS. TRUDEL: Something to the effect that the final rule be —

DR. COHN: It does say that, though. It says the proposed rule — you said,
the proposed rule be adopted — that they adopt the proposed rule —

MS. TRUDEL: You don’t adopt a proposed rule.

DR. COHN: You adopt what was proposed.

MS. TRUDEL: The NCVHS agrees with the provisions of the proposed rule and
recommends that the final rule contain these provisions and be published as
soon as possible. We will word smith that.

DR. CARR: Just another question. This last sentence in the second
paragraph, the NDC is used by dispensers to identify packaged drugs but is not
appropriate for prescriber’s use because it does not describe the clinical
drug. I think I know what that means, but it is an odd way of saying it.

I mean, it is the drug. One is describing packaging and one is describing
the pharmacokinetics? What is the difference between a packaged drug and a
clinical drug?

MR. LEAVIT: The NDC describes a drug at the product level that the
manufacturer markets. The clinical drug goes to a level that is more of a
generic level.

If you say someone is marketing tylenol, then the NDC will identify it as
tylenol because that is specific to a manufacturer, but the clinical drug will
talk about acetaminophen.

DR. COHN: Also, the NCD talks about the 30 pills in the package.

MR. LEAVIT: It will say tylenol and then it will say that tylenol is
packaged in a bottle of 30 or a bottle of 50, very specific to who makes that,
who is marketing that product. That is where that goes to, right to the bottle
that is on the shelf, where the clinical drug is more at the level of the
ingredients.

DR. COHN: Yes, but Justine, you bring up a good point.

MR. HOUSTON: May I propose that, after the word, packaged drug, that you
put in parenthesis, i.e., its trade name or — something, the drug packaging or
the trade name or marketed name.

I don’t know if you put anything after clinical drug also, to describe it,
something real short just to say what those two mean.

MR. LEAVIT: This identifies the drug as it is marketed.

MR. HOUSTON: right, just put that in parenthesis so that the person reading
it would understand.

DR. COHN: Other comments on this? I guess I would ask the committee what
your desires are on this. I think we have been talking primarily about — I
mean, we will have a considerable amount of word smithing, and I am not seeing
anybody really objecting to the nature of the recommendations or having a
letter come forward.

This obviously will take some word smithing, and I don’t really think that
we should waste the committee’s time either today or even tomorrow sort of
going over it.

It might be something for us to consider, if we agree with the spirit and
the nature of the recommendations, to approve, with the ability of the
executive subcommittee to do a final review, given that we have until January
to get the letter in.

The executive subcommittee will be having a call in December, with the idea
that people can clean it up, we can actually re-send it out if people would
like to make sure that the word smithing is adequate, but approve it with the
idea that the executive subcommittee would do the final review and get it out
the door. Is that something of interest to the committee or do you have other
thoughts?

MR. BLAIR: Could I take up your lead and make a motion? Simon, if it is
okay with you, I would like to make the motion in terms of all three letters.

DR. COHN: No, Jeff, we have already passed the second letter and the first
letter is going back to the subcommittee.

MR. BLAIR: That is fine. Then with respect to the CHI letter and with
respect to this letter —

DR. COHN: Just this letter, Jeff.

MR. BLAIR: You are just doing it to this one?

DR. COHN: We have already passed the CHI letter.

MR. JEFF: I am sorry, I thought it was the other two.

MS. BUENNING: The CHI letter was already moved and passed. The NPI letter
is going back to subcommittee.

MR. BLAIR: So, do you want it just for this letter alone, then?

DR. COHN: Yes, please.

MR. BLAIR: Okay, I make a motion that the committee approve this letter,
pending word smithing and review by the executive subcommittee.

DR. STEINWACHS: Seconded.

DR. COHN: Discussion? Okay, all in favor —

MS. GREENBERG: I wouldn’t say pending, I would say, for finalization by the
executive subcommittee because it won’t then come back to the full committee.

DR. COHN: Okay, discussion? All in favor, aye?

[Voices heard in favor of motion.]

Opposed?

[No voices heard in opposition.]

Okay, that letter is passed. Thank you. Jeff, thank you for the motion.
Now, it actually in reality is 12:15. I am going to suggest that we adjourn for
an hour’s lunch break. We will reconvene at 1:15. Thank you.

[Whereupon, at 12:15 p.m., the meeting was recessed, to reconvene at 1:15
p.m., that same day.


A F T E R N O O N S E S S I O N (1:22 p.m.)

DR. COHN: Now, a couple of housekeeping items. First of all, we are, of
course, not in an unusual fashion, moving the agenda around a little bit.

What we are going to do, as I said, we have a couple of items we have to
deal with first. Since Charles Safran is here to talk about the AMIA document
on secondary uses of data, I suggested that potentially we do that immediately
after lunch, rather than making him sit through our conversations for a couple
of hours. He has gracefully consented, as much as he would enjoy it. I thought
we would give him back half of his day, in other words.

As I said, we need to do a couple of things first. Another piece is that we
are changing some of the subcommittee and work group activities for late
afternoon.

Specifically, Mary Jo Deering is not here, and she is the lead staff for
the NHII work group. I think what we will do for that group is to hold a
conference call some time in early December to sort of talk about next steps,
when she can be available and we can have a conversation on that.

Instead, what we are going to do is have a work group on quality meeting
from 5:00 to 6:00 in this room, 505-A, from 5:00 to 6:00, noting that there
are, I think, some issues coming forward that the quality work group may want
to get involved with.

Certainly, everyone, including non-members of the quality work group, are
invited to sit in and be part of the conversation.

MS. GREENBERG: I think it might be preferable, if they stayed, if the
quality group met in 325-A. The subcommittee on populations will already be
there.

DR. COHN: What is the desire of the group?

MS. GREENBERG: Whatever you prefer.

DR. COHN: I think this is a nicer room for a larger crowd, so why don’t we
do it up here. Now, the next item actually has to do with dinner tonight.

I think as you all know we have arranged a special dinner for the
committee, both to honor retiring members as well as a chance to get together
to talk a little bit in an informal setting. [Dinner logistics discussed.]

MR. BLAIR: Can I ask a question? The fact that we are not having the NHII
meeting from 5:00 to 6:00, I understand the quality subcommittee would meet
then. Does that give us any latitude to begin dinner any earlier?

DR. COHN: We are having a different meeting from 5:00 to 6:00.

MR. BLAIR: So, the answer is no.

DR. COHN: The answer is no. The final piece is, I think we started out this
morning by really acknowledging the hard work and dedication of our retiring
members. I am actually going to turn it over to Jim. We actually have some
plaques.

I just wanted to give you something real to remember your term on the NCVHS
with that is tangible. Jim, please.

MR. J. SCANLON: That is right. In addition to the high pay, the Secretary,
for Bob, for Stan and for Russ, the Secretary has prepared a certificate of
appreciation and letters of appreciation to all three of you.

If we have enough time, I would like to read the citation. Let me start
with Bob. You have got a nice certificate, but I will read the letter itself.

Dear Mr. Hungate: It gives me great pleasure to award you this
certification of appreciation for your four years of service to the Department
of Health and Human Services as a member of the National Committee on Vital and
Health Statistics.

This committee is one of the oldest and most prestigious advisory groups
serving the department. Its recommendations have helped shape health
statistics, health data standards, health information policy and epidemiology
for our nation, and have had a profound effect on new legislation.

Your knowledge, expertise and experience have contributed greatly to the
excellent work of the committee. We wish particularly to commend you for your
time, effort, leadership and counsel that you have provided as the chair of the
work group on quality, member of the executive subcommittee, and work group on
the NHII and the subcommittee on populations. [So, it is a nice portfolio.]

Only the very best are asked to serve, and we are proud to have had the
opportunity to associate with you in this endeavor. Should the occasion arise,
we would like to feel free to call upon you for further assistance.

So, the door is left open, Bob, and again, I emphasize the free part of it.

MR. HUNGATE: Thank you very much.

[Applause.]

MR. J. SCANLON: For Russ, Dear Mr. Localio: It gives me great pleasure to
award you this certificate of appreciation for your four years of service to
the Department of Health and Human Services as a member of the NCVHS.

This committee — [I will repeat some of this] –is one of the oldest and
most prestigious advisory groups serving the department.

Its recommendations have helped shape health statistics, health data
standards, health information policy and epidemiology for our nation, and have
had a profound effect on new legislation.

Your knowledge, expertise and experience have contributed greatly to the
excellent work of the committee. We wish particularly to commend you for the
time, effort, leadership and counsel that you have provided as a member of the
subcommittee on populations.

Only the very best are asked to serve, and we are proud to have had the
opportunity to associate with you in this endeavor. [Again], should the
occasion arise, we would like to feel free to call upon you for further
assistance.

[Applause.]

I will repeat it again. Dear Dr. Huff: It gives me great pleasure to award
you this certificate of appreciation for your four years of service to the
Department of Health and Human Services as a member of the National Committee
on Vital and Health Statistics.

This committee is one of the oldest and most prestigious advisory groups
serving the department. Its recommendations have helped shape health
statistics, health data standards, health information policy and epidemiology
for our nation, and have had a profound effect on new legislation.

Your knowledge, expertise and experience have contributed greatly to the
excellent work of the committee. We wish particularly to commend you for the
time, effort, leadership and counsel that you have provided as a member of the
work group on the national health information infrastructure, subcommittee on
standards and security, and the ad hoc work group on the national health
information network.

Only the very best are asked to serve, and we are proud to have had the
opportunity to associate with you in this endeavor. Should the occasion arise,
we would like to feel free to call upon you for further assistance. Sincerely,
Michael Leavitt.

[Applause.]

DR. COHN: Clearly, the discussions will continue this evening. So, thank
you all very much. Russ, we are sorry that you can’t join us this evening.
Obviously, you will be calling in in the morning and then leaving for Michigan.

Okay, with that, we are obviously very pleased to have Charlie Safran join
us for a presentation. I hope you have all had a chance to review the document,
which I thought was an excellent sort of discussion of secondary uses of data.

I am obviously very curious to hear your thoughts on this and take, and I
am sure we will have an opportunity to have some conversation around this, as
well as next steps.

