<DOC> [110th Congress House Hearings] [From the U.S. Government Printing Office via GPO Access] [DOCID: f:37983.wais] MEETING THE NEED FOR INTER-OPERABILITY AND INFORMATION SECURITY IN HEALTH IT ======================================================================= HEARING BEFORE THE COMMITTEE ON SCIENCE AND TECHNOLOGY HOUSE OF REPRESENTATIVES ONE HUNDRED TENTH CONGRESS FIRST SESSION __________ SEPTEMBER 26, 2007 __________ Serial No. 110-57 __________ Printed for the use of the Committee on Science and Technology Available via the World Wide Web: http://www.house.gov/science U.S. GOVERNMENT PRINTING OFFICE 37-983 WASHINGTON : 2008 _____________________________________________________________________________ For Sale by the Superintendent of Documents, U.S. Government Printing Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; (202) 512ÿ091800 Fax: (202) 512ÿ092104 Mail: Stop IDCC, Washington, DC 20402ÿ090001 ______ COMMITTEE ON SCIENCE AND TECHNOLOGY HON. BART GORDON, Tennessee, Chairman JERRY F. COSTELLO, Illinois RALPH M. HALL, Texas EDDIE BERNICE JOHNSON, Texas F. JAMES SENSENBRENNER JR., LYNN C. WOOLSEY, California Wisconsin MARK UDALL, Colorado LAMAR S. SMITH, Texas DAVID WU, Oregon DANA ROHRABACHER, California BRIAN BAIRD, Washington ROSCOE G. BARTLETT, Maryland BRAD MILLER, North Carolina VERNON J. EHLERS, Michigan DANIEL LIPINSKI, Illinois FRANK D. LUCAS, Oklahoma NICK LAMPSON, Texas JUDY BIGGERT, Illinois GABRIELLE GIFFORDS, Arizona W. TODD AKIN, Missouri JERRY MCNERNEY, California JO BONNER, Alabama LAURA RICHARDSON, California TOM FEENEY, Florida PAUL KANJORSKI, Pennsylvania RANDY NEUGEBAUER, Texas DARLENE HOOLEY, Oregon BOB INGLIS, South Carolina STEVEN R. ROTHMAN, New Jersey DAVID G. REICHERT, Washington JIM MATHESON, Utah MICHAEL T. MCCAUL, Texas MIKE ROSS, Arkansas MARIO DIAZ-BALART, Florida BEN CHANDLER, Kentucky PHIL GINGREY, Georgia RUSS CARNAHAN, Missouri BRIAN P. BILBRAY, California CHARLIE MELANCON, Louisiana ADRIAN SMITH, Nebraska BARON P. HILL, Indiana PAUL C. BROUN, Georgia HARRY E. MITCHELL, Arizona CHARLES A. WILSON, Ohio C O N T E N T S September 26, 2007 Page Witness List..................................................... 2 Hearing Charter.................................................. 3 Opening Statements Statement by Representative Bart Gordon, Chairman, Committee on Science and Technology, U.S. House of Representatives.......... 7 Written Statement............................................ 9 Statement by Representative Ralph M. Hall, Minority Ranking Member, Committee on Science and Technology, U.S. House of Representatives................................................ 11 Written Statement............................................ 12 Statement by Representative David Wu, Chairman, Subcommittee on Technology and Innovation, Committee on Science and Technology, U.S. House of Representatives.................................. 13 Written Statement............................................ 14 Statement by Representative Phil Gingrey, Minority Ranking Member, Subcommittee on Technology and Innovation, Committee on Science and Technology, U.S. House of Representatives.......... 15 Written Statement............................................ 16 Prepared Statement by Representative Jerry F. Costello, Member, Committee on Science and Technology, U.S. House of Representatives................................................ 17 Prepared Statement by Representative Harry E. Mitchell, Member, Committee on Science and Technology, U.S. House of Representatives................................................ 17 Witnesses: Dr. David E. Silverstone, Clinical Professor of Ophthalmology and Visual Science, Yale School of Medicine; Assistant Chief of Ophthalmology, Yale-New Haven Hospital; Practicing Ophthalmologist, The Eye Care Group, New Haven, CT Oral Statement............................................... 19 Written Statement............................................ 21 Biography.................................................... 22 Ms. Noel Brown Williams, President, Senior Vice President, and Chief Information Officer, Hospital Corporation of America Information Technology and Services, Inc. Oral Statement............................................... 23 Written Statement............................................ 25 Biography.................................................... 29 Ms. Linda L. Kloss, Chief Executive Officer, American Health Information Management Association, Chicago, IL Oral Statement............................................... 29 Written Statement............................................ 31 Biography.................................................... 48 Mr. Michael Raymer, Vice President and General Manager, Global Product Strategy, GE Healthcare Integrated IT Solutions Oral Statement............................................... 48 Written Statement............................................ 50 Biography.................................................... 53 Mr. Justin T. Barnes, Vice President of Marketing, Corporate Development and Government Affairs, Greenway Medical Technologies, Inc. Oral Statement............................................... 53 Written Statement............................................ 55 Biography.................................................... 57 Discussion....................................................... 58 Appendix 1: Answers to Post-Hearing Questions Dr. David E. Silverstone, Clinical Professor of Ophthalmology and Visual Science, Yale School of Medicine; Assistant Chief of Ophthalmology, Yale-New Haven Hospital; Practicing Ophthalmologist, The Eye Care Group, New Haven, CT............. 72 Ms. Noel Brown Williams, President, Senior Vice President, and Chief Information Officer, Hospital Corporation of America Information Technology and Services, Inc....................... 73 Ms. Linda L. Kloss, Chief Executive Officer, American Health Information Management Association, Chicago, IL................ 75 Mr. Michael Raymer, Vice President and General Manager, Global Product Strategy, GE Healthcare Integrated IT Solutions........ 79 Mr. Justin T. Barnes, Vice President of Marketing, Corporate Development and Government Affairs, Greenway Medical Technologies, Inc.............................................. 81 Appendix 2: Additional Material for the Record Statement of Good Samaritan Hospital on behalf of the Mid- Nebraska Telemedicine Network, provided by Lesley A. Bollwitt- Maria, Director, Grants & Special Projects, Good Samaritan Hospital Foundation............................................ 84 H.R. 2406, To authorize the National Institute of Standards and Technology to increase its efforts in support of the integration of the health care information enterprise in the United States.................................................. 89 MEETING THE NEED FOR INTER-OPERABILITY AND INFORMATION SECURITY IN HEALTH IT ---------- WEDNESDAY, SEPTEMBER 26, 2007 House of Representatives, Committee on Science and Technology, Washington, DC. The Committee met, pursuant to call, at 10:10 a.m., in Room 2318 of the Rayburn House Office Building, Hon. Bart Gordon [Chairman of the Committee] presiding. <GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT> hearing charter COMMITTEE ON SCIENCE AND TECHNOLOGY U.S. HOUSE OF REPRESENTATIVES Meeting the Need for Inter-operability and Information Security in Health IT wednesday, september 26, 2007 10:00 a.m.-12:00 p.m. 2318 rayburn house office building 1. Purpose On Wednesday, September 26, 2007 the Committee on Science and Technology will hold a hearing entitled ``Meeting the Need for Inter- operability and Information Security in Health IT.'' The hearing will examine progress toward the broad use of information technology in health care and the investments in technology and standards development that are needed to create a national system of secure, inter-operable health care information technology. Witnesses will comment on barriers to the implementation of these systems, with an emphasis on the role of technical standards. They will also comment on the need for legislation to push toward the adoption of such standards. This includes a discussion of H.R. 2406. 2. Witnesses Ms. Linda L. Kloss is Chief Executive Officer of the American Health Information Management Association (AHIMA). Dr. David E. Silverstone is Clinical Professor at Yale School of Medicine and Assistant Chief of Ophthalmology at Yale New Haven Hospital. He serves as Chairman of the Health Information Technology Committee of the American Society of Cataract and Refractive Surgery. Mr. Michael Raymer is Vice President and General Manager for Product Strategy and New Business Initiatives at GE Healthcare Integrated IT Solutions. Ms. Noel Williams is President of the Hospital Corporation of America (HCA) Information Technology & Services, Inc. Mr. Justin T. Barnes is Vice President of Marketing and Government Affairs for Greenway Medical Technologies, Inc. 3. Brief overview Information technology (IT) offers enormous potential benefits to U.S. health care. According to the Institute of Medicine, as many as 98,000 people die in hospitals each year from medical errors such as incorrect medications and improper diagnoses, many of which are preventable. A study by the Health Care Information Management Systems Society found that as much as 49 percent of clinical diagnostic testing is performed because previous test results are unavailable when needed. Applications of IT to health care such as electronic health care records (EHRs), computerized ordering of prescriptions and tests, and updated medical information for clinical decision support could save thousands of lives and billions of dollars by reducing medical errors and miscommunication. The entry of IT into the health care arena has been slow and disjointed. Only 12 percent of practices with five or fewer physicians, where most Americans receive their primary health care, have adopted EHRs. The health care industry spends only two percent of revenues on information technology, much lower than the 10 percent average of other information-intensive industries. A key barrier to the adoption of a national, inter-operable health care information technology (HIT) system is the lack of robust, widely accepted technical standards. Despite efforts at the Department of Health and Human Services (HHS) since 2004, such standards have yet to be fully developed and widely promulgated. Moreover, there is also a lack of conformance testing to ensure that products and systems comply with established HIT inter-operability standards. In the absence of these standards and conformance tests, health care providers are reluctant to invest in HIT systems because there is no assurance that they will be able to communicate with other systems. The Federal Government's lead agency for the development and promulgation of technical standards, the National Institute of Standards and Technology (NIST), has been involved with HIT standards development work since 2005. Because of its extensive expertise with issues of system inter-operability, data security and privacy, and consensus standards development, NIST is well positioned to make a larger contribution to HIT standards development work and speed the deployment of a national secure and inter-operable HIT system. On May 21, 2007, Chairman Bart Gordon introduced H.R. 2406, a bill to authorize NIST to increase its efforts in support of the integration of the U.S. health care information enterprise. The bill: (1) directs NIST to establish an initiative for advancing HIT integration and allows it to assist health care representatives and organizations and federal agencies in developing technical roadmaps for HIT standards; (2) requires NIST to develop or adopt existing technology-neutral guidelines and standards to enable federal agencies to effectively select and use HIT systems that are secure, inter-operable, and ensure patient privacy; (3) requires the Department of Commerce to establish a Senior Interagency Council on Federal Health Care Information Technology Infrastructure to coordinate the development and deployment of federal HIT systems, the associated technology transfer, and federal work with private HIT standards development organizations; (4) requires NIST to establish a university grant program for multi-disciplinary research in HIT-related fields; and (5) directs the National High- Performance Computing Program to coordinate federal HIT R&D programs. 4. Issues and concerns What is the true cost of insufficient use of information technology within the U.S. health care system? The burden on U.S. health care due to confusion, miscommunication, insufficient or outdated clinical information and other information shortfalls is enormous. According to a study in the Annals of Family Medicine, miscommunication is a major cause of 80 percent of medical errors, including poor communication between physicians, misinformation in medical records and misfiled charts. Research published in the Archives of Internal Medicine found that there are medication errors in one in five doses given in hospitals and skilled nursing facilities, and seven percent of those errors are potentially life-threatening. A study published in the Journal of the American Medical Association estimates that only slightly more than half of patients receive the known ``best practice'' treatment for their illness. Inter-operable health care information systems could allow physicians to share patient medical information and lab results between hospitals, labs, and clinics; order drug prescriptions; and alert patients of drug recalls much faster than by sharing paper records. While quantitative studies across the entire health care sector are difficult to conduct, several health associations estimate that the potential savings of greater IT adoption by the health care industry run into the tens of billions of dollars. A study published in the journal Health Affairs estimates that a fully inter-operable national health care IT network could yield $77.8 billion per year in savings, or five percent of annual U.S. health care spending. What can the Federal Government do to accelerate the pace of standards development and promulgation leading to inter-operability of HIT systems? Are current federal efforts appropriately leveraging all resources for this effort? In April 2004, President Bush signed an executive order establishing the position of the National Health Information Technology Coordinator (National Coordinator) at the Department of Health and Human Services (HHS). The first National Coordinator announced a plan to achieve health care IT inter- operability nationwide. As part of this plan, HHS signed a memorandum with NIST, transferring $6 million from HHS to NIST to pay for technical work in support of HIT. NIST is the primary U.S. agency for developing and promulgating technical standards in conjunction with industry, standards development organizations, and foreign governments. NIST's current HIT work under the memorandum with HHS may not be fully utilizing NIST's expertise in technical standards, data security and privacy, and electronic commerce, and its familiarity with systems inter-operability and device communication issues. How can a national, inter-operable HIT system be made compatible with privacy and data security concerns? An essential feature of a practical HIT system is that it protect the privacy and confidentiality of patients' medical information. It must also have strong data security provisions, so that medical information cannot be tampered with, altered, or destroyed by unauthorized entities. HIT standards will need to incorporate privacy and security in the original standards design (as opposed to a later addition) in order to ensure that these features will be a central element of a national HIT system. Within the Federal Government, data security standards for all non-classified IT systems are set by NIST, under the framework established by the Federal Information Security Management Act of 2002 (FISMA). In addition, NIST has been deeply involved in the development and adoption of information-exchange standards in electronic business and electronic voting systems, which have related privacy and data-security requirements. What can be done to improve HIT inter-operability within the Federal Government? The Federal Government has not yet adopted inter-operable HIT systems. The largest federal electronic medical records systems-- those of the Departments of Defense (DOD) and Veterans Affairs (VA), and the Bureau of Indian Affairs (BIA)--are not mutually inter-operable or inter-operable with the private sector. The Federal Government should set the gold standard on inter-operability of HIT systems, particularly as the demands on military and veterans' health care infrastructures are increasing due to the wars in Iraq and Afghanistan. Demonstrating the efficiency of inter-operable HIT systems in the federal health care system could also spur private sector adoption of these systems by providing a cost-effective model. What research and development efforts are needed to anticipate and adapt HIT standards for the next generation of medical technologies, human-machine interfaces, and patient needs? With the current pace of biomedical research and information technology, there will doubtless be new demands on HIT systems and new opportunities for IT to play an important role in health care. R&D will be needed to enable the incorporation of new technologies such as voice or facial recognition into HIT systems and to modify HIT systems to respond to new medical treatments and procedures, such as remote surgery and active implantable medical devices. These R&D activities will need to span many disciplines and synthesize work in the medical, biological, engineering, information technology and computer science fields, and others. 5. Background Although the United States is the most technologically advanced nation in the world, the U.S. health care system continues to rely on pen and paper for the bulk of its information needs. From patient medical histories, to prescriptions, to hospital charts, handwritten notations are the basis for patient care information. This system is costly, antiquated, and prone to dangerous or life-threatening medical errors. More than 98,000 Americans die and more than one million patients suffer injuries each year as a result of broken health care practices and system failures. According to the National Academies, between 30 and 40 percent of health care costs--more than half a trillion dollars per year--is spent on ``overuse, under-use, misuse, duplication, system failures, and unnecessary repetition, poor communication, and inefficiency.'' Information technology offers enormous potential benefits to improve the functioning and efficiency of U.S. health care. A fully realized national inter-operable health care IT (HIT) system could reduce errors, improve communication, help eliminate redundancy, and provide numerous other benefits that would protect patients and save up to tens of billions of dollars per year. The central challenge to achieving such a system is inter-operability--the ability of data systems, medical devices and software from different vendors based on a diverse array of platforms to share patient electronic health care records (EHRs), electronic physician orders for lab tests and drug prescriptions, electronic referrals to specialists, electronic access to information about current recommended treatments and research findings, and other information. In February 2006, the Subcommittee on Environment, Standards and Technology of the Committee on Science held a field hearing in Portland, Oregon, titled ``Health Care Information Technology: What Are the Opportunities For and Barriers to Inter-operable Health Information Technology Systems?'' Representatives David Wu and Dave Reichert oversaw the proceedings, whose purpose was to review the potential benefits of IT to both patients and the health care industry, and to determine what actions Federal and State governments and the private sector should take to speed the adoption of inter-operable HIT systems. Witnesses stressed the need for standardization in the HIT industry, and encouraged strong investment by the Federal Government, especially NIST, in standards development and education and training activities for health care providers. 6. Bill summary of H.R. 2406 Section 1. Findings Establishes Congressional findings that the National Institute of Standards and Technology (NIST) is well equipped to address HIT enterprise integration because of its experience with electronic commerce, security, and privacy, as well as health care business through its Malcolm Baldrige National Quality Program. Section 2. Health Care Information Enterprise Integration Initiative Directs NIST to establish an initiative to advance HIT enterprise integration nationally, building on existing efforts at NIST and involving government and industry consortia. Technical activities of this program may focus on standards and inter-operability analysis and the development of technical testbeds, software conformance and certification, security and privacy, medical device communication, data management and retrieval architecture, conformance testing infrastructure, and health care information usability and decision support. The initiative may also include assistance to outside organizations and federal agencies in developing technical roadmaps for HIT enterprise integration, relying on voluntary consensus standards where possible. The Director shall report to Congress annually on these activities. Section 3. Federal Health Care Information Technology Systems and Infrastructure Directs NIST to develop new or adopt existing technology-neutral HIT guidelines and standards for use by federal agencies within six months of enactment. The guidelines and standards shall enable agencies to select HIT systems that provide security and privacy and are inter- operable. They shall promote the use of commercial HIT systems by federal agencies, include conformance-testing procedures, provide privacy profiles, establish inter-operability specifications, and include validation criteria to enable agencies to select appropriate HIT systems. NIST will report annually on the progress toward and barriers to adoption of inter-operable, secure and private HIT systems by federal agencies. Directs the Department of Commerce to establish a Senior Interagency Council on Federal Health Care Information Technology Infrastructure, with responsibilities to coordinate development and deployment of HIT systems across the Federal Government, associated technology transfer, and federal funding for and participation in private standards-development organizations as related to HIT. Section 4. Research and Development Programs Directs NIST, in consultation with NSF, to establish a grant program for institutions of higher education partnering with businesses, non-profits and government laboratories to establish Centers for Health Care Information Enterprise Integration. Grants shall be awarded on a competitive, merit-reviewed basis. The Centers will generate innovative approaches to HIT enterprise integration by conducting research on the interfaces between human information and communications technology systems, voice-recognition systems, inter- operability software, software dependability, metrics of the impact of information technology on health care, health care information enterprise management, and information technology security and integrity. Grant applications shall include descriptions of proposed projects, efforts to foster multi-disciplinary collaboration, and technology transfer and education activities. The National High- Performance Computing Program established by the High-Performance Computing Act of 1991 shall coordinate federal R&D programs related to HIT. Chairman Gordon. I want to welcome everyone today. This hearing is entitled Meeting the Need for Inter-operability and Information Security in Health IT. Before we start with the hearing, we need to take a moment to deal with some committee business, and I am pleased to welcome two new Members to our committee. The first is from California. I am pleased to welcome Ms. Laura Richardson to the Committee. She is a new Member, is also on another committee, and will be coming here soon. So we are glad to have Ms. Richardson. She was a member of the legislature in California and brings expertise in that area. And I also want to welcome Mr. Paul Broun. He brings particular expertise in that he is a physician, and this is a good way to start your first meeting. You should be one of our witnesses, and we want you to be a full participant. And let me say, Dr. Broun, just in quick passing, you haven't been here long, but you have been here long enough to know that there is a little tenseness in the air sometimes. We hope you can find that you can put that aside and feel that you can be comfortable in getting work done. We have had 29 bills out of this committee. All have been bipartisan. All, but one, have been unanimous. Even Dr. Gingrey had a decent bill that came out of here. There hasn't been a Democrat or Republican bill that has been introduced that hasn't gotten prompt action, and we want you, again, to use your expertise to help us to do an even better job. And you are sitting at the right hand of a good mentor, so I would listen to Dr. Ehlers for his good advice. And since we have some new Committee Members, we have to update our Subcommittee rosters. The new Subcommittee roster should be in front of you, and I have asked unanimous consent that the Committee do ratify the Subcommittee rosters. With that taken care of, I will now begin my opening statement. Over the past 20 years, we have experienced a dramatic change in the way we share information because of the rapid emergence of information technology. Nearly every industry across our economy from financial services to media to retail has embraced information technology and integrated it seamlessly into daily operations. Yet the health care industry has lagged far behind. The broad use of IT in the health care sector could have far-reaching benefits, including cost savings in the billions, improved quality of care, and fewer dangerous medical errors. Though there are a number of factors that have contributed to the slow adoption of health IT, I believe one of the most significant is the lack of technical standards for inter-operability and the protection of patient privacy. I will also note that this is an area that Newt Gingrich and Hillary Clinton have agreed upon some time back. I now hope that we can take their agreement and put it into some action. I am sending copies of this legislation to our fellow colleague, Mr. Gingrich, and hope we will have him one day, to come and testify here. According to most estimates, a fully inter-operable health care IT system could save U.S. health care tens of billions of dollars a year and help prevent some of the mistakes that lead to the deaths of over 98,000 patients annually. But meeting the challenge of developing and maintaining such a system is not simple. Most Americans get their primary health care at offices with five or fewer doctors. These small offices cannot easily afford the initial investment in health IT equipment and software or the time for training on these complicated systems. Doctors and health IT developers also face medical-privacy laws that vary state by state, some of which do not support the digital exchange of patient information. Much more work needs to be done to update laws and regulations in order to encourage the adoption of this important technology. And let me not forget that Governor Bredesen of Tennessee and Governor Douglas of Vermont, a Democrat and Republican, have been working on this with the Governor's Association. We were in contact with them just the other day. I hope that we are going to be able to have inter-operability between Congress and the Governor's Association, so they can then push down this uniformity of rules and regulations on the local level. But the biggest barrier to the broad implementation of health IT systems is the lack of technical standards to support inter-operability while protecting data security. It is wasteful to start investing in technology until we know it is inter-operable, as the cost of upgrading to new systems could eat up many immediate cost savings. To achieve inter- operability, we need to have simple technical standards for data formats, data-exchange protocols and other systems- communication needs. These will enable different manufacturers and vendors to build and sell medical software and hardware devices that are based on the same underlying communications technologies. Doctors and hospitals are reluctant to invest in health care IT systems that are not inter-operable with other such systems owned by other health care providers. The National Institute of Standards Technology, NIST, is uniquely positioned to meet this challenge. NIST was instrumental in the guiding the creation of standards for the financial-services industry and others as they transitioned to an IT-based business model. It also sets and maintains the technical standards for the IT security across the Federal Government to protect against data theft and unauthorized access. That expertise is essential for helping to create inter-operable standards for health care IT. In addition to discussing the challenges to implement health care IT systems in the U.S., our witnesses today will also address, I hope, H.R. 2406, which authorizes NIST to increase its efforts to support the integration of the health care-information enterprise in the United States. This bill is not a complete solution to the problem we are discussing today. But it is my hope that it is a starting point for the broad efforts needed on the part of the Federal Government, State governments, and health care and IT industries to move towards a fully inter-operable health care IT system. The bill is based on the recommendations of a report by the President's Information Technology Advisory Committee from 2004 and a study by the National Academies from 2005. It instructs NIST to advance health IT integration while working with health care representatives and federal agencies to develop technical roadmaps for health IT standards. The bill also requires NIST to create or adopt existing technology-neutral guidelines and standards for federal agencies. It directs the Department of Commerce to establish a senior interagency council on federal health IT infrastructure to coordinate the development and deployment of federal health IT systems. And finally, it mandates a university-grant program at NIST for multi- disciplinary research in health-IT-related fields. And thank you, Mr. Wu, for that recommendation. Secure, inter-operable health care IT systems are critical for saving time and money. But we cannot lose focus on the ultimate goal of all health policy, protecting patients' lives as well as saving money. I typically do not tell personal stories during hearings, but if the Committee will indulge me, this drives home the purpose of this legislation. The Committee staffer who has been handling health IT issues is a gentleman named Mike Quear, a very able, capable, bright public servant. Last year, Mike had an open-heart surgery and was diagnosed with diabetes. He was concerned what would happen if he ever needed emergency care, so he started keeping a record of every condition that he had, every specialist that he had visited, and every medication that he was prescribed on a small card in his wallet. Unfortunately, that card became larger and larger as he had additional situations. That card was the only comprehensive record of care that Mike had available to him. This past August, Mike had a stroke and was taken to the hospital where emergency room doctors were immediately able to evaluate his preexisting conditions, contact Mike's team of specialists and provide him with the best care, because they had that card. Now, thankfully, he is now recovering at home, and we welcome him and want him back to finish this legislation. But if those records hadn't been available, who knows what might have happened. I would venture to guess that not many people in this room or in this county take the time to record their medical history on a wallet card, nor should we need to. Technology in this country is far enough advanced that we should be able to expect doctors to access our complete medical records in any emergency situation. So I am eager to hear our witnesses' thoughts and recommendations on how to most effectively promote the broad implementation of health information technology systems in the near future to save money, to save time, and to save lives. [The prepared statement of Chairman Gordon follows:] Prepared Statement of Chairman Bart Gordon I want to welcome everyone to today's hearing on Meeting the Need for Inter-operability and Information Security in Health IT. Over the past 20 years, we have experienced a dramatic change in the way we share information because of the rapid emergence of information technology. Nearly every industry across our economy, from financial services to media to retail, has embraced information technology and integrated it seamlessly into daily operations. Yet, the health care industry has lagged far behind. The broad use of IT in the health care sector could have far reaching benefits, including cost savings in the billions, improved quality of care, and fewer dangerous medical errors. Though there are a number of factors that have contributed to slow adoption of health IT, I believe one of the most significant is the lack of technical standards for inter-operability and the protection of patient privacy. Inter-operable communications for the exchange of information are a requirement for conducting business across the country and around the globe. Unfortunately, the health care industry has not yet adopted common standards to allow for the broad management and transmission of health related information. According to most estimates, a fully inter-operable health care IT system could save U.S. health care tens of billions of dollars a year, and help prevent some of the mistakes that lead to the deaths of over 98,000 patients annually. But meeting the challenge of developing and maintaining such a system is not simple. Most Americans get their primary health care at offices with five or fewer doctors. These small offices cannot easily afford the initial investment in health IT equipment and software, or the time for training on complicated systems. Doctors and health IT systems developers also face medical privacy laws that vary state by state, some of which do not support the digital exchange of patient information. Much more work needs to be done to update laws and regulations in order to encourage the adoption of this important technology. But the biggest barrier to the broad implementation of health IT systems is the lack of