[Federal Register: March 24, 1998 (Volume 63, Number 56)]
[Notices]               
[Page 14120]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr24mr98-83]

=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES

Centers for Disease Control and Prevention

 
National Vaccine Advisory Committee Meeting

    The National Vaccine Program Office of the Centers for Disease 
Control and Prevention (CDC) announces the following meeting:

    Name: National Vaccine Advisory Committee (NVAC) Immunization 
Registries Workgroup on Privacy and Confidentiality.
    Time and Date: 9 a.m.-5:30 p.m., April 6, 1998.
    Place: The Hilton at Riverside, 2 Poydras at the Mississippi 
River, New Orleans, Louisiana 70140, telephone 504/561-0500.
    Status: Open to the public, limited only by space available. The 
meeting room accommodates approximately 400 people.
    Purpose: During a White House ceremony on July 23, 1997, the 
President directed the Secretary of Health and Human Services (HHS) 
to work with the States on integrated immunization registries. As a 
result, NVAC has formed a workgroup, staffed by the National 
Immunization Program (NIP) which will gather information for 
development of a National Plan of Action for Immunization 
Registries.
    To assist in the formulation of this work plan, a series of 
public meetings, relating to (1) privacy and confidentiality; (2) 
resource issues; (3) technology and operations; and (4) ensuring 
provider participation, will be held throughout the Nation. These 
meetings will provide an opportunity for input from all partners and 
stakeholders which include state and local public health agencies, 
professional organizations of private health agencies, managed care 
organizations, employer-funded health care plans, vaccine 
manufacturers and developers, vendors and developers of medical 
information systems, information standards development 
organizations, parents, social welfare agencies, law enforcement 
agencies, legislators, privacy and consumer interest groups and 
other representatives of the public at large.
    Based on the outcome of these meetings, a National Immunization 
Registry Plan of Action will be developed and proposed to NVAC for 
their deliberation and approval. This plan will identify registry 
barriers and solutions; strategies to build a registry network, 
resource requirements and commitments, and a target date for network 
completion.
    Matters to be Discussed: Agenda items will include an overview 
of the Initiative on Immunization Registries and current 
immunization registry efforts and discussions by organizational 
representatives on privacy and confidentiality issues relevant to 
immunization registries.
    Agenda items are subject to change as priorities dictate.
    Terminology: Privacy--The right of an individual to limit access 
by others to some aspect of the person. Confidentiality--The 
treatment of information that an individual has disclosed in a 
relationship of trust and with the expectation that it will not be 
divulged to others in ways that are inconsistent with the 
understanding of the original disclosure. Individually identifiable 
information--Information that can reasonably be used to identify an 
individual (by name or by inference).

Questions To Be Considered

    1. Should immunization data have different privacy requirements 
than the rest of the medical record?
    2. How can the disclosure and re-disclosure of immunization 
information be controlled through policies, procedures, and 
legislation?
    3. Should consent to participate be implied or required? In what 
form?
    4. Should different levels of disclosure be possible? What 
levels should be available to what groups?
    5. Who should have access to immunization registry data?
    6. What information should be disclosed to an immunization 
registry?
    7. What other uses can immunization registry data have?
    8. Would ability to produce a legal record be a desirable 
function for the registry?
    9. What fair information practices should be implemented (e.g., 
ability to correct the record, notice of being put in registry to 
parent)?
    10. How long should information be kept in a registry?
    11. How will privacy issues affect the following groups: 
parents, immigrants, religious groups, HIV-positive and other 
immunocompromised health conditions, law enforcement, victims of 
domestic violence, and custodial parents?
    12. How should registries ensure that privacy policies are 
followed?
    13. Do you have any comment or recommendation for NVAC/CDC/HHS 
related to the implementation of the network of state and community 
based registries and do you have any concerns?
    14. Do you feel that there is a need for the Federal Government 
to provide leadership in developing state and community based 
immunization registries? What should the role of the Federal 
Government be in this effort?
    15. Given the mandate of Health Insurance Portability and 
Accountability Act (HIPPA) to create a unique health identifier, how 
should that goal be achieved while minimizing the probability of 
inappropriate use of the identifier?
    16. What steps can be taken to prevent unauthorized re-
disclosure of information already provided to an organization or 
person?
    17. What data capture technology (e.g., bar codes, voice 
recognition, etc.) can minimize the negative impact on workflow?
    18. What techniques (e.g., standard knowledge representation 
such as Arden Syntax) can be used to disseminate vaccination 
guidelines to individual registries quickly and with a minimum of 
new programming required to update automated reminder/recall and 
forecasting based on the guidelines?
    19. What legal barriers exist that prevent data sharing by MCOs 
and how can they be obviated?
    20. What mechanism should be available to allow parents to opt 
out of the registry?
    21. What agency/organization should be responsible for 
maintaining registry information?
    22. How should consent for inclusion in an immunization registry 
be obtained? Should it be implicit or explicit?
    23. What information should be included in an immunization 
registry?
    24. Should registries include (and release) information on 
contraindications, adverse events, etc.?
    25. Who should have access to immunization registry data and how 
can restricted access be assured?
    26. What information should be available to persons other than 
the client/patient and the direct health care provider (e.g., 
schools)?
    27. What is the best way to protect privacy and ensure 
confidentiality within a registry?
    28. How should individuals/parents have access to registry 
information on themselves/their children?
    29. Should data maintained in a state and community based 
immunization registry be considered public information?
    30. Would national privacy and confidentiality standards help 
ensure that data maintained in an immunization registry is 
protected?
    Contact Person for More Information: Robb Linkins, Ph.D., Chief, 
Systems Development Branch, Data Management Division, NIP, CDC, 1600 
Clifton Road, NE, M/S E-62, Atlanta, Georgia 30333, telephone 404/
639-8728, e-mail address: rxl3@cdc.gov.

    Dated: March 19, 1998.
Carolyn J. Russell,
Director, Management Analysis and Services Office, Centers for Disease 
Control and Prevention (CDC).
[FR Doc. 98-7694 Filed 3-23-98; 8:45 am]
BILLING CODE 4163-18-P