Agenda Item: Presentation – American Medical Informatics
Association.

DR. SAFRAN: Dr. Cohen, members of the National Committee on Health and
Vital Statistics, thank you for inviting me to come here today and talk about
this important issue.

As Dr. Cohn mentioned, my name is Charlie Safran. As Dr. Cohn mentioned, I
am here as the past chairman of the American Medical Informatics Association,
ably succeeded by Dr. Paul Tang, to report on the use of secondary health data
as it relates to a meeting and a paper that we have recently published.

I am a primary care physician and I am also an associate clinical professor
of medicine at Harvard Medical School in the Beth Israel Deaconess Medical
Center.

I am honored to be here today among friends and fellow members of AMIA, and
our College of Medical Informatics.

The board of directors of AMIA has identified the secondary use of personal
health information as a critical issue for the widespread adoption of health
information technology.

We convened, in April of this year, a blue ribbon panel of experts from
industry, government, academia, to develop a framework that could help guide
policy about, and the use of, secondary health data.

The panel has issued a preliminary report which can be accessed through the
AMIA web site, through our journal’s web site, and I believe there are
preprints of the report here on the table for you to look at.

I won’t read all the names of people who have contributed to the blue
ribbon panel. There were approximately 30 members. The current national
coordinator, as well as the previous national coordinator were both in
attendance, as were some of the people in this room, members from most of the
important areas of government that touch on health data, a reasonable sampling
of industry representatives, not for profit, consumer groups, and some academic
or scientific experts.

This list, I believe these slides and the members of the panel are all
included in the materials that I provided.

We broadly defined the secondary use of health data to be the non-direct
care use of personal health information including, but not limited to,
analysis, research, quality and safety measurement, public health, AMIA
provider certification and accreditation, marketing and other business,
including strictly for commercial activities.

We were interested in issues concerning the benefits, the risks, the public
trust, the balance between public good and individuals’ privacy, the impact of
innovative technology, commercial drivers, remedies for misuse and policy,
including regulation and legislation. We had a very broad set of charters for
the two days that we met.

We convened over a two day period. We had 30 people in a room about this
size. We had a method that we published to produce the results that I will talk
about today, but I thought I would delve into what the results are, rather than
how we got them.

So, our major findings were, first, that the use of secondary data was more
widespread than most of the assembled experts had expected.

For instance, we learned about physician practices that were selling
anonymized data from their electronic health records for over $100,000 per
practice.

The way this mechanism worked was that, if you had an electronic health
record and transmitted the data to this corporate entity, and the corporate
entity was able to sell that data as part of a study sponsored by a
pharmaceutical company, then the practice that had contributed that data were
compensated.

In aggregate, a given practice of moderate size might receive about $40,000
per quarter for the use of this data.

Neither the physicians in the practice nor the patients whose data it was
were informed of this practice. It was the decision of the practice
administrator.

Now, that might have included the physicians. They might have been well
informed and, in most cases, probably were informed in the decision, but that
wasn’t a requirement of how those data got to the central resource.

Although it is probably no surprise to those of you here, we also heard
from the government, CDC particularly, about the biosense project, and the
widespread collection of health data directly from emergency rooms across the
country into a centralized government controlled data base, which was not
generally known by the 30 people in the room at the time.

The second thing that was apparent through discussion was that patient
privacy issues completely dominated the discussion of public trust. This issue
came up in almost every discussion that we had with respect to the secondary
use of health data.

Third, technical innovation made many of the policies and procedures that
were in place out of date. In general, the panel did not believe that
anonymization could be practically achieved.

Lastly, we identified the need for attention and leadership at the national
and state levels concerning these issues, and we are pleased to be here today
as part of the process of bringing this to a higher government level.

We had a framework that we are proposing, and I will go into a little bit
of detail of each of these recommendations concerning a national framework.

That is, transparency, stewardship, consensus, awareness, comprehensiveness
and national leadership, these are the six points of the framework that we are
putting forward.

Specifically, the secondary use of health data must be conducted and
managed solely through the open and transparent process.

This example of the physicians selling EHR data, or practice selling EHR
data without the knowledge either of the physicians or the patients, this
points to the sets of issues that repetitively came up.

So, transparency in the process was one theme that kept coming up and needs
to be a foundation of any framework moving forward.

Diverse stakeholders need to be engaged and need to have full disclosure of
how their data is being used and how it is being re-used. Ongoing and future
public policy discussions need to explicit address these issues more directly.

Secondly, we felt that it is important to focus on stewardship rather than
ownership of data. By stewardship, I mean access, use and control as opposed to
a strictly — I am not a lawyer, I see there are a few in the room — but it
was the sense of the group — and there was only one lawyer among the 30
participants in the room — that ownership was a legal definition and wasn’t
useful in the ongoing discussions.

So, we needed to shift the discussion from ownership to stewardship of the
data. Then, discussions should include considerations and approaches for risk
management and mitigation.

Thirdly, public and private sector organizations involved in advancing the
use of health information should be encouraged to participate in future
discussions on an array of complex issues, striving toward consensus on pivotal
issues.

It was clear, among the participants, that not all the issues had adequate
consensus among the diverse stake holders, from the consumers to industry to
those researchers who wanted access to data for research quality and other
issues. So, the issue of how to build consensus among a wide range of
stakeholders remains to be an important issue.

The wide range of stake holders, especially consumer oriented groups,
including patients and their care givers, need to be convened to assure that
the public is better informed and educated.

So, a recurring theme was that consumers or citizens were particularly
poorly informed about the use of their health information.

One example of this might be as it related to personal health records and
the emergence on the web from corporations of personal health records, which
might be considered under HIPAA non-covered entities. Hence, there would be
perhaps no protection of how that data was used and reused.

That is, a citizen comes to a web site, perhaps provided by WebMD — and I
don’t mean to pick on them — perhaps provided by an employer, neither of which
is in a care giving setting. What happens to that data, how that data is
processed and reused is not well understood by the citizen.

There was another issue related to this with respect to the citizen’s
knowledge about what happens to their data. That is, a coercion of the
financial sector industry when you, for instance, apply to a mortgage. You
frequently sign whatever you have to sign in order to get the mortgage.

There was general consensus around the room that most of us don’t read the
fine print or what is then enabled by the bank in order to convene a loan.

In fact, you probably somewhere in there give away your right to access
quite a bit of your personal information, perhaps including health information,
to various re-suppliers of health data.

From a technical or research point of view, one theme that came up was that
there wasn’t an adequate taxonomy or classification of all the kinds of uses of
health data.

It was thought that it was important and an immediate task to develop a
taxonomy of uses of personal health information which would be comprehensive
and would help clarify the societal, public policy, legal, technical issues
involved in future discussions. We thought that that was an important early
task that clearly needed to be addressed.

In a related way, or not in a related way, but another issue of technology
was that we strongly felt that the technical issues involving identity
management and authentication were, at least from the point of view of the
experts that we convened, not well understood.

There was a general feel among the participants, generally knowledgeable
people, that the technology for data mining and data analysis and combinations
of disparate data streams that were seemingly unrelated far outstripped the
citizen’s understanding of what could be reassembled.

This gets back to my point that the experts convened really didn’t believe
that anonymization was possible, given this kind of technology that we
perceived, or that we were told by experts were out there from other industries
from the marketing point of view.

Lastly, we have recommended and, as part of our being here today, that
there needs to be renewed national and state attention on the secondary use of
health information.

Particularly concerning were new kinds of data that were coming on line,
such as genomic data. That needs to be thrown into the mix.

It was important, from a national policy and state level policy that these
issues of secondary use of health data be addressed, and be addressed
comprehensively.

So, in wrapping up here, the six principles that we put forward in these
recommendations are transparency of policies and practices, stewardship rather
than ownership of data, consensus on privacy policy and security as it relates
to data, public awareness of the kinds of things that are happening to their
data.

Comprehensiveness in our approach to secondary use of health data, not just
for research, not just for quality, but taking into account the commercial uses
that are now widespread and, lastly, national leadership.

So, our board of directors have reviewed and published this white paper. We
intend to hold, convene, a second meeting of a slightly larger nature of
perhaps about 100, 120 folks, to try to lay out and formulate a clear road map
to depict and identify multi-tiered use and reuse of health data, taking into
account both current and foreseeable future applications.

We believe that it is essential to address the complexity that surrounds
secondary use of health data in order to both advance the national health
information infrastructure, as well as to protect the citizens of our country.

That is what is in our report. There is more detail in process, and how we
arrived at some of the findings, but that is a pretty good overview.

DR. COHN: Charlie, thank you very much. When I read it on the plane
yesterday, I found it sort of fascinating.

I guess in some ways I was a little concerned about what appeared to almost
be sort of a fundamental assumption, that one cannot anonymize data.

That may absolutely be the case, although I was trying to figure out
whether that needed to be further validated, considering that that is something
that we sort of tend to believe, that there absolutely ways to make it
anonymous.

Is that something that you are going to be getting further validation of,
or was this just the general sense of the group?

DR. SAFRAN: So, the group didn’t have the appropriate experts available
during the two days that we met when this surfaced as an issue.

As part of the reconvening of a slightly larger group, what we are hoping
to do is to convene a group of experts specifically around this issue, to then
report to the larger group when we reconvene it, to try to more definitively
address those issues.

There have been some scientific publications. Latonya Sweeney at Pittsburgh
and others have tried to address some of these issues around anonymization, and
the lack thereof.

We really didn’t have enough — I mean, we had a few computer scientists in
the room or appropriate folks that deal with this, but we will specifically
address this as a breakout subgroup prior to the reconvening of the larger
panel.

DR. COHN: Why don’t you come to the microphone and introduce yourself.

DR. SAFRAN: Meryl is one of the co-authors of the paper, and runs our
policy group at AMIA.

MS. BLUMROSE: Meryl Blumrose. I just wanted to mention, Simon, to confirm
what Charlie said. We did hear anecdotally during the meeting of people who,
when they wanted to badly enough, could link disparate data sets and, thereby,
identify the patients.

So, in a particular data set maybe the patient could not be identified or
the user might say the patient’s data was anonymized, but by linking disparate
data sets, they could re-identify the patient, and that was mentioned more than
once.