technical standards to support inter-operability while protecting data security. It is wasteful to start investing in technology until we know it is inter-operable, as the cost to upgrade to new systems would eat up any immediate cost savings. To achieve inter-operability, we need simple technical standards for data formats, data exchange protocols, and other system communication needs. These will enable different manufacturers and vendors to build and sell medical software and hardware devices that are based on the same underlying communication techniques. Doctors and hospitals are reluctant to invest in health IT systems that are not inter-operable with other such systems owned by other health care providers. The National Institute of Standards and Technology (NIST) is uniquely positioned to meet this challenge. NIST was instrumental in guiding the creation of standards for the financial services industry and others as they transitioned to an IT- based business model. NIST also sets and maintains the technical standards for IT security across the Federal Government to protect against data theft and unauthorized access. That expertise is essential for helping to create inter-operability standards for health IT. In addition to discussing the challenges of implementing a health IT system in the U.S., our witnesses today will be addressing H.R. 2406, which authorizes NIST to increase its efforts to support the integration of the health care information enterprise in the United States. This bill is not a complete solution to the problem we are discussing today. But it is my hope that it is a starting point for the broad efforts needed on the part of the Federal Government, State governments, and the health care and IT industries to move towards a fully inter- operable national health IT system. The bill is based on the recommendations of a report by the President's Information Technology Advisory Committee (PITAC) in 2004 and a study by the National Academies in 2005. It instructs NIST to advance health IT integration while working with health care representatives and federal agencies to develop technical roadmaps for health IT standards. The bill also requires NIST to create or adopt existing technology- neutral guidelines and standards for federal agencies. It directs the Department of Commerce to establish a Senior Interagency Council on Federal Health IT Infrastructure to coordinate the development and deployment of federal HIT systems. And finally, it mandates a university grant program at NIST for multi-disciplinary research in health IT-related fields. Secure, inter-operable health IT systems are crucial for saving time and money. But we cannot lose focus on the ultimate goal of all health policy: protecting patients' health and saving lives. I typically do not tell personal stories during hearings, but if the Committee will indulge me, I want to share a story that drives home the purpose of this legislation. The Committee staffer who has been handling health IT issues for me is a gentleman named Mike Quear. Last year, Mike had open heart surgery and was diagnosed with diabetes. He was concerned what would happen if he ever needed emergency care, so he started keeping a record of every condition that he had, every specialist he visited, and every medication he was prescribed on a small card in his wallet. That card was the only comprehensive record of care that Mike had available to him. This past August, Mike had a stroke and was taken to the hospital, where emergency room doctors were immediately able to evaluate his preexisting conditions, contact Mike's team of specialists and provide him with the best care because they had that card. Thankfully, he's now recovering at home. If those records hadn't been available, who knows what might have happened. I would venture to guess that not many people in this room, or in this country, take the time to record their medical history on a wallet card. Nor should we need to. Technology in this country is far enough advanced that we should be able to expect doctors to access our complete medical records in any emergency situation. I'm eager to hear our witnesses' thoughts and recommendations on how to most effectively promote the broad implementation of health information technology systems in the near future to save money, save time, and save lives. Chairman. Gordon. Mr. Chair--the Chair now recognizes Mr. Hall for an opening statement. Mr. Hall. You can call me Mr. Chair if you want to. Mr. Chairman, I thank you for a good opening statement, and I, too, look forward to learning more about health information technology inter-operability and information security as well as about your bill, H.R. 2406, this morning from our various esteemed panel of witnesses. As a long-term supporter of Mike, what wonderful guy he is, and of course, we keep him in our prayers, and I admire him for keeping that list there. I started doing that some-80 years ago, and my list got so heavy, I couldn't lift it, but Mike is a wonderful guy. He has rendered great service to this committee and to this Congress and to our nation, and we have him on our prayer list. And Mr. Chairman, as a long-term supporter of initiative such as Tele-health for rural communities, I understand the value of health information technologies, and many sectors of our economy rely on information technology to increase efficiency and minimize errors. The health care sector should not be different. We invest 1.7 trillion, annually, in health care, and yet the system is plagued with inefficiency. A recent Rand Corporation study stated that if most hospitals and doctor offices adopted health information technology, the efficiency savings alone would average over $77 billion a year. Of course, the good things they do far outnumber the inefficiencies, but we, at a time like this, point up the lack of efficiencies and hope to look to you as one, two, three, four--five people that know more about it than we do or you wouldn't be there because we write our legislation based on your information and how you back it up, and then we battle it pro or con. But the study found that if hospitals implemented a health information technology system around 200,000 adverse-drug events could be eliminated if they did. It could eliminate that many annually. Despite these obvious benefits, developing a nationwide HIT network is expensive, and of course, as the Chairman said, it is challenging. One of the biggest challenges, I guess, involves sharing information from system to system, also known as inter-operability. We have to develop inter-operable standards so that the systems being developed today and tomorrow will function together smoothly, and in order to address this need, President Bush established the Office of the National Coordinator at the Department of Health and Human Services, and that office has put together a consortium with public and private entitles, including NIST, to develop inter-operability and conformance standards. This consortium, the American Health Information Community, AHIC, has been working over the last few years on this very important task, and I applaud your efforts at bringing a health information technology bill before this committee, Mr. Chairman, and I would like to know more about H.R. 2406 and how it will affect the process currently underway at the Department of Health and Human Services. For instance, it appears that the bill would give NIST overall authority for writing standards, procedures and guidelines for the health care industry. If that is the case, I wonder whether NIST is the best vehicle for full-scale adoption of standards. While I certainly agree that NIST has a role to play, it is my understanding that NIST has never before been a body that has set policy. Instead, they have taken an agreed-upon policy and set about standardizing it. Since there is already a vehicle in place setting policy at AHIC, will this bill derail that process, or will this legislation establish a parallel process between the two agencies, and additionally, I am not sure on where the money will come from for NIST to undertake HIT initiatives. Would it have to come at the expense of other NIST projects and priorities? The Administration asked Congress for $118 million for fiscal year 2008 for HIT, and it looks like Congress will appropriate somewhere between $60 and $70 million. Will NIST projects be cut in order to complete with what the Administration has already undertaken? That is a question that I hope we can answer today. I think it is clear that we are all seeking to improve Health Information Technology Systems as quickly and as smoothly as possible, and I look forward to hearing from all of the witnesses on this important topic, and Mr. Chairman, I really do thank you and yield back the balance of my time. [The prepared statement of Mr. Hall follows:] Prepared Statement of Representative Ralph M. Hall Mr. Chairman, I look forward to learning more about Health Information Technology, Inter-operability and Information Security, as well about your bill H.R. 2406 this morning from our esteemed panel of witnesses. As a longtime supporter of initiatives such as telehealth for rural communities, I understand the value of Health Information Technology. Many sectors of our economy rely on information technology to increase efficiency and minimize errors. The health care sector should not be different. We invest over $1.7 trillion annually in health care, and yet the system is plagued with inefficiency. A recent RAND Corporation study stated that if most hospitals and doctors' offices adopted Health Information Technology, the efficiency savings alone would average over $77 billion a year. Moreover, the study found that if hospitals implemented a Health Information Technology system, around 200,000 adverse drug events could be eliminated annually. Despite these obvious benefits, developing a nationwide HIT network is expensive and challenging. One of the biggest challenges involves sharing information from system to system, also known as inter- operability. We must develop inter-operable standards so that the systems being developed today and tomorrow will function together smoothly. In order to address this need, President Bush established the Office of the National Coordinator at the Department of Health and Human Services and that office has put together a consortium of public and private entities, including NIST, to develop inter-operability and conformance standards. This consortium, the American Health Information Community (AHIC) has been working over the last few years on this important task. I applaud your efforts at bringing a Health Information Technology bill before this committee, and I would like to know more about how H.R. 2406 will affect the process currently underway at the Department of Health and Human Services. For instance, it appears that the bill would give NIST overall authority for writing standards, procedures and guidelines for the health care industry If that is the case, I wonder whether NIST is the best vehicle for full scale adoption of HIT standards. While I certainly agree that NIST has a role to play, NIST has never before been a body that has set policy. Instead, they have taken an agreed upon policy and set about standardizing it. Since there is already a vehicle in place that is setting policy at HHS, will this bill derail that process? Or will this legislation establish a parallel process between two agencies? Additionally, I am unclear on where the money will come from for NIST to undertake HIT initiatives. Will it have to come at the expense of other NIST projects and priorities? The Administration asked Congress for $118 million for FY '08 for HIT, and it looks like Congress will appropriate somewhere around $60 to $70 million dollars. Will NIST projects be cut in order to compete with what the Administration has already undertaken? I think that it is clear that we are all seeking to improve Health Information Technology Systems as quickly and as smoothly as possible. I look forward to hearing from all the witnesses on this important topic. Thank you Mr. Chairman, and I yield back the balance of my time. Chairman Gordon. Thank you, Mr. Hall. I think you raised some very important issues. Let me make it very clear that we are not interested in NIST setting any kind of policy. That should not be the case, but rather, setting standards, not picking winners or losers, but rather setting standards. They also have the entire situation--they have tests so once those standards are developed for both hardware and software they can get the Good Housekeeping Seal of Approval, so that a small firm or a large hospital can invest with the certainty that they are not going to have to see this technology be obsolete soon. So you raised some good questions, and I know those are things we want to get into. Since this is a hearing starting at the Full Committee level--we typically go through regular order of bringing things up through the Subcommittees. But by virtue of the interest in this particular topic, we decided to start at the Full Committee level, but I would like to hear from our Subcommittee Chairman. I would like to now yield to Mr. Wu for his opening remarks. Mr. Wu. Thank you, Mr. Chairman, and thank you for holding this very important hearing. The health sciences continually push the envelope in new technologies, new medicine and new research; however, health care systems lag far behind in information technology capabilities. In an increasingly digital society, paper records are still a primary mode of information transfer in health care. Improving health care IT will make health care more efficient, safer for patients, and a better practice environment for health care professionals and may wind up saving some money. We need technical standards to create a functional, inter-operable IT network, and we should enhance the relationship between the Department of Health and Human Services and NIST so that they can work together to create the standards of the future. As the government agency which is responsible for creating technical standards, NIST is well equipped to address health care IT standards for inter-operability and security. I often note the important role of NIST in metrology. If you can't measure something, it is not really real in terms of science or economics. Similarly, NIST plays a critical role for inter- operability. If there are not standards to guide folks, creating inter-operable IT systems will be extremely difficult, if at all possible. While digitizing medical information will increase efficiency, we must also address the issue of security. NIST can also properly develop standards that not only address inter-operability but the need for proper security measures as well; it has done so in the past. I commend Chairman Gordon for his work to address the issue of health care IT by introducing H.R. 2406. This bill will increase inter-operability and security in health care IT by directing NIST to continue its work in developing standards. Earlier this year, the House passed my bill to train health care IT professionals, who are knowledgeable in both information technology and in health care so that new IT systems don't sit on desktops as dark boxes. As we move forward with the Chairman's bill and develop secure, inter-operable IT systems, we need to ensure these systems can be developed and implemented by trained professionals. Again, I commend the Chairman for his fine work and look forward to the testimony of the witnesses. [The prepared statement of Chairman Wu follows:] Prepared Statement of Chairman David Wu The field of medicine continually pushes the envelope in new technologies, new medicine, new research--which improves our overall ability to stay healthy. However, health care systems lag far behind in information technology capabilities. In an increasingly digital society, handwritten records are still a primary mode of record keeping in health care. Improving health care IT will make health care more efficient, while minimizing medical errors--reducing health care costs and ultimately saving lives. We need technical standards to create a functional, inter-operable IT network. I am pleased with the relationship between HHS and NIST. As the government, which is responsible for creating technical standards, NIST is well equipped to address Health IT standards for inter- operability and security. I often note the importance of NIST's role in metrology. If you cannot measure something, it does not exist. Similarly, NIST plays a critical role for inter-operability. If there is no standard to follow, creating an inter-operable IT system will be difficult. While digitizing medical information will increase efficiency, we must also address the issue of security. The sensitive data of personal medical records requires sufficient security measures are taken into consideration. NIST can also develop standards that not only address inter-operability, but the need for proper security measures as well. I commend Chairman Gordon's for his work to address the issue of Health Care IT by introducing H.R. 2406. This bill will help inter- operability and security issues in Health Care IT by directing NIST to continue its work in developing standards. Earlier this bill, the House passed a bill that will provide technical training to health care professionals regarding Health Care IT. As we move forward with the Chairman's bill, and develop secure inter-operable IT systems, we need to ensure these systems can be implemented by trained staff. I look forward to the testimony of the witnesses, and I yield back. Chairman Gordon. Thank you, Mr. Wu. In continuing to try to answer some of Mr. Hall's very legitimate questions--one was about funding, and I just want to state that the COMPETES Act that was passed overwhelming by Congress and signed by the President this August put NIST on track to double over the next seven years, and we hope this will be a part of that, although not take seven years. And Ms. Richardson, we welcomed you with great flair in absentia earlier, but let me once again point out that Ms. Richardson, as a member of the State legislature in California, comes with a lot of background and expertise. Also as a freshman she had her choice of a lot of committees, and she was a top draft choice because she did come with such a good background, and we are pleased that you chose the Science Committee as one of those committees. So welcome, and you are an official Member of this committee now. Ms. Richardson. Thank you, Mr. Chairman. Chairman Gordon. And Dr. Gingrey, now we welcome your opening testimony. Mr. Gingrey. Mr. Chairman, thank you, and certainly, I do appreciate you giving Chairman Wu and I additional time to address today's hearing. As you know, Health Information Technology is a topic of great importance to me as a physician member, and so I certainly appreciate your holding of this hearing, Mr. Chairman, on developing inter-operability standards for health information technology, an area, as has already been said, of critical importance to our health care system, and an area with so much untapped potential. Health Information Technology is one of the most promising ways to tackle today's problems with skyrocketing health care costs. It has been mentioned by some of my colleagues in regard to the cost savings, but I am quoting an even bigger number and this is based on a recently ran study revealing that inter- operable HIT system, if it is implemented correctly, and of course, widely adopted, could/would save the American health care system more than $162 billion annually. So that is maybe a little bit more than our Ranking Member Hall had said. But who knows? Whether it is $77 billion or $160 billion, you are talking about a lot of money. I mean there is potential for some huge savings in cost. Of course, in addition, there are numerous other advantages that are also extremely compelling. Properly implemented, HIT would enormously increase the efficiency within our health care system by increasing access to things like offsite charting and flagging of charts for follow-up on recommended procedure. It has the potential to eliminate duplicate testing that wastes patients' money and times, and yes, often causes patients unnecessary pain and discomfort. As the Chairman was talking about in reference to our great staff member Michael, what could have happened had he not had the foresight to have that record on his person? Even more vital is the possibility of eliminating medical errors. And not sure of this estimate by the National Institute of Medicine is correct, but a number of years ago, they come out with a study and said something like 90,000 deaths occur in a hospital setting on an annual basis because of medical errors. It may not be 90,000, but if it is 9,000 it is too many. So I see two important roles for the government in Health Information Technology. First, we must make sure that every provider is able to adopt HIT. And secondly, we must ensure that the technology and standards--this is what the Chairman's bill is about--that the technology and standards measure up to the 21st century standards so that Health Information Technology is implemented properly and promptly so that we get the right software. In regard to the first issue, I want to maybe toot my own bill a little bit and let you know that I am sponsoring H.R. 1952 in collaborating with Charles Gonzales of Texas. He is the Subcommittee Chairman on the Small Business Committee. This bill is called the National Health Information Incentive Act of 2007. The bill that I had introduced as a stand-alone is a section of Chairman Gonzales's bill, but it would encourage HIT adoption by proving optional financial incentives to small health care providers and incentives to implement such an infrastructure. And I am so glad that Chairman Gordon has called this hearing to explore the second part of this process, the creation and implementation of HIT inter-operability standards. It is vital that these standards are developed in the most efficient way to ensure that HIT is not only implemented quickly but properly and promptly. And I am looking forward, Mr. Chairman, to hearing from our witnesses, and I thank them all for being here today. [The prepared statement of Mr. Gingrey follows:] Prepared Statement of Representative Phil Gingrey Mr. Chairman, I appreciate your giving Chairman Wu and I additional time to address today's hearing. As you know, health information technology is a topic of great importance to me as a physician Member of this body--so I appreciate your holding this hearing on developing inter-operability standards for Health Information Technology--an area of critical importance to our health care system and an area with so much untapped potential. Health Information Technology is one of the most promising ways to tackle today's problem of skyrocketing health care costs. A recent RAND study reveals that an inter-operable HIT system that is implemented correctly and widely adopted would save the American health care system more than $162 billion annually. In addition, there are numerous other advantages that are also very compelling. Properly implemented HIT would enormously increase the efficiency within our health care system by increasing access to off- site charting and flagging charts for follow-up on recommended procedures. It has the potential to eliminate duplicate testing that wastes patients' money and time and often causes patients unnecessary pain and discomfort. Even more vital is the possibility of eliminating medical errors that that lead to almost 100,000 deaths each year. I see important roles for the government in promoting Health Information Technology. First we must make sure that every provider is able to adopt HIT. Secondly, we must ensure that the technology and standards measure up to 21st century standards so that health information technology is implemented properly to promote the inter- operability of HIT software. To address the first issue I am sponsoring H.R. 1952, in collaboration with Rep. Charles Gonzales from Texas. This bill is called the National Health Information Incentive Act of 2007. My bill would encourage HIT adoption by providing optional financial incentives to small health care providers and entities to implement such an infrastructure. I am so glad that Chairman Gordon has called this hearing to explore the second part of this process, the creation and implementation of HIT inter-operability standards. It is vital that these standards are developed in the most efficient way to ensure that HIT is not only implemented quickly but properly. I want to again thank the Chairman for taking the initiative on this important matter, and look forward the witness testimony. Chairman Gordon. Thank you, Dr. Gingrey. I know you would rather hear them than me. But I am so passionate about his. I just want to follow up on something you said about the savings. You know, right now, we spend more per capita on health care than any other nation in the world, yet as you know, we are struggling--we have different ways we want to do it--but struggling to get all children to be able to have health care. Right now, as you well know, there is a 10 percent cut looming for doctors in terms of their Medicare reimbursement. But it is the fastest-growing part of the federal expense; it is the fastest-growing part of our individual--in most cases, our expenses. But we are already spending so much as a nation; it is hard to just keep stacking more money on. And so if we are going to meet these needs, we have got to find a way to find efficiencies within this system. This is a way. We don't know whether it is tens of billions or hundreds of billions, but we know it is many billons of dollars that can be saved, and with these savings, hopefully we can capture and use those for those other needs within this health care system that are so important to our nation. And so we are going to work together on this bill. We have got other bills we are going to work together on, and I think we are going to meet those needs. [The prepared statement of Mr. Costello follows:] Prepared Statement of Representative Jerry F. Costello Mr. Chairman, thank you for calling today's important hearing to examine the need for inter-operability and information security in health care information technology (HIT) and legislation that authorizes the National Institute of Standards and Technology (NIST) to increase its efforts in this area. The Science and Technology Committee strives to accelerate research, development, and advancements in new technology and processes. With all of the advancements in medicine and tools in the medical industry, it is shocking to see more than 98,000 people in hospitals die from medical errors, including incorrect medications or improper diagnosis. Further, it is frustrating that because of high costs, at a time when our nation has access to the most sophisticated health care technology, as much as 49 percent of clinical diagnostic testing is performed due to the lack of accessibility to previous test results. These issues can be addressed and I believe we owe it to the American people to find solutions to the current challenges in successfully implementing HIT. Having stated the above, there are obvious vital areas, such as unifying national standards, developing security protections to ensure patient's information, and addressing the financial costs associated with research, development, and full implementation of HIT, that must be addressed. Technological advancements in the health care industry have been enormous. Today, I believe we will hear many of the great accomplishments that have occurred in working towards HIT as well as the challenges we must overcome to successfully implement HIT. I believe we must identify and recognize the work that we have accomplished up to this point and be cautious as to not undo these advances. Instead, we should build around them with a focus on the barriers that exist to succeeding in implementing such a system. I thank the witnesses for appearing before our committee and look forward to their testimony. [The prepared statement of Mr. Mitchell follows:] Prepared Statement of Representative Harry E. Mitchell Mr. Chairman, Thank you for organizing this morning's hearing on inter- operability and security in health care information technology. This is an issue that has come up in my work on the Committee on Veterans Affairs. The Departments of Veterans' Affairs and Defense are working on some demonstration projects in this area and I am eager to learn if we are applying any of the lessons learned from their effort on a system wide basis. To date, the Federal Government has struggled to develop and define widely acceptable technology for a national, inter-operable health care technology system. In 2004, the Department of Health and Human Services was charged to take the lead in developing and implementing a nationwide inter-operable health IT (HIT) infrastructure to improve quality and efficiency in health care. One obstacle inhibiting progress in this effort is the lack of widely accepted technical standards. The lead agency for developing and disseminating technical standards is the National Institute of Standards and Technology (NIST). Developing technical standards that work is NIST's expertise. It is experienced in dealing with issues of systems inter-operability, data security, privacy issues, and standards development. The subject of health information technology produces an eye- glazing effect on most Americans. Nonetheless, it is a critical factor to making our health care system more efficient and economical and to improving the quality of patient care. Research conducted by the Committee staff in preparation for this hearing notes that ``98,000 Americans die and more than one million patients suffer each year as a result of broken health care practices and system failures.'' Improvements in information technology can reduce the incidence of medical error, produce billions in savings in health care expenditures, and better protect patients. The significance of this matter cannot be understated. . .improvements in health care information technology is critical to patient safety. I look forward to hearing from today's witnesses, especially in regard to legislation our esteemed Chairman has introduced, H.R. 2406, a bill designed to support NIST's efforts to advance the progress of health information technology integration nationally. Mr. Chairman, that concludes my remarks, and I yield back the balance of my time. Chairman Gordon. Now, at this time, I would like to introduce our witnesses. We are glad you are here. First is Dr. David Livingstone. He is a clinical Professor at Yale School of Medicine and a doctor with the Eye Care Group in Connecticut. He is testifying on behalf of the Alliance of Specialty Medicine, and he was an advisor early on, and again, I thank you for helping. Ms. Noel Williams is the President of the Hospital Corporation of America, HCA for the ones of you that aren't in our area, Information Technology and Services. She is testifying on behalf of the American Hospital Association, and welcome, neighbor. Ms. Linda Kloss is the Chief Executive Officer of the American Health Information Management Association. We welcome you. And Dr. Michael Raymer is the Vice President and General Manager of product strategy and new business initiatives at GE Healthcare Integrated IT Solutions. GE has certainly been a leader in this area. And Dr. Gingrey, I know you have a witness here today, and I would like for you to introduce him. Dr. Gingrey. Mr. Chairman, thank you for giving me that opportunity, and the opportunity to have a witness from my district, the 11th of Georgia, the Northwest portion of the State. I have nine counties, and our witness is from Carrollton, Georgia, in Carroll County, almost-Alabama, I call it. But that is Mr. Justin Barnes. I have known Justin for a number of years. He has worked very diligently as Vice President of marketing and corporate development and government affairs for the Greenway Medical Technologies Company in Carrollton, Georgia, and they develop a lot of software programs and have been at this for a number of years. They have recruited, actually, some general surgeons and some OB-GYNs from the community and have many, many years of clinical experience and practice who are now working with the company in the development--well, actually they have developed very impressive software programs for those specialties in particular, general surgery and OB-GYN, and it is something that is out there on the market and working very well. Justin is such a smart young man, I thought, surely, he was a graduate of Georgia Tech, but I had to go over and speak to him to make sure about that. And he said, no, Congressman, I am a graduate of U. Mass. I won't try to Massachusetts, because I don't do very good--but a graduate of U. Mass in legal studies. And I very proud to welcome one of our witnesses, Mr. Justin Barnes from Greenway. Thank you. Chairman Gordon. And do you know, did he have a son that played on the Little League team? Didn't you just win the world's championship? And that is what? Two out of three? Dr. Gingrey. That is right, Mr. Chairman, two out of three. I think one time Macon, and this last time Columbia, not Carrolton, but pretty close. Chairman Gordon. So Dr. Silverstone, if you would, please, you can begin with your opening statement. Dr. Silverstone, if you will, hit the button there to make it turn on, we will all hear you better. STATEMENT OF DR. DAVID E. SILVERSTONE, CLINICAL PROFESSOR OF OPHTHALMOLOGY AND VISUAL SCIENCE, YALE SCHOOL OF MEDICINE; ASSISTANT CHIEF OF OPHTHALMOLOGY, YALE-NEW HAVEN HOSPITAL; PRACTICING OPHTHALMOLOGIST, THE EYE CARE GROUP, NEW HAVEN, CT Dr. Silverstone. Wow, that sounds different. Okay, Mr. Chairman, and Members of the Committee, thank you for holding this hearing on health information technology and the need for inter-operability standards that will promote and support the integration of private and secure health information enterprises. I appreciate the opportunity to present the perspective of specialty physicians on your legislative proposal, H.R. 2406, which is pending before the Committee. I am David Silverstone. I am a practicing ophthalmologist at the Eye Care Group in New Haven, Connecticut, where I am also a clinical professor of ophthalmology and visual science at the Yale School of Medicine and the assistant chief of ophthalmology at Yale-New Haven Hospital. I serve as the Chair of the American Society of Cataract and Refractive Surgery's (ASCRS) Subcommittee on Health Information Technology as well as the ASCRS liaison to the American Society of Ophthalmic Administrators Executive Board. Today, I am here representing the Alliance of Specialty Medicine, a coalition of 11 medical societies, representing nearly 200,000 specialty physicians. First, we would like to thank you for your efforts to advance health information