DR. SAFRAN: There was one interesting business side light of that, and that
is that the pharmas really want data that is unidentifiable, for liability
reasons.

So, they are very supportive of, and need to get hold of, data that cannot
be re-identified. That was an issue that came up from the industrial view. They
would like a technology that supported anonymization.

MR. ROTHSTEIN: Thank you. I want to start out by saying I appreciate the
interest in the topic by AMIA, because I think it is a very important one.

As you move forward, let me suggest that it would be helpful, from my
perspective, if you had a broader definition of secondary use.

I think that the definition you have now is only broad enough by reading
things into it. It is not self evidence that it is broad enough. I don’t know
whether it was intended that way or not.

I think it is arguably at the present a narrower definition of secondary
use than the NCVHS has used, and what I would consider secondary use would be
anything beyond TPO.

DR. SAFRAN: TPO is?

MR. ROTHSTEIN: Treatment, payment or health care operations. I think most
of the secondary uses you discussed are really ancillary uses related to the
health care data by researchers for epidemiology for quality assurance, for all
those sorts of other things.

We used the term secondary use in our June letter to the Secretary in a
broader context, meaning mostly beyond health care settings, that is, uses by
non-health care entities for non-health care purposes.

I would invite you to consider some of the recommendations that we made
directly related to secondary use, and would personally — and I would think
the rest of the NCVHS would welcome your support — of some of our
recommendations.

I just want to go through three of them related to secondary use. Number
one is, we recommended that contextual access criteria be built into the NHIN
to limit the scope of information disclosed by authorization to secondary
users.

For example, if I apply for a job tomorrow, my potential employer has a
legitimate use in knowing whether I can do job related function, but they don’t
have a legitimate use in every medical record that has been generated about me
since the time I was born.

The ability to compel me to sign an unlimited authorization allows them to
get everything. Even if I signed a more limited authorization, we don’t have
the capacity built into the system to filter out, somehow, only that which is
relevant to my job application or my life insurance application or what have
you. So, that is why, in June, we recommended that research be done on this and
that it be part of the NHIN.

The second thing that we recommended is that there should be regulation of
the compelled disclosures of protected health information to secondary users.

In other words, whether these people who can compel an authorization should
be limited in what they can compel you to do.

Should employers be able to insist that you sign an authorization
disclosing everything or only job related information. Should a life insurance
company have you disclose everything or just information relevant to your
mortality risk.

The third thing that we recommended in June is that privacy and
confidentiality protections need to be extended beyond the three classes of
covered entities currently covered under the HIPAA privacy rule.

That is something that certainly the department can’t do, but we
recommended that the Secretary promote that issue in Congress.

More generally, it speaks to the need for more comprehensive health privacy
and confidentiality legislation.

A lot of people, as you know, think that the HIPAA privacy rule is more
than it is or that it was intended to be, and is not, never was, intended to be
a substitute for comprehensive privacy and confidentiality law.

Your focus on secondary uses really is, I think, wonderful in raising the
issue of the gap in the protections that we have available.

Sorry to go on so long, Simon, but I could go on for the rest of the
afternoon, as the rest of the committee knows, but I would encourage you to
keep up with this work and broaden the recommendations.

DR. SAFRAN: At the time we convened this group in April, we didn’t have the
advantage of input from this group. So, we welcome that input and we will be
more than happy to work with you in our next iteration.

MR. HOUSTON: I want to go to some of Mark’s comments, but I have one
background question first. What prompted you to say we need to look at
secondary uses? Was there some compelling event? Was there something that said,
geez, this is an issue that we have to really delve into. I am interested to
understand what precipitated or motivated you primarily.

DR. SAFRAN: That is a complex question. I think we were a little bit being
opportunistic as an organization, looking for issues that needed to be dealt
with and weren’t being dealt with by others, that we saw a vacuum and a need.

Then, coupled with that, just to be forthright, it was one where we could
get sponsorship around it. We weren’t interested in getting the government to
sponsor the meeting.

I know this is probably the wrong group to say this to, but it was our
feeling that, when the government sponsors a meeting, they have an agenda, like
a report that is due or an AHIC presentation next week, that whatever you are
doing has to be mapped down into that time frame for that agenda.

So, we were exploring a way that we could find an issue and a need that
could get broad based community support.

This issue seemed to resonate quite a bit, and I should have mentioned it
was on this slide, that we were bale to get support from pharmas and systems
integrators and health IT companies and publishers for this kind of endeavor.
So, I don’t know if that quite answers your question.

MR. HOUSTON: It did. I was just wanting some background. One of the things
that was said, and Mark indicated also, was the issue of anonymization and
whether you could ever have complete anonymization and whether there was some
type of — something occurred or there were issues where there was this
egregious use of secondary data such that AMIA felt that they needed to get
involved.

DR. SAFRAN: There was no seminal event that drove us. In other words, once
we happened on the — once we were directed after this issue, you can see
almost every day in the newspaper something that is relevant to the topic.

So, the relevance of the topic sort of fed on itself, but there was not
something — massive exposure of data — at least in my recollection — so,
there was nothing specific in terms of a news event or a national incident that
drove that. However, issues of disclosure happen all the time in the newspaper.

MR. HOUSTON: Just a comment and I will be done. I am just very concerned
because anonymization is an issue, especially, that people — I won’t say they
become comfortable with but they are sort of starting to accept.

I think that is an area that really deserves some more attention. I think
that if the sound byte coming out of a meeting like this or your presentation
is that anonymization is not — that we are not capable of having complete
anonymization, then it does do two things.

One, I think it does cause people to potentially lose confidence in where
things are going with NIH, and the issue of secondary uses, but I think it also
causes people to look back at HIPAA and say, okay, all of these anonymization
provisions that were in there, de-identification provisions that are in there,
really, are they appropriate.

Do we need to further consider whether, when something is de-identified, it
sort of falls out of the purview of HIPAA. It does raise some interesting
questions and I guess I will just leave it at that, with that comment.

DR. SAFRAN: I will only say that there were 30 interesting people in that
room — 29, I will exclude myself — and it was an issue that kept coming up.
It wasn’t an issue that we had before convening the meeting, but it was an
issue that we couldn’t resolve adequately within the room.

Our recommendation is that really the issue is urgent and needs attention,
not that anonymization isn’t possible. That would be the wrong message.

MR. HOUSTON: I sort of heard that, though.

MS. MC CALL: First, thank you for your comments. This is a topic that is
near and dear to my heart, as well as a number of other people in the room
because of the work that we do.

I would like to first share some thoughts from our work in the quality work
group that are associated with this, and then a couple of specific
recommendations.

First, the thoughts from the work that we have been doing. As we surveyed
the landscape of different efforts around quality, what became apparent to us
is that quality and defining it and finding it will require aggregation.

That aggregation is, in itself, a distinct undertaking with its own
technical process, standards and policy issues, separate and distinct from all
of the work around individual records and NHIN and EHRs and all of that, that
it is, itself, its own discipline.

So, to that point, a couple of questions slash recommendations. The first
recommendation is to consider the same issue that we have been talking about
around standards and taxonomies, but consider that for the analytic framework
world, the secondary use world, as well. So, did that, in fact, come up as one
of your topics.

The second was, I agree with your comment that technology is way ahead of
policy. In fact, I would agree that technology is way ahead of what most of us
understand as capable.

Back to the issue of anonymization, I would strongly encourage you to look
outside the health care field for what is being done and what is possible in
different areas in the — quote unquote — intelligence industry more broadly
and what is being done there, and other types of businesses.

I do know that there are some absolutely fascinating things going on that
are possible now that were not before. I have talked to some of these people
and I would be happy to share those names off line. I would strongly encourage
you to invite them into these forums.

Last, just to echo John’s comments about how we talk about things, I think
rhetoric will be important, everything from whether or not something is
possible to even our use of the words, kind of protect.

They conjure up things that people really don’t understand but the first
thing is, if you feel the need to protect me, I guess maybe I should feel the
need to be afraid.

Yet there is value, too, in secondary use, but I think we need to make sure
that people understand that the uses to which we put a lot of this information
is what makes learning and discovery possible, for things that have great
value.

So, it is trying to provide that and make sure that comes out through what
we talk with people about as well.

DR. SAFRAN: Just one quick comment, your points are good. The issue of
value is one that was repetitively talked about.

In terms of the dialogue and education with the citizen — this is sort of
in the paper, I left it out in terms of my presentation today — but that is a
repetitive theme and point that we make that, in terms of our discourse with
citizens, it is a trade off between what the value is and what the risk is.
That is part of the dialogue and transparency that we need to have as we sort
of move forward.

I was perhaps a little too glass half empty with respect to my presentation
today, but certainly the value of secondary data was on the minds of everybody
there.

Many of the people in the room professionally earn their living, so to
speak, by creating value out of secondary data.

MS. MC CALL: I would agree. Again, I think it is near and dear to probably
everybody that was at that meeting because they make a living at it.

I don’t think that the average consumer probably understands what that
value is. They do not live it and breathe it every day.

I think what we take for granted probably needs to be explicitly surfaced.
That was really my only reason for pushing it.

DR. TANG: Let me start by addressing one of John’s question, which is why
do this, why look at this issue.

I am not sure it was a seminal event as much as an increasing prevalence of
the misuse of data, just like 200 years of misusing paper didn’t suddenly
happen to us. We just realized that things could be done a better way for the
quality of care. The same thing with the protection of confidential health
data.

Another clarification, something that Charlie mentioned in terms of
physician practices having data transferred to the vendor, that wasn’t done in
an anonymous form at that stage. It was only re-sold as anonymous data.

That is an important distinction, because there are many contracts with
vendors that entitle — and that is not an over-use of that word — the vendor
to have access to your data base and the data from it.

Many of them, for their own protection, declare that they intend to resell
it. So, it is not one event. It is something that is becoming increasingly
common in contracts. I am not sure that the practices, and surely not the
patients, understand this.

To talk about de-identification, Latonya Sweeney, who actually began this
work as a student, one of her findings is that 87 percent of us can be
identified only with our date of birth, sex and zip code, like voter
registration record.

Perhaps something that may be more startling is that most people’s genetic
information is stored in — quote — anonymized or de-identified data bases.