technology, HIT, legislation and for including specialty physicians in the development process. We believe that your legislation, H.R. 2406, which authorizes the National Institute of Standards and Technology to enhance efforts to integrate health information enterprises in the United States, will help to promote the widespread adoption of effective HIT. Health information technology has the potential to increase efficiency and quality of care, but this cannot be achieved until we have effective standards of communication and interaction among systems. In addition, the technology has the potential, as you have all indicated, to significantly lower costs in the health care industry. In addition, we support the development of an electronic-information network that is reliable, inter-operable, secure, and protects patient privacy. Specialty physicians have been and continue to be actively engaged in the quality-improvement area. Through the development of measure specifications for service and the development of a rational system for collecting, aggregating, and reporting data across numerous public and private insurance programs in the least burdensome way, we have played a pivotal role in shaping the future of our health care-delivery system. However, in order to continue making progress in these areas, we believe that specialty physicians, and indeed all health care providers, must employ reliable and secure HIT systems. These systems are a needed and an essential component that will help us to continue to participate in these programs and to improve the quality of care we provide to our patients. In addition, these systems will help us to harness medical knowledge to enable health care providers to deliver the most effective and up-to-date medical information in an efficient and cost-effective manner. As you know, the adoption of electronic health care records and other health-related information technology has been slow to say the least. According to the e-Health Initiative, the health care industry invests only two percent of its revenues in IT, whereas other information-intensive industries, such as financial services, invest 11 percent of revenues in IT in order to improve the quality, diversity and efficiency of their products and services. We agree that in this age of rapid technology advancement, the slow adoption of health IT by the health care industry is undesirable. The absence of an efficient HIT system is hampering the integration of effective treatment plans into mainstream medicine, the effective and efficient evaluation of current practices and efforts to improve both the quality of medical care and the cost- effectiveness of health care delivery. We believe that an effective quality-improvement program must incorporate the use of HIT while recognizing the considerable administrative costs that physicians and other health professionals would incur for participating in such a program. Most physicians and other health professionals lack the necessary health IT and administrative infrastructures to participate in the majority of quality-improvement programs for physician services. As you know, the typical American small physician practices and physicians not employed by large institutions will continue to face challenges in financing the purchase of integrated HIT systems. In addition, many progressive practices that were early adopters of HIT are now finding themselves with costly systems that are now out of date. The cost of updating these systems will be too great to bear in the light of the pending health care service reimbursement reductions and the lack of inter-operability standards. Most physicians do not have HIT systems and are watching and waiting. They do not feel confident making such a large investment in health IT because of the cost and the uncertainty of future system compatibility. Therefore, as Congress addresses this legislation and similar legislation in the future, we hope that additional efforts to promote health IT and inter-operability include more financial assistance for physicians to obtain HIT. Efforts to ease the burden on physicians seeking to purchase health information technology, especially in the face of annual updates below medical inflation due to the falling sustainable growth rate formula are greatly appreciated and also essential. Your bill, which would accelerate the development of inter- operability guidelines and standards is both a necessary and essential step in developing and utilizing IT effectively and efficiently in our health care system. IT systems must use common standards for data transmission, data sharing, medical terminology, communications, security, and other features. Developing these inter-operability standards will allow disparate IT systems and software applications to communicate, exchange data and use that information to both improve the quality of care provided to our nation's patients and to decrease the cost of providing that care. We concur that NIST, with its experience and expertise in electronic commerce, information technology, security and privacy, coupled with the health care component of the Malcolm Baldrige National Quality Program, and its expertise in working with the information technology and health care industries is well equipped to address the clinical challenges posed by health information enterprise integration. [The prepared statement of Dr. Silverstone follows:] Prepared Statement of David E. Silverstone Mr. Chairman and Members of the Committee, thank you for holding this hearing on health information technology and the need for inter- operability standards that will promote and support the integration of private and secure health information enterprises. I appreciate the opportunity to present the perspective of specialty physicians on your legislative proposal, H.R. 2406, which is pending before the Committee. I am David Silverstone. I am a practicing ophthalmologist at The Eye Care Group in New Haven, Connecticut where I am also a Clinical Professor of Ophthalmology and Visual Science at the Yale School of Medicine and the Assistant Chief of Ophthalmology at Yale-New Haven Hospital. I serve as the Chair of the American Society of Cataract and Refractive Surgery's (ASCRS) Subcommittee on Health Information Technology, as well as the ASCRS liaison to the American Society of Ophthalmic Administrator's Executive Board. Today, I am here representing the Alliance of Specialty Medicine--a coalition of 11 medical societies, representing nearly 200,000 specialty physicians. First, we would like to thank you for your efforts to advance health information technology (HIT) legislation and for including specialty physicians in the development process. We believe that your legislation, H.R. 2406, which authorizes the National Institute of Standards and Technology (NIST) to enhance efforts to integrate health care information enterprises in the United States, will help to promote the wide spread adoption of effective HIT. Health Information Technology has the potential to increase efficiency and quality of care but this cannot be achieved until we have effective standards for communication and interaction among systems. In addition, the technology has the potential to significantly lower costs in the health care industry. Furthermore, we support the development of an electronic information network that is reliable, inter-operable, secure, and protects patient privacy. Specialty physicians have been and continue to be actively engaged in the quality improvement arena. Through the development of measure specifications for services and the development of a rational system for collecting, aggregating, and reporting data across numerous public and private insurance programs in the least burdensome way, we have played a pivotal role in shaping the future of our health care delivery system. However, in order to continue making progress in this area, we believe that specialty physicians, and indeed all health care providers, must employ reliable and secure health information technology systems. These systems are a needed and essential component that will help us to continue to participate in these programs and to improve the quality of care we provide to our patients. In addition, these systems will help us to harness medical knowledge to enable health care providers to deliver the most effective and up-to-date medical care in an efficient and cost effective manner. As you know, the adoption of electronic health care records and other health-related information technology (IT) has been slow, to say the least. According to the e-Health Initiative, the health care industry invests only two percent of its revenues in IT, whereas other information intensive industries, such as financial services, invest 11 percent of revenues in IT in order to improve the quality, diversity and efficiency of their products and services. We agree that in this age of rapid technological advancement, the slow adoption of health IT by the health care industry is undesirable. The absence of an effective health information technology system is hampering the introduction of effective treatment plans into mainstream medicine, the effective and efficient evaluation of current practices, and efforts to improve both the quality of medical care and the cost effectiveness of health care delivery. We believe that an effective quality improvement program must incorporate the use of health IT, while recognizing the considerable administrative costs that physicians and other health professionals would incur for participating in such a program. Most physicians and other health professionals lack the necessary health IT and administrative infrastructures to participate in the majority of quality improvement programs for physicians' services. As you know, the typical American small physician practices and physicians not employed by large institutions will continue to face challenges in financing the purchase of integrated HIT systems. In addition, many progressive practices that were ``early adopters'' of HIT are now finding themselves with costly systems that are now out-of-date. The cost of updating these systems will be too great to bear in light of pending health care services reimbursement reductions and the current lack of inter-operability standards. Most physicians do not have HIT systems and are ``watching and waiting''; they do not feel confident making such a large investment in health IT because of the cost and the uncertainty of future system compatibility. Therefore, as Congress addresses this legislation or similar legislation in the future, we hope that additional efforts to promote health IT and inter-operability include more financial assistance for physicians to obtain health IT. Efforts to ease the burden on physicians seeking to purchase health information technology, especially in the face of annual updates below medical inflation due to the flawed sustainable growth rate (SGR) formula, are greatly appreciated but also essential. Your bill, which would accelerate the development of inter- operability guidelines and standards, is both a necessary and essential step in deploying and utilizing IT effectively and efficiently in our health care system. IT systems must use common standards for data transmission, data sharing, medical terminology, communications, security and other features. Developing these inter-operability standards will allow disparate IT systems and software applications to communicate, exchange data and use that information to both improve the quality of care provided to our nation's patients and to decrease the cost of providing that care. We concur that NIST, with its expertise in electronic commerce, information technology, security and privacy, coupled with the health care component of the Malcolm Baldrige National Quality Program and its expertise in working with the information technology and health care industries, is well equipped to address the technical challenges posed by health care information enterprise integration. As you know, an integrated information enterprise is critical for useful HIT. Involving an entity, such as NIST, with the capacity to promote guidelines and standards in the public and private sectors will encourage functional uniformity among HIT products. Current problems resulting from the fragmentation of health care in the United States would be greatly diminished and physicians will be able to choose products that conform to specific practice needs, while also ensuring adequate and appropriate information is available to other providers. In addition, encouraging inter-operability between entities through research and development grants to institutions of higher education and for profit/non profit centers that promise to form ``Centers for Health Care Information Enterprise Integration'' will establish a precedent of the importance of inter-operability. It is also essential to identify, early-on, any problems with HIT in order to minimize costs and mitigate risks prior to widespread adoption. A realistic timeline for HIT adoption should allow ample time to develop, test, and validate appropriate HIT criteria, standards and guidelines. Physicians, largely inexperienced with HIT, will also benefit from a timeline that allows sufficient time to acclimate to a new system. On behalf of the Alliance for Specialty Medicine, thank you for your leadership in advancing the quality of our health care system by addressing the needs of the health care industry in the area of HIT. And, thank you again for continuing to include specialty physicians, those as myself who will be most affected by practice changes, in the process. We applaud the leadership of Chairman Gordon for an extremely well thought out plan that promotes the adoption of HIT by authorizing NIST and others with expertise in the area of technical standards development to take on this monumental task. The Alliance stands ready to work with the Chairman and this committee on this legislation and the rapid implementation of inter-operability standards. At this time, I would be happy to answer questions from the Committee Members. Thank you. Biography for David E. Silverstone David E. Silverstone, M.D., founded Temple Eye Physicians in 1977, which merged with Ophthalmic Surgical Associates in 2001 to form The Eye Care Group. He specializes in cataract and lens implant microsurgery and glaucoma and is board-certified by the American Board of Ophthalmology. Dr. Silverstone received his undergraduate degree from Columbia College and his medical degree from New York Medical College. He completed his ophthalmology residency, a glaucoma research fellowship, and a chief residency at Yale. He did a fellowship in Intraocular Lens Implantation at New York Medical College. Dr. Silverstone is a Clinical Professor and Assistant Chief of Ophthalmology at Yale. He has served as the Chief of ophthalmology at the West Haven VA Hospital and is on staff at the Temple Surgical Center and the Hospital of Saint Raphael. He was part of the Yale team that developed Timolol, the first modern medication for the treatment of glaucoma and has developed computer software that has been adopted by ophthalmologists nationwide. Dr. Silverstone serves as the Director of Continuing Medical Education for the American Society of Cataract and Refractive Surgery and sits on the Governing Board of Directors of the American Society of Ophthalmic Administrators and the National Board of Certified Ophthalmic Executives. He is also a fellow of the American Academy of Ophthalmology, which has awarded him its Honor Award, and serves on the Executive Committee of the Connecticut Society of Eye Physicians. He is also a member of the New England Ophthalmologic Society, the Connecticut Glaucoma Society, the Connecticut State Medical Society, the Association for Research in Vision & Ophthalmology and the American Public Health Association. Chairman Gordon. Thank you, Dr. Silverstone. Your full testimony is a part of the record, and we are not strict on our five minutes, but you are already three-and-a-half over, so we would want you to explore more of your interests as we go into the questions. And so I will say, we have everybody's testimony; we have reviewed that. And you know, Beulah doesn't honk at five minutes, and so we want you to get your full thoughts in, but we want to try to move along in an expeditious way. So Ms. Williams, you are next. STATEMENT OF MS. NOEL BROWN WILLIAMS, PRESIDENT, SENIOR VICE PRESIDENT, AND CHIEF INFORMATION OFFICER, HOSPITAL CORPORATION OF AMERICA INFORMATION TECHNOLOGY AND SERVICES, INC. Ms. Williams. Good morning, Mr. Chairman. I am Noel Williams, Senior Vice President and Chief Information Officer for Hospital Corporation of America, better known as HCA. Of our 192 HCA hospitals, 20 are in 11 Congressional districts, represented by this committee, with over 16,000 employees. On behalf of the American Hospital Association's nearly 5,000 member hospitals, health systems and other health care organization and our 37,000 individual members, I appreciate this opportunity to address the Committee on the importance of inter-operability and security in health information technology. The mission of America's hospitals is caring for patients. Every day, the women and men of our hospitals strive to improve the safety and quality of the care they provide. Research has shown that certain kinds of IT such as electronic health records, computerized physician order entry, computerized decision-support system and bar coding for medication administration can limit errors and improve care as well as lower cost and improve efficiency. Hospitals have been pioneers in harnessing the power of IT for improvement. Our challenge now is to extend the use of IT to all hospitals, large and small, in both urban and rural areas. Last year, the AHA conducted a survey to assess the state of IT implementation in America's hospitals. Half of hospitals indicated a moderate or high use of IT, up from 37 percent in 2005. Overall, IT use was higher at larger, urban, and teaching hospitals, and not surprisingly, those with positive financial margins. These hospitals also reported rates of growth in their use of IT compared to their small and rural counterparts. Despite these impressive gains, there are still obstacles to the goal of universal IT adoption. Hospitals continue to cite cost as a major barrier. Hospitals currently bear almost all of the cost with no increase in payment for the use of these new technologies. And the benefits of IT such as decreased need to repeat tests, lower readmission rates, and shorter lengths of stay accrue to those who pay for care by reducing their costs. A lack of inter-operability with current IT systems also poses a significant challenge for hospitals. In 2006, 79 percent of hospitals listed inter-operability as either a significant or somewhat of a barrier, compared with 77 in 2005. We commend you, Mr. Chairman, for introducing H.R. 2406 and for your recognition of the critical role health IT plays in improving health care delivery in America. Legislation can help create a policy environment in which technology can be best used to support a safer more efficient health care system. We support the bill's assertion that confidentiality and security must be underlying components of any IT standards that may be developed or adopted as a result. Hospitals have and will continue to work diligently to ensure the confidentiality and security of personal health information. We also agree with the assessment of the National Institute of Standards and Technology. This organization has, through its standards and process-development work in many industries, established itself as a valuable resource to both the private and public sector, but there are already many, perhaps too many duplicative efforts launched by the government in attempts to speed health care IT adoption. In the past few years alone, the government has created or partially funded several overlapping initiatives. These organizations lack coordination. The AHA believes that what is needed to speed the adoption of health IT in America is a common vision for the future of health IT, a roadmap and timeline for change, a detailed implementation plan, developed together with key stakeholders that articulates each stakeholder's roles and responsibilities. We are concerned that H.R. 2406 could give NIST overlapping responsibilities without addressing the key needs of a national inter-operative health IT network. NIST's core competencies are measure science, rigorous tracibility, and the development and use of standards. While these competencies, combined with NIST's resources could serve as a resource to the public and private sector, NIST is likely not the organization to provide the transformational leadership required in health care. NIST could develop resources for health care providers as it has done for manufacturing to help hospital leaders, while striving to achieve higher standards of quality, safety and efficiency, who are limited to local influence. They, therefore, must look to national leadership to create an environment that will enable them to make significant investments in IT. There must be a reasonable expectation on the part of hospitals that they are heading towards the same goal and using the same measures of success as every other hospital in the country. Mr. Chairman, it is the mission of every hospital in every community in America to provide the best care possible, and health IT is a crucial tool to providing safe and effective care to the right patient, in the right setting at the right time. We look forward to working with this committee to forge ahead towards a shared goal of improving the reach of health IT, and as a result our nation's health care community. [The prepared statement of Ms. Williams follows:] Prepared Statement of Noel Brown Williams Good morning, Mr. Chairman. I am Noel Williams, President of HCA Information Technology & Services, Inc., a subsidiary of the Hospital Corporation of America (HCA). I also have the privilege of serving as Senior Vice President and Chief Information Officer for HCA, where I am responsible for the day-to-day operation of HCA's extensive information technology systems and services, as well as the development of our overall technology strategy. On behalf of the American Hospital Association's (AHA) nearly 5,000 member hospitals, health systems and other health care organization, and our 37,000 individual members, I appreciate the opportunity to speak to you and your colleagues about the importance of inter-operability and security in health information technology (IT). STATE OF IT ADOPTION IN AMERICA'S HOSPITALS AND HEALTH SYSTEMS The mission of America's hospitals is caring for patients, and every day the women and men of our hospitals strive to improve the safety and quality of the care they provide. Research has shown that certain kinds of IT--such as computerized physician order-entry (CPOE), computerized decision support systems and bar-coding for medication administration--can limit errors and improve care. IT also can be a tool for improving efficiency and costs. Hospitals have been pioneers in harnessing IT to improve patient care, quality and efficiency; the challenge now is to extend its use and integrate it into the routine care processes in all hospitals, large and small, in both urban and rural areas. A 2006 AHA survey of hospitals and health systems sought to assess the state of health IT implementation in America's hospitals. The survey included questions about the use of IT applications such as CPOE and electronic health records (EHRs), perceived barriers to implementation, IT financing and the use of non-clinical IT applications. Over 1,500 hospitals (about one-third of the field) responded to the survey. The data again indicated that hospitals are making great strides in embracing health IT: about half of the respondents indicated a moderate or high use of IT, up from 37 percent in 2005. This figure was determined by the number of clinical IT functions a hospital had fully implemented, such as medication order-entry, test results review or clinical alerts. Over two-thirds of hospitals reported either fully or partially implemented electronic health records. Larger, urban and teaching hospitals were more likely to have fully implemented EHR systems, and accounted for 11 percent of the total. Use of CPOE is also becoming more common. In 2006, at 10 percent of hospitals, physicians routinely ordered medications electronically at least half of the time. For laboratory and other tests, orders were placed electronically at least half of the time in 16 percent of hospitals. One of the most dramatic changes from year to year was in the use of computerized alerts designed to prevent negative drug interactions. In 2006, 51 percent of hospitals used real-time drug interactions alerts, up from 23 percent the year before. As with EHR systems, general health IT use was higher at larger, urban and teaching hospitals, as well as those with positive financial margins. These hospitals also reported greater rates of growth in their use of IT than their smaller and rural counterparts. Despite these impressive gains, there are still obstacles to the goal of universal IT adoption, and, not surprisingly, cost issues top the list. Ninety-four percent of hospitals reported that the initial costs of adoption were a significant or somewhat of a barrier to IT adoption, down just one percent from 2005. Smaller hospitals were more likely to see costs as a barrier, but even the largest hospitals struggle to afford health IT. Accelerating adoption across the hospital field will require a shared investment between providers, payers and purchasers. Hospitals currently bear almost all the costs of IT investment, with no increase in payment for the use of these new technologies. However, many of the financial benefits of IT, such as decreased need for repeat tests, lower re-admission rates, and shorter lengths of stay, accrue to those who pay for care. The lack of inter-operability with current IT systems also poses a mounting challenge for hospitals. In the 2006, 79 percent of hospitals listed this issue as either a significant or somewhat of a barrier, compared with 77 percent in 2005. PRINCIPLES FOR REALIZING THE PROMISE OF HEALTH IT As the survey demonstrates, an increasing number of hospitals and health systems are harnessing the power of health IT to improve quality, safety and efficiency. However, the hospital field is now challenged to extend the use of IT and integrate it into routine care processes in hospitals big and small, urban and rural. The AHA strongly supports the growing use of health IT. As Congress and the Administration consider ways to encourage increased adoption and greater information exchange, we will continue to advocate for solutions that address major barriers to realizing the promise of health IT. The AHA believes the following principles should guide efforts to extend IT use in health care: IT is an enabling tool for improving the quality and safety of care. Technology adoption is not a goal in and of itself. Investments should be driven by quality and safety improvements that can be brought about by technology. A lack of standards is not the problem. Both adoption and information sharing will increase when health information and IT applications are more standardized. For example, to have data at the point of care, laboratory information systems need to be integrated with pharmacy systems and the patient's health record. Currently, hospitals devote considerable staff and financial resources to creating interfaces between systems or other IT ``workarounds.'' The problem is we need to select a single set of standards and get consensus among health care stakeholders to use those standards. Greater standardization across information technologies, and improvements that make IT systems easier for caregivers to use, would facilitate adoption. Information exchange requires even greater standardization across care settings, such as a physician's office and a hospital's emergency department. Standards-setting organizations have already developed many different standards, and the sheer volume of standards from which to choose is stunning. A survey conducted by the National Alliance for Health Information Technology discovered over 2,000 standards related to health IT, and over 400 organizations that either create, maintain or license those standards. Standards are needed not just for the useful exchange of data, but also for a smarter application of IT throughout the health care setting. For example, standards can help hospitals prevent errors in medication ordering and administration, allow hospitals to verify patients' medications, integrate data from IV pumps and other medical devices and exchange data between CPOE and pharmacy systems. A first standard needed in this area is unique identification of medications at the unit dose level using a standard that is common across all settings. Hospitals now use many different medical devices that produce digital health information, including IV pumps, ventilators, pulse oximeters, and others. We could improve safety if hospitals could connect the pieces of equipment so that, for example, data from an IV pump can be shared with a monitor and a ventilator. Another first standard needed is a communication standard for medical devices. And we still lack the most basic of all--a standardized way of matching individual patients to their records. Information exchange should be promoted as a public resource. Improved care comes when the right information is available to the right provider at the right time. Data cannot belong to an organization, physician or vendor. The community and regional organizations that will emerge to accomplish this will require governance structures that both promote exchange and articulate the value of doing so. Funding. Health IT is costly. Most of the initial cost is borne by hospitals, while the financial benefits often flow downstream to other providers, payers and employers. For this reason, the AHA believes that providers and payers must share these investments. Moreover, maintenance costs are significant. Adoption of health IT is more difficult for small and rural hospitals because they likely have a less developed infrastructure and less staff support (both technical and administrative). Increased Medicare payments to support the ongoing costs of IT, as well as low-interest loans and grants to support both hospitals' initial investments in IT and the development of health information exchange projects are needed. Regulatory relief. Many physicians do not have the financial or technical resources needed to navigate the complex IT market. As a result, despite the links to improved quality of care, only about 20 to 25 percent of physicians use EHRs. To facilitate the sharing of clinical information and improve patient care, hospitals with more advanced IT systems than the physicians practicing in their community may want to provide physicians with hardware, software, connectivity or other assistance that would allow them to maintain EHRs for their patients and share clinical data with the hospital. However, hospitals cannot do so because of physician self-referral, or ``Stark,'' regulations. Some regulatory relief has recently been granted in this area: The hospital field would like to see this made permanent in law. A single set of privacy laws. The multiplicity of privacy rules from local, State and Federal Governments, accrediting bodies and other organizations makes compliance difficult and can interfere with patient care. Simply identifying all of the relevant rules can be a monumental task, let alone determining how to comply when the laws may conflict. A single set of privacy rules is needed to facilitate the use of IT and ensure access by health care providers to needed information at the point of care. Specifically, federal privacy laws as laid out in the Health Information Portability and Accountability Act (HIPAA) should preempt State and local privacy laws. A uniform approach to matching patients to their records. The electronic exchange of health information requires a consistent, reliable mechanism for matching patients to their records. This is best achieved with an individual health information authentication number. Without a single authentication number, there are serious safety risks that could arise from attributing a medical record to the wrong individual. For individuals with common names, a cluster of demographic information may not be sufficient to distinguish between the 37-year- old Mary Jones with diabetes and a penicillin allergy and the 37-year- old Mary Jones in perfect health. Mixing up their records could have serious consequences. VIEWS ON H.R. 2406 We commend you Mr. Chairman and the other co-sponsors of H.R. 2406 for your recognition of the critical role health IT plays in the improvement of the U.S. health care delivery system. Legislation is a powerful tool that demonstrates the commitment of leadership not only to raise awareness of the issues, but to help create a policy environment in which technology can be best used to support a safer, more efficient health care system. We support the bill's recognition of confidentiality and security as underlying components of any IT standards that may be developed or adopted as a result. Hospitals have and will continue to work diligently to ensure the confidentiality and security of personal health information. This too is an essential piece of that larger environment that must be in place for IT implementation to succeed. Commitment to this concept must be evident along each step of this complex process in order to engage the support of the public. The AHA shares the bill's acknowledgement of the accomplishments and reputation earned by the National Institute of Standards and Technology (NIST). This organization has, through its standards and process development work in many industries, established itself as a valuable resource to both the private and public sectors. Founded in 1901, NIST is a non-regulatory federal agency within the U.S. Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology. Four cooperative programs comprise the NIST mission: NIST Laboratories conducts research that advances the Nation's technology infrastructure; Hollings Manufacturing Extension Partnership offers technical and business assistance to smaller manufacturers through a nationwide network of local centers; NIST's Advanced Technology Program co-funds research and development partnerships with the private sector to develop innovative technologies that can benefit the entire Nation; and the Baldrige National Quality Program promotes excellence in several business sectors, including health care. Through its annual Malcolm Baldrige National Quality Award, NIST recognizes these quality achievements. Currently, there are several--perhaps too many--efforts to lead the health IT movement in the U.S. In the past few years, the government has: <bullet> Created through the Department of Health and Human Services (HHS) the American Health Information Community (AHIC), ``a federal advisory body, chartered in 2005 to make recommendations to the Secretary of the U.S. Department of Health and Human Services on how to accelerate the development and adoption of health information technology. AHIC was formed by the Secretary to help advance efforts to achieve the goal for most Americans to have access to secure electronic health records by 2014.'' Plans are currently in development to convert the AHIC into a public/private entity by 2008. <bullet> Created the Office of the National Coordinator for Health Information Technology (ONC). According to the ONC, it ``provides counsel to the Secretary of Health and Human Services and departmental leadership for the development and nationwide implementation of an inter-operable health information technology infrastructure. Use of this infrastructure will improve the quality, safety and efficiency of health care and the ability of consumers to manage their health information and health care. ONC also provides management and logistical support for AHIC.'' <bullet> Initially funded the creation of the Certification Commission for Health Information Technology (CCHIT). According to CCHIT, it is ``a recognized certification body for electronic health records and their networks, and an independent, voluntary, private-sector initiative. It is our mission is to accelerate the adoption of health information technology by creating an efficient, credible and sustainable certification program.'' <bullet> Initially funded the creation of the Health Information Technology Standards Panel (HITSP), through the American National Standards Institute (ANSI), ``to serve as a cooperative partnership between the public and private sectors for the purpose of achieving a widely accepted and useful set of standards specifically to enable and support widespread inter-operability among health care software applications, as they will interact in a local, regional and national health information network for the United States. Comprised of a wide range of stakeholders, the Panel will assist in the development of the U.S. Nationwide Health Information Network (NHIN) by addressing issues such as privacy and security within a shared health care information system.'' The NHIN is viewed as a ``network of networks'' that will allow the seamless exchange of health information anywhere in the U.S., and is currently in the planning stages. An executive order specifies that any new federal health information system launched after January 1, 2008 to be compliant with HITSP recommended standards. HHS Secretary Michael Leavitt has already accepted 30 recommendations for inter-operability standards that will be required to build a NHIN. We are concerned that there are already too many overlapping, duplicative efforts launched by the government to try to speed health care IT adoption. These organizations lack coordination, a common vision for the future of health IT, a roadmap and timeline for change, and a detailed implementation plan that articulates each stakeholder's roles and responsibilities. We are afraid that H.R. 2406 could position NIST as just another government entity with overlapping responsibility without addressing the key needs noted above. It is instead our hope that NIST will function as a common resource to the different players and help advance the goals we have articulated. For example, the ``Technical Activities'' described include standards and inter-operability analysis, software conformance and certification. These areas are already under intense scrutiny by several groups. Coming to agreement on the standards to be used will require collaboration and a private-public partnership that prioritizes where standards are needed, follows a consensus-building process to determine which standards to adopt, and ensures that they can be operationalized. Key stakeholders, including providers, payers, standards organizations, vendors and regulators must be part of the discussion and agree to an implementation process. In addition, NIST's core competencies, by its own definition, are: measurement science; rigorous traceability; and the development and use of standards. While these competencies, combined with NIST resources, could serve as a resource to both the public and private sectors, NIST is likely not the organization to provide the transformational leadership required in health care. However, the AHA believes NIST may be able to develop implementation tactics for health care providers, as it has done for manufacturing and its associated supply chain operations. Toolkits and guidance that enable hospital leaders to achieve Baldridge-level quality within their organizations that also scale nationally are required for success. CONCLUSION Hospital leaders, while striving daily to achieve higher standards of quality, safety and efficiency, are limited to local influence within an organization. When we discuss the merits of national health care information networks, inter-operability and the resulting improvements in safety and efficiency, hospitals must look to national leadership to create an environment that will enable a hospital to make significant IT investments. This is especially true if the beneficiaries of those investments exist outside of the boundaries of the individual hospital or hospital network. In order for a hospital to make an investment that ultimately benefits the greater good, there must be a reasonable expectation on the part of that hospital that it is heading toward the same goal and using the same measures of success as every other hospital in the country. Mr. Chairman, it is the mission of every hospital in every community in America to provide the best care possible to people in need. Inter-operable health information technology is a crucial tool in providing safe and effective care to the right patient, in the right setting, at the right time. We look forward to working with this committee and staff to forge ahead toward to a shared goal of improving the inter-operability and deployment of health IT and, as a result, our nation's health care delivery system. Again, I thank you for the opportunity to testify before this committee. Biography for Noel Brown Williams Noel Brown Williams is President of HCA Information Technology & Services, Inc., a wholly owned subsidiary of Nashville, TN-based HCA, the Nation's leading provider of health care services. She also serves as Senior Vice President and Chief Information Officer for HCA. In her second stint with HCA, Williams is responsible for the development and operation of the company's extensive information technology systems and services as well as the development of HCA's overall technology strategy. Williams spent 16 years in HCA's Information Services Department in a variety of positions, including serving as Vice President of Information Services from 1993 to 1995. Prior to rejoining the company in 1997, Williams served as Chief Information Officer for American Service Group in Brentwood, TN. Born in Pasadena, TX, Williams has a Bachelor of Engineering in Computer Science and Mathematics from Vanderbilt University and a Master of Science in Health Care Financial Management from the University of South Carolina. Williams resides in Nashville with her husband and two children. Chairman Gordon. Thank you, Ms. Williams, and welcome, Ms. Kloss. STATEMENT OF MS. LINDA L. KLOSS, CHIEF EXECUTIVE OFFICER, AMERICAN HEALTH INFORMATION MANAGEMENT ASSOCIATION, CHICAGO, IL Ms. Kloss. Chairman Gordon, Mr. Hall, and Members of the Committee, thank you for this opportunity to testify on health information standards and inter-operability. I am Linda Kloss, and I represent the American Health Information Management Association as its chief executive officer. This topic is of great importance to my colleagues in health information management and our over 50,000 members of the association. Today our professionals are on the front lines, sort of in the trenches if you will, in implementing electronic health records and other health information technologies. This includes health information exchange among providers, new ways for consumers to access their own health information. Confidentiality, privacy, security, data integrity, and consumer access are core value we bring to this important work. Before I begin, I want to thank you for your support and passage of H.R. 1467, the Ten Thousand Trained by 2010 Act. The Bureau of Labor Statistics, our own research and that of others, substantiates the needs for more experienced health IT information management and workforce to achieve inter- operability, and we certainly urge the Senate to follow your leadership in addressing the important heath IT workforce issue. Our prepared comments addressed all of the questions that the Committee put forward, but I want to just concentrate my oral testimony today on a few subjects relating to integrating the health care information enterprise. They are: first, the need for uniform and coordinated data standards necessary for inter-operability, in other words, some focus on what types of standards we are talking about; and secondly, the need for a stable long-term strategy for standards harmonization that goes to the point Ms. Williams made. Over the past four years, there really have been quite remarkable accomplishments in advancing standards for functionality and data interchange for the EHR and Health Information Exchange. However, the discussion on data content standards, what Dr. Silverstone referred to as the medical terminology, the focus of that to date, critical information that makes up the EHR and is actually what is transmitted has received too little attention. I compare these distinctions of building reservoirs and pipelines but not addressing the quality of the water that is flowing through those pipelines. So I urge that as we are thinking of standards, we expand our thinking to take in the standards relating to clinical terms and contents that are used to describe medical and care services, the critical language of medicine. These terms and contents making up the language of medicine are embodied in terminologies and classification systems that are used to catalog them so that they can be stored, exchanged, retrieved, analyzed, and inter-operability really requires the sender and the receiver to understand the exchange and interpret that information correctly. Terminology in classifications systems is critical for not only information exchange for patient-care purposes, but for public health, quality reporting and other purposes. But today, we have over 100 terminology and classification systems, and the U.S. has not put in place, as other nations have, a way to ensure a proper foundation for these systems as critical standards for inter-operability. Along with our colleagues from the American Medical Informatics Association, AHIMA has looked into this issue, and we convened an expert taskforce and prepared a set of recommendations under a white paper called Healthcare Terminologies and Classification and Action Agenda for the United States, and we provided an extract from that white paper attached to our testimony. It calls for a formation of a public-private authority or an entity to be established to ensure that we have robust and up-to-date terminologies and classification standards and authoritative ways of keeping track of them, and we also call, in that report, for further research, planning research, as to how we are going to do this well in the United States. So as part of the bill before us today, we are pleased to see a focus on research, and we think one of the critical areas for research, in fact, is how we are going to stand and have the authority and a process for terminologies and classifications that will really make health care information inter-operable. As a second area of focus today, we would just speak to--it does ring. Chairman Gordon. That is not you. We are, I guess, going into session, so please go forward. Ms. Kloss. Our second area for comment is regarding standards harmonization. We do believe important progress has been made towards adoption and use of EHRs, and we acknowledge the work of the Office of the National Coordinator, the American Health Information Community, the Health Information Technology Standards Panel, and the Certification Commission for Health Information Technology. All of these efforts have really been organized and set in place over the last four years, and they have provided a significant boost towards inter-operability. We do believe there is an important role for NIST in bringing both standards development and resources to this. NIST has done a lot to harmonize standards and to bring adoption guidelines forward, but this is largely a voluntary effort, and it is suffering from the woes of many hundreds of people working through, essentially, a voluntary effort that is contract funded, whereas what we do believe is going to be needed is a long-term strategy for standards harmonization. We do believe that NIST, well known for its expertise in information security and other standards, can supply the health information standards harmonization object with ready standards that can be applied and harmonized and test laboratories contributing to the Certification Commission. Chairman Gordon. Ms. Kloss, we have just been called for a vote. We have five minutes. So if you would like to quickly conclude, then I think we will have time to hear from the other two witnesses. Ms. Kloss. I actually can conclude here. I would just say that we are ready to work with you and the Committee to mobilize all available resources to help with this important effort. [The prepared statement of Ms. Kloss follows:] Prepared Statement of Linda L. Kloss Chairman Gordon, Mr. Hall, and Members of the Committee, good morning and thank you for this opportunity to testify on the issues relating to Meeting the Need for Inter-operability and Information Security in Health IT. This topic is of great importance to my colleagues in health care information management and has been for many years. I am Linda Kloss and I represent the American Health Information Management Association (AHIMA) as its Chief Executive Officer. AHIMA is an association of over 51,000 health information management (HIM) professionals deeply committed to and actively participating in the adoption of standards-based and inter-operable health IT. Since 1928, HIM professionals have worked to improve the accuracy, completeness, confidentiality and security of medical record information to support clinical care and improve health care of all Americans. Today, HIM professionals are on the front lines in implementing electronic health records and other technologies to improve health care. This includes information exchange among providers and new ways for consumers to access their own health information. Confidentiality, privacy, security, data integrity, and consumer access are core values we bring to this important work. As I speak this morning, I must inform you that AHIMA, through its Foundation for Research and Education (FORE) has been a contractor for several health information improvement projects initiated by the Department of Health and Human Services' (HHS) Office of the National Coordinator for Health Information Technology (ONC), the Agency for Healthcare Research and Quality (AHRQ), and the National Institute of Health's (NIH) National Library of Medicine (NLM). These projects have included evaluating the mapping of classification systems, studies of the potential for improved fraud deterrence through the use of electronic health record technology (EHR), analyses of privacy and security roadblocks to implementation of EHRs and health information exchange, and development of best practices for State level health information exchange. The FORE foundation, in conjunction with the Medical Group Management Association (MGMA) also addressed aspects of the collection and reporting of performance measurement data. AHIMA is also one of three organizations that founded the Certification Commission for Health Information Technology (CCHIT) which later received a three-year contract from ONC and is now an independent not- for-profit organization recognized by the Secretary of HHS as a certifying organization for HIT. AHIMA is active in a number of standards activities. Currently AHIMA is a voting member of the Health Information Technology Standards Panel (HITSP) and representatives are active on its Security Technical Committee. AHIMA and several of its members have been active for a number of years in the Health Level 7 (HL7) standards development organization (SDO). Currently our involvement is in developing EHR system and personal health record (PHR) system functional models, legal EHR functionality, and the clinical document architecture CDA. AHIMA is also an active participant in a number of national and international terminology and classification standards organizations. We serve as a member of the ICD-9-CM Coordination and Maintenance Committee with the American Hospital Association (AHA), the Centers for Medicare and Medicaid Services (CMS), and the Centers for Disease Control and Prevention's (CDC), National Center for Health Statistics (NCHS). We also serve as a member of the Cooperating Parties, the group that sets the guidance for use of ICD-9-CM in the U.S., the editorial advisory panels for the American Medical Association's Common Procedure Terminology (CPT), and the Healthcare Common Procedure Coding System (HCPCS) which is operated by CMS. Internationally we have been appointed by the NCHS to serve with the World Health Organization's (WHO) education, and ICD-10 and ICD-11 reference terminology work groups. We also have worked with the International Healthcare Terminology Standards Development Organization (IHTSDO), which is the standards group that has taken up the SNOMED terminology system. Costs and Benefits Standards-based electronic health record technology is the essential building block for much of what we seek to achieve in inter- operability. After years of slow and inconsistent progress, I believe that considerable progress is now being made to define core functionality and data exchange standards and to drive their adoption. The greater focus on standards over the past five years has led to progress by SDOs, formation of the Health Information Technology Standards Panel and the Certification Commission for Health IT and other collaborative projects which have in effect broken the log jam. However, the recent momentum must be supported so progress can continue and even accelerate. With the continual evolution of technology and growing experience of those who are using it, this work will require effective leadership, incentives for adoption, and financial support for the effort for some years to come. With a solid road map and full support, the benefits of inter- operability include the ability to: <bullet> Exchange crucial health information between health care providers so that medical treatment for any individual can be rendered accurately and completely. <bullet> Access, transfer and use the extraordinary body of knowledge about medical care and personal health and to grow that body of knowledge through accelerated research and dissemination of learning. <bullet> Report and transfer crucial public health data in seconds to improve effective local and national response to individual and population events and be effective participants in improving global health. <bullet> Achieve a high performing health system in terms of outcomes, safety and cost through performance improvement and public reporting. <bullet> Engage people as full participants in improving their health and wellness. <bullet> Understand effective ways to transform care delivery, including how we pay for it. There are numerous forecasts and models about the costs of implementing EHRs and health information exchange by researchers at RAND, The Center for Information Technology Leadership, the Robert Wood Johnson Foundation, and the Commonwealth Fund to name a few, as well as studies by AHRQ and ONC. While the specific estimates may vary some depending on the sets of assumptions used in the forecasts, the conclusion is clear: The benefits will outweigh the cost of investing in secure and inter-operable health IT. But it will not be inexpensive and the return on investment will not be quick. Any consideration of cost must take into account the costs of the current state of health care. For example, <bullet> What is the cost of treating patients with limited and inaccessible information about their medical condition and history? <bullet> What is the cost of our inability to manage an individual's care across a multiple number of providers just in trying to get the information needed? <bullet> What is the cost increased administrative duties and operations due to our inability to exchange uniform data electronically for secondary purposes such as research, claims processing and a variety of other administrative activities that are now restricted by our paper-based information system, restrained by our ability to review and analyze paper data, and our ability to locate and exchange information when and where it is needed? <bullet> What is the cost of having our limited data due to the inappropriate use or limits placed on our terminology and classification standards and systems? <bullet> What is the cost in loss of life and poor health, because the right data is not available at the right time? Real improvements are being documented by medical practices and hospital that are using health information technology. Except for delivery systems such as the Veteran's Health Administration, other integrated systems and networks such as e-prescribing, improvement are for the most part isolated. Without consistent standards it is difficult to accrue the values that require inter-operability. Standards, Guidelines, and Coordination. I will address three inter-operability and security issues in my comments today that we believe are important for the Committee to take into account in its work. These are: terminologies and classifications, data stewardship, and the harmonization of standards. Terminologies and Classifications The U.S. needs greater uniformity and coordination of health care terminologies and classifications, a type of health information standard that is perhaps not as well understood as are other types of standards. Clinical terms and concepts are the language of medicine and form the information content in electronic health records. Terminologies and classifications catalogue these terms and concepts so they can be stored, exchanged, retrieved and analyzed. Inter- operability requires that the sender and receiver understand the exchange and interpret it correctly. Terminology and classification systems are critical for information exchange, for public health reporting, performance measurement, quality reporting, research, and billing and payment for health care services. AHIMA and the American Medical Informatics Association recently published a white paper entitled Healthcare Terminologies and Classifications: An Action Agenda for the United States. I have attached a short summary of that paper and its recommendations, Healthcare Terminologies and Classifications: Essential Keys to Inter- operability to my testimony. This report was prepared by a joint task force of experts who call for the establishment of a public-private authority responsible for ensuring the U.S. has: <bullet> Robust and up-to-date terminologies and classifications for inter-operability between systems; <bullet> Standards for developing terminologies and classifications in the EHR and PHR, including implementation guides; <bullet> Principles and guideline for development, distribution, and maintenance of systems and coordination across systems; <bullet> Timely and reliable industry guidance; <bullet> A coherent set of policies and procedures to ensure openness and performance for terminologies, classifications, and the systems that convert data encoded in one terminology or classification to another; and, <bullet> Business process automation to ensure cost-effective development of systems and cost-effective use by providers, payers, and other organizations. While federal and private entities have made genuine progress, the task force recommends public funding for a research and development project to design a permanent governance mechanism and formulate strategies and plans for: <bullet> Contemporary and standardized processes for development, adoption, and maintenance of terminologies and classifications; <bullet> The structure, function, and operating practices for a U.S. public/private authority to oversee terminologies and classifications; <bullet> Gaining commitment of terminology and classification stakeholders--developers, end users, and other service and technology suppliers--to principles and guidelines for open and transparent approaches that permit cost-effective inter- operability of complete and accurate information; and <bullet> U.S. participation in the IHTSDO--the international organization now addressing SNOMED terminology which we believe is the base terminology for a standard EHR. AHIMA and AMIA are prepared to coordinate such an effort, and I ask your consideration to support this effort. Without standard and consistent data content--which comes from terminologies and classifications--the U.S. will not achieve inter-operability of usable information. As described in the task force report, the U.S. has fallen behind other countries in developing; deploying and using these critical and new approaches to coordination are urgently needed. Data Stewardship A second and similar effort is needed in the area of quality measurement and secondary data. Recently, AHRQ issued a request for information related to the data measures, data sets, or standards used for the collection of quality measurement information--the potential to have a data steward to coordinate the groups and the group processes for developing data collection. This concept was expanded to include data also collected for a variety of secondary purposes, research, public health, reimbursement, and other public policy requirements. As I noted earlier, the ability to use secondary data from a large population offers vast opportunities to improve the health of this nation and reduce error and costs. At the same time secondary data also supports reimbursement for health care services not only in the traditional sense of the billing claim, but also in the form of information to support effective payment policy. As with terminologies and classifications, the U.S. lacks a coordinating body with requisite authority to set a vision and operating policies for secondary use of data, a data stewardship entity. An acknowledged data steward entity would coordinate the various public/private groups working on quality measurement and the employer/purchaser, research and public health communities which use these data. AHIMA's members oversee the collection of these data in many health care organizations. They report that lack of uniformity in the data sets requested and uniformity of definitions results in costly manual work and concerns about the quality and validity of data used to measure quality. Standardizing measures and policies regarding secondary uses of health information will enable the IT industry to design solutions capture data once and use it for multiple legitimate and authorized purposes. Standards Harmonization The third area relates to the harmonization of technical standards and consistent guidelines for their use, including standards for clinical terminologies and classifications, as described earlier. In the 1980s HL7 was formed to address health care institutions' inability to share data between or among their own data systems and programs. Today, HL7 and other SDOs have become and are addressing international information exchange. Throughout the U.S., industries are sharing data and cutting their administrative costs because they are using uniform standards, such as the Accredited Standards Organization X12 standards. Besides using standards, however, these industries also use and require guideline standards--how the particular industry's members will use a chosen standard, under what conditions it will be used, and what data sets will be used, and so forth. This has not been the case in the past in health care. For instance today we use standards required by HIPAA. We, therefore, adopted an X12 standard for claims, the X12-837. Unfortunately as testimony last year at the National Committee for Vital and Health Statistics (NCVHS) indicated there are now over 1,000 different instructions for the use of the X12-837 in the health care industry. If we are to achieve inter- operability and use standard like other industries, this should not happen or be allowed to happen. The health care industry has over one million providers, thousands of health plans and payers, a potential consumer base of over 300 million individuals, and some 1.44 million employers offering some level of health care, along with numerous government agencies, clearinghouses, and vendors. Achieving consensus on complex standards and an understanding of their uniform application is a monumental task even with a shared vision. In the U.S., our standards data organizations are essentially groups of volunteers that come from industry and the professions. It is difficult to get and keep volunteers who work for provider organizations working on standards, yet their participation is critical. To address the consistent use of a standard, the harmonization of standards--to make the standards work with each other, and to choose the collection of standards necessary to perform a function or functions requires a significant effort. Over the last three years we have seen, through the efforts of HHS, ONC, and the American Health Information Community (AHIC), the establishment of the Health Information Technology Standards Panel (HITSP). HITSP and its numerous volunteers have addressed the need for standards for a variety of health care functions and performed the harmonization task. While the question of adherence to this harmonization still remains to be seen, the task is the first time (outside of some limited and similar work done by the NCVHS with e-prescribing and the HIPAA standards) such an effort has occurred in health care. AHIMA has three concerns with HITSP in its current capacity. First, it is largely a volunteer effort and while this improves acceptance, it is a slow process. H.R. 2406, introduced in this committee, has the potential to provide some of the resources, through the National Institute of Standards and Technology (NIST), needed to sustain and accelerate the role that HITSP plays. This does not negate the need for an industry (public-private) oversight group with a role to approve, reject, or amend the final choices for harmonization of standards. Public/private involvement is crucial for acceptance, buy-in and use. Similarly, NIST could also provide some of the tools for groups like CCHIT, whose role is to identify and test that the standards harmonized by HITSP and other groups, and ensuring those standards are contained and functioning within the products sold on the market. This assures buyers that the products they are purchasing technology that will allow them to be inter-operable with the industry and the networks under development. Our second concern related to the need for coordination among HITSP, CCHIT, and the entities charged with coordinating terminologies and classifications, data stewardship, health information exchange and other related functions critical to achieve an secure, inter-operable system. Such an entity and role is currently under discussion throughout the industry, and I will not comment further at this time since that is not the nature of today's hearing. Our third concern with HITSP is funding. How does the Nation fund such a body that does not itself develop standards, but rather proves the harmonization process? In other industries there are councils, but no such body exists in health care. If the benefits from harmonization and eventual inter-operability accrue to the population, should the population, as a whole, pick up this cost? That is a discussion Congress should undertake. Should H.R. 2406 become law and the NIST involvement occur, the investment in NIST will assume some of the costs incurred in the harmonization process, but not all. Barriers to Inter-operability I was asked to address barriers to inter-operability and I have already mentioned several. Let me recap: Industry consensus guidelines for the prioritization, adoption and use of standards, <bullet> Financial support and staffing for the coordination and harmonization of standards and the development of guidelines, <bullet> A mechanism for uniform adoption and implementation of standards, and <bullet> The current reimbursement system for health care. To date, the U.S. health care system has only limited success with the adoption and use of standards. The standards chosen to be included under HIPAA were reviewed by the NCVHS and the guidelines were written by the ASC X12. SDOs normally do not write the guidelines for their standards, but there was no other group to do so. The NCVHS, while holding considerable public comment would not, today, be considered a public/private entity that engages the industry and government. The result, as I have noted, is a limited adoption of several of the HIPAA standards, and an inconsistent use of the more common claims standard and remittance standard. More recently we have seen the HITSP work diligently to harmonize standards and recommend guidelines, but we have not had an opportunity to see if the industry will actually be able to adopt and consistently use the standards HITSP has proposed. Without consistent adoption and use we cannot achieve uniformity. This does not have to mean that all products have to look the same, but the data being exchanged, and the mechanisms for transmitting and receiving it have to be standard so no one can question the integrity of the data or finds themselves is a position of not being able to send or receive the data. The HITSP entity and process provide great promise. For the first time we have a body that can be seen as providing public/private involvement in the harmonization and guideline processes, but HITSP has its barriers as well. I have suggested the need for financial support and staffing for coordination and harmonization. Without this staffing and the financial support needed to provide the staffing, the move to identify, adopt, guide, and see consistent standards being used will lag. Other nations, and industries have addressed this issue and the U.S. must address it as well. Perhaps a small fee can be associated with each claim or some other mechanism that will allow the industry and its consumers to spread the cost of the work that needs to be done. First, we need funding to establish the processes and standards, and then later maintain the system to keep it refreshed and consistent with medical practice and knowledge. Similar funding needs to be examined for the groups we suggest for terminologies and classifications and data stewardship. While we must maintain industry oversight through some inclusive public/private entity or entities, we must also move from a volunteer to a full-time mechanism to keep the process progressing. The benefits of the standard EHR and systems we are discussing are too valuable to wait on a disjointed volunteer effort. If we have the funding and the standards and guides, how do we compel there use? This is a question I hear very often. Standards have been around for many years, yet the health care industry or market has not been able to sit down and achieve universal compliance seen in other industries and countries. HIPAA was an attempt, but it did not have industry involvement and buy-in at the level needed and there is no industry pressure to make covered entities abide by the few rules it has, including the Federal Government. If we cannot develop some entity or mechanism that has the power to not only oversee the choice standards and guidelines we have been discussing, then we will see a very slow achievement of the steps necessary for full inter-operability. This is a somber statement, and I want to acknowledge the work of the Secretary, ONC, and AHIC who are trying an approach based on the Medicare market and the assumption that the Federal Government will adopt and abide by the selected standards and guidelines. Essentially, this is an industry-wide voluntary system that suggests that others will be as compliant as the Federal Government says it will be. We have not seen the results of this effort yet and much has to be done. If we do not have the actual up-front buy- in and then demonstrated compliance from all parties, including the federal agencies, even at maximum capacity it will take many more years before we get to the exchange of information we are all seeking under the current system,. Today, it is not clear who will lead this charge. The last barrier related to standards I want to mention is reimbursement. Unfortunately, reimbursement runs the show. Many physicians indicate they will not even consider adoption of HIT and standards until the Medicare and Medicaid reimbursement formulas are corrected and they are paid adequately. I understand Congress is addressing this concern, but with the Federal Government paying such a big portion of the health care bill, reimbursement, especially physician reimbursement is a barrier to adoption. It is more than the amount of reimbursement. The reimbursement process controls other aspects of standards use that affect the achievement of inter-operability. The U.S. use of classification systems that reflect 21st century medicine have been thwarted continually because many health plans and payers do not want to convert to a contemporary system. In the U.S., our ICD-9-CM classification system is seen as part of the reimbursement system. Quality measurements are similarly fast becoming viewed this way as well-- administrative data, rather than information something that can be accurately used to actually describe our care, diagnoses, and treatment. As we build processes like quality measurements and data repositories like the personal health record, the reliance on health care claims data raises questions regarding the completeness and accuracy of the information for clinical use or analysis. We must keep our clinical data free from manipulation for reimbursement purposes, and require our reimbursement processes to find another way to develop their payment mechanisms rather than to appropriately control or impact our collection of clinical data. If we cannot rely on the integrity of clinical data any inter-operability benefit will be greatly diminished. As we build the system to adopt and harmonize standards and design guidelines and implementation, we have to build it as intended to provide data that accurately describes the patient and medical encounter. Yes, payers or health plans need to be involved in these processes, but lets build our EHRs and information systems to maximize our health information and ensure data integrity. Security and Privacy HIM professionals have been deeply involved in the need for confidentiality and security, and committed to implementing and enforcing laws, regulations, and best practices to assure maximum data and individual protections. We see our role as to provide maximum protection for the consumer and the information. HIM professionals are often the privacy officer in health care institutions, and are usually involved in the process of releasing an individual's health information for its intended use. I have attached to my testimony a recent statement on the issue of confidentiality that we produced jointly with AMIA. AHIMA and its members have been involved in the recent process of reviewing laws, regulations, and practices associated with confidentiality, privacy, and security across the states and the Federal Government. Many of these laws and regulations go back decades and are intertwined with purposes now forgotten. It will take time to unravel these relationships and allow the states and the Federal Government to develop uniform laws that protect health information. I can assure the Committee that we are engaged in and see a tremendous amount of effort directed as developing maximum uniform protection and developing the security mechanisms necessary to secure our data and networks. HIM professionals believe that use of standard electric health records will permit more secure protections for personal health information than what exists for the current paper record. We are in a transition period, moving from a paper-based system to an electronic record. This change is not without confusion and gaps that must be addressed are being addressed. I want to note our support for H.R. 2406's approach to having NIST assist in the identification of potential security standards that should be considered under the HITSP process. NIST has a demonstrated expertise in this arena that can benefit and accelerate the industry's efforts considerably. With the adoption of electronic health records we have the technology to provide confidentiality or privacy through a variety of security processes. Just how we adopt and use security processes or standards is under considerable and appropriate debate. Identified health information flows throughout the health care industry, and other industries, as well as to consumers themselves, and in some cases employers. This flow is through consumer request, reimbursement systems, government reporting requirements, school requirements, and so on. The process is complex and some of the uses of technology just as complex. Therefore, we must be careful to use technology wisely or we could impede the movement of information when it is most needed. Surveys indicate that most individuals want their health information where it is most needed for their own clinical care and for the benefit of the population. What consumers do not want is to have their health information misused. They do not want to be inappropriately discriminated against because of their health status or information. In addition to uniform rules, regulations and technology to achieve health information confidentiality and security, AHIMA believes in essentially three basic principles for over all protection: 1. Personal health information should be protected wherever it lays or is transported--whether or not the entity or person accessing, transferring, storing, or holding the information is a health care entity or covered by HIPAA. 2. Individuals should be protected against inappropriate discrimination on the basis of their health information--this would include situations of employment and insurance. 3. Individuals should be protected against the intentional misuse of their health information. There are two caveats to these three principles. To be effective laws and regulations related to discrimination and misuse must include provisions for active prosecution and penalties, and the public must see active prosecution and penalties. There are and probably never will be absolute secure systems that will provide the confidentiality or privacy sought by some of the public and expected by all of the public. But inter-operability will be a failure if we cannot build trust in the system of EHRs, PHRs, and health information exchange. We can never undue an actual disclosure of an individual's health information, but we can take steps to ensure that any one intentionally discriminating against an individual or misusing health information will know that they face severe penalties for doing so. Global Harmonization My comments on terminologies and classifications gave a glimpse of international collaboration. Many of the classifications used in the U.S. are actually either international standards, or a U.S. version of an international standard. The SNOMED terminology, for instance has recently moved from a U.S.-based standard to an international standard. The HL7 standards are international standards. There are other standards as well. Disease and public health are not controlled by state or international borders. So we have to consider the global harmonization of some of the standards we use in U.S. health care, especially terminology and classification standards used for clinical care. I am sorry to report that the U.S. is behind in this matter. I alluded to the restraints in some of our classification systems. While most of the world is using the current WHO ICD-10 classification standard for disease or a modification of it, the U.S. remains over 10 years behind, still using ICD-9-CM for morbidity reporting, a version developed in the 1970's. While U.S. uses ICD-10 for reporting mortality information, we run into situations such that, currently, until the next change in codes, the U.S. can report that you died of avian flu, but cannot report that you survived avian flu. Similar delays have occurred with other outbreaks since the ICD-9-CM numeric classification cannot accommodate the WHO ICD-10 alpha-numeric codes, making it necessary for the U.S. to manufacture an alternative code when needed and when possible. When we exchange information with most other countries, the codes must be converted, and information coming from outside the U.S., has to be maintained in a separate database. WHO has begun the process to update ICD-10 to the next version ICD- 11. A final ICD-11 classification is expected in eight or nine years. ICD-11 is based on the ICD-10 structure, and its development will be based on the use of ICD-10, which limits U.S. input. We are concerned that the failure to move our national terminologies and classification forward in sync with international progression leaves our health care industry behind and exposes our public health system to additional barriers and costs because we have not kept up with public health in the rest of the world. We believe our recommendations related to terminologies and classifications will help change our role in the international community. Groups like the HL7 should continue to be encouraged to develop standards for clinical care information exchange that are international in flavor. While our reimbursement systems might differ, our ability to share data for clinical care, research, and public health should not be restrained. The U.S. is a world leader in health research and technology and a move to insure international standards can only help make our role internationally stronger. Mr. Chairman, Mr. Hall, this concludes my responses to the Committee's questions. There has been remarkable progress in the last four years to move health care from paper to a technology enabled inter-operable system. Developing and deploying standards is fundamental prerequisite. But so is sound policy and sound governance to ensure that technology and policy are aligned and are being advanced over time. This is an effort that requires the full engagement of all three sectors of our society, government, industry and the private non- profit. It is not a project like Y2K that has an end point. It is a process that requires a long-term view and a public and private commitment to the public good. Federal and State funding is required as is the authority that can only come through intelligent government action. The HIM profession and AHIMA stand ready to work with Congress, the Administration, and our health care colleagues to continue on a path that becomes ever more critical. I thank you for your invitation, your time, and your attention, and I am ready to answerer any questions you might have. Thank you again. <GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT> Biography for Linda L. Kloss Linda L. Kloss, MA, RHIA, is Chief Executive Officer of the American Health Information Management Association (AHIMA), the premier association of 51,000 members serving the health information management (HIM) community. Founded in 1928, AHIMA today has a staff of 125 and is comprised of 52 component state chapters and the Foundation for Research and Education (FORE). Kloss serves on the Board of Directors for AHIMA and FORE. In her role at AHIMA, Kloss is responsible for delivering services to the fast changing HIM community, promoting its mission and values, and executing the Association's strategic plan. She also oversees AHIMA's industry outreach and partnership activities with key stakeholder organizations. Kloss led the Association's efforts to co- found the Certification Commission for Healthcare Information Technology, a private industry initiative to accelerate the adoption of inter-operable health care technology. Additionally, Kloss serves on the Steering Committee of Connecting for Health, a public-private partnership funded by the Markle Foundation and Robert Wood Johnson Foundation; the Board of Directors for National Alliance for Health Information Technology (The Alliance); the Leadership Council for the e-Health Initiative; and as a delegate to the International Federation of Health Records Organizations. Prior to joining AHIMA in 1995, Kloss served as one of the founding officers for MediQual Systems, Inc., a developer of computer based clinical performance improvement technology and data tools, and InterQual, Inc, a quality improvement consulting and education company. Her health information management leadership experience also includes both academic and practice positions. Kloss holds a Master of Arts degree in Organizational Development with a concentration in Change Leadership from DePaul University in Chicago, and a Bachelor of Science degree in Medical Record Science from the College of St. Scholastica where she now serves as a member of the Board of Trustees. Other designations include Certified Association Executive (CAE), and Fellow of AHIMA (FAHIMA). Chairman Gordon. Thank you, Ms. Kloss, and Mr. Raymer? STATEMENT OF MR. MICHAEL RAYMER, VICE PRESIDENT AND GENERAL MANAGER, GLOBAL PRODUCT STRATEGY, GE HEALTHCARE INTEGRATED IT SOLUTIONS Mr. Raymer. Well, good morning, Chairman Gordon and Committee Members. My name is Michael Raymer, and I am vice president and general manager, responsible for global product strategy for GE's Integrated IT Solutions. I appreciate the opportunity this morning to testify. As a large purchaser of health care services, GE very much supports the goal of creating a nationwide health-information infrastructure that we believe will save time, money, and most importantly lives. To that end, we support initiatives to coordinate the work of the various Federal and State agencies and the private sector in achieving that goal. It is important, however, that this coordination does not interfere with the valuable work that has been done today. The National Institute of Standards and Technology, or NIST, is charged with developing and promoting measurement, standards, and technology to enhance productivity, facilitate trade and improve the quality of life. While NIST's portfolio is not specific to health care, much of the research done at NIST's laboratories with respect to advancing the Nation's technology infrastructures is directly applicable to the creation of an NHIN, or National Health Information Network. H.R. 2406 envisions an expanded role for NIST in the development of HIT. GE supports NIST's increased involvement, but not at the expense of processes that have been working well, to date. We believe there are four areas in which NIST can provide and can be most valuable in advancing this national resource. One is to facilitate coordination among the federal agencies. The 2005 memo of understanding between Health and Human Services and the Department of Commerce charges NIST with the responsibility of strategic policy and program coordination among the federal agencies. While such an effort is a lot like herding cats, we believe NIST has the capability and should be given the opportunity to fill this mandate. NIST's role would not be to create standards or to certify standards, but to work with other governmental agencies to ensure that existing standards are implemented appropriately. Secondly, we believe that NIST can enhance the already effective HITSP process. HITSP recommends a best practice in public/private collaboration. We should be wary of any action that would result in diminishing the effectiveness of this group. That said, we believe it is possible to build upon the current successes of HITSP and CCHIT, and NIST can play a very important role in that process. To ensure this, we suggest that HITSP be specifically recognized in this legislation and that NIST authority should enforce federal agency compliance with standards, and implementation should be strengthened. Thirdly, to provide coordination for testing of inter- operability standards: the utility of inter-operability testing is to demonstrate that products comply with a defined set of standards. Over the past 10 years, the IHE Connectathon has proven to be an effective, transparent testing process. Development of a parallel testing process, as currently being contemplated by CCHIT, would waste certification resources on duplicative efforts. To the extent there are testing processes not within the scope of the Connectathon, and there is room for CCHIT or other entities, either alone or in combination in the context of both private and public collaboration to develop their own testing processes, NIST could help oversee these efforts to ensure there is no duplication. Finally, fourth, focused research on areas not covered by HITSP or other public/private-sector activities: there is certainly room among all of the other activities for NIST's extensive research capabilities, especially in areas where the agency has particular expertise. These would include, one, investigating information technology to support and pay for performance; secondly, harmonization of security standards and practices; and third, working with the private sector to provide clarity in HIPAA security regulation and guidance. In summary, NIST has played a role and continues to play an effective role in coordinating the efforts of public and private sectors towards developing HIT. Our support for extending or expanding NIST's participation in these activities is contingent upon the agency leveraging its strengths and not duplicating or reinventing good work that is currently being carried by other public/private entities. On behalf of GE Healthcare, Mr. Chairman, I want to express my gratitude for the opportunity to share with you our own perspective on creating a nationwide health-information infrastructure. I would be happy to answer any questions that you and the Committee may have. [The prepared statement of Mr. Raymer follows:] Prepared Statement of Michael Raymer Good morning. My name is Michael Raymer, and I am Vice President and General Manager of global product strategy for GE Healthcare Integrated IT Solutions. I want to thank the Committee for giving me the opportunity to testify today. GE supports the goal of creating a nationwide health information infrastructure. To that end, we also support initiatives to coordinate the work of various federal and State agencies and the private sector in achieving that goal. It is important, however, that this coordination does not interfere with the valuable work that has been done to date. GE's Role in Promoting Inter-operability GE has a long history of successfully driving open, standards-based data exchange with other vendors. The earliest example is the Digital Imaging and Communications in Medicine (DICOM) standard, which has enabled diagnostic imaging devices and software systems to exchange images and related information regardless of vendor. Diagnostic imaging vendors historically created proprietary formats for the CT or MR images created by their systems. While image exchange was inter- operable between systems supplied by the same vendor, this was not the case among systems supplied by competing vendors. This lock-in limited the flexibility of hospital radiology departments to utilize imaging technology in an optimum fashion. DICOM allowed images to move from system to system, enabled hospitals to centralize storage of images to reduce costs, and led the radiology department to move towards diagnosing images on a computer screen. Consequently, DICOM enabled the creation of today's $2 billion picture archiving and communications systems (PACS) market, while also enabling many hospitals to eliminate one of their highest expenses from their operating budgets: film. PACS has transformed the work flow within the radiology department, leading to increased efficiency and higher quality of care. Physicians at different locations can consult while simultaneously examining the same images and comparing them with other clinical results to get a more complete picture of the patient's condition. GE has been instrumental in HL7 standards efforts, representing users and vendors in the definition of clinical document sharing and context setting (user and patient) standards. GE's Centricity EMR was the first major health care information system to provide a production- ready CCOW-compliant product. GE also worked with the HL7 board and industry vendors to define strategies for broad vendor adoption of CCOW. And, GE is one of the founders of the Health Information and Management Systems Society (HIMSS) EHR Vendor Association (EHRVA), a group of the top 42 EHR vendors committed to making EMRs inter-operable and to accelerating EMR adoption in hospital and ambulatory care settings. EHRVA is playing a pivotal role in creating and driving a single set of standards for electronic health records inter- operability, similar to the role NEMA played in transforming diagnostic imaging inter-operability in the 1990s. Standards for electronic medical records are complex, because they involve multiple types of data and terminologies that are not 100 percent congruent from one specialty to the next--or even from one hospital to the next. GE is a co-author of the EHRVA Inter-operability Roadmap--an effort to articulate an achievable path to inter-operability. The roadmap sets out a phased timeline for the inter-operability needed to implement a nationwide health information infrastructure (NHIN). The first phase of that roadmap was demonstrated at the HIMSS Conference in 2006, with GE joining 37 other IT vendors, including the VA and DOD, in showcasing multiple inter-operability use-cases. One of the NHIN pilot implementations used several aspects of the roadmap, and GE and EHRVA are reaching out to other stakeholders to encourage further implementation and convergence of the roadmap.\1\ --------------------------------------------------------------------------- \1\ The EHRVA inter-operability roadmap can be found at http:// www.himssehrva.org --------------------------------------------------------------------------- Don Woodlock, GE Healthcare's General Manager of Imaging Solutions, was the only speaker at the Secretarial Summit on Health Information Technology, July 21, 2004, to advocate open, standards-based inter- operability. And numerous GE employees contribute their time and energy to establishing and staffing bodies, including the Certification Commission for Health IT (CCHIT) and the Health Information Technology Standards Panel (HITSP). IHE: A Proven Inter-operability Development Process GE has also been a long-term leader in Integrating the Healthcare Enterprise (IHE), an industry-led initiative that is creating a standards-based framework for clinical IT. IHE was established in 1998 by the Radiological Society of North America (RSNA) and HIMSS. At that time, the popularity of DICOM led to the desire to improve imaging information exchange beyond the radiology department to other clinical IT systems in the hospital. Early on IHE recognized that solving health care inter-operability problems sometimes requires multiple standards, and established a process that allowed multiple standards to be profiled and specified in a precise manner to resolve work flow challenges while maintaining plug-and-play capabilities. IHE defines precise inter-operability specifications to ensure truly compatible implementations by different vendors. IHE couples these specifications with a comprehensive testing process, the IHE Connectathon. These inter-operability showcases, held at major industry conferences, encourage competing vendors to build and demonstrate data exchange between their products, in a collaborative and transparent process. This includes laboratory results, radiology images, medical summaries, and cardiology reports--the very information that today is often still faxed, couriered, or mailed between the majority of health care organizations in the U.S. Beginning with the 2005 HIMSS Conference IHE Cross-Enterprise Showcase, 14 companies--including seven EHRVA members and NIST--demonstrated the document-sharing health information exchange concept using medical summary information, lab reports, static text reports (.pdfs), and structured information. The product demonstrations focused on use cases that would enable plug-and-play inter-operability with the types of clinical information that patients and clinicians utilize in typical medical settings. IHE's implementation and testing process has been leveraged by many countries and regions around the world, including the United States (through HITSP), France, Canada, Austria, Italy, and Japan. In the spring of 2005, for example, 16 European vendors participated in the IHE-Europe Connectathon for cross-enterprise information exchange; this has since grown to more than 70 companies participating in the North American and European IHE Connectathon process. The IHE Cross- Enterprise Document Sharing (XDS) profile and associated integration profiles achieved connectivity between inpatient and ambulatory EHR systems (including products from different EU countries) that had not previously communicated. By establishing a larger-scale market for HIT inter-operability, IHE helps reduce the cost of achieving inter- operability and makes the inherent technology risk more acceptable for vendors. The backbone of the HITSP health information exchange infrastructure utilizes many of the same IHE inter-operability specifications that are already recognized and being deployed around the world. The Role of NIST Today The National Institute of Science and Technology (NIST) is charged with developing and promoting measurement, standards, and technology to enhance productivity, facilitate trade, and improve the quality of life. While NIST's portfolio is not specific to health care, much of the research done at the NIST Laboratories with respect to advancing the Nation's technology infrastructure is directly applicable to the creation of an NHIN. Further, virtually all of NIST's projects are conducted in cooperation with a wide variety of public and private stakeholders. Within the health care realm, NIST Information Technology Laboratory has been involved with IHE on the development of XDS, which was adopted by EHRVA as the approach to electronic health information sharing for the Inter-operability Roadmap. NIST provided a test environment for vendors to test their implementations, and coordinated specification development with the web-services standards development organization OASIS that provided the standards used to implement XDS. NIST is also an invaluable resource in the area of data security and privacy. Because of the sensitivity of personal medical information, consumer opposition to an NHIN largely centers on concern about unauthorized access to and misuse of medical records. Among the methodologies pioneered by NIST is role-based access control-- technology that limits the type of information that can be viewed by any individual depending on that individual's function. So, for example, hospital-billing clerks would be authorized to see only the parts of a patient's medical record necessary to generate invoices for a specific admission, while physicians with access to the same system would be able to see the patient's entire medical history. NIST's expertise in data security can both accelerate the process of achieving an NHIN, and enhance public confidence in those efforts. A Future Role for NIST H.R. 2406 envisions an expanded role for NIST in the development of HIT. GE supports NIST's increased involvement--but not at the expense of processes that are already working well, such as HITSP. We note also that NIST has not yet been allowed to fulfill its role under the 2005 Memorandum of Understanding (MOU) between the Department of Health and Human Services (HHS) and the Department of Commerce (DOC). The areas where we believe NIST can be most valuable are: <bullet> Facilitate coordination among federal agencies. The 2005 MOU charges NIST with the responsibility for strategic, policy, and program coordination among federal agencies. While such an effort is often likened to ``herding cats,'' we believe that NIST has the capability and should be given the opportunity to fulfill this mandate. The Federal Government is the largest health care payer in the country, and therefore stands to benefit the most from the increased efficiencies and cost-savings that can be garnered through HIT. NIST's role would not be to create or certify standards, but to work with other government agencies to ensure that existing standards are being implemented appropriately. <bullet> Enhance the already effective HITSP process. HITSP represents a best practice in public/private collaboration. We should be wary of any action that would result in diminishing the effectiveness of this group. That said, we believe it is possible to build on the current successes of HITSP (and of CCHIT), and NIST can play an important role in doing so. To ensure this, we suggest that HITSP be specifically recognized in this legislation. As a facilitator and coordinator among other federal agencies, NIST can help to accelerate the HITSP process by working between meetings to achieve consensus among the public sector participants. And NIST's authority to enforce federal agency compliance with standards implementation should be strengthened. NIST's track record of promoting collaboration through IHE demonstrates that it can also play an effective facilitation role in the private sector. Finally, NIST can serve as a resource to State governments, helping to disseminate information about technology roadmaps and other information that is available to support local HIT efforts. <bullet> Provide coordination for testing inter-operability standards. The utility of inter-operability testing is to demonstrate that products comply with a defined set of standards. Over the past 10 years, the IHE Connectathon has proven to be an effective, transparent testing process. Development of a parallel testing process, as CCHIT has proposed, covering the same standards can be done only to the detriment of the industry. We should not waste certification resources on duplicative efforts, and we should not ask vendors--who have already contributed to creation of the IHE process--to pay a second time, in the form of increased CCHIT certification costs. And if the parallel processes yield disparate results for the same product, it would undercut the underlying rationale for certification. To the extent there are testing processes not within the scope of the Connectathon, there is room for CCHIT or other entities--either alone or in the context of a public/private collaboration--to develop their own testing processes. NIST could help to oversee these efforts and ensure that there is no duplication. NIST's position within the DOC makes it uniquely suited to drive global standards harmonization. In other industries, NIST has effectively served as a single clearinghouse for testing tools, whether they were created by NIST or by another entity. We suggest that NIST should be given the same responsibility with respect to inter-operability standards, working in conjunction with HITSP. <bullet> Focus research on areas not currently covered by HITSP and other public/private sector activities. There is certainly room amid all these other activities for NIST's extensive research capabilities, especially in areas where the agency has particular expertise. These include: 1. Investigating the information technology necessary to support pay-for-performance program. 2. Harmonization of security standards and practices, especially with respect to the ``four As'' identified by HISPC (authentication, authorization, access, and audit), and making robust authentication more accessible to the consumer. 