With only the date of service, depending on how large the size of the
health care institution you go to, you can go and re-identify this genetic
material and, of course, genetics is self describing in the end.

So, that is the basis for which saying most of this stuff is just not
anonymizable, unless you really do. So, I think HIPAA is correct there.

If you use the 18 identifiers, one of which is a catch all, because it
excludes even date of service, because of the fact I just pointed out is very
revealing, then it truly would be anonymous.

However, it probably wouldn’t be as useful to many people. So, that is the
catch. That is where one of the recommendations of the privacy committee’s
letter said was, you need to extend the prohibition on mis-use of data to
anybody who touches data.

You can’t just say you can share something that can be completely
anonymous, because it can’t. So, I just wanted to clarify that.

As far as, if we do use — in fact, I almost would — this is a personal
opinion not a committee opinion — about the out of statistical
de-identification. That is what I think we are saying is less and less
possible, that if you truly de-identify these identifiers, it probably is
de-identified.

DR. STEINDEL: Until Paul talked, i had three comments that I wanted to
make, and Paul stole my comment on anonymization. So, I am not going to repeat
it.

It was the point that I wanted to make, that you can de-identify data. The
question is how useful will it be, and I think that is really the big issue.

I still have two comments that I would like to make and the first one as in
response to your comment about the biosense system.

The way the comment came across a little bit, at least the way I heard
this, was that this was some nefarious scheme to maintain a data base of health
care information at CDC.

I just wanted to set the record straight that, of course, biosense has been
well talked about and well presented, both within the department and within the
community since we started the project, I guess it is now about four or five
years ago, in its inception stages, and we have been rolling it out since last
year.

I wanted to point out that each one of these systems is put into place with
a signed MOU regarding what data will be collected, how it will be collected
and what it will be used for at CDC, and that is with each one of the
institutions.

So, there is very clear policy. It is a limited data set and that data set
is described. It may change as we progress, because the intent is to use it for
biosurveillance purposes and our knowledge of what is useful there changes on
an almost daily basis, but at least on a year to year basis. So, they are
modifiable.

The data is stored at CDC in a pseudo-anomymized fashion. It is not that we
couldn’t identify the people. We can, but we do collect it in a
pseudo-anonymized fashion because, if we do detect public health problems in
the community, we want to turn that data back in to the public health agency in
the community so that they can handle that.

So, we do have ways of re-identifying. When I say we have ways, I don’t
mean CDC has ways. I mean the royal community has ways of re-identifying data
to address immediate public health concerns.

So, it is not the federal data base in the sky or anything like that. It
has very specific purposes. It is well defined and has specific uses, and is
done with specific agreements with the community, the provider organizations. I
just wanted to set the record straight on that.

The second is, I wanted to commend you on your discussion of defining
better, and especially your idea of a taxonomy, on secondary use.

The reason why I am commenting on this in particular is, at the last AHIC
meeting — and we heard Dr. Kolodner talk about this this morning — ONC
was proposing a matrix of cross cutting issues around the AHIC work groups, and
how they can better define that in the future.

One of the items they identified as a cross cutting issue was what they put
out in what they assumed would be in a totally understandable fashion, was
secondary use of data.

Immediately after their presentation, the whole conversation around the
AHIC table was, what is secondary use of data, what is it limited to.

So, there is obviously not a clear understanding of what is meant by that,
what is meant by a cross cutting issue. So, I really commend your group on
taking this forward, and I hope you are going to be able to develop some sort
of better definitions, from my point of view, as an informatician, a taxonomy
that we could really use for this area. So, thank you.

DR. SAFRAN: Steve, thanks for those comments. I think that my comment about
biosense was that it is still the public.

So, 30 people in that room, I would say that at least 20 had never heard of
biosense, and these were sort of interesting folks in the room.

So, your points are all well taken but they are not communicated to the
public at large, and that is part of the issue of transparency that we have in
this country, that we don’t really have a mechanism or a way of having that
dialogue.

So, it is an issue. It is not whether it is a valid use or not a valid use
or whether the appropriate checks and balances are in place. It is just a need
for a better communication or better dialogue with our citizens around those
types of issues.

DR. STEINDEL: That is why I wanted to make the points on the record of
NCVHS, that this was no, not really that you were suggesting it was that, but
those of us who are liaisons to NCVHS from our federal agency point of view, we
feel there is a need to clarify issues like this for the NCVHS record.

As was pointed out earlier, people do hit the internet, they do read this,
and we want to make sure it is clear to them.

DR. STEUERLE: I was going to repeat a little bit what Carol, when she
mentioned value, I think the need for protection, I think it is very important
not to stress either right to privacy or right to anonymity as being the
ultimately highest value in terms of public good.

There are things — we try to maximize privacy and anonymity to the extent
that we can, but often forsaking public good.

You are probably doing this already, but this issue is not confined to
health at all. Census is having the same debate about the release of census
records, which have been available to the research community for decades, our
tax records are available, withdrawing classifiers and other things for people,
but if I know you have $33,200 worth of capital gains and you have an income of
$73,500, and I can identify that on a data set, I am liable to be able to match
up the data sets and find out all sorts of information about you as well.

So, this information actually cuts across the entire statistical community.
Of course, in the world of computers, what makes it more relevant is now people
can do sort of the data searches — they can make sort of an infinite number of
data searches relative to the things that we might have done by hand
historically, which is why I think it is getting renewed attention.

I really encourage you, when you make the presentation, not to present the
anonymity which, given these facts, is impossible to guarantee at some level.

I think your correct but when the statement just comes out that way it
often leads — particularly, I think, for the legal side of the public sector
— to protect itself by basically constantly withdrawing data from public use.

That has a very grave danger on the other side. I just encourage you to, a,
represent that balance in your presentation and, b, also — and you probably
have tried to find out what Census, IRS and other agencies are trying to do to
deal with this issue.

MR. BLAIR. Dr. Safran, I applaud the work of AMIA in studying this subject.
One of the things, as you have heard around the table — and I am going to add
a different dimensional perspective to it — is also applauding your intent to
come up with a taxonomy.

When the ad hoc team for focusing on the functional requirements of a
nationwide health information network was established as part of the NCVHS, I
am not positive, but I believe that we received testimony from the federal
health architecture folks.

If I recall correctly, they had a taxonomy and one of the things that they
distinguished between was anonymization and de-identification.

That was very helpful to me, and I find that, ever since hearing that,
whenever I hear folks use anonymization and de-identification as if they are
synonymous, I start to get confused as to exactly what they are talking about.
So, that is one reference source that might be helpful as you go through the
development of the taxonomy.

DR. TANG: Maybe just a brief comment. I think the comments that Carol and
Gene made are very, very important, both in the way it is in presented, but I
think the letter that you sent to the Secretary in June is the only way around
it in the recommendation that Mark reiterated.

That is, you can’t at the same time cut off the transmission for good
things at the same time you cut off the transmission for bad things.

It seems the only logical thing you can do is to put everybody under the
same rules, that you cannot do bad things.

We can’t prevent good information to be used by good people to accomplish
societal good unless we have a universal rule that says what you can and can’t
do with the data, it seems to me. I don’t know any other logical way to resolve
this to create the balance. That may be something the committee wants to
reiterate in terms of the letter that it has already sent.

MS. MC CALL: I actually had a related question, not for Dr. Safran, but for
CMS. You talked earlier this morning, Karen, about some pilots, about taking
CMS’ data, the fee for service data, and doing some demonstrations with some
personal health record vendors.

What do you allow them to do? What do you prohibit them from doing? Do they
come under HIPAA for the purposes of those pilots?

MS. TRUDEL: For the purposes of these two very limited proof of concept
pilots, yes, the organizations are under contract with us. They are required to
follow all of our rules, including HIPAA.

These are organizations, keep in mind, that already have medicare fee for
service data. In other words, we contracted with our own fee for service
contractor to do this as a separate line of business.

You raise a really good point. When you talk about organizations that offer
PHRs and the extent to which we would be potentially providing data to those
organizations, what are the secondary uses that those organizations might be
contemplating behind the scenes.

I think that is one of the issues in terms of authorization and
authentication that we need to tackle in our next couple of rounds.

MS. MC CALL: As data becomes liquid, which is really what we are talking
about, even before we get to the magic data bases in the sky, there are issues
around — I think your point, Paul — around what are the standards and
requirements that these entities have to be held to, whether it is secondary or
aggregated or not.

DR. COHN: Charlie and Meryl, thank you. It has been a very interesting
conversation. As you can tell, we are very engaged by it.

I am reminded that back when I started on the NCVHS, Don Detmer was chair
of the committee. I guess, based on the fact that he is now your CEO, I am not
surprised that you would be wandering off into this area.

Having said that, I am also reminded — and I think we learned this with
HIPAA — if you remember, the original intent of HIPAA was to have a public
conversation that included Congress in the development of privacy laws within
three years after HIPAA.

There was never the intent that HHS would have to fashion from HIPAA really
our first national privacy rules and regulations.

MS. GREENBERG: Well, it was the fall back.

DR. COHN: It was the fall back position. I think it just reminds us how
difficult this area is and at times how elusive a consensus is around all of
this.

It is very easy for us to identify problems. It is a lot harder to come to
consensus about assuring ways that the good things get through and the bad
things, as Paul described, are stopped.

There is not a universally held view of what are the good and the bad
things in this. I just wanted to reflect on that for a moment. Anyway, I want
to thank you. It has been a wonderful conversation and thank you for joining
us.

Now, I am going to suggest that we take about a 10-minute break and then we
will get back together and talk about our letter report, and then some of the
cross cutting issues across the committees.

[ [Brief recess.]

DR. COHN: I welcome everyone back. It is 2:45. We have actually three
pieces of work. One is discussion about the HIPAA report. The next piece is the
letter coming forward from the populations subcommittee. The third will be at
least beginning to discuss sort of cross cutting issues with subcommittees
although, depending on how much time we have, that is something we could also
continue tomorrow. So, we will obviously have more than enough time to cover
things.

Agenda Item: HIPAA 8th Report, Action November
29.