3. Working with the private sector and HHS to provide clarity in HIPAA security regulation guidance. Summary NIST has played, and can continue to play, an effective role in coordinating the efforts of the public and private sectors toward developing HIT. Our support for expanding NIST's participation in these activities is contingent on the agency leveraging its strengths, and not duplicating or reinventing the good work that is currently being carried out by other public/private entities. NIST's research activities should be directed to the areas where there are currently gaps, such as data security. With respect to HISTP, we believe that NIST's highest and best use is to facilitate communication and consensus among the government entities represented. NIST can also help coordinate efforts in the private sector with respect to the efficiency and effectiveness of inter-operability testing. Biography for Michael Raymer Mike Raymer leads a strategic team that drives global clinical and financial/administrative product strategy, evaluates new business initiatives, provides market analysis and research, optimizes strategic partnerships, and monitors government relations across all product lines in the GE Healthcare Integrated IT Solutions organization. Raymer's team impacts GE software solutions for inpatient and ambulatory care, including such capabilities as enterprise clinical information systems; ambulatory electronic medical records; departmental systems; Picture Archiving Communication Systems (PACS) and imaging information; solutions for patient access, patient accounting and practice management; and Web-based portals for both patients and referring physicians. Prior to GE's acquisition of IDX, Raymer served as Senior Vice President and General Manager of the IDX Carecast Operating Unit (now part of GE Healthcare), responsible for total profit and loss for the IDX CarecastTM enterprise clinical system (now GE Centricity Enterprise), as well as leadership of IDX's 500-employee Seattle office. Prior to joining IDX in 2002, Raymer served as Vice President, Products for Shared Healthcare Systems, where he was responsible for product development, quality assurance, web services and data warehousing. There, he completed development cycles for two new, web- based clinical products, while maintaining three legacy software products. Earlier in his career, Raymer was General Manager/Director of the Clinical Information Systems Division at Nellcor Puritan Bennett/ Mallinckrodt Corporation, the world's foremost supplier of pulse oximetry and a leading supplier of airway management (ventilator) devices. In this role, he oversaw marketing, engineering, operations, training and support activities, and led the market launch of a point of care system for mobile health care workers, as well as a wireless ventilator monitoring product. During a 10-year period, Raymer led a start-up operation to a consistent level of quarter-by-quarter profitability. At Continental Healthcare Systems, Inc., he served as Vice President of Marketing, responsible for the definition and market position of multiple hospital information systems--including automated pharmacy and materials management systems--as well as product management and marketing communications. Chairman Gordon. Thank you, Mr. Raymer. Right on time. Mr. Barnes. STATEMENT OF MR. JUSTIN T. BARNES, VICE PRESIDENT OF MARKETING, CORPORATE DEVELOPMENT AND GOVERNMENT AFFAIRS, GREENWAY MEDICAL TECHNOLOGIES, INC. Mr. Barnes. Thank you very much, Chairman Gordon, Ranking Member Hall, Dr. Gingrey, and distinguished Members of the Committee and staff. My name is Justin Barnes. I am the vice president of marketing and government affairs for Greenway Medical Technologies, a leading provider of integrated electronic health record practice management and inter- operability-software solutions for physicians practices. It is always a great honor and pleasure to work with Members of Congress and their staff, as I believe we all have a common goal to shape the face of the health care industry by utilizing the vast contributions that you have heard about today that IT offers health care providers, patients, and payers in achieving goals of reduced medical errors, lower costs, better quality, and improved efficiency within our nation's health care system. In addition to representing Greenway, I am a board member of HIMSS Electronic Health Records Vendors Association, the EHRVA, which is comprised of the Nation's leading EHR companies, currently representing roughly 96 percent of all EHRs implemented in America today. In addition, I reside on the Board of the National Governors Association Health Information Protection Task Force and the Certification Commission for Healthcare Information Technology, CCHIT, Privacy Expert Panel. My perspective today will be that of a small business software and services provider that is actively engaging every facet of the health care industry to support developing a national strategy for the widespread adoption of health- information technology and for converting this adoption into quality and efficiency improvements. The faster we align incentive, technical standards, and guideline requirements, the faster we improve care, increase quality, contain costs, and save lives. This statement focuses on Greenway's and our industry's dedication to assisting Congress, the U.S. House Committee on Science and Technology, and the National Institute of Standards and Technology in their goals of supporting the integration of the health care information enterprises. In this pursuit, Greenway, HIMSS, and the EHRVA support a truly transparent process and equal cooperation of public and private entities. This collaboration has proven, recently, to reduce barriers with federal regulations as well as barriers with harmonizing standards. Over the past few years, Greenway and the entire health care industry has made significant strides with EHR adoption, standards convergence, inter-operability, and improving ROI for long-term sustainability of our nation's health care transformation process. Specifically, Greenway customer practices now have the opportunity for inter- operability among their local community which encompasses regional care providers, patients, and hospitals. Our customers alone have realized annual $21,000 to $81,000 on post- implementation return on investment per physician. With paperwork reduced, collections increased and coding improved, physicians provide a higher quality of care and also operate a more efficient business. While HIT and EHR adoption currently grows at a record pace, we possess the responsibility to ensure that every policy enacted and every rule that is proposed must sustain our current investment and progress. We applaud the focus that the President, Congress, and HHS have applied to this industry transformation, but we must ensure that all decisions are created by entities that have the essential experience, dedication and factual evidence necessary to put plans and policy in place. An example of a Greenway-, HIMSS- and the EHRVA-endorsed article of legislation is H.R. 2377, the ADOPT Act of 2007, which uses section 179 of the tax code to provide physician purchasing incentives that can further increase HIT adoption by reducing upfront practice costs of the first year of EHR implementation. This bill has currently been introduced in the House. Greenway applauds the efforts to authorize NIST to increase its efforts in support of the integration of the health care information enterprise. NIST already plays and import role in public and private sector collaboration, such as Integrating the Healthcare Enterprise (IHE), and the Health Information Technology Standards Panel (HITSP), and that role should be maintained. In addition, NIST should be encouraged to work collaboratively to make these initiatives even more effective, and Congress can assist by formally recognizing HITSP in any legislative language. HITSP is a best practice because of its public and private collaboration, transparency, and use of multi-stakeholder processes like IHE. IHE has a 10-year legacy of standards and testing harmonization with global ramifications, and for that reason, it is imperative for NIST to recognize HITSP and IHE processes. From a financial investment standpoint, it is estimated that the private sector has invested $50 to $100 million, collectively, in the past few years following IHE, HITSP and certification initiatives, and that has resulted in the important areas of HIT adoption and inter-operability. More momentum has been created nationally and internationally in these areas than ever before. While this momentum could be better, it is crucial that influential bodies like Congress, the President Administration and NIST work together to maintain this impetus and not create alternative de facto testing standards or certification authority. It is an exciting time to help and guide and sustain the momentum in the health care information technology industry. We have the opportunity to create the most efficient health care system in the world, and while this is daunting challenge, it is certainly achievable. If we continue to work together in public and private collaboration, build on present successes with HITSP and take the prudent and fiscally reasonable steps necessary, we will achieve health transition goal and recognize the estimate $100 to $200 billion in U.S. annual saving with a fully integrated and inter-operable health care system. Speaking on behalf of the private sector, we are ready as an industry to continue our process and partnership with Congress and federal agencies in making these goals a reality. Chairman Gordon and distinguished Members of Congress and staff, I want to thank you for this opportunity and your dedication to the integration of the health care information enterprise. I hope my comments will help steer ideas and thoughts that can be transmitted into innovative policies shaping the future of health care in this country. Thank you very much. [The prepared statement of Mr. Barnes follows:] Prepared Statement of Justin T. Barnes Thank you very much Chairman Gordon, Ranking Member Hall and distinguished Members of the Committee and staff. My name is Justin Barnes and I am the Vice President of Marketing and Government Affairs for Greenway Medical Technologies, a leading provider of integrated electronic health record (EHR), practice management and inter- operability software solutions for physicians' practices. It is always a great honor and pleasure to work with Members of Congress and their staff as I believe we all have a common goal to shape the new face of the health care industry by utilizing the vast contributions that information technology (IT) offers health care providers, patients and payers in achieving goals of reduced medical errors, lower costs, better quality and improved efficiency within our nation's health care system. In addition to representing Greenway, I am a board member of the HIMSS Electronic Health Record Vendor's Association (EHRVA) which is comprised of the Nation's leading EHR companies currently representing roughly 96 percent of all EHR's implemented in America today. In addition, I reside on the board of the National Governors Association (NGA) Health Information Protection Task Force and the Certification Commission for Healthcare Information Technology (CCHIT) Privacy Expert Panel. My perspective today will be that of a small business software and services provider that is actively engaging every facet of the health care industry to support developing a national strategy for widespread adoption of health information technology (HIT) and for converting this adoption into quality and efficiency improvements. The faster we align incentives, technical standards and guideline requirements, the faster we improve care, increase quality, contain costs and save lives. This statement focuses on Greenway's and our industry's dedication to assisting Congress, the U.S. House Committee on Science and Technology and the National Institute of Standards and Technology (NIST) in their goals of supporting the integration of the health care information enterprise in the United States. In this pursuit, Greenway, HIMSS and the EHRVA support a truly transparent process and equal collaboration of public and private entities. This collaboration has proven recently to reduce barriers with federal regulations as well as barriers with harmonizing standards. Over the past few years, Greenway and the entire health care industry has made significant strides with EHR adoption, standards convergence, inter-operability and proven return on investment (ROI) for long-term sustainability of our nation's health care transformation process. Specifically, Greenway customer practices now have the opportunity for inter-operability among their local community which encompasses regional care providers, patients and hospitals. Our customers alone have realized an annual $21,600 to $81,500 post-implementation ROI per physician. With paperwork reduced, collections increased and coding improved, physicians provide a higher quality of care and also operate a more efficient business. While HIT and EHR adoption currently grows at a record pace, we possess the responsibility to ensure that every policy enacted and every rule that is proposed must sustain our current investments and progress. While we applaud the focus that the President, Congress and the U.S. Department of Health & Human Services have applied to this industry transformation, we must ensure that all decisions are created by entities that have the essential experience, dedication and factual evidence necessary to put self-sustaining plans and policy in place. An example of a Greenway, HIMSS and EHRVA-endorsed article of legislation is U.S. House bill 2377, the ADOPT HIT Act of 2007, which uses Section 179 of the tax code to provide physician purchasing incentives that can further increase HIT adoption by reducing up-front practice costs over the first year of EHR implementation. This bill has been introduced in the U.S. House. Greenway applauds your efforts to authorize NIST to increase its efforts in support of the integration of the health care information enterprise in the United States. NIST already plays an important role in public and private sector collaborations such as Integrating the Healthcare Enterprise (IHE) and the Health Information Technology Standards Panel (HITSP) and that role should be maintained. In addition, NIST should be encouraged to work collaboratively to make these initiatives even more effective and Congress can assist by formally recognizing HITSP in any legislative language. HITSP is a best practice because of its public and private collaboration, transparency and use of multi-stakeholder processes like IHE. IHE has a 10-year legacy of standards and testing harmonization with global ramifications and for that reason, it is imperative for NIST to recognize HITSP and IHE processes. From a financial investment standpoint, it is estimated that the private sector has invested $50 million-$100 million collectively in the past few years following IHE, HITSP and certification initiatives and that has resulted in a health care transformation in the important areas of HIT adoption and inter-operability. More momentum has been created nationally and internationally in these areas than ever before. While this momentum could be better, it is crucial that influential bodies like Congress, the President's Administration and NIST work together to maintain this impetus and not create a new alternative de facto testing, standards or certification authority. This is an exciting time to help guide and sustain the momentum in the health care information technology industry. We have the opportunity to create the most efficient health care system in the world and while this is a daunting challenge, it is certainly achievable. If we continue to work together in public and private collaboration, build on present successes with HITSP and take the prudent and fiscally responsible steps necessary, we will achieve our health care transformation goals and recognize the estimated $100-$200 billion of U.S. annual savings with a fully-integrated and inter- operable health care system. Speaking on behalf of the private sector, we are ready as an industry to continue our progress in partnership with Congress and federal agencies in making these goals a reality. Chairman Gordon and distinguished Members of the Committee and staff, I want to thank you for this opportunity and your dedication to the integration of the health care information enterprise. I hope that my comments will help steer ideas and thoughts that can be transmitted into innovative policies shaping the future of health care in this country. Thank you very much. Biography for Justin T. Barnes As a health care software executive and public policy expert, Justin Barnes manages Greenway's Strategy, Marketing, Corporate Development and Government Affairs departments. With a background in health care information technology (HIT), corporate operations and legislative policy, Barnes is responsible for building and executing Greenway's corporate strategy, industry and government relations. Barnes resides on several HIT and Electronic Health Record (EHR) industry governance boards and brings the essential continuum of experience from Silicon Valley Start-up's to Industry-leading Fortune 20 conglomerates. Prior to Greenway Medical Technologies, Barnes was a member of the founding team and Vice President of Sales Operations and Account Development at Healinx Corporation. Today, Healinx is known as the RelayHealth Division of McKesson and continues as the premier provider of secure online health care communication services linking patients, health care professionals, payors, and pharmacies efficiently, affordably and securely. Before joining Healinx, Barnes held several Sales and Operations positions with HBO & Company that subsequently merged with McKesson in 1999. He served under the Enterprise Group and was responsible for sales operations of the Pathways Smart Medical Record (SMR) application. Barnes has formally addressed Congress and the President's Administration on seven occasions between 2005 and 2007. Barnes has also been published in 27 journals, magazines and broadcast media outlets relating to national leadership of HIT and EHR adoption efforts. Elected and Appointed Governance & Advisory Positions Member of National Governors Association (NGA) Health Information Protection Task Force of the State Alliance for E-Health Board Member of the HIMSS Electronic Health Record Vendors Association (EHRVA) Board Member of Georgia Tech's Center for Health, Healthcare and Eldercare Innovation (CHHEI) Member of Certification Commission for Healthcare Information Technology (CCHIT) Privacy Expert Panel Co-Chair, Government Relations, National HIT Week Chairman of Membership Committee of EHRVA Member of HIMSS Advocacy and Public Policy Steering Committee Member of e-Health Initiatives Policy Work Group Member of EHRVA Government Relations Work Group Member of HIMSS HIT Advisory Council Member of HIMSS Government Relations Roundtable Discussion Chairman Gordon. I bet you were getting ready to say something good there. Mr. Barnes. Thank you. Chairman Gordon. We have only two minutes, so we are going to have to go vote. I hope we will be back in 15 or 20. And so the Committee will be in recess. [Recess.] Chairman Gordon. Ms. Williams, you had, I think, indicated some concern that there is a number of folks working on this issue, and would NIST just be one more, and there is going to be a problem. You know, hopefully that is not the case. I think the intention is that we need to have somebody that is going to coordinate these activities, and I would remind you back, I guess it was in 1990, that HHS was directed, through the Nutrition and Labeling Education Act, to develop standards for baby food. Eight years later, they didn't get it done, and so they turned it over to NIST, and six months later it was done. That is what we want to try to accomplish. And Ms. Kloss, you have generally been positive about the health IT standards panel process, of which you are a member, but as you point out, it is largely a voluntary organization with a lack of professional staff resources. For such a critical task as advancing health care IT and operability, doesn't it make sense that the primary-standards-harmonization work be guided by a federal agency such as NIST rather than a voluntary organization? Ms. Kloss. Well, we think it is quite important that this process remain a public/private process, and certainly the resources and services of NIST would be a huge additional resource to HITSP, but there does just need to be some public/ private mechanism because it is aiding adoption and learning as we go to---- Chairman Gordon. I think that you are right, and I think that is really the beauty of NIST in that it is a non- regulatory agency, so we can bring everyone together without fear of regulation. This is what they did a few years ago with financial data security. They brought the financial industry together, helped them through a collaborative process, set those common standards, not picking winners or losers, and then being able to have the test beds there to make sure that they would work. Mr. Raymer, you note that NIST has not yet been allowed to fulfill its role under the memorandum of understanding between NIST and HHS, and you further note some of the work NIST is doing through the MOU. So wouldn't you also agree that codifying this role at a central location to ensure development of technical standards would be a worthy endeavor? Mr. Raymer. Absolutely. I think the testimony, you know, covered a variety of things that we would encourage the Committee to look at with respect to what their role would be, but we clearly see that there is a need for NIST in the process. And we believe as it was originally conceived under the memorandum of understating, that that would be an appropriate direction for the Committee to head, with the caveats that we placed in the testimony. Chairman Gordon. And back to a real, live doctor, Dr. Silverstone, to what extent would improved inter-operability with health care IT systems in hospitals, labs, and other medial facilities give medial specialty practices the confidence to make the investment in health care IT? Dr. Silverstone. You know, physicians really need to know that the investment that they are making is going to be a worthwhile investment. I mean our practices are being challenged on a daily basis by reimbursement and inter- operability is that key that we need to know that the systems that we purchase are going to be able to work with other systems. You know, as a specialty physician, I am not the primary- care provider most of the time, and patients are referred to me, and when they are referred, we have to recreate the wheel each time. We have to recreate histories. We oftentimes have to repeat tests because we don't have access to the tests. Very often, patients have been cared for elsewhere, and we might be able to get that data in paper format. Often, we can't even get that. If we could get the data in an electronic format, then we would be able to continue to analyze the data and to put the data that we are creating alongside that and provide better patient care. So these standards, we feel, are absolutely critical. Chairman Gordon. That is how we save money and save lives. Dr. Silverstone. Absolutely. Chairman Gordon. And as I pointed out earlier, most Americans are treated by physicians and practices of five physicians or less, and with the reduction in reimbursements, with difficulties that many practices face right now, it is difficult to justify trying to make that investment, particularly if you are not comfortable that it is going to be a long-range investment, and that is that whatever software you are going to buy is going to still be the premium software, or it can be inter-operable with the various groups that you deal with. So that is what we want to try to accomplish. But we need to do more than that. The purpose of this bill is not to integrate it into the health care offices, but rather to establish, again, those standards so that software can be developed. Then, quite frankly, we go to Ways and Means and we go to the Energy and Commerce Committee, where we need to provide incentives, both in terms of making it a government standard as well as trying to--I would hope we can provide financial incentives for doctor and hospitals through rapid write-off or other types of ways that we would encourage them to get on this system. Dr. Silverstone. Chairman Gordon, I can't agree with you more. I mean this will absolutely jumpstart the whole process of making health information technology a cornerstone of American medicine and will enable American ingenuity to really flower. I congratulate you on this. Chairman Gordon. Well, again, I want to thank our witnesses for being here. My time is up. I would like to ask Dr. Baird to chair the Committee, and I am sure that Mr. Hall will give him plenty of help. Mr. Baird. [Presiding] Mr. Hall. Mr. Hall. Thank you, Mr. Chairman. Mr. Barnes, you said that the private sector has invested $50 to $100 on certification initiatives for HIT. If H.R. 2406 were passed into law, could that slow down the progress that has already been made to date, and if so, why. And if no, why not? Mr. Barnes. In its current form, I think it could be a disruption to the progress that we have made over the past several years. We are committed to the progresses that we have made. I outlined them in my statement. I think that NIST certainly has a role. We have outlined that here, on the panel, and also several Members up there. NIST does have a history of public and private collaboration, so as long as NIST followed those guidelines and processes, which I am sure they would, then they would certainly have a positive influence on the process. But completely owning the process and not working more collaboratively with HITSP and taking what HITSP has done by name, not just by process or anything else, but literally, by name, then I think we could slow down adoption and the progress that we have made. So if we could take specifically HITSP's progress and move that into a forum where NIST has authority and maintain its progress and build upon that as a foundation, then I would support that. Mr. Hall. Mr. Raymer, you said that NIST helped to pioneer ``role-based accessed-controlled technology that limits the type of information that can be viewed by any individual, depending upon that individual's function.'' Can you elaborate a little on that? Mr. Raymer. Yes, and specifically its role and application in health care is that as there becomes more widely available health-information system, a national health information infrastructure, we think the idea of role-based security is really critical so that those individuals that have the need to know during the care-delivery workflow at the appropriate time are given the appropriate access to the information that they need. We believe NIST could play an important role relative to those security standards that could be more widely adopted. And NIST has some history of having successfully done this in other areas outside of health care and inside of health care. Mr. Hall. And you also state in your testimony that you support an increase in NIST involvement, but not at the expense of the processes that are already working well. Would you elaborate a little on that, sir? Mr. Raymer. Well, I think Mr. Barnes covered that to some extent in his statement. It is just HITSP, we believe, has been a valuable process. IHE has a Connectathon that happens each year, where even a wider array of vendors each year are coming together to demonstrate the inter-operability of their products. So to the extent that NIST would derail current things that are working, we think that it would be better for NIST to apply their resources; like the one area would be compliance among the federal agencies. It is one of the largest purchasers of health care in the world, and certainly in this country. The government would greatly benefit from the utilization of standards, even within its own health care delivery system. So I think we have outlined in the testimony some specific areas that are gaps today. Mr. Hall. It is an area to be careful in, isn't it? Mr. Raymer. Yes, absolutely. Mr. Hall. And did you crank into your computer the fact that NIST has never before been a body that set policy? Mr. Raymer. Yes. Mr. Hall. You state in your testimony that you ``support an increase in NIST involvement, but not at the expense of the processes that are already working well.'' And you stated that. Now, do you believe that the passage of H.R. 2406 could potentially hurt progress that has already been made in health- information technology? Mr. Raymer. I think to the extent it circumvents or slows down the work of HITSP, of IHE, and other successful initiatives, it would be very damaging. I think that, you know, if the Committee listens to the testimony today, and I think focuses the bill on directing NIST towards the areas in which we are currently gapped from our National Health Information infrastructure and technology platform, that what you would do would be accelerate the rate of adoption, because you are ensuring that resources are being brought to bear in an area in which there is not appropriate focus today. Mr. Hall. Well, I think that is a good answer. And I think that when the Chairman introduces a bill, it is often that we need to support that bill if at all possible, but we need to point out the pitfalls that might show, and I think this is a very good panel to give us those answers. And I think my time is up, so I yield back my time. I will have some questions that I wasn't to submit to each of you in writing, and if the Chair agrees to allow us to do that--I ask unanimous consent that the panel be asked to answer our questions that we submit to them in conjunction with this hearing. Mr. Baird. Without objection. Mr. Hall. Thank you, sir. I yield back. Mr. Baird. I am sorry I wasn't able--I had another hearing, as we often do here. From what I hear the situation seems to be that you have got some positive initiative going forward that seems to be moving at pace. We all recognize that, and there seems to be consensus that, we need to adopt this as quickly as possible. The question is NIST does not necessarily have to approach this by saying we are kings here. We are going to set the standards for you. Do you have objection to NIST providing a facilitative role? Or maybe that is what you were saying, Mr. Raymer, a facilitative role to work together with the various established processes to see if they can't move things a little more quickly, because it seems that is going more slowly, so I want to open that up to anybody. And then, as part of that, how does H.R. 2406 relate to that in your judgment? Mr. Raymer. Well, to respond to your question about facilitation, we think that there are some important roles that NIST could play. One, as I mentioned before would be to ensure compliance to the standards by the federal agencies themselves, and the government would benefit from that. Secondly, as you go through any kind of collaborate, both public and private collaborative, like HITSP, having this be the coordination to ensure that the dialogue continues on the public side within the governmental agencies is kind of being that guiding, facilitation mechanism we think would be very good. The other area is that there is some good work that goes on with regard to testing and certification today, but as the standards move forwards, and let us say in the areas of role- based security, there may be a specific thing and specific role that NIST may play, then, in covering gaps of where certification or testing activities today are not appropriately validating the inter-operability between products. So we do view there to be a role of facilitation, both within government, outside of government, and more importantly, there could be specific roles that NIST might have in providing gaps that would accelerate the adoption of health care IT in the country. Mr. Baird. Ms. Williams, you seem to have something you want to add. You might want to hit your mic there. I am not sure it is on. Ms. Williams. Thank you. I generally concur with Mr. Raymer. We think that NIST could probably play a strong role in enforcing the standards, perhaps in implementation of those standards. I am just not sure that they are the appropriate group to bring the public and private sectors in step. Mr. Baird. Ms. Kloss. Ms. Kloss. I would add that, with respect, specifically, to the Certification Commission for Health IT and the work Mr. Raymer just referred to, that organization is now beginning to build a testing resource and is hopeful that there will be collaboration and that NIST will bring its expertise in building testing beds. Secondly, certainly, bringing forth standards in the area of security would be very valuable to the work going forward. And thirdly, as I mentioned earlier, we think we need a new mechanism study on how to look at clinical terminologies and classifications and bring that more robustly and squarely into the standards process. Mr. Barnes. I actually would like just to add just a little bit to that and especially where NIST, if they were involved before now, could have played a more positive role. In the area of CCHIT and certification, they have chosen a testing bed called miter, and whereas that could be considered a duplicative process because they could have chosen IHE, which NIST has been very involved in. And from a vendor standpoint, that is expensive for us. We now have to create tools to work with miter and their testing bed, and we have tools already that we paid for and use on IHE. So there certainly is a role for NIST in this. I almost wish it was a little bit, maybe sooner regarding that CCHIT item. So that is certainly to continue on in their efforts. Yes. Mr. Baird. One of the things we are working on elsewhere in a different committee is this whole issue of national health care, and I am a big believer in that you ought to give patients upfront information about what their options are and what the empirical data are and what their costs are, and I think that ought to be standardized across insurance policies, so we all get the same kind of information. Is that kind of issue being addressed? Or is it right now, you are focusing mostly on the technological aspect? But that is related, because will your technology allow for that kind of data, both collection and presentation to patients? Ms. Kloss. I would comment that that was the reason behind our discussion on classification and vocabulary as a type of standard that we feel have not gotten sufficient attention. It really is the common language of medicine that will allow this information to be understandable across the industry, and more work needs to be done on that to bring together disparate processes for developing, maintaining those systems and keeping them up to date, creating crosswalks between them, all of this internal information-management work. Mr. Baird. Thank you. My time has expired. I want to yield to Dr. Gingrey. Mr. Gingrey. Dr. Baird, thank you. You know, the entire hearing has been very, very informative, and of course, with the background of the Chairman's bill, I think all of us want to understand exactly what role that NIST will have in regard to, if this legislation is approved. And I guess my main question is, the President said a couple of years ago that we want to have a fully integrated, inter-operability, electronic medical records systems by 2014, I think, was the deadline. I think we ought to get there, hopefully, before then. I think the need is so great. When we sit here and talk about the various studies that suggest the amount of savings anywhere from $75 billion to $160 billion a year, and we just vote on a bill, the S-Chip program, which is by anybody's standards a fairly massive expansion, we still have 40 million people in this country uninsured. We have got other needs, war-fighting, not the least of which. I mean so we are talking about real money here. And the quicker we can get to the point of achieving those savings and saving lives, the better. So I guess the main question for all the witnesses--I will start with Mr., Barnes, my friend from my district from a courtesy--but you know, is there something about what we have been doing with the national coordinator, the HITSP that just gets into the realm of moving too slow, foot-dragging, not getting the job done? And what is that NIST can do to put on the afterburners, if you will, to make it better, and to not to--I think Mr. Barnes was expressing some concern about what would happen to the small vendors, and Mr. Raymer, too, in regard to the large vendors, GE, if you have already gone down a certain road, based on what ONC and HITSP have recommended, then we don't want to undo all of that process. So that is really my question: what can we do to make it better, other than the fact that maybe NIST is more recognizable acronym than HITSP or ONC. Mr. Barnes. Thank you very much, Dr. Gingrey. Most certainly, there has been a lot of work and progress over the last couple of years, through the ONC and leadership through HHS and by the President. And this progress, I don't think it is going to be--hopefully, it will not be undone, but you have seen--you have heard in my testimony that though standards harmonization certification, we have really increased adoption. We obviously could have done it better. There is always a better way to do items and perform tasks, but in my personal opinion, I think it has gone as smoothly--actually surprisingly smoothly, as any of us have anticipated. GE and my company, we, initially, when we were embarking upon learning about certification and standards harmonization, we certainly, naturally, had a lot of questions and concerns, and I think, now, speaking for my company directly, we were pleasantly surprised on the progress and how our investment that we have made--my company alone has made over $500,000 in investments in this, and not just on the personal investment side, but watching what this has done in the industry, watching inter- operability come together. So it is exciting. I mean we are watching our customers. We have got 17,000 across the county that just came from a user conference, and they are excited. They are seeing how inter-operability is changing their lives, their patients' lives. So it out there. It is successful. It could be better. This is where NIST can come in. I mean they have essential experience. They have long- valued experience in this area of standards and testing, and so I think bringing that knowledge to bear within the current processes would be invaluable. So I mean I certainly would encourage NIST. The more minds that come together to make this a better process, I think is certainly welcome, just not to modify or derail all of the progress that we have invested in. Mr. Gingrey. I am short of time, but I welcome any other comments in regard to that. Ms. Williams. Ms. Williams. It is a daunting challenge that we have, and I would say that IT is a tool to help us solve a complicated problem in the health care system. It isn't that we don't have any standards. Part of the problem is that we have too many standards. The National Alliance for Health Information Technology did a survey recently, and the result was that, in fact, we have over 2,000 standards in the health care industry, with over 400 organizations that are either developing standards, maintaining standards, or licensing standards. So we need to invest the authority in some coordinating body to sort through all of this. That starts with a vision, and the President laid out a very high-level vision for what we need to achieve by 2014. We need to agree on a common vision, you know, sort of on how we are going to get there, and then we need to agree on a set of standards that will help us get there. That would be sort of the rules of the road or the roadmap. So we need a common vision; we need standards; we need a roadmap; and then, we need an implementation process. And perhaps--NIST definitely has role there in perhaps enforcing and helping with the implementation process. Mr. Gingrey. Thank you. My time expired. And thank you, Mr. Chairman. Mr. Baird. Thank you, doctor. Mr. Wu. Mr. Wu. Thank you, Mr. Chairman. My apologies, I was called away earlier for what I thought would be a quick vote, which took a long time, and now, I have been told again, I have been called for a quick vote in my other committee, but I will risk that briefly. And I want to ask this panel a non-standards- oriented, a non-NIST-oriented question. In a field hearing and in roundtables that we held on this topic, in addition to the challenge of inter-operability and standards, there are other significant barriers to adoption of health care IT, one of them being the misalignment of cost and benefits. For example, if a small medical group were to adopt health care IT, they would have to bear the preponderance of costs, whereas a preponderance of benefits would go upstream somewhere, if you will, to Medicare or an insurance company and so on. Do you have thoughts on how to either better align these financial costs and benefits or for some way for the beneficiaries to help finance the cost of health care IT? Mr. Raymer. Well, certainly, GE has been a large purchaser of health care services in this county and are concerned about the misalignment that takes place today in the care-delivery environment. I think the movement towards pay for performance, I think, is an important movement, and to have part of the pay for performance tried in-process clinical measures that are only possible when you have an electronic system in place. So you can choose to do it on paper, but your cost of reporting that in an in-process basis would be more expensive than the cost of the system itself. Also, I remind you that CMS put of 1303-P last fall, which provided a relaxation of Stark and a Safe Harbor or health care entities to offset the cost of donation for physicians. I conducted research last fall---- Mr. Wu. Mr. Raymer, my apologies. Let me interrupt you. This time, they tell me it is really for real, and it is really urgent, but I would like the witnesses, if possible, to proceed to answer the questions, and I look forward to reading the answers, and my deepest apologizes to you all for this multiple-ring affair that we have going in the Congress. Mr. Raymer. Well, I was just going into 1303-P last fall, created Safe Harbor and the exception to Stark to allow health care entities like hospital systems or integrated delivery networks to offset up to 85 percent of the cost of the EMR for physicians. I did research last fall with an independent group that identified that that regulatory change will stimulate adoption and probably likely double the rate of adoption over the next three years by physicians. So you know, I think it is a combination of a move towards pay for performance that is based on in-process measures. And the number-one barrier for adoption for physicians in studies that we have done is all about economics. And so if you couple, you know, that reimbursement will be better when you provide better care, and the methodology by which you do that is--IT is one tool to accomplish that. Ms. Kloss. I would add that we also have to guard against any failure in implementation. That is these implementations need to go very well, and we need to be seeing providers really benefiting from the technologies, and so the work that you have done on workforce development is key, and additional insights into best practices and workflow improvements. So it is not just getting them in. It is really making them work well and return. Ms. Williams. And I would add that that is an ongoing process. In my written testimony, we did outline that hospitals with more advanced IT systems than what physicians currently have could provide help in both hardware and software implementation and ongoing support. But we can't do so today because the physician-referral or Stark regulations. Those have been recently relaxed to some extent. We would like to see the relaxation made permanent. Dr. Silverstone. My perspective is a little bit different, because it comes from the trenches. It comes from the physician's office. And I have talked to many, many physicians over the years, especially specialists, and they really want this technology. They can see that at its best, this technology can really help them to provide exceptional care to patients and make that exceptional care the norm. But there is a tremendous problem with the cost, and there is a tremendous fear with the cost. And physicians are small businessmen. Most physicians do not have very, very close ties to hospitals and don't want those ties. They want to remain independent business concerns, and they want to be able to control their lives. And they need to be able to afford it, and they need to be able to know, going into the future, that they will be able to continue to afford the technology. So the financial aspects, yes, are a major one, and the financial aspects really need to be addressed. Physicians are also looking at what it takes to maintain these systems in their offices, and as soon as you get inter-operability, as soon as you get standards, as soon as you take your hundreds, and hundreds of sets of standards and get an organization that can combine them and can take the best of all of the sets of standards and really make them routine, then you are producing a system that requires less maintenance and a system that physicians' offices can really afford. I have the advantage of being in an 11-doctor practice. In that practice, we have a full-time HIT person, a full-time person to manage our networks and our systems, and most practices can't afford that. Mr. Barnes. I would like to follow up with a quick comment here. Mr. Baird. It is going to have to be real quick, because I have a couple of other Members who want to---- Mr. Barnes. Well, just real quickly, I think that if I was a physician, I wouldn't think about not investing in technology. They do need to streamline their practices. Most of my customers, which I have a very hands-on relationship with, do not have any HIT staff in their office. They are four-, five-, and six-doctor practices across America, and if you have the right system made for your specialty, you do not need--I am saying that if they do their due diligence, they will receive the benefits. Mr. Baird. All right. Dr. Broun. Mr. Broun. Thank you, Mr. Chairman. I am a physician. In fact, I am a primary care provider and I have done a full-time house-call practice the last few years just prior to just recently being elected to Congress. When I was in an office, and then as a sole practitioner, I looked into doing electronic medical records for my own patients, and what I found after doing a through investigation is, frankly, I could not afford it. I don't have Dr. Silverstone's blessing of having a large practice of being able to afford a full-time IT person, and so I think affordability, practicality for small, community practitioners--sometimes we have one, two or three doctors in a practice who want to be independent, who is not tied to a hospital. It is a certainly a tremendous probe that we need to face, and I could not overcome the cost, as well as it was difficult for me to try to figure out how to go up the learning curve to be able to integrate information technology into my own practice. The other thing is our local hospital in Athens, Georgia, I have talked to the administrator recently, and they are trying to develop an IT system through Athens Regional Hospital where all of the doctor in the community are all tied into one computer system, and I think that is a very laudable goal, but the thing that concerns me is privacy and confidentiality. I would, in my own practice, all of my employees knew that if anything went out of the door of my practice, it was immediate grounds for dismissal, no questions asked. Fortunately, I never had to dismiss anybody. But last year, the U.S. Department of Veterans Affairs announced that the theft of laptops contained information concerning, I think it is 26.5 million veterans and active-duty military members, and we have government workers losing laptops all of the time with confidential, even top-secret information, on those computers. And it just really concerns me that people social security numbers, not only in these instances that I just mentioned, but as a medical doctor, I am really concerned about the privacy of my patients and the confidentiality and when you set up this information sharing, I see a very real potential for discrimination against parents for insurability, discrimination in hiring practices, and these types of things. So could you all please answer to me how we can ensure that confidentiality, how we can prevent the discrimination to my patients in a new IT type of world. Mr. Raymer. I will take that to start with. I think that the conundrum you are in is that the paper record is also not very secure, so the reality that is if you walk into a hospital today, and it has got a lot of paper charts, there is ready access to the public to that. The majority of technology solutions that we are talking about is not having the data stored in one location, but more of a federated model where the data resides back in the practice, and the individual practice has control of that, and that you, when you have a patient referred into your practice, that you, with the appropriate credentials, have the ability to go out under the patient's HIPAA concurrence to go out and secure other relevant data, whether it be problem lists, medication, allergies, which are all important things that you would like to know about a patient being referred into your practice. So we do believe that NIST can play a role, particularly in the security and privacy side. And my testimony talked about the need for role-based security and how critical of importance that will be, so you know, I think that it is certainly something that is internalized, but it is very personal, so that one thing you can say about health care is it affects everyone in this room. And so I think that in both the public and the private area GE is very concerned about this very issue as you look to the future of genomics, which is a whole other universe of personal medical information that, you know, could be accessed, so it is a big concern that we have. Ms. Kloss. I would add that the Certification Commission for Health IT in the foundational testing that they are doing for all certified electronic health records is meeting certain privacy and security common standards and that those are being ratcheted up over time as all of us learn to use systems with more robust certification and privacy controls. So I think that is one of the step-wise processes in the standards deployment now. What we have, however, and what the e-Health--the State e- Health Alliance and other groups are looking at is the wide disparity among states and how, in fact the current law is actually being put into place. We just do have more need for education across the board and practices. It is not all technology standards. Mr. Baird. Those buzzers you have been hearing means we have a vote underway, and so we have just enough time for Mr. Akin to ask a couple of questions, and then we will---- Mr. Akin. Thank you very much, Mr. Chairman. Actually, one of the questions was asked--I was just curious about the, you know, legal problems, but in terms of data security, is that something that we have to change the laws, because we get pretty hyper-sensitive about anybody, you know, knowing whether you had a 101-degree fever or something? I mean it wasn't quite that bad, but we really go pretty hyper about his. Do we have to change the laws any in that regard, and is that a big problem? Mr. Barnes. I will start with that one. I think that that is probably being scoped right now. I mean I sit on the National Governor's Association Privacy Board for that exact reason, and we are looking at all of the 50 states' privacy laws as well as HIPAA to see what recommendations that we will made to all 50 states and to Congress on does HIPAA need to be modified? Does it just need to be enforced? Better interpreter? Or what do we need to do across state lines? I mean every state sees consent and authorization differently, and so we are trying to provide guidance, and that is underway, currently, right now. We meet every month to discuss this and should have some further recommendations at the end of this year, so I don't know if there is a yes or no answer quite yet. There might be by some panel---- Ms. Kloss. There is a gap, and that is the gap in genetic non-discrimination disclosure, where we have been advocating for law in that area, specifically to cover an area of vulnerability. Mr. Akin. You do need some additional protection, no easing off on things that already exist? Ms. Kloss. That is correct. Mr. Akin. Are there places where we need to ease off things where we are too strict, or not necessarily? Ms. Kloss. I think we have always viewed HIPAA as a floor, and that a floor, over time, as we gain more experience and get that in place, we should look to, you know, raising the bar as technology enable things like robust audit trails and other mechanisms to really keep raising the bar. And I think we need a commitment to that over time. Mr. Akin. I mean I was thinking--what I am talking about is maybe it was too high. I remember there were times that you couldn't tell the dentist that the patient had AIDS or something, and then you have people that are--their health is at risk and things like that. So I was wondering if we get--you know, if there was a balancing act. I mean it seems to me there would be a balancing act, not that you are always ratcheting something up. Mr. Barnes. I think that adding interpretation also might be an answer. It might be a regulatory guideline or regulatory interpretation, maybe not on the legislative side. It's in what you are trying to uncover because HIPAA is just misinterpreted, and so unfortunately, people interpret it as conservatively as possibly so they don't enter any hot water, so I think that is what we are still ungoverned. Mr. Akin. And then the second thing, is there--I used to work for IBM and the magnitude of this question is sort of mind numbing to me, but is there any single organization now that can do some systems design and at least define some interfaces so that as people design systems that the things can plug together at the--or is this something that is still--but is there any one, single organization that is trying to define what the system might look like? Mr. Raymer. Well, certainly, there is from a standards standpoint, a definition. No one is trying to write a standard that defines one system. In the State of Vermont, GE happens to be the provider of the regional health information infrastructure in that we are providing a product, but there are other states that are doing something similar. We are all leveraging the same work product that is coming out of HITSP, so the standard shouldn't define a de facto product solution. The standard should define what a product should look like, and then there should be the incentive, commercially, to develop a system that is responsive to those standards. Mr. Akin. So it is a two-tier thing. You have some standards, and then you let the private sector work those, and that is the way we--because those of us in government are very sensitive to the fact that, you know, we are not effective as business in terms of being able to put products in good quality. You know, at the same time, there needs to be some kind of guidance, and so is that balanced? You think that this bill sets that balance about right from what you see? Dr. Silverstone. I would agree with that. I would say that is exactly what it does do: it provides the framework, the foundation that enables the private sector to be able to come in and create the programs and the systems that we need. Mr. Akin. And my hope is--of course, all of us can see the benefits of it. I am a prostate cancer survivor, so you say you got to go see--you are going to get surgery and this and that, and if those statistics are really recorded well, it is going to be a tremendous tool, medically, to know all kinds of different things. But yes, I am hoping the day will come when the individual practitioner--that there is stuff that is cheap enough off the shelf and that it is not too complicated, but I also walk into a room with computers, and they start laughing, so I am one of the guys that needs two IT people. Thank you. We have got to go vote. Mr. Baird. Mr. Akin, we are down to five minutes. I want to thank the panelists and the witnesses and everyone else who attended here. I also want to thank my colleagues. The record will be open for additional statements for two weeks for Members and for answers to any follow-up questions. If you have additional things that we didn't cover, but you feel are important to submit for the record, please do that, and Members, of course, have that prerogative as well. And with that, the hearing stands adjourned. Thank you all very much. [Whereupon, at 12:15 p.m., the Committee was adjourned.] Appendix 1: ---------- Answers to Post-Hearing Questions Submitted to David E. Silverstone, Clinical Professor of Ophthalmology and Visual Science, Yale School of Medicine; Assistant Chief of Ophthalmology, Yale-New Haven Hospital; Practicing Ophthalmologist, The Eye Care Group, New Haven, CT These questions were submitted to the witness, but were not responded to by the time of publication. Questions submitted by Chairman Bart Gordon Q1. What are the major factors that discourage medical specialist practices from investing in health care IT (HIT) systems? To what extent would improved inter-operability with HIT systems at hospitals, labs, and other medical facilities give medical specialty practices the confidence to make investments in HIT? Q2. How could an inter-operable HIT system better enable practicing specialty physicians to keep up-to-date on the latest medical treatments and diagnosis procedures? How do specialty physicians currently track the latest advances in medical information and the recommended best-practice treatments in their field? Q3. How are the needs of specialty medical practitioners different from those of hospitals and general-medicine providers? What are some examples of these needs, and how can HIT standards be made flexible enough to accommodate the needs of specialists? Questions submitted by Representative Ralph M. Hall Q1. I understand that the Administration supported establishment of a health IT standards harmonization process in 2006 through the Healthcare Information Technology Standards Panel (HITSP) which has made considerable progress over the past two years in the development and harmonization of data and technical standards for inter-operable health information exchange. How do you see this bill building on the current standards harmonization process through the HITSP? Q2. In August 2006, the President issued Executive Order 13410, which requires federal agencies to utilize, where available, health information technology systems and products that meet inter-operability standards recognized by the Secretary of Health and Human Services. The American Health Information Community (AHIC) has recommended several sets of standards that HITSP has developed or harmonized. How do you feel this bill would affect that process, given HHS' expertise in health IT standards? Answers to Post-Hearing Questions Responses by Noel Brown Williams, President, Senior Vice President, and Chief Information Officer, Hospital Corporation of America Information Technology and Services, Inc. Questions submitted by Chairman Bart Gordon Q1. You have suggested the problem with adoption of health care IT (HIT) is that the industry has not yet selected a single set of inter- operability standards and gotten consensus among health care stakeholders to use those standards. Given NIST's long history of acting as a neutral government body working with industry and other groups to select consensus technical standards in a broad array of technical fields, isn't NIST well positioned to guide this very necessary standards-selection and standards-buy-in process? A1. The short answer is yes. NIST is well positioned to play an important role in the standards selection and buy-in process. The lack of a single set of inter-operability standards is just one reason for the slow adoption of HIT. While the best standards are created through a consensus process, there must be commitment on the part of stakeholders to make the necessary investments to implement those standards. Commitment to implementation involves vendors, providers, laboratories and a broad array of stakeholders with a legitimate need to share health data. NIST could make a valuable contribution to this piece of implementation. Other components of the commitment process include initial financing, maintenance costs, payment and privacy policies, as well as quality reporting and other issues we believe are best resolved by other efforts and agencies already in place. Q2. You cite as one example of the lack of HIT standards the fact that there is no standardized method to associate a patient with his or her medical records. What is the consequence of this lack of HIT standards, and what does it prevent health care providers from being able to do for patient care? A2. The lack of a standardized method to match a patient with his or her medical record is a fundamental problem that must be resolved before we can attain the vision of an interconnected, nationwide health information network. A provider can never be 100 percent certain that the record under review belongs to the right patient without such measures in place. Both false negatives and positives have consequences and could affect patient safety, as well as expose the physician to liability if the wrong information is used during an episode of care. Q3. How would a fully inter-operable HIT system within the Federal Government advance the adoption of HIT in the private sector? A3. A fully inter-operable federal HIT system would advance the adoption of HIT in the private sector by demonstrating, once in place, that inter-operability reduces costs, improves patient safety and the efficiency of the care process. Furthermore, a government system could be used to pressure the private sector into compliance with its system in order to expedite payments and claims handled by the Centers for Medicare & Medicaid Services. Questions submitted by Representative Ralph M. Hall Q1. I understand that the Administration supported establishment of a health IT standards harmonization process in 2006 through the Healthcare Information Technology Standards Panel (HITSP) which has made considerable progress over the past two years in the development and harmonization of data and technical standards for inter-operable health information exchange. How do you see this bill building on the current standards harmonization process through the HITSP? A1. This bill builds upon the progress already made by HITSP by adding NIST's expertise to transform the result of HITSP's consensus-based decision-making process into a set of tools and guidelines that would enable the implementation of the decisions made. HITSP's expertise is in guiding stakeholders to consensus on which standards should be used; NIST takes it to the next logical step of implementation. Q2. In August 2006, the President issued Executive Order 13410, which requires federal agencies to utilize, where available, health information technology systems and products that meet inter-operability standards recognized by the Secretary of Health and Human Services. The American Health Information Community (AHIC) has recommended several sets of standards that HITSP has developed or harmonized. How do you feel this bill would affect that process, given HHS' expertise in health IT standards? A2. Given the uncertain future of AHIC and its role in this process, this bill would allow NIST, HITSP, AHIC and HHS to identify where NIST's expertise could best be leveraged We believe NIST could, if positioned correctly, complement rather than constrain progress. Answers to Post-Hearing Questions Responses by Linda L. Kloss, Chief Executive Officer, American Health Information Management Association, Chicago, IL Questions submitted by Chairman Bart Gordon Q1. You noted AHIMA's support for the approach in H.R. 2406 of having NIST work on security standards for health care IT (HIT). How important is robust security and confidentiality of medical information for the broad public acceptance of HIT systems? How can it best be achieved? A1. AHIMA members, health information management (HIM) professionals, believe that for public acceptance of HIT and electronic health information exchange (HIE) there must be trust that the electronic systems and manual practices involved include the necessary functions or steps taken to secure their personal health information (PHI) and maintain confidentiality subscribed to in the agreements between consumers and entities that hold or transfer PHI. In addition to a number of confidentiality practices and physical security, ``security'' includes a number of software elements including, but not limited to, identification and authentication, access controls, system audits and access tracking, data integrity, and so forth. Security is not a new issue in the exchange of health information. HIM professionals have made this a key element of our practice for decades, but when it comes to having acceptable standard security software systems; the health care industry has remained behind other industries. Development of functional security standards have been an important activity of NIST, and AHIMA believes the resources of NIST in combination with health care industry oversight must be brought together so that the industry can have available the security tools and resources necessary to combine with conscientious confidentiality practices in order to ensure the public's trust in our collection, storage, and transfer of their PHI. Although not under the jurisdiction of NIST, AHIMA believes that penalties are an essential element of robust confidentiality requirements and building broad public acceptance of HIT systems. Penalties need to be severe and should encompass security and confidentiality breaches along with non-compliance with laws, regulations and standards. The HIPAA Privacy Rule has now been in effect since April 14, 2003 (April 14, 2004 for small health plans) and non-compliance, at this stage, is inexcusable. Q2. What are the research and development needs to ensure that advances in information technology and medical technology can be incorporated into HIT standards in the future? A2. Standards must be chosen that meet the current functional needs and can be harmonized with other standard that also must support a particular functional model. This means that the bodies harmonizing standards must review not only the potential transaction, terminology, or classification standard(s) involved, but also ensure that the body that develops and maintains the standard and subscribes to principles such as: <bullet> Transparent and open business practices by all participating organizations--this includes end users of the standard or the data included or represented by the standard, <bullet> Organization, mechanisms, and a timely process necessary to keep standards robust and up-to-date with current medical practices and technology (national and international). Section 201 of H.R. 4157, the ``Health Information Technology Promotion Act'' in the 109th Congress, provided good language to reduce the time and streamline the process to modify and update HIPAA standards, <bullet> Standard development principles and guidelines for development, distribution, and maintenance of systems and coordination across systems, <bullet> The provision of timely and reliable guidance on the use of the standard (also a role for any coordinating body). Q3. In your testimony you noted that there are over 2,000 standards related to HIT and over 400 organizations that either create, maintain, or license those standards. If the most important job in making HIT a reality is to work towards a single set of standards and get consensus on using that set of standards, isn't the leadership of a neutral government body such as NIST, with its long history of working with the private sector on consensus standards development, essential? A3. The numbers in your question were not part of AHIMA's testimony. Even so, there are many standards and many organizations. Yet, the issue of choosing or harmonizing standards remains. The active involvement of a skilled neutral group, such as NIST, will do much to accelerate the harmonization process, but there also has to be consensus and buy-in from the health care industry, which is currently operating on a public-private model--the Health Information Technology Standards Panel (HITSP) and the American Health Information Community (AHIC). Were the health care industry not so invested in this model, the NIST leadership role you suggest might be an acceptable alternative. However, the current Administration has pushed for a public/private model and the industry has invested considerable resources and time to make this approach work. We appreciate the Committee's acceptance of the roles of HITSP and CCHIT and working NIST into the current model will to help accelerate the harmonization process, support security standard development, and provide the needed testing mechanisms. Q4. What would be the benefits to public health, in terms of tracking disease outbreak, adverse drug reactions, or other issues, from a fully inter-operable HIT system? A4. Presuming the health care industry can arrive at uniform and consistent use of terminologies and classifications in electronic health records (EHRs); address confidentiality concerns through the use of good security standards, compliance and enforcement; establish the network and decision support necessary to determine reporting paths; and, use the same network to provide public health notices and guidelines, then the benefits of collecting data for population health purposes (public health, research, and similar reporting) are expected to be enormous. Currently, none of these activities and reporting mechanisms (networks) are in place. Most reporting is done by hand, systems operate in silos, and the classification systems in use are mapped in few systems, but not capable of reporting, in any detail, 21st century diseases or medical practices and technology. Moreover, because of our nation's inconsistent use of uniform and consistent terminologies, we are unable to efficiently exchange information with most of the international community including the World Health Organization and its Global Outbreak Alert and Response Network. This is severely