DR. COHN: Now, the first, as I said, topic is the HIPAA report. I do want
to remind everybody that this is a first draft, and actually it was really not
reviewed by the executive subcommittee prior to being sent around to the full
committee. So, I would have you consider it as that.

My general feeling is that — this is my own personal feeling is that — is
that it probably deserves discussion at the subcommittee level with
modifications sent up and revisions made before we are to vote on it. If you
feel differently, we could certainly discuss that.

MR. HOUSTON: Which subcommittee?

DR. COHN: I think each subcommittee, where it is appropriate, will handle
their area. So, basically, areas relating to privacy I think would be reviewed
by the privacy and confidentiality subcommittee. I think standards and security
will probably need to handle the other parts, and I think the NHII will somehow
deal with it.

MR. HOUSTON: Let me ask a question. This report is specific to HIPAA?

DR. COHN: Yes.

MR. HOUSTON: When I read through it, there was a lot of information in
there that was unrelated specifically to HIPAA.

There was a discussion about NHIN and other things which, when I read it, I
said, geez, this is informative but should it be in a report where we are
responding specifically to a requirement that we report on HIPAA. That was, I
guess, one comment that I had generally.

MS. GREENBERG: We have always included not only the administrative aspects
of HIPAA, the transaction code sets and all of that, but also the aspects of
HIPAA in which the committee is supposed to make recommendations on patient
medical record information, which extends it into the electronic health record.
So, then I don’t think the NHIN is that big of a leap from that, but I guess
that is open for discussion.

MR. J. SCANLON: Let me talk historically about the report, and this one as
well. It is correct. This is in HIPAA, the statutory language, and it requires
an annual report by the committee on HIPAA implementation.

We started out, remember, with sticking pretty much directly to the statute
but, like a flower unfolding, the committee got into, even under HIPAA now — I
should say like an onion — even HIPAA, remember, asked the committee to
provide recommendations on, I guess it was called standards for patient medical
record information, which was kind of the entre to the whole clinical side.

You could argue that we have probably engaged in somewhat mission creep,
because now we are including electronic prescribing and other terminology and
health data exchange standards as well.

This particular report, as it was in previous years, was put together by
various pieces. I think, as Simon said, it is really intended at the moment as
really kind of a rough draft.

CMS provided information, other staff provided information, OCR provided
information. You could argue that it goes beyond HIPAA but there is a trace
back to HIPAA in terms of the assignments the committee got. The NHIN is
somewhat different, but it probably completes the picture.

DR. COHN: Actually, let me make a comment, and I am just actually
reflecting. I actually had the opportunity, the privilege, to present at a
meeting recently talking about the 10-year anniversary of HIPAA.

Interestingly enough, the speaker after me, who I will not name, talked
about unique identifiers for individuals, and referenced that, if one thinks
about it maybe a little differently, the concept of matching patients to their
records is actually another way potentially to think about that.

MR. J. SCANLON: It is a functionality.

DR. COHN: The question is, do we include that or not include that. I just
throw that in as sort of an interesting take from another presenter.

Whether or not that maybe should be referenced as a way of at least
advancing on that goal of assuring that health care data is accurately
connected with the data who is identified. Just a thought there. I know Judy
probably didn’t think she was doing that but —

DR. WARREN: No, I did. We talked about that in the subcommittee, that we
needed to re-look at patient identifier from a unique perspective in order to
handle this. I mean, it was the direct child or sibling.

DR. COHN: Now that I have really messed up the conversation, my apologies.

MR. J.SCANLON: The structure of this report, I think we agreed in earlier
discussions, it would be an update of what transpired in HIPAA and related
activity since the last report, which was, I think, April 2005. So, this covers
May 2005 through the end of November.

In addition, it was a look back at the 10 year experience, or the 10 years
to when HIPAA was initially enacted, and some lessons learned that the
committee has already kind of stated publicly. So, it would include that as
well.

Obviously, it already has a 12-page executive summary, which is too long.
It may be that the committee may want to consider restructuring, in terms of
the letter report, a shorter one or just the executive summary.

The standards that were updated or issued, the enforcement rule, for
example, and the time period and other things, that could certainly be covered
on one page, but there are a lot of other implementation issues.

It may be that the committee wants to emphasize the 10-year what did we
learn aspect of it, but it is a 12-page executive summary, and I am one of the
authors, and it is too long.

MR. HUNGATE: The executive summary is longer than the body, I think.

MR. J. SCANLON: No, but it is close. Others have argued that they like the
detail and that it is the only place anywhere where all of this is documented
in one place, and when they go back, including several former chairs of this
committee, they have said it is the only place where we actually provide some
detail about what happened. So, you could argue it either way.

MR. BLAIR: I feel there are several ways to go. However, I feel
uncomfortable having a document labeled HIPAA or the 10 year anniversary and
include e prescribing and NHIN.

I think, if we want to include all of that information, I think it should
be properly labeled as a report from NCVHS on its activities over the last 10
years.

Now, I have tremendous respect for the thinking that the folks that worked
on this document may have had and the things that they wanted to accomplish.

Frankly, I am not going to ask for what that was, but I think I would
suggest maybe two or three options and, if one of those options could meet
those needs, then I would go with another option rather than try to slip in
other topics under a banner of HIPAA 10 years.

So, one of them is to refer to it as NCVHS accomplishment or history over
that last 10 years. That way that is an umbrella where we can have them all, or
we could have the HIPAA 10 years as a separate document and then wind up doing
a second document out of this, which would be a summary of the non-HIPAA NCVHS
activities, which not only include e prescribing and NHIN, but a lot of the
population, the quality, some of the privacy stuff, some of the things related
to EHRs.

So, I would rather that we go with either of those two other options than
leave the title of this document as if it is just HIPAA.

DR. COHN: Just correct me if I give it over to Bob, but I just want to
remind you that privacy is HIPAA.

MR. BLAIR: I think there are issues related to privacy that go beyond
specifically. As soon as you get into the privacy recommendations for the NHIN
and you get into the secondary issues, and you get into the letter from this
summer, that gets into issues where HIPAA isn’t covered.

MR. HUNGATE: I was quite comfortable with the pattern as portrayed here
from the standpoint that one of the activities of this past year was to look
back over the past several years and recap that.

I am comfortable with the HIPAA focus because that is a clear audience that
needs clear communication of things that they have assumed responsibility for
through legislation.

I was struck by the similarity of the executive summary and the document
and wondered, when I read documents, I often kind of thumb through the whole
thing and look for things that tell me something.

So, I wondered whether maybe bolding pieces of the whole document would
then serve the summarization methodology for people like me who thumb through
it, because then you stop where something is of interest to you, and you do the
rest of it so that you have the rest of the detail. This was just a mechanical
technique thought, of a way to deal with the commonality of the two documents.

MS. GREENBERG: I think you ended up getting a copy that I handed out to you
of the version that I commented on.

Let me just say a few things in relationship to what has been said. First
of all, we will do an annual report. Our last annual report was 2003-2004.

We will need to talk about actually doing a 2005-2006 annual report, and
that is the report that covers the entire work of the national committee.

It will probably reference this report, whatever it ends up being. So, we
will go into some more detail on some of the HIPAA stuff in this report, the
HIPAA related health IT in this report, than we will in the annual report, but
we do have another vehicle for reporting on the entire committee.

We used to do it annually, and the last several years we have done a
biannual, which I think works out pretty well. So, that is something the
executive subcommittee has to talk about in its call actually later next month,
as to when we want to get started on that, since it will be 2005-2006. That is
in response to Jeff’s suggestion.

I think one could just clarify that, in addition to things specifically
under HIPAA, which does include clinical records, as we have said, there are
other health IT topics that are included here because of their synergy,
whatever.

I think being too narrow that this is a HIPAA report is probably not
helpful to really convey to the audience kind of the work that the committee
has done in this general area.

So, that, at least personally, that didn’t bother me that much. I did
suggest, in this version, that one way to cut back on the — we always have
this problem that there is too much in the executive summary.

It really isn’t 12 pages. It is more like nine or 10, I think, but one way
to cut it back by a few pages is, there is no need to put all of the entire
lessons learned with the findings and recommendations in this executive
summary. I think you can reference it and then the high points, maybe the top
level recommendations or something, and then put the full thing here in the
full report. We probably should try to keep the executive summary to probably
no more than about six pages.

I think the real issue is, we have got the lessons learned. That comes
right out of the letter. Most of it, almost all of it, I think, comes out of
letters that have already been sent by the committee.

So, I don’t think it is controversial in that regard. It has gone through
the committee process and I think there is value in bringing it all together in
one place and, in fact, we are required to.

Particularly, I think the real issue is, obviously it has to be reviewed by
the appropriate subcommittees and all that, but the real issue is whether there
is anything else the committee really feels should be done or said in this
report, particularly because we have just observed the 10th anniversary of
HIPAA, or whether it is just a question of sort of packaging and repackaging,
maybe, the information that is already here, whether the committee wants to use
this as a committee to say anything else it hasn’t already said in the last 18
months. I think that is the main issue at hand. Otherwise, I think most of the
stuff is in here and it is already up on our web site, and it is just a
question of packaging it.

DR. COHN: Marjorie, I think I would actually sort of agree with the comment
about whether there is anything new or more.

Maybe the comment about structure and all of this, as I looked through
this, it appeared to me that what we needed to do was to — if you could now
merge the executive summary with the body of the text and have a report with
appendices, if there is a need for appendices, to handle that.

It appeared to me that if we had a letter that was a page and a half or two
pages long, that would be both the letter and the executive summary. That was
sort of my view of what is important.

I think there are ways to sort of put this together in a way that it looks
like a report and it looks like you have got a way to highlight the important
pieces here. That is one thought, rather than try to create a four, five, six,
seven page executive summary.

To me, there is actually a more fundamental question which, Marjorie, I
think you have gone to which is, this report continues to serve the same old,
same old, same old melodrama of HIPAA, which I think Carol brought up earlier
about, haven’t we learned anything in the last 10 years, isn’t there anything
that we could apply to this and all of that.

Now, this is actually something I want to bring up with standards and
security. There may be a different view in privacy or whatever.

As I said, I had to stand up in front of people without the benefits of the
most recent HIPAA administrative simplification report, much to my chagrin — I
had the lessons learned — and talk for an hour about what had happened over
the last 10 years and lessons learned.

I was aided by some very thoughtful work from Karen Trudel from CMS, and
actually I have about 30 or 40 slides which I would be happy to send out to the
whole committee, if you would like.

This is a different view of lessons earned, which I think sort of augment
and sort of add more flavor to this whole thing.

It isn’t just everything is dour, but that there have really been some
lessons learned and some positive things going forward.

The other thing that I am becoming increasingly convinced about — once
again, this is not through a complete industry-wide survey but more anecdotally
as I began to talk to people about what was going on.

This, as I said, really applies more to the administrative and financial
transactions as opposed to privacy, is this sort of sense that we may be
turning the corner, and that we may be moving from a place where we continue
every year to complain about there is no ROI, people aren’t using it, if only
government would do X,Y and Z to make this happen, to an environment where I am
going, geez, people are actually beginning to use it, there are industry groups
getting together to figure out how to do some of this better and create more
return on investment.

People are anecdotally at least coming out with significant returns on
investments from the non-claims transactions, which is something that we always
sort of talked about.

In reality, with NPI, most of the transactions are out there. So, telling
the government once again, well, geez, you need to get them all out there
before we can do anything maybe sounds a little hollow.

Anyway, as I said, I need to talk to standards and security about it to see
if any of this strikes a chord, but I am actually wondering if the message may
be actually changing and really we are in an environment where people are
beginning to make use of it, that people are creating value out of all of this,
that maybe there is a need for new transactions or updated transaction s
because people want to make even more value of it, and that this has really
been a year of almost what I would describe as transition, moving from
implementation to optimization, which is a term that I use inside my own
company when we talk about implementation.

It is amazing how many systems you put in and how long sometimes they are
there before you actually start doing something where somebody optimizes their
value, and I include electronic health records in that.

Maybe we are actually, at 10 years, into that framing. Anyway, I just bring
this up as something that I sort of saw when I was giving the presentation. I
don’t know if it strikes a chord or not in what people are thinking, but it
really does give you a different sort of report.

MS. MC CALL: It does strike a chord and I think it is tough for us to hold
maybe the memory of what it was like 10 years ago in our heads as we talk about
what it is like today.

Yet, wouldn’t it be valuable, would it be fascinating to go back and
literally dig up the transcripts of the types of things that were always on
kind of the tip of our tongue 10 years ago, and look at the problems that we
have solved or the things that just aren’t as present any more, and look at the
types of things that we are wrestling with now and see how they are different.

How many things are we now able to kind of take for granted or begin to
truly assume today that we couldn’t even begin to assume 10 years ago.

I think that there is a shift, and I hear it implied in our language as we
sit around this table and talk. I hear it at my own company when we talk about
EDI. That just wasn’t possible before in our own company, and the level of
first pass — nobody even had to touch it — adjudication, because of some of
what has been enabled.

MR. REYNOLDS: I think that — I obviously saw your presentation and I think
it does set a good tone. I think Carol’s comments, if we were to start where we
were 10 years ago where everybody was doing it proprietarily and the volumes
were a lot less than they were, and CMS was nowhere near 100 percent automated
claims, start that off, use your presentation.

Then I still struggle with some of the earlier questions. I think John
asked a good question and so did a couple of others, where there is a lot more
in there other than HIPAA and maybe that is a section called sort of the next
wave.

I think it is a stretch to act like they are HIPAA, but I think it is a
mistake not to discuss some of them. That would be my input.

MR. BLAIR: I am very glad you put him first, because I can piggy back on
his comments. Yes, I think there is very much the sense that I have, that there
were very important lessons that we learned from the HIPAA experience.

We began to apply those lessons. I think Congress did also, in the way they
crafted the Medicare prescription drug improvement and modernization act. They
did a much, much better job.

They also were willing to listen to us when we modified the process that we
went through in order to try to provide improved information for e prescribing
standards.

So, Harry, your remark, I would hate to see the e prescribing and the NHIN
thing just put under the banner of HIPAA.

While I do agree that folks have begun to see some type of rate of return,
just like a lot of things that are good, there is also sometimes baggage.

Right now, HIPAA has baggage. I think we have an opportunity here to get a
message through on what we learned about HIPAA, HIPAA lessons learned.

If we either dilute it or lose the achievement of what the e prescribing
and the NHIN pieces are by sticking it under the umbrella of HIPAA, it is like
mixing apples and oranges, and I think we may lose the benefit of both. I think
that is all I will say.

DR. TANG: I think you are right, Simon, that there has sort of been
somewhat of a tipping point since 10 years ago, in terms of we don’t worry
about getting there. It is like what do we do once we are there.

The three themes I heard from our discussion is, one, there is this
perpetual delay. Secondly, we need a streamlined way of updating the whatever
it is, the standards for transactions, whatever. Those are very concrete
recommendations.

One of the things, when we use the term, lessons learned, sometimes it is
used, lessons learned, let’s have the close up meeting, talk about lessons
learned and put them on the book shelf.

I think we actually mean it lessons learned and recommendations going
forward, have that kind of tenor to it or tone.

I wonder, again, if it is not word smithing to create the way that it is
presented or rendered to the public or policy makers.

You want to do recommendations to make this better going forward, instead
of just lessons learned from the past.

The third theme I heard, which is not reflected in our lessons learned or
recommendations, is we talked about processes that could be improved upon.

One of the things is some of the policies that need to actually need to
play catch up again with where technology is.

That refers to the privacy and potentially the security in the way that
NHIN works, because that wasn’t envisioned 10 years ago and it is a completely
different set of players, secondary uses and rules that need to be applied.

I think that really has actually gone beyond the original HIPAA and may
need some updating in the fundamental rule. I say that with some trepidation
but I think that is probably true.

MR. ROTHSTEIN: I have a practical concern about where we are going with
this discussion. I think we need to decide what kind of report we want to
present.

In the past, our reports to Congress have really been descriptive. We have
said what we have done in the last year relative to our charge from Congress.

What I hear many people talking about — and I don’t disagree with the
value of what is being proposed — is a more substantive assessment of lessons
learned from the past and where we go forward and, in a sense, new
recommendations or new conclusions, at least, based on our study.

If we want to go that route, it seems to me that producing a report like
that would take at least six months. The reason that I say that is that it does
take very long to get to sort of contentious issues that you need to work
through.

So, if we wanted to think back, to take Carol’s suggestion, what were we
thinking about 10 years ago, or six or seven years ago or whatever.

One of the issues that was roundly debated, not just in NCVHS but also in
the department and also was, should we have consent or notification as the
standard.

Now that issue is resolved, but there is still not very much agreement on
whether it was resolved the right way or the wrong way.

So, the issue is off the table, in a sense, but I could argue that there
are actually three different ways that we could approach it. The department
made the right call, the department made the wrong call, or it really doesn’t
matter which way the department went on this rule or this particular aspect,
for reasons that I will spare you.

The result is, it would take a lot of debate in subcommittees and in the
full committee to sort of hash that out.

So, what I would propose is that we go with the first sort of view of the
annual report, the traditional descriptive report.

Then, if we want to take up the issue of composing, maybe with a separate
working group or some other arrangement, a separate report on lessons learned
from 10 years of HIPAA, then we can give it more consideration and come up with
some new recommendations.

MR. J. SCANLON: I guess I would add to that as well. The annual report, it
is literally supposed to be an annual report to Congress on the status of
implementation of administrative simplification.

What it does is, it summarizes what occurred over the past year. It has not
simply been descriptive in the past. it has been analytical and pointed out
some new things.

If the committee is thinking of new recommendations, new lessons learned,
then you have to have an evidence base, you have to have on what basis are you
concluding why it is better or there is a tipping point. Otherwise, it is just
more conjecture.

You probably need some sort of a process to work that through, which I
think you did to some extent, or you thought you did, anyway.

So, again, you can use all the recommendations you have already made in the
deliberative process. You are just restating them and pulling them together. It
is probably the only place where all these things are pulled together.

If you are really thinking of new interpretations, then you need new
findings. Otherwise, I don’t know, you could say the committee believes or the
committee thinks, but it is not a recommendation that you have made before, and
there is a question of what is the evidence that supports that conclusion or
recommendation.

MR. BLAIR: I think we have an opportunity here. There are the
recommendations on streamlining the HIPAA process, and i this is going to be a
lessons learned, I would think that streamlining the process is an excellent
complement to the lessons learned, much more so than the e prescribing or the
NHIN.

DR. COHN: Jeff, actually, the lessons learned is already in here, which
includes the recommendation around streamlining, although not the specifics.

MR. J. SCANLON: Not the specifics.

MR. BLAIR: Great.

DR. COHN: Steve, you had a comment?

DR. STEINDEL: I am a little concerned about the discussion of drifting off
and introducing new themes in the annual report to congress.

That is what I think is the subtle difference between this and what we
advise the Secretary on. This report does not go to the Secretary. It goes
directly to congress. If we start introducing things that we haven’t advised
the Secretary on, I am concerned about our position.

MS. MC CALL: With that comment in mind, which I think is very important,
the question that I have for us now is, how can this description be most
valuable to Congress, given the issues that we think they will be most likely
to have in front of them next year.

It can be about how much we share, how we summarize, and also what we lead
with. That, I think, is probably the most important thing. I am back to, let’s
just describe the packaging. This is packaging.

MR. J. SCANLON: I would suggest that it would, in terms of timeliness — we
have got a new Congress.

DR. COHN: Jim, I half understood what you just said.

MR. J. SCANLON: The whole House of Representatives changes.

DR. COHN: Yes, but you said about timing.

MR. J. SCANLON: In terms of when would be the appropriate time to get it
there. The other thing is, if we really want to look in more depth about
progress and tipping points and new recommendations, there is no reason why the
committee couldn’t say you were going to do that in the months ahead. It just
wouldn’t be part of this report.

You could sort of foreshadow — well, you could say you are going to be
looking at this area and provide more substantive detail and further
evaluation.

I mean, when the annual report has new recommendations in it, as long as
they are part of the full deliberation of the committee and the public process,
that is one thing.

Normally, it contains recommendations and findings that you have already
gotten on record, and you weave it together and interpret, but normally the
recommendations of the committee are based on the full public deliberative
process.

MS. MC CALL: If they are going to be considering a bill that has to do with
health IT, I would love for them to get a sense that it is not a Groundhog Day
experience.

I would love for them to get a sense that we have traveled tough journeys
and tough paths and, guess what, we got something for it, and here is what it
is. Let me remind you, kind of to your point, Simon. If we can’t do that in
this report, then we can’t, but it could be valuable. I don’t know enough about
the newness of the members combined with the steepness of the slope they all
think they are going to be facing.

DR. COHN: You know, I think we may be sort of coming around to — I am not
sure we have a consensus here, but I am hearing nobody having an idea for a
draft and spending the next year doing the report that we are hopefully going
to be done with in February. I think that our hope would be that people would
look at it until February.

I am also hearing that people think that we need to take a hard look, and
the subcommittees need to take a hard look at the descriptive information and
all of that in here to see if it needs to be updated, slightly reframed — I
don’t think anybody wants to add lots of new recommendations to the report.

The question is, are some of the recommendations no longer as appropriate
as they were when they were made or do you have other thoughts that might help
explain them.

I do think, however, that we are talking about framing and the issue is
what comes first, what comes second, what deserves to be in the letter, the
maybe page and a half letter that we send to the Speaker, versus somewhere in
the body of the text.

I think that, to me, is sort of those sorts of questions that I think we
need to ponder. The subcommittees, I think, can be very helpful in terms of
saying, yes, this is important enough that it really does deserve to be
highlighted here as opposed to buried on page seven or on page 10 or on page
12.

As I say, I don’t think the intent to bring this forward was to — I don’t
think we thought we would pass this today, but I am hoping that by February we
will be comfortable with this and be able to move forward.

MR. J. SCANLON: That would be a very good time for it.

DR. COHN: I also agree with Steve that I don’t think we want to blind side
anybody with recommendations coming out of the blue, but on the other hand, I
think that if we think things are working a little better, there might be a
nice way to say that. So, thoughts on this one? Are we comfortable taking this
back to the subcommittees, having this be part of the discussions?

The executive subcommittee will obviously work with the chairs to help
bring this to life and do what we can to sort of turn this into something that
we all say, yes, that is about right, for the February meeting with the idea
that some time probably in January hopefully we would be able to get it out to
everybody, the next version, to sort of get all of your input before we present
it.

MR. REYNOLDS: I guess the only issue that still is on the table is, is this
just about HIPAA or are we going to get into the other things?

DR. COHN: Harry, I actually thought that your description — maybe I will
take the prerogative as the chair because I don’t want to spend another hour
arguing about that, but I thought that your suggestion, which was, as with many
others, that we shouldn’t just talk about HIPAA, only because we spend a lot of
time arguing about what is HIPAA versus what is maybe a little bit beyond
HIPAA.

I think your description of sort of this next wave and that being a piece
of it, but clearly identified as such, is probably the best way to handle that.

MR. REYNOLDS: Okay.

DR. COHN: Does that makes sense to everybody? It is sort of in there but it
is not the pivotal piece, but to completely ignore it, probably we are missing
an opportunity to inform Congress about our good work. Jeff, I should ask, are
you okay with that?

MR. BLAIR: Yes, thank you. That puts the other pieces in a different
context as the next wave, and I think that that is appropriate and helpful. It
is complementary as opposed to just putting it under the same banner.

DR. COHN: Harry, does that help you?

MR. REYNOLDS: Yes, thank you.

DR. COHN: When do we see you in person?

MR. REYNOLDS: Well, it looks like dinner.

DR. COHN: Too bad, we were hoping to see him for meetings later on today.
Okay, so I think we are done with the letter. Do you have another thing?

MS. GREENBERG: Would it be reasonable to ask the subcommittees to kind of
validate the content, the relevant content, before Christmas or something. Is
there something missing or is this not relevant.

Get the content validated and then we can discuss how we are going to work
on the framing of it, re-framing of it.

MS. J. SCANLON: We are looking at staff to verify it as well, bring some of
the members up to date.

DR. COHN: There is a pained expression on people’s face, but okay, sounds
good. Now, with this, let’s move on to the other letter, our final letter, and
this is coming from the populations subcommittee.

Agenda Item: Populations Subcommittee
Letter.

DR. COHN: I think most of you received it via e mail. It is not part of
your document. It would be — I think it admittedly is a first draft letter.
Bill, who is present it? Are you presenting it or is Russ presenting it?

MR. W. SCANLON: I think Russ is going to present it.

DR. COHN: I guess, Russ, just to remind me, this is once again a response
to an MPRM and this needs to be completed by when?

MR. LOCALIO: I will go over that.

DR. COHN: Please.

MR. LOCALIO: On October 18 — that is quite a bit after our last meeting —
the Department and CMS came forward with a proposed rule for the use of
Medicare Part D data.

The time table is somewhat limited. Comments have to be in by December 18.
So, we are talking about a two-month window in contrast to the FDA’s proposed
rule which has a five month window. We talked about that this morning.

Now, neither the Secretary nor CMS has asked the committee for any
comments, but what we did was, last week we had a conference call on this
proposed rule.

We thought that, owing to the subject and the amount of discussion we had
had on these issues here at the committee, it would be better for the committee
to weigh in and provide a recommendation albeit unsolicited, rather than to do
nothing.

It fits in with what we have been doing. It puts the committee on the map
as continuing to be interested in the subject.

So, very briefly, what the proposed rule says is the CMS is going to
require the sponsors of the Medicare Part D prescription program — those are
the organizations that are actually running the benefits program — to collect
and provide to CMS a great deal of data on individual prescriptions and payers
and costs and amounts and beneficiaries.

That this information be used by CMS for monitoring the program, but also
be used for three other purposes.

One, to be shared by other federal agencies. Two, to be shared with
Medicare beneficiaries and, three, to be shared with legitimate researchers on
approved projects with minimum necessary identifiers made available under data
use agreements that are currently being used for Medicare Part A and B data.

So, based on that and about an hour’s worth of discussion last Wednesday,
we came up with this draft in what I have to say was record time. Total elapsed
time was about two hours from the first finger on the first key until actually
it got — Marjorie and Debbie circulated it on Wednesday.

So, how do you want to proceed, Simon? Should I read it or how do you want
to — should I give an overview of what the letter says?

DR. COHN: Why don’t you give an overview of what you think it says, and
then you can — I think reading through it for us I think would be helpful. I
found myself, as I looked at it, I think I understand what you are trying to
say, but I wasn’t sure.

MR. LOCALIO: The letter basically commends the Secretary for the proposed
rule, essentially agrees with the proposed rule, but notes that there are many
benefits that are in addition to the medicare program, advancement of public
health and scientific programs, the ability to link these data to the other
medicare data as well as surveys, and disease registries, then, by sharing the
data and being able to link data to facilitate various evaluations and studies
that would not be feasible otherwise.

In other words, to make efficient use of these data for purposes as the
proposed rule outlines, over and above the day to day running of the Medicare
Part D programs.

Essentially, that it provides many opportunities for analysis, not only in
terms of the effectiveness and efficiency of the program, but for scientific
purposes, subject to traditional protections of individual privacy.

So, the proposed rule would further many of the types of initiatives that
this committee has supported in the past.

Essentially, that is supposed to be the tone of the letter. We wanted to
keep it brief. So, I have always talked about the one page letter, and that is
still feasible, given editing to condense it. Would the others essentially
agree?

DR. W. SCANLON: If I could just add a couple of things, one is that there
is no new data collection involved in this. These are the data that were going
to come as a result of claims for drugs being submitted under Part D.

There is a provision in the statute, and actually the rule sort of says
that the purpose of this rule is to clear up an ambiguity that exists with
respect to the medicare modernization act.

There is a provision within the statute that says the data cannot be used
for — I can’t quote you the exact language — but what the rule indicates is
that there are other provisions of law that say the Secretary has a
responsibility, in managing the Medicare program, to use data for effective
management of the Medicare program and, in addition, there are all kinds of
other benefits that can be earned from using this data, as Russ has pointed
out, consistent with what we have talked about and in many other contexts.

So, that is the purpose of the reg. When it came down to looking at the
burden of this, which is an obligation tha tyou have in publishing a rule, they
didn’t do that analysis, because they said there is no new data, new data
collection that is being required.

This has been an issue that has been discussed I don’t know how long, maybe
since the act passed, and there has been a very serious concern to a lot of
different organizations and people.

Senators Grassle and Bacchus introduced a bill this summer that was going
to essentially accomplish what the reg does, just to eliminate any ambiguity
saying, these data are too important not to make use of in terms of the kinds
of analysis that they can support.

They are unique. When we normally look at administrative data for claims,
we have such limited information on the beneficiary, that it is almost a rule
of thumb that the diagnoses are somewhat suspect.

Now you have information about their prescription. There may be some parts
of those data which are suspect, but it is a whole lot better in terms of
knowing about a person’s health status than we have ever had in the past.

So, it opens up all kinds of avenues for analysis to improve sort of what
we can understand about utilization patterns risk adjustment, et cetera.

MS. MC CALL: I was talking off line with Simon. I will go ahead and make it
an online comment, and it is related, Bill, to what you are talking about and
it has to do with the value of the data.

So, depending on what we do with the letter and whether we are recommending
and, therefore, voting, I may actually have a conflict that I have discovered.

It has to do with a company that we have formed in partnership with
another, and the company is, itself, Green Ribbon Health.

It is part of a chronic care improvement pilot through CMS down in Tampa.
The long and the short of it is, because of this little kind of hitch in the
git along in what is in the language of the MMA, we have not been able to
secure the specific pharmacy or Part D data on the people that are
participating in the program.

It was anticipated at the time everybody bid. It has been a very large
issue for the people that actually are running these pilots now, in terms of
the other requirements that are part of the program, in terms of clinical
outcomes and guarantees that we have made clinically, financially, with respect
to the program itself.

I have just personal knowledge of how valuable it can be, but also we have
actually gone on record with what some of those barriers may imply for some of
the requirements of the program as well.

That may, depending on what we do, qualify me with the first conflict that
I have heard out of this group since i joined.

DR. COHN: So, Carol, just to clarify, depending on what we do means, if we
vote on it you will have to recuse yourself?

MS. MC CALL: I would look for guidance from you on that particular matter.

DR. COHN: Okay, thank you for your comment on that. I think I will ask the
executive director and the executive secretary to advise us on that. Do you
have a comment?

MS. GREENBERG: I think when you have a particular interest related to a
recommendation you do need to recuse yourself.

This isn’t one tha tyou are on record for, but I thank you for raising it.
It sounds like it is a particular rather than a general.

MR. J. SCANLON: I think if it were just general policy and it didn’t
involve the specific company, then it is more policy, but in this case it
sounds like a particular interest. On your own you could send in comments.

MS. GREENBERG: The fact is, you are not the only, obviously, company that
would be impacted, but I think I would feel more comfortable, since you have
raised this, to recuse yourself.

DR. STEindeL: As I recall, in the past when we have had conflicts of
interest arise, which has been rare but they have been, the person has recused
themselves from voting, but we have encouraged participation in discussions as
a technical expert.

MR. ROTHSTEIN: very briefly, Russell, I support this letter. I appreciate
your taking the initiative on this. I just have a minor suggestion in the
second line.

I would recommend taking out the U.S. citizens. I think it should read,
because of its assigned role in advising on development of information systems
and data vital to health, comma — okay?

DR. COHN: I thought Mark was going to go a lot stronger than that and say,
I have some privacy and confidentiality wording that needs to be inserted in
here. Mark, you are being very mild today.

MR. ROTHSTEIN: Hey, I have mellowed.

DR. STEUERLE: I would just like to reiterate that, when we drafted the
letter, we were actually very impressed by the discussion in the proposed rule
already about most of these issues raised here.

Our purpose was basically to highlight particularly the value of these data
for all sorts of purposes, including the value of dealing with other agencies
on issues that might come up later in terms of, well, maybe you want the data
for purpose X but do you really need it for purpose Y.

The proposed rule actually did deal with these, and we were very impressed,
I think, just speaking for myself, with just how well drafted it was.

We basically just want to be on board as supporting this variety of health
uses. We wanted to emphasize that this was important to the health of the
population.

I think we often take it for granted when we pursue these matters. It never
hurts for policy officials to know that the reason you are doing this is —
what the net good is that you are really hoping to get out of it. It is not
just some statistical — for the people who love data.

MS. GREENBERG: I have a question. As I admitted on the conference call,
though, I would encourage the group to go forward, and I think it is a nice
example of maybe not quite turning on the dime, but almost, that the small
group from the subcommittee on populations or the subcommittee was responsive
to a need and I appreciated that.

I haven’t actually read the proposed rule. So, I acknowledge that. Does the
proposed rule actually reference the health surveys conducted by NCHS and other
federal agencies, and disease registries such as SEER?

MR. W. SCANLON: Yes, and I don’t remember the NCHS surveys.

MS. GREENBERG: It references SEER but not the NCHS?

MR. W. SCANLON: I didn’t remember the NCHS, but I do remember SEER. I think
they mentioned the CDC survey.

DR. COHN: I think Marjorie may have to recuse herself, too, as a conflict
of interest.

MS. GREENBERG: I don’t vote. I thought, when I referenced this initially, I
thought maybe it was going off a little beyond the scope of the rule. If these
data bases are actually referenced in the rule, then I don’t have that concern.

MR. LOCALIO: I would have to check again because it has been six days.

DR. STEINDEL: I think it has been a little less than six days, but it did
specifically mention SEER and I do believe it mentioned, I believe, CDC
surveys. I had to stop and think what they meant by that and I realized it was
the NCHS surveys.

Just as an observation on my reading of the proposed rule — and I am going
to summarize this very succinctly as I sometimes do — this was the intent of
Congress, I think, when the passed part D, is authorizing the use of Part D
data on medications for the exact same thing we use Part A and B for today.

So, it is really opening no new ground except to cover, as they discussed
very eloquently in the proposed rule, this ambiguity that existed. It is an
ambiguity and they are using regulation to close it.

MS. MC CALL: But the letter basically says — if I understand, the letter
basically says, we really like the rule, hurry up.

MR. LOCALIO: :Marjorie, yes, I found it on page 6-1-4-5-1, right column, on
the bottom. Just to give you an idea, because this is the flavor of the
proposed rule, it says, moreover, matching part D claims data with the
surveillance epidemiology and end results, SEER, cancer registry, would enable
additional studies of cancer treatment and outcomes.

So, that is the flavor of the proposed rule and the intention of the
proposed rule, to open up new possibilities through the collection of data that
can be shared and merged with other existing data sets.

MS. GREENBERG: So, it is in the context of linking the part D data with
these other data sets.

MR. LOCALIO: Yes, that is correct.

MS. GREENBERG: Which actually the point made here I think is somewhat
broader than that. The next point talks about linkage.

MR. LOCALIO: Well, it assumes that people are going to be using it outside
of CMS. I am not sure that CMS has the capacity to do what has been done with
the SEER data alone.

I would say most of the research done with SEER data is done outside the
federal government and it is done on the basis of grants.

I anticipate that the purpose of the rule is to say we would be able to
supplement those investigations by now allowing linkage with the SEER data set.

Actually, there is a SEER CMS data set that is already generated by CMS,
and then used by investigators. This would be to supplement that. So, it is an
add on.

MS. GREENBERG: I just wonder if it would be more in the context if you said
the reinforcement of the utility of existing national data bases. it is not
exactly clear.

DR. COHN: Can I break in at this point? I am really trying to stay away
from word smithing, as I have pages of word smithing on this one.

Now my question is how to proceed. Now, this is the first draft of a
letter. I see multiple places where I would like to see changes, including the
fact that, in the first paragraph, it would be nice to have a little more
standard language, as well as a statement that we are supportive of the rule.

I would like to see more privacy and confidentiality language infused into
this, privacy protections, which I thought was where Mark was going to go.

All of that aside, the question is, yes, we could spend the next three
hours word smithing this. I personally don’t think that is a good use of the
committee’s time.

I guess the question is — I really ask people for assistance in terms of
how to proceed. We have a couple of options here.

I mean, we can basically approve in principle going forward with a letter
supportive of the NPRM and asking that the NPRM be — what was the term you
used in the other letter — the final rule be published speedily and with the
same concept as this rule.

I think we can infuse some preamble language based on what I think Russ has
done to sort of provide a little more support of that.

I think at the end of the day that is what we are really saying there. We
are using words to sort of say, yes, we think this rule is a good rule.

Now, if that is the case, one option we would have is to I guess pass it in
principle, ask the executive committee which I guess meets before December 18,
to work with staff to get a word smithed version.

This would be something that maybe we would send out to everybody to make
sure that we are not completely off course on all of that but, assuming that,
ask them to be the final adjudicators of the letter, knowing that the point of
the letter is to support this rule.

Now, is that something that makes sense for people? Is that the route you
would like to go? Alternatively, we can read through this and sort of discuss
each of the bullets or we can defeat it.

MR. ROTHSTEIN: I support your suggestion, Simon. this is not a letter that
is presenting new facts. It is not a new recommendation developed by us that we
need to hash out every word in full committee. It is really a statement in
support of this NPRM and I think your proposal is certainly appropriate.

DR. COHN: Is there a motion?

MR. ROTHSTEIN: And therefore I so move.

DR. COHN: Is there a second?

[Motion seconded.]

Is there discussion? So, if this passes, what we will do, then, is ask
staff to help us with the next version of this letter.

We will send out the version after I have reviewed it to the full committee
for a final review and input, which then will be finally adjudicated by the
executive subcommittee which is meeting hopefully before the 18th of December.

MS. GREENBERG: Fifteenth.

DR. COHN: Fifteenth, so just in time. So, any questions about that process
as described?

MR. BLAIR: I just have one question with respect to when we vote. Is it
advisable or appropriate for there to be identification of the folks that vote
yes and the folks that abstain and the folks that vote no, so that there is a
record?

DR. COHN: How about if we do it this way. Is there anyone here who is going
to recuse themselves?

MS. MC CALL: Based on specific recommendations, I would stand recused on
this particular one.

DR. COHN: Anyone else moving to recuse themselves on this one? Okay. Jeff,
I guess what I will say is, if there are votes yes and no, then we will
identify specifically the votes.

MR. BLAIR: That is fine.

DR. COHN: Okay, all in favor?

[Voices heard in favor of the motion.]

Opposed?

[No voices heard in opposition to the motion.]

Okay, and Carol, thank you for your recusal. With that, we are at 3:45. Now
I guess I should ask, we obviously have standards and security up here.

Before we determine finally where the quality work group is going to meet,
Jeff, will you be done by 5:00 or should we have that group continue?

MR. BLAIR: I would hope that we are done by 5:00 but you never know.

MR. REYNOLDS: Simon, we should be done by 5:00.

DR. COHN: Okay, so basically, standards and security meets up here,
populations downstairs, then quality comes up here at about 5:00 to meet from
5:00 to about 6:00. We have dinner at 7:00 and there are instructions on how to
get there. It is very close or at least central, I guess is better way to
describe it.

MR. ROTHSTEIN: The privacy and confidentiality meeting for tomorrow morning
has been canceled. The hearing will begin at 2:00.

DR. COHN: Okay, we have handled all letters except for the NPI letter. We
have an hour and 10 minutes for that.

Now we have now, however, had a chance to talk about cross cutting issues
and other plans like that, that I would like to do early in the day if we can.
Are people willing to start at 8:30 with the assurance that we will be out by
noon and maybe even a couple of minutes before?

Okay, so we will reconvene tomorrow morning at 8:30, for certain done by
12:00 noon, with privacy and confidentiality starting at 2:00.

MS. GREENBERG: We won’t have any action items until at least 9:00, I would
say.

DR. COHN: Yes, absolutely. We will talk about cross cutting issues first
and then get to the action item after that. Okay, I want to thank you all. It
has been a busy day, a full day, and we will see you for dinner. Thank you. The
meeting is adjourned until tomorrow.

[Whereupon, at 3:45 p.m., the Full Committee meeting was recessed, to
reconvene the following day, Wednesday, November 29, 2006.]