detrimental to our ability to track the progress of outbreaks of diseases as avian influenza, SARS and potential bioterrorism events. Substantial efforts are underway to achieve this vision for population health. The Science and Technology Committee's attention to the terminology and classification standards coordination and improvements needed as well as the harmonization of transaction, functional, and security standards will give this movement a considerable boost. Q5. How could an inter-operable HIT system better enable practicing physicians to keep up-to-date on the latest medical treatments and diagnosis procedures? How could inter-operable HIT systems support decision-making by practicing physicians and other health care providers? A5. AHIMA would interpret ``inter-operable'' in this question to mean uniform and consistent use of contemporary medical terminologies and classifications as well as the adoption of a standard EHR and networked health information exchange (HIE). If the medical community is capable of reporting findings and questions in the same uniform and consistent language, then a variety of public and private organizations, including the CDC, AHRQ, NIH, NLM, and various private foundations and medical research organizations, can respond with what is known regarding a particular disease or problem and provide guidelines for how to respond. Currently, the language of medicine in the U.S. is not consistent or uniform which limits communication both to asking the question as well as providing an answer. The ability to use either uniform terminologies to exchange the actual health record, or classifications to identify diagnoses, procedures, and technology, must be detailed, and the ability to transmit such information uniformly then permits the use of computer technology to scan information and provide links to potential responses or experts. Today, most communication is visual and the data is limited, therefore reducing the ability and increasing the time to search the vast body of knowledge available. Time is a very important factor with physicians, both in the time they have available and the timely needs for information as they are treating individuals and reporting key information for population health purposes, research and so on. Q6. To encourage the rapid adoption of HIT systems by health care providers, it is important to guard against failures of implementation, which would reduce confidence in the benefits of HIT systems and make other providers reluctant to invest in them. How will technical test beds for testing HIT products help prevent implementation failures? What other actions can reduce the risk of implementation failures? A6. The technical test beds discussed in AHIMA's testimony were recommended to allow for certification of HIT products to ensure the purchaser that the product: included applicable, adopted (HITSP/AHIC) standards; provided the capability for inter-operability; and possessed the capability to be upgraded as the industry upgrades its standards, systems and system requirements, and so forth. HIT vendors must have their own test beds to ensure their products meet the industry and customer demands, and some of this testing could use the same technical test beds suggested for development by NIST and harmonization by HITSP. Vendors must also be able to test their product against any networking or HIE that exists in the purchasers environment. Implementation, however, is more than buying a good, a certified HIT product, that has the capacity to use uniform contemporary terminologies and classifications. Implementation requires careful planning, work flow and other administrative changes, new ways of doing business for the clinicians, patients, and the other professionals and administrative persons involved, and on-going maintenance and education after implementation has occurred. If successful implementation of a standard EHR and HIE is going to be accomplished across this country, a workforce of educated and trained health information management and informatics professionals must be present and available to the organizations, physician practices, and other entities involved with implementing these systems et al. The Science and Technology Committee took significant steps to address this need in passing H.R. 1467, and we hope that the Senate will soon pass complementary legislation. Questions submitted by Representative Ralph M. Hall Q1. How could an inter-operable HIT system better enable practicing physicians to keep up-to-date on the latest medical treatments and diagnosis procedures? How could inter-operable HIT systems support decision-making by practicing physicians and other health care providers? A1. AHIMA would interpret ``inter-operable'' in this question to mean uniform and consistent use of contemporary medical terminologies and classifications as well as the adoption of a standard EHR and networked health information exchange (HIE). If the medical community is capable of reporting findings and questions in the same uniform and consistent language, then a variety of public and private organizations, including the CDC, AHRQ, NIH, NLM, and various private foundations and medical research organizations, can respond with what is known regarding a particular disease or problem and provide guidelines for how to respond. Currently, the language of medicine in the U.S. is not consistent or uniform which limits communication both to asking the question as well as providing an answer. The ability to use either uniform terminologies to exchange the actual health record, or classifications to identify diagnoses, procedures, and technology, must be detailed, and the ability to transmit such information uniformly then permits the use of computer technology to scan information and provide links to potential responses or experts. Today, most communication is visual and the data is limited, therefore reducing the ability and increasing the time to search the vast body of knowledge available. Time is a very important factor with physicians, both in the time they have available and the timely needs for information as they are treating individuals and reporting key information for population health purposes, research and so on. Q2. To encourage the rapid adoption of HIT systems by health care providers, it is important to guard against failures of implementation, which would reduce confidence in the benefits of HIT systems and make other providers reluctant to invest in them. How will technical testbeds for testing HIT products help prevent implementation failures? What other actions can reduce the risk of implementation failures? A2. The technical test beds discussed in AHIMA's testimony were recommended to allow for certification of HIT products to ensure the purchaser that the product: included applicable, adopted (HITSP/AHIC) standards; provided the capability for inter-operability; and possessed the capability to be upgraded as the industry upgrades its standards, systems and system requirements, and so forth. HIT vendors must have their own test beds to ensure their products meet the industry and customer demands, and some of this testing could use the same technical test beds suggested for development by NIST and harmonization by HITSP. Vendors must also be able to test their product against any networking or HIE that exists in the purchasers environment. Implementation, however, is more than buying a good, a certified HIT product, that has the capacity to use uniform contemporary terminologies and classifications. Implementation requires careful planning, work flow and other administrative changes, new ways of doing business for the clinicians, patients, and the other professionals and administrative persons involved, and on-going maintenance and education after implementation has occurred. If successful implementation of a standard EHR and HIE is going to be accomplished across this country, a workforce of educated and trained health information management and informatics professionals must be present and available to the organizations, physician practices, and other entities involved with implementing these systems et al. The Science and Technology Committee took significant steps to address this need in passing H.R. 1467, and we hope that the Senate will soon pass complementary legislation. Answers to Post-Hearing Questions Responses by Michael Raymer, Vice President and General Manager, Global Product Strategy, GE Healthcare Integrated IT Solutions Questions submitted by Chairman Bart Gordon Q1. How should NIST interact with the Healthcare Information Technology Standards Panel (HITSP), and in what ways would that interaction further the rapid adoption of consensus technical standards for health care IT (HIT)? A1. Interaction between NIST and HITSP is already occurring. Two areas that could enhance this interaction to accelerate adoption of standards are: 1. Utilize NIST's experience in security standards technology, e.g., role based access controls. 2. Leverage NIST to enforce the harmonization of a single set of test tools it has championed through its private sector collaboration with Integrating the Healthcare Enterprise (IHE). NIST has already played a key role in providing test tools/ methodologies to test conformance of HITSP standards. Q2. How would a fully inter-operable HIT system within the Federal Government advance the adoption of HIT in the private sector? A2. A fully inter-operable HIT system within the Federal Government would be a positive step forward if it would encourage further adoption of the HITSP specifications. This is important because it helps drive harmonization of standards throughout all of health care (public and private) and it would ensure the positive momentum that HITSP has encouraged the last two years. Additionally, use of the HITSP specifications would enable improved inter-operability between the VA and the DOD HIT systems. Q3. American patients are very concerned that HIT systems must protect the confidentiality of their personal medical information. How has NIST contributed to the security of HIT systems to date, and what further contributions could it make to ensuring patient confidentiality? A3. As we noted in our testimony, NIST is widely recognized for its expertise in security standards, most notably role-based access control standards and associated policy and processes for its implementation. This technology has been widely used in just about every economic sector, and NIST has helped champion its usage in the health care sector. In addition, NIST championed the development of the infrastructure standards identified by HITSP to enable secure exchange of health information in the Nationwide Health Information Network. NIST's collaborative involvement with IHE in developing these health information exchange standards has accelerated the ability to securely exchange health information not only in the U.S., but in health information exchange projects globally. The global use of these standards helps enable commerce and national security by promoting common standards to support clinical research and enable health information sharing for pandemic surveillance. Questions submitted by Representative Ralph M. Hall Q1. I understand that the Administration supported establishment of a health IT standards harmonization process in 2006 through the Healthcare Information Technology Standards Panel (HITSP) which has made considerable progress over the past two years in the development and harmonization of data and technical standards for inter-operable health information exchange. How do you see this bill building on the current standards harmonization process through the HITSP? A1. The bill would allow NIST to help existing collaborative efforts by using its subject matter expertise in areas such as testing and security standards development to accelerate the implementation of HIT standards in the private sector. It is critical to ensure that NIST support the positive momentum of multi-stakeholder efforts such as HITSP. Lending its expertise in the promulgation of security standards, working collaboratively with HITSP, would be a positive step. Q2. In August 2006, the President issued Executive Order 13410, which requires federal agencies to utilize, where available, health information technology systems and products that meet inter-operability standards recognized by the Secretary of Health and Human Services. The American Health Information Community (AHIC) has recommended several sets of standards that HITSP has developed or harmonized. How do you feel this bill would affect that process, given HHS' expertise in health IT standards? A2. For clarification, AHIC does not and did not recommend standards. Rather, AHIC provided areas of health care delivery that could be greatly improved through the use of HIT. Once these delivery scenarios (i.e., use-cases) were identified, HITSP then identified the standards necessary for HIT systems to enable these new ``use-cases.'' NIST does not have the expertise to determine what use-cases would impact U.S. health care. Nor does NIST have expertise in the health care-specific standards needed, including vocabulary and terminology standards. Therefore, the bill would not and should not affect those areas relating to health care delivery use-case prioritization or the health care specific standards related to their implementation. However, there are specific areas, such as security standards, information exchange infrastructure standards, and related testing tools/resource expertise that NIST provides. NIST also provides a culture of collaboration with the private sector that would benefit the health care sector. Answers to Post-Hearing Questions Responses by Justin T. Barnes, Vice President of Marketing, Corporate Development and Government Affairs, Greenway Medical Technologies, Inc. Questions submitted by Chairman Bart Gordon Q1. How are the economic incentives for investment in health care IT (HIT) systems different for small versus large health care providers? A1. Economic incentives tend to be more valuable for smaller physician group practices than larger physician group practices. The relative cost of HIT adoption is greater for a small practice because the costs are not shared by as many providers and stakeholders. In larger physician group practices, the cost of HIT adoption is usually shared over a greater number of providers and stakeholders, thus the ``per provider'' cost is lower. Q2. Can small practitioners expect a financial return on their investment in HIT systems in the same timeframe as large hospitals and large practices? A2. For the most part, yes. Smaller physician practices can expect a return on investment (ROI) from their HIT implementation in similar timeframes as larger practices. It may take an extra few months for smaller practices but in overall, both groups realize the ROI benefits 6-12 months after implementation. Sometimes even sooner if the practice thoroughly researched products and purchased an integrated and inter- operable electronic health record (EHR) that was proven to perform well in their specialty. This is a very, very important factor in recognizing ROI from HIT and EHRs. Q3. How could an inter-operable HIT system better enable practicing physicians to keep up-to-date on the latest medical treatments and diagnosis procedures? A3. Many of the leading HIT and EHR solutions today automatically receive regular updates electronically that keep treatments, protocols, procedures and coding updated. These updates are automatically integrated seamlessly into HIT and EHR work flows and are added monthly, quarterly, semi-annually or annually based on practice preferences. Q4. How could inter-operable HIT systems support decision-making by practicing physicians and other health care providers? A4. Many of the leading HIT and EHR solutions today have financial and clinical decision support tools and modules integrated into their functionality. Practices, colleagues, peers and medical associations can all share treatment protocols, best practices and much more to increase care quality through the utilization of inter-operable HIT and EHRs. Q5. How would a fully inter-operable HIT system within the Federal Government advance the adoption of HIT in the private sector? A5. Not sure it would unless it was referenced as an example or ``best practice'' on increasing care quality, saving lives and decreasing costs. If those were shown to be proven factors of a Federal Government HIT system, then it should lead the private sector to adopt and implement a fully inter-operable HIT system to ascertain those same results. I feel the issue here is that the Federal Government does not operate in a similar manner to the private sector so many do not compare or correlate results and experiences. Q6. Could you provide us with some examples of the drawbacks of a lack of coordination of technical standards in the realm of conformance- testing for HIT systems? A6. The drawbacks would be significant certainly in the areas of time, lives and money. Coordination of these efforts will get inter- operability promulgated much more quickly and therefore we begin increasing care quality, saving lives and decreasing health care costs more rapidly. If there is a lack of coordination, it would add on several more years to achieve full health care industry inter- operability and therefore unnecessarily reducing care quality, losing more lives to medical errors and increasing wasteful spending on duplicative measures. Questions submitted by Representative Ralph M. Hall Q1. I understand that the Administration supported establishment of a health IT standards harmonization process in 2006 through the Healthcare Information Technology Standards Panel (HITSP) which has made considerable progress over the past two years in the development and harmonization of data and technical standards for inter-operable health information exchange. How do you see this bill building on the current standards harmonization process through the HITSP? A1. This bill authorizes NIST, whose primary mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life, to increase its efforts in support of the integration of the health care information enterprise in the United States. NIST has a successful history of collaboration with Health Information Technology Standards Panel (HITSP) and Integrating the Healthcare Enterprise (IHE) and that role should be maintained. This bill further encourages this collaboration to make these initiatives even more effective, efficient and comprehensive. Q2. In August 2006, the President issued Executive Order 13410, which requires federal agencies to utilize, where available, health information technology systems and products that meet inter-operability standards recognized by the Secretary of Health and Human Services. The American Health Information Community (AHIC) has recommended several sets of standards that HITSP has developed or harmonized. How do you feel this bill would affect that process, given HHS' expertise in health IT standards? A2. This bill could negatively affect HITSP progress if NIST was authorized to lead any health care standards-creating, setting or harmonizing processes. Additionally, if this bill authorized the creation of any alternative health care standards outside of the HITSP process, that would be confusing and distracting to our current industry progress. It is best that NIST plays a supporting role in health care standards and continues their important collaboration with HITSP. Appendix 2: ---------- Additional Material for the Record Statement of Good Samaritan Hospital on behalf of the Mid-Nebraska Telemedicine Network Rural Telehealth Success Story: Mid-Nebraska Telemedicine Network Provided by Lesley A. Bollwitt-Maria, MPA Director, Grants & Special Projects Good Samaritan Hospital Foundation Kearney, Nebraska Mr. Chairman and Members of the Committee, thank you for this opportunity to provide testimony in support of the use of health information technology to enhance access to health care services. My name is Lesley A. Bollwitt-Maria, and I am Director of Grants & Special Projects with Good Samaritan Hospital in Kearney, Nebraska. One of my primary objectives over the last seven years has been to assist with the expansion and enhancement of the services provided through Good Samaritan's Mid-Nebraska Telemedicine Network. Organizational Description Good Samaritan Hospital (GSH) located in Kearney, Nebraska is a not-for-profit, 501 (c) 3, health care system affiliated with Catholic Health Initiatives of Denver, Colorado, a faith-based organization. Good Samaritan, a U.S. Designated Regional Referral Center, is a two- hospital system serving approximately 350,000 people throughout central and western Nebraska, northern Kansas and northwestern Colorado. The overall service area encompasses a region approximately the size of the State of Indiana. Good Samaritan is one of only three American College of Surgeons accredited Level II Trauma Centers in Nebraska. Good Samaritan serves as the hub facility for a thirteen member Critical Access Hospital Network and for the Mid-Nebraska Telemedicine Network, a Telehealth network including twenty-two rural hospitals located in both Kansas and Nebraska. Good Samaritan Hospital is also one of the founding members of the Nebraska Telehealth Network, a project connecting every hospital and public health department in the State of Nebraska for telehealth services. Members of the Sisters of St. Francis of Colorado Springs established Good Samaritan Hospital in 1924. Now licensed for 207 beds, Good Samaritan Hospital (GSH) is the largest regional referral center between Lincoln, Nebraska and Denver, Colorado. In addition, in 1987 Good Samaritan purchased Richard Young Hospital, an 80-bed behavioral health hospital also located in Kearney that provides care for children, adolescents and adults. Established in 1981, the Good Samaritan Hospital Foundation directs all fund-raising activities for the health system. The Mission of Good Samaritan and Catholic Health Initiatives is to nurture the healing ministry of the Church by bringing it new life, energy and viability in the 21st century. Fidelity to the Gospel urges us to emphasize human dignity and social justice as we move toward the creation of healthier communities. Defining the Problem: Increasing Access to Health Care Rural communities across the State of Nebraska are faced with the challenge of providing access for all citizens to quality health care services. Numerous barriers exist which make this challenge even more daunting. These barriers often include: distance to specialty health care services, hazardous driving conditions due to harsh Nebraska winter weather, lack of a state-wide public transportation system, increased poverty for rural citizens resulting from the struggling farm economy, the increasing age of patients and the crisis level shortage of health care professions. According to the Nebraska Rural Health Plan for the Critical Access Hospital Program (2002), the rural health care system exists in a fragile environment. Rural Nebraska faces many challenges, including a loss of population in some areas, a growing number of uninsured and under-insured, and an increase in the Medicare and Medicaid populations. Given the lack of employment opportunities and the rising cost of health care these trends are likely to worsen over the next few years. Additionally, the report indicated that about 19 percent of the state's population must travel for thirty minutes or more to visit a doctor. In rural areas, this travel time significantly increases when that doctor needed becomes a specialist. The distance of the rural communities from a tertiary care center can represent travel time of one to three hours one way. Travel also becomes more difficult as the populations of these rural communities age. The total percent of individuals over the age of 65 for the state averages 13.6 percent; however, in the rural areas, like central Nebraska, this percentage jumps to 21 percent. In most cases, a family member must accompany an elderly individual to their doctor's appointment in a larger community like Omaha, resulting in missed time away from work and family. This travel time becomes increasingly more difficult when the weather is bad. Improving Health Care Access Through Technology The use of technology to improve access to health care services in Nebraska is not new. Actually, Nebraska has the distinction of introducing the world to the concept of using video-conferencing for clinical applications. Leaders in the field of telemedicine/telehealth suggest that the current state of technology is moving from its second generation into its third. The ``first generation'' can be traced as far back as the 1950s. One of the earliest uses was at the University of Nebraska where psychiatric consultations were conducted on two-way closed circuit TV using microwave technologies. Established in 1994, the Mid-Nebraska Telemedicine Network is an interactive video and data network. The major functions of the Network are to improve quality and access to care, particularly in rural Nebraska and Kansas, to provide patient, provider and community education and to provide another communication source in the event of a natural, man-made or terrorist emergency. The Mid-Nebraska Telemedicine Network has the distinction of being one of the longest federally funded telehealth networks in the county with funding beginning in 1994 and continuing through today. The network was just awarded its third USDA/RUS DLT grant so funding will continue beyond 2007. Funding has been received through the Office of Rural Health Policy, Office for the Advancement of Telehealth (OAT) and the USDA/RUS DLT grant programs. These federal dollars have been put to successful use in improving access to health care services in rural areas, like Nebraska and Kansas. Since becoming fully functioning in December 1995, the network has totaled over 11,000 Patient Encounters, 30,000 Teleradiology, and 3,000 Educational Programs. Statement of Experience The Mid-Nebraska Telemedicine Network (MNTN) became operational in December 1995 as a result of a start-up grant through the Office of Rural Health Policy. The network included the hub site of Good Samaritan Hospital (Kearney) and five rural network members consisting of Tri-Valley Hospital (Cambridge), Cozad Community Hospital (Cozad), Callaway District Hospital (Callaway), Jennie M. Melham Memorial Medical Center (Broken Bow) and the Sargent Hospital (Sargent), Nebraska. In October 1997, the Good Samaritan Hospital Foundation received a second grant through the Office of Rural Health Policy. Through this second grant award, the MNTN expanded its services to include five additional rural hospitals located in Rock County Hospital (Bassett), Dundy County Hospital (Benkelman), Valley County Hospital (Ord), Phillips County Hospital (Phillipsburg, KS), Norton County Hospital (Norton, KS). In 1999 the Sargent District Hospital closed and Gothenburg Memorial Hospital (Gothenburg) took its place. In August 2000, the Office of Rural Health Policy awarded a third grant. Through this third grant, the Mid-Nebraska Telemedicine Network expanded its services to include the two additional rural hospitals of Franklin County Memorial Hospital (Franklin) and the Chase County Hospital (Imperial). In September 2004, the Good Samaritan Hospital Foundation received notification that the MNTN was awarded a congressionally mandated grant. Through this funding, six additional sites were added to the network. These sites included: Kearney County Community Hospital (Minden), Webster County Hospital (Red Cloud), St. Anthony's Hospital (O'Neill), Jewell County Hospital (Mankato, KS), Brown County Hospital (Ainsworth, Nebraska) and the Smith County Community Hospital (Smith Center, KS). In September 2005, the Good Samaritan Hospital Foundation was awarded the program's second congressionally mandated grant. Through this funding, two additional sites were added to the network. These sites included: Harlan County Health Systems (Alma, Nebraska) and Tri- County Hospital (Lexington, Nebraska). The Mid-Nebraska Telemedicine Network has also been a recipient of funding through the USDA-RUS Distance Learning and Telemedicine grant program in 2004, 2006 and 2007. Through the 2006 USDA-RUS DLT grant, two additional rural hospitals were added to the network: Community Hospital (McCook, Nebraska) and Phelps Memorial Health Center (Holdrege, Nebraska). As of 2007, the Mid-Nebraska Telemedicine Network includes one hub site (Kearney), which includes additional site capabilities in the education department, telemedicine room, emergency room, Family Advocacy Network and at the Richard Young Hospital campus, and twenty- two rural remote sites in both Nebraska and Kansas. Of the MNTN members, eighteen of the nineteen Nebraska members are certified as Nebraska Critical Access Hospitals (CAH). The only non-CAH facility is the hub/end-user site of Good Samaritan Hospital. <GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT> The mission of the Mid-Nebraska Telemedicine Network is to use technology to improve access to quality care by providing consultation and treatment in both routine and emergency situations, to increase health-related educational opportunities for providers and the community, and to provide a venue for health-related administrative meetings. System Uses: The Mid-Nebraska Telemedicine Network provides for a wide variety of uses, including: <bullet> Patient consultations including specialty areas (orthopedics, cardiology, neurology, oncology and others); <bullet> Behavioral Health video consultations; <bullet> Teleradiology and the transmission of other digitized clinical images in areas such as cardiology; <bullet> Connection to abuse examination and interviewing (Family Advocacy Network); <bullet> Trauma and emergency room care; <bullet> Continuing medical education for health care professionals; <bullet> Education leading to licensure or certification of health care professionals; <bullet> Education for emergency services providers; <bullet> Administrative meetings; <bullet> Support groups and community education programs; <bullet> Emergency communications and bioterrorism preparedness training; <bullet> Video medical interpreting services for persons who do not have English as their first language. In addition, the Nebraska members of the Mid-Nebraska Telemedicine Network are also connected into the Nebraska Telehealth Network, which helps to promote the long-term project sustainability. Good Samaritan, as a leader in Telehealth activities in Nebraska, has served as the catalyst for the development of the statewide Telehealth network. The Nebraska Telehealth Network is an interactive video and data network that provides integration among the hospitals, public health departments, public health laboratories and other entities across the entire State of Nebraska. The major functions of the Network are to improve quality and access to care, particularly in rural Nebraska, to provide patient, provider and community education and to provide another communication source in the event of a natural, man-made or terrorist emergency. Advantages of Telehealth The Mid-Nebraska Telemedicine Network provides value to the network's users in a number of ways, including the following: 1) The Network improves the access of the public to medical consultation resources, thus improving the quality of care available; 2) The Network serves as an aid in the training, retention and recruitment of the rural health care workforce; 3) The Network provides another avenue for bringing community education and information to rural Nebraska; 4) The Network, through its ability to help strengthen the rural health care resources, helps strengthen the local economy; 5) The Network provides an additional resource in case of an emergency caused by a man-made, natural or bioterrorist threat as well as providing another avenue for education on how to deal with these emergencies; 6) The Network provides an avenue for bringing together entities in public health, the health care field, education and government as well as other quasi-public and private agencies through the participation in the Nebraska Telehealth Network. As a member of the Nebraska Telehealth Network, members of the Mid- Nebraska Telemedicine Network has adopted the following project goals. Project Goals: To bring together the hospitals within the state into a single connected system that can: <bullet> Provide patient clinical consultation; <bullet> Offer health care providers continuing education and professional development as well as advancement opportunities; <bullet> Provide an avenue for administrative meetings; <bullet> Provide access to Teletrauma and Emergency Mental Health services via hospital emergency rooms; <bullet> Expand access for the hospitals to Nebraska's Public Health Departments, State Government and State Bioterrorism Labs in order to facilitate emergency alert capabilities, as well as educational opportunities pertaining to bioterrorism acts and other naturally occurring emergencies; <bullet> Provide a structure that can bring together resources beyond just those of health care to create an environment of sharing of resources throughout the State of Nebraska; <bullet> Invite other potential partners in this network, including education at various levels (elementary through post- secondary and community education), and various governmental agencies, whether local, regional, State or national; <bullet> Develop an organizational structure that supports these goals in a cost effective, efficient and sustainable fashion and addresses the identified critical success factors involving technical support, hospital and provider training, scheduling and technology upgrades; <bullet> Provide the backbone for the development of a statewide electronic medical record project through the Nebraska Medical Association. Testimony Summary On behalf of the members of the Mid-Nebraska Telemedicine Network, thank you for this opportunity to describe the journey that our organizations have taken down the path of implementing technology to improve access to health care services in rural America. The success that our network has had over the past thirteen years is a direct result of the continued investment by the Federal Government in health information technology. By providing funding opportunities through various grant programs, these federal dollars have the opportunity to work in concert with local matching monies to expand and enhance the services being offered over telehealth networks, like the Mid-Nebraska Telemedicine Network and the Nebraska Statewide Telehealth Network. As a representative of a rural health care provider, Good Samaritan Hospital, and a rural health care consumer, thank you for your continued interest and attention to the vital role that health information technology plays in our health care system. <GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT>