<DOC> [106th Congress House Hearings] [From the U.S. Government Printing Office via GPO Access] [DOCID: f:56606.wais] Y2K AND THE MEDICARE PROVIDERS: INNOCULATING AGAINST THE Y2K BUG ======================================================================= JOINT HEARING before the SUBCOMMITTEE ON HEALTH AND ENVIRONMENT and the SUBCOMMITTEE ON OVERSIGHT AND INVESTIGATIONS of the HOUSE OF REPRESENTATIVES ONE HUNDRED SIXTH CONGRESS FIRST SESSION __________ APRIL 27, 1999 __________ Serial No. 106-20 __________ Printed for the use of the Committee on Commerce <snowflake> U.S. GOVERNMENT PRINTING OFFICE 56-606CC WASHINGTON : 1999 ------------------------------------------------------------------------------ For sale by the U.S. Government Printing Office Superintendent of Documents, Congressional Sales Office, Washington, DC 20402 COMMITTEE ON COMMERCE TOM BLILEY, Virginia, Chairman W.J. ``BILLY'' TAUZIN, Louisiana JOHN D. DINGELL, Michigan MICHAEL G. OXLEY, Ohio HENRY A. WAXMAN, California MICHAEL BILIRAKIS, Florida EDWARD J. MARKEY, Massachusetts JOE BARTON, Texas RALPH M. HALL, Texas FRED UPTON, Michigan RICK BOUCHER, Virginia CLIFF STEARNS, Florida EDOLPHUS TOWNS, New York PAUL E. GILLMOR, Ohio FRANK PALLONE, Jr., New Jersey Vice Chairman SHERROD BROWN, Ohio JAMES C. GREENWOOD, Pennsylvania BART GORDON, Tennessee CHRISTOPHER COX, California PETER DEUTSCH, Florida NATHAN DEAL, Georgia BOBBY L. RUSH, Illinois STEVE LARGENT, Oklahoma ANNA G. ESHOO, California RICHARD BURR, North Carolina RON KLINK, Pennsylvania BRIAN P. BILBRAY, California BART STUPAK, Michigan ED WHITFIELD, Kentucky ELIOT L. ENGEL, New York GREG GANSKE, Iowa THOMAS C. SAWYER, Ohio CHARLIE NORWOOD, Georgia ALBERT R. WYNN, Maryland TOM A. COBURN, Oklahoma GENE GREEN, Texas RICK LAZIO, New York KAREN McCARTHY, Missouri BARBARA CUBIN, Wyoming TED STRICKLAND, Ohio JAMES E. ROGAN, California DIANA DeGETTE, Colorado JOHN SHIMKUS, Illinois THOMAS M. BARRETT, Wisconsin HEATHER WILSON, New Mexico BILL LUTHER, Minnesota JOHN B. SHADEGG, Arizona LOIS CAPPS, California CHARLES W. ``CHIP'' PICKERING, Mississippi VITO FOSSELLA, New York ROY BLUNT, Missouri ED BRYANT, Tennessee ROBERT L. EHRLICH, Jr., Maryland James E. Derderian, Chief of Staff James D. Barnette, General Counsel Reid P.F. Stuntz, Minority Staff Director and Chief Counsel ______ Subcommittee on Health and Environment MICHAEL BILIRAKIS, Florida, Chairman FRED UPTON, Michigan SHERROD BROWN, Ohio CLIFF STEARNS, Florida HENRY A. WAXMAN, California JAMES C. GREENWOOD, Pennsylvania FRANK PALLONE, Jr., New Jersey NATHAN DEAL, Georgia PETER DEUTSCH, Florida RICHARD BURR, North Carolina BART STUPAK, Michigan BRIAN P. BILBRAY, California GENE GREEN, Texas ED WHITFIELD, Kentucky TED STRICKLAND, Ohio GREG GANSKE, Iowa DIANA DeGETTE, Colorado CHARLIE NORWOOD, Georgia THOMAS M. BARRETT, Wisconsin TOM A. COBURN, Oklahoma LOIS CAPPS, California Vice Chairman RALPH M. HALL, Texas RICK LAZIO, New York EDOLPHUS TOWNS, New York BARBARA CUBIN, Wyoming ANNA G. ESHOO, California JOHN B. SHADEGG, Arizona JOHN D. DINGELL, Michigan, CHARLES W. ``CHIP'' PICKERING, (Ex Officio) Mississippi ED BRYANT, Tennessee TOM BLILEY, Virginia, (Ex Officio) (ii) Subcommittee on Oversight and Investigations FRED UPTON, Michigan, Chairman JOE BARTON, Texas RON KLINK, Pennsylvania CHRISTOPHER COX, California HENRY A. WAXMAN, California RICHARD BURR, North Carolina BART STUPAK, Michigan Vice Chairman GENE GREEN, Texas BRIAN P. BILBRAY, California KAREN McCARTHY, Missouri ED WHITFIELD, Kentucky TED STRICKLAND, Ohio GREG GANSKE, Iowa DIANA DeGETTE, Colorado ROY BLUNT, Missouri JOHN D. DINGELL, Michigan, ED BRYANT, Tennessee (Ex Officio) TOM BLILEY, Virginia, (Ex Officio) (iii) C O N T E N T S __________ Page Testimony of: Corlin, Richard F., Speaker of the House of Delegates, American Medical Association............................... 65 DeParle, Hon. Nancy-Ann Min, Administrator, Health Care Financing Administration, Department of Health and Human Services................................................... 11 Grob, George, Deputy Inspector General, Department of Health and Human Services......................................... 31 Mackin, Annette L., Chief Financial Officer, VNS of Rochester and Monroe Counties, Inc., National Association for Home Care....................................................... 61 Margolis, Ronald, Chief Information Officer, University of New Mexico Hospital, American Hospital Association......... 54 Willemssen, Joel C., Director, Civil Agencies Information Systems, Accounting and Information Management Division, General Accounting Office.................................. 17 Material submitted for the record by: DeParle, Hon. Nancy-Ann Min, Administrator, Health Care Financing Administration, Department of Health and Human Services, letter dated June 28, 1999 to Hon. Michael Bilirakis, enclosing material for the record............... 85 (v) Y2K AND MEDICARE PROVIDERS: INOCULATING AGAINST THE Y2K BUG ---------- TUESDAY, April 27, 1999 House of Representatives, Committee on Commerce, Subcommittees on Health and Environment and Oversight and Investigations, Washington, DC. The subcommittees met, pursuant to notice, at 1 p.m., in room 2123, Rayburn House Office Building, Hon. Michael Bilirakis (chairman) presiding. Members present Subcommittee on Health and Environment: Representatives Bilirakis, Upton, Burr, Whitfield, Norwood, Coburn, Bryant, Brown, DeGette, Barrett, Capps and Eshoo. Members present Subcommittee on Oversight and Investigations: Representatives Upton, Burr, Whitfield, Bryant, Klink, Green, and DeGette. Staff present: Lori Wall, majority counsel; John Manthei, majority counsel; Pat Morrisey, majority counsel; Mike Flood, legislative clerk; and Chris Knauer, minority professional staff member. Mr. Upton. It's 1 o'clock. Thank you all for coming. Today, the Subcommittee on Oversight Investigations and the Subcommittee on Health and the Environment--and I must apologize for the lateness of the Chairman of the Subcommittee of Health, Mr. Bilirakis. His plane is a little delayed. It should be landing right about now, in fact. We are holding a joint hearing on the issue of Medicare provider readiness in becoming Year 2000 ready or, as we all know, Y2K compliant. Over the past several months, the Committee on Commerce has undertaken an extensive review of the progress that the Health Care Financing Administration, its Medicare contractors and its hospitals, nursing homes, doctors and other providers have made in becoming Y2K complaint. The chairman of this committee as well as the ranking member sent letters to the Health Care Financing Administration on the issue of Year 2000 readiness. In addition, letters were sent by the chairman of this committee to several health care associations that represent Medicare contractors and providers inquiring about their outreach efforts in helping their members become Y2K compliant. Today our hearing will focus on the status of our Medicare providers. We will examine what we know, but more importantly, what we still do not know about how ready our Medicare providers are for Y2K. Specifically, this hearing will address the readiness of their billing and financial systems. This issue is critical. If provid- ers are not able to send bills in a Year 2000 format, they will not be able to get reimbursed from Medicare. Without reimbursement for a period of time, there is a possibility that a provider would have to close its doors. This could cause a great deal of anguish for providers as well as many beneficiaries who rely on that care. For some time now, the GAO has been monitoring the progress of HCFA and its Medicare contractors in becoming Y2K compliant. This issue has been followed extremely closely by the Oversight Subcommittee and others. Today, I would like to look at the other side of the equation and find out where our Medicare providers are in terms of preparedness for Y2K. Today, there are some 1 million Medicare providers who treat patients day in and day out. Each one of those providers has a responsibility to its patients to make sure that its system is ready when we ring in the new century. The responsibility is a very important one, because it affects 38 million Medicare beneficiaries. I appreciate the willingness of several health care associations who represent the vast majority of Medicare providers to testify here today. Your insight into where members of your associations are with respect to Y2K is very valuable. However, I want to caution everyone. I'm afraid that what we do know about the readiness of our Medicare providers is less than what we think. I've studied the various surveys that have been conducted on Medicare providers readiness. I'm concerned that these surveys may not present an accurate picture of where our Medicare providers are in terms of Y2K compliance. Therefore, today along with Chairman Bilirakis and Chairman Bliley and ranking members Dingell, Klink, and Brown will ask the GAO to examine the issue. The purpose of this is request is to gain a better understanding of where Medicare providers are in terms of Y2K. With respect to the progress of HCFA, I commend the progress that they have made to date in addressing the Year 2000 issue. However, there is still a long road ahead. The critical test that still awaits HCFA and its Medicare contractors will begin in summer when they will start to retest their systems. This retesting process will need to be rigorous and thorough to ensure against mission critical failures in the Medicare claims processing systems in the Year 2000. With that in mind, HCFA will need to make sure that contingency plans are comprehensive enough to manage any critical failures that may, in fact, occur. We all need to remain committed to make sure that as we begin the new millennium, our Medicare beneficiaries will get the medical care and treatment they need. I welcome all of our panels here to testify. And with that, I recognize the ranking member of the Subcommittee on Oversight and Investigations, Mr. Klink. [The prepared statement of Hon. Fred Upton follows:] Prepared Statement of Hon. Fred Upton, Chairman, Subcommittee on Oversight and Investigations Today, the Subcommittee on Oversight and Investigations and the Subcommittee on Health and the Environment are holding a joint hearing on the issue of Medicare provider readiness in becoming Year 2000 ready, or Y2K compliant. Over the past several months, the Committee on Commerce has undertaken an extensive review of the progress the Health Care Financing Administration, or HCFA, its Medicare contractors and its hospitals, nursing, doctors and other providers have made in becoming Y2K compliant. The Chairman of this Committee as well as the Ranking Member sent letters to the Health Care Financing Administration on the issue of Year 2000 readiness. In addition, letters were sent by the Chairman of this Committee to several health care associations that represent Medicare contractors and providers inquiring about their outreach efforts in helping their members become Y2K compliant. Today, our hearing will focus on the status of our Medicare providers. We will examine what we know, but more importantly, what we still do not know about how prepared our Medicare providers are for Y2K. Specifically, this hearing will address the readiness of their billing and financial systems. This issue is critical--if providers are not able to send bills in a Year 2000 format, they will not be able to get reimbursed from Medicare. Without reimbursement for a period of time, there is the possibility that a provider would have to close its doors. This could cause a great deal of anguish for providers as well as many beneficiaries who rely on their care. For some time now, the General Accounting Office, or GA0, has been monitoring the progress of HCFA and its Medicare contractors in becoming Y2K compliant. This issue has been followed extremely closely by the Oversight Subcommittee and others. Today, I would like to look at the other side of the equation and find out where our Medicare providers are in terms of preparedness for Y2K. Today, there are over one million Medicare providers who treat patients day in and day out. Each one of those providers has a responsibility to its patients to make sure its system is ready when we ring in the new century. This responsibility is an important one because it affects thirty-eight (38) million Medicare beneficiaries. I appreciate the willingness of several health care associations who represent the vast majority of Medicare providers to testify here today. Your insight into where members of your associations are with respect to Y2K compliance is very valuable. However, I want to caution everyone here. I am afraid that what we do know about the readiness of our Medicare providers is less than we think. I have studied the various surveys that have been conducted on Medicare provider readiness. I am concerned that these surveys may not present an accurate picture of where our Medicare providers are in terms of Y2K compliance. Therefore, today I, along with Chairman Bilirakis, Chairman Bliley and Ranking Members Dingell, Klink and Brown, will ask GA0 to do some additional work on the issue of Medicare Y2K provider readiness. The purpose of this request is to gain a better understanding of where Medicare providers are in terms of Y2K compliance efforts. With respect to the progress of the Health Care Financing Administration or HCFA, I commend the progress they have made to date in addressing Year 2000 issues. However, there is still a long road ahead. The critical test that still awaits HCFA and its Medicare contractors will begin this summer when they will start to re-test their systems. This re-testing process will need to be rigorous and thorough to ensure against mission critical failures in the Medicare claims processing systems in the year 2000. With that in mind, HCFA will need to make sure that contingency plans are comprehensive enough to manage any mission critical failures that may occur. We all need to remain committed to making sure that as we begin the new millennium, our Medicare beneficiaries will get the medical care and treatment they need. I would like to welcome all of our panels here today to testify. Thank you all for coming and appearing before us today. Mr. Klink. Thank you, Mr. Chairman. And I really want to thank you for having this, what I consider a very important hearing. The Y2K issue has been of concern to Congress and this committee for some time now. Mostly, however, this effort has been focused on the government side of the problem. But if we're to get serious about focusing our health care and Medicare billing, light must also be shed on areas beyond just the government and must include the private providers. And I thank the chairman for having the insight to recognize this fact and for using this hearing to focus on both sides of the problem. I will remind the committee that to execute a single Medi- care reimbursement requires many steps, and it relies on many computer systems that are susceptible to the Y2K bug. To begin with, a provider must be able to reconcile what it is owed by the Federal Government. If the provider's internal computer billing system isn't Y2K compatible, it may not be able to accurately determine what it is owed. Assuming that a provider's internal billing system is able to function, its bill may be sent through a third-party billing agency who must also have a Y2K compatible system. Next, the billing agent will directly send the billing information to one of its many fiscal intermediaries that the government has used to process those claims. Those FIs have a wide range of internal computer operations, and they also must be Y2K compatible. Finally, once the bill is reconciled and paid, information is ultimately sent to HCFA, which has its own internal computer system that must also be Y2K compatible. Nonetheless, our present position regarding Y2K readiness in this chain of Medicare providers, processors, and payers is at best shaky. The positive news, thanks to the effort of HHS, the OIG, the GAO, and HCFA itself, is that we now have significant information about the government side of the Y2K problem, including what needs to be tested and fixed. In fact, it appears that HCFA has dedicated serious resources to the Y2K problem and has made significant progress. Nonetheless, there may be bad news, because information on the provider side of the problem is seriously lacking. In fact, while we've received mountains of data from HCFA on its Y2K efforts, we have only the faintest information about the efforts of hospitals, nursing homes, individual doctors, equipment suppliers, home health agencies, and other providers. Most of the information that we do have on the provider community is based only on a few surveys which at best provide limited information. That we are using only the most rudimentary of instruments to collect the data about provider Y2K readiness troubles me on its face. But even more disturbing is that for the little information we have obtained, it is not clear if such information is positive or even reliable. The American Hospital Association, for example, did a simple 2-page survey. It found that, while most of its hospitals report that they will be Y2K ready by the end of the year, less than 13 percent say they are presently compliant. But what does that really mean, and how do we ultimately make use of that information? If only 12 to 13 percent of the hospitals are now Y2K compliant, can we really expect them to get their act together in the 8 short months that are remaining? Further, what are the real details about what is wrong with the hospitals that are not reporting they are presently Y2K compliant? If only 13 percent now are reporting they are Y2K compliant, what specifically is wrong with the other 87 percent? What progress is or is not being made? For example, do those not reporting current Y2K readiness have a clear technical understanding of what needs to be done, and, if so, do they have the resources to do it? The information on doctors is also very troubling. My good friends from the American Medical Association, an association of more than 300,000 members, also tried to learn the state of readiness about their members. They sent surveys to nearly 7,000 of their 300,000 members. Alarmingly, the AMA had a response rate of only about 6 percent. That means they never heard from 94 percent of the 7,000 of the 300,000 that are members. What does that mean? Why didn't they respond? Does this mean that the doctors are fully prepared for the Year 2000, or does it mean exactly the opposite? I don't know. But I do know that I'm more than a bit uncomfortable making assumptions about the 94 percent who didn't respond. So I don't want to single out our friends at AMA or AHA for the rather disconcerting results they received in their surveys. At least they were willing to come to this hearing, and at least they have been willing to talk to us about the challenges they are facing. I realize in the grand scheme of many of the problems facing many providers, the Y2K problem may not seem terribly important. Nevertheless, without correcting the problem at the provider level, we may be running a significant risk that the government won't be able to make the necessary Medicare reimbursements. If this occurs, this can and will put providers at significant class-flow risks which could put the beneficiaries at risk. This is unacceptable. We must do more now to correct not only what the government and its own state of Y2K readiness is but also the readiness of the provider community. This requires that for each provider group we must learn what the Y2K issues that are presently affecting their operations. Two, what is required to fix those problems, and what will happen to the reimbursement stream if those problems are not addressed? Mr. Chairman, while there are many other health-related Y2K questions, I want to thank you personally for having this hearing today as a first step in your willingness to focus, not on just the government side of the problem, but, as importantly, on the provider, the private provider side. And finally, I want to thank both you and your personal staff and the committee staff for how you've worked with our side on this issue. We've had some differencess in the past, and we've talked about those publicly. I would like to thank you just as publicly for being professional and thorough and thank you and your staff for doing that. And with that I yield back. [The prepared statement of Hon. Ron Klink follows:] Prepared Statement of Hon. Ron Klink, a Representative in Congress from the State of Pennsylvania Thank you Mr. Chairman, and thank you for having this important hearing. Mr. Chairman, the Y2K issue has been a concern for Congress and this Committee for some time now. Mostly, however, this effort has focused on the government side of the problem. But if one is serious about focusing on healthcare, and Medicare billing, light must also be shined on areas beyond just government and include private providers. I thank the chairman for having the insight to recognize this fact, and for using this hearing to focus on both sides. I will remind the Committee that to execute a single Medicare reimbursement requires many steps and relies on many computer systems susceptible to the Y2K bug. To begin with, a provider must be able to reconcile what it's owed by the federal government. If the provider's internal computer billing system isn't Y2K compatible, it may not be able to accurately determine what it's owed. Assuming a provider's internal billing system is able to function, it's bill may be sent through a third-party billing agent who must also have a Y2K-compatible system. Next, the billing agent (provider directly) will send the billing information to one of the many fiscal intermediaries (FIs) that the government uses to process claims. These FI's have a range of internal computer operations that must be Y2K compatible. Finally, once the bill is reconciled and paid, information is ultimately sent to HCFA, which has its own internal computer systems that must by Y2K compatible. Nonetheless, our present position regarding Y2K readiness in this chain of Medicare providers, processors, and payers is shaky. The positive news--thanks to the efforts of the HHS' OIG, the GAO, and HCFA itself--is that we now have significant information about the government side of the Y2K problem including what needs to be tested and fixed. In fact, it appears that HCFA has dedicated serious resources to the Y2K problem and has made significant progress. Nevertheless, there may be bad news because information on the provider-side of the problem is seriously lacking. In fact, while we've received mountains of data from HCFA on its Y2K effort, we have only the vaguest of information about the efforts of hospitals, nursing homes, individual doctors, equipment suppliers, home health agencies and other providers. Most of the information we do have on the provider community is based on a few surveys which at best provide limited information. That we are using only the most rudimentary of instruments to collect data about provider Y2K readiness troubles me on its face. But even more disturbing is that for the little information we have obtained, it is not clear if such information is positive or even reliable. The American Hospital Association (AHA), for example, did a simple two-page survey. It found that while most of its hospitals report they will be Y2K ready by the end of the year, less than 13 percent say they are presently compliant. But what does that really mean, and how do we ultimately make use of that information? If only 12 to 13 percent of the hospitals are now Y2K compliant, can we really expect them to get their act together in the short eight months remaining? Further, what are the real details about what is wrong with the hospitals that are not reporting they are presently Y2K compliant? If only 13 percent now report they are Y2K compliant, what specifically is wrong with the other 87 percent? What progress is or is not being made? For example, do those not reporting current Y2K readiness have a clear technical understanding of what needs to be done, and if so, do they have the resources to do it? The information on doctors is also troubling. My good friends from the American Medical Association (AMA)--an association with more than 300,000 members--also tried to learn the state of readiness about their own members. They sent surveys to nearly 7,000 of their 300,000 members. Alarmingly, the AMA had a response rate of only about 6 percent. That means they never heard from about 94 percent of the intended sample. What does that mean? Why didn't they respond? Does this mean that the doctors are fully prepared for the Year 2000, or does it mean the opposite. I don't know, but I do know that I am more than a bit uncomfortable making assumptions about the 94% percent that did not respond. Mr. Chairman, I don't want to single out our friends from either the AMA or the AHA for the rather disconcerting results they received in their surveys. At least they were willing to come to this hearing and talk about what challenges they are facing. I realize that in the grand scheme of the many problems facing many providers, the Y2K problem may not seem terribly important. Nevertheless, without correcting the problems at the provider level, we may be running a significant risk that the government won't be able to make the necessary Medicare reimbursements. If this occurs, this can and will put providers at significant cash-flow risk, which could ultimately put beneficiaries at risk. This is unacceptable. We must do more now to correct not only what the government and its own state of Y2K readiness is, but also the readiness of the provider community. This requires that for each provider group, we must learn (1) what Y2K issues are presently affecting their operations; (2) what is required to fix those problem (and whether resources exist to do so), and (3) what will happen to the reimbursement stream if those problems are not addressed. Mr. Chairman, while there are many other health related Y2K questions--I want to thank you for having this hearing today as a first step and for your willingness to focus on not just the government side of this problem, but as importantly, on the private provider side. Finally, I would like to thank both your personal staff and your Committee staff for how they have worked with our side on this issue. They have been both professional and thorough, and I thank them for that. With that, I yield back. Mr. Upton. Thank you, Mr. Klink. Mr. Burr. Mr. Burr. I also want to thank the chairman for his willingness to hold these hearings and to take this opportunity to welcome both panels, especially Nancy-Ann DeParle. It's good to have you back and also apologize to the committee and the panels. Because of a prior conflict, I have to go over on the other side of the Capitol, not looking too forward to it, but I do have to do it. And, Mr. Chairman, at this time, I would ask unanimous consent that the record remain open so that members would have an opportunity in writing to send questions to these panels and to receive those answers for the record. Mr. Upton. Without objection, all members will have the chance to put in an opening statement. And we will, in fact, leave the record open so that members will be able to ask questions in writing for those that are not able to appear or as a follow-up. Mr. Burr. I thank the Chair. I also again thank the panel. And I yield back. Mr. Upton. Thank you, Mr. Burr. Mr. Brown. Mr. Brown. Thank you, Mr. Chairman. Thank you for holding this hearing today. I would like to especially thank Administrator Nancy-Ann DeParle and others on the two panels for joining us today. In the health care arena, Y2K compatibility resonates not only as a economic issue but as a health care quality and consumer safety issue. Accommodating the transition is an imperative for both the public and private sectors, since each plays a major role in the financing and delivery of health care. And the Medicare program is an important focal point for Y2K preparations. Successful transition depends on the individual and collective efforts of HCFA, its 70 fiscal intermediaries and Part B carriers, and, as Mr. Klink and others has said, some 1 million health care providers. The benefits of the successful transition spread further to the program's 36 million beneficiaries and the Nation's 125 million taxpayers. Readiness in regard to the Y2K transition is a somewhat nebulous target. One of the tricks to gaining a better understanding of how we will fair come January 1, 2000, is making sure that the questions and the answers raised here refer to the same systems, the same stakeholders, and the same set of potential outcomes. Perhaps the most difficult question we can begin to tackle today is what are we missing? Is the private sector data sufficient to paint a realistic picture of their Y2K readiness? Are there areas of health care we are overlooking, facets, perhaps, of HCFA's role that may still be compromised by systems' problems. I hope we can come away today, Mr. Chairman, from today's hearing with a better understanding of where we are and where we need to go to prevent needless problems from cropping up next year. Thank you, Mr. Chairman. Mr. Upton. Dr. Coburn. Mr. Coburn. I have no opening statement. Mr. Upton. Mr. Whitfield. Mr. Whitfield. Mr. Chairman, I filed my opening statement with the record. Mr. Upton. Ms. DeGette. Ms. DeGette. Thank you, Mr. Chairman. I'm very glad that we're having this hearing today to talk about Y2K readiness of medical providers. I understand that the primary direction of the hearing today is on billing issues. But I think that we need to look beyond that. I want to congratulate Administrator DeParle on the efforts that she's made within HCFA for Y2K readiness overall. I think that the agency has made great strides. And also I want to congratulate you on the elimination of waste and abuse or at least working toward that end, from the Medicare payment process. I'm concerned, as I say, about the implications of the Y2K problem on the billing process. But I'm also concerned, for example, that the machinery in the intensive care unit at Denver General Hospital will fail on January 1 or that the ambulance communication dispatch units will crash, because of the lack of Y2K readiness. If those mechanisms fail within our hospital system, medical providers are going to have a much larger problem than worrying if their computers work for billing systems. Yesterday, for example, the House Diabetes Caucus, of which I'm the cochair with Congressman Nethercutt, hosted an informational briefing to correct the misinformation surrounding the pharmaceutical industry's preparations for Y2K. It's essential for the pharmaceutical industry to inform the public that they've addressed Y2K concerns to avoid the hoarding of medicines. But I know that's a very real concern within the industry as well. How can they manufacture enough medicine, insulin, for example, if people don't believe them, and think that there is not going to be enough of a supply of insulin or any other kind of pharmaceutical. I hope both committees today will come away from today's hearing with more information about Medicare providers' Y2K compliance in as many areas as possible, not just billing. And if we can't get to those other areas, I would hope, Mr. Chairman, we would be able to hold further hearings, because I think that the soundness of our medical delivery system is going to be one of the most key components with Y2K compliance. And with that, Mr. Chairman, I think I've made my point, and I would yield back. [The prepared statement of Hon. Diana DeGette follows:] Prepared Statement of Hon. Diana DeGette, a Representative in Congress from the State of Colorado Thank you Mr. Chairman. I am pleased that we are holding this joint hearing today to discuss and investigate the Y2K readiness of medical providers. Certainly the preparedness of hospitals and other health care providers is one of, if not the most important concerns as we face the Y2K bug. Both the Subcommittee on Health and Environment and the Subcommittee on Oversight and Investigations have been diligent in our efforts to eliminate fraud, waste and abuse from the Medicare system. The Y2K bug could eliminate years of efforts to combat efforts to eradicate waste in Medicare and could wreak havoc on the Medicare Trust Fund. The billing concerns alone merit our meticulous examination of providers' preparedness. This is one case where the Federal Government is leading the way--HCFA is well on its way to Y2K compliance--and we must prod the private sector to catch up. The elimination of waste and abuse from the Medicare payment process is an area of concern. I urge both Committees to carefully examine Medicare providers Y2K readiness in terms of patient care. I am also concerned that the machinery in the Intensive Care ward will fail on January 1st or that communications in ambulance dispatch units will crash. Should these mechanisms fail, medical providers will have a crisis on their hands that is far more grave than faulty billing records. Yesterday, the House Diabetes Caucus, of which I am Co-Chair, hosted an informational hearing to correct the misinformation surrounding the pharmaceutical industry's preparations for Y2K. It is essential for the pharmaceutical industry to inform the public that they have addressed Y2K concerns to avoid hoarding of medicines. Because information is a critical component of successfully addressing Y2K, I am concerned that the information we do have on Medicare providers' Y2K compliance varies and is often contradictory. I hope both Committees will come away from today's hearing with more information about Medicare providers' Y2K compliance. Once the information is there, we will have a clear concept of where the holes exist and what problems need to be addressed by the 70 Medicare contractors and over one million physicians, hospitals, medical suppliers and home health agencies that serve Medicare beneficiaries. I look forward to today's testimony and hope this is the first in a series of hearings on the effects of Y2K on the health care industry and patient care. Mr. Upton. Thank you. I would just like to tell the gentlelady that we do intend to have a number of hearings, not only in the health care field, but others as well, on Y2K compliance. We look forward to your participation. Mr. Upton. Mr. Green. Mr. Green. Thank you. Like my colleague, I would like to congratulate HCFA for what they've done so far, and just a little parochial interest, I notice 2000 Action Week conferences in 12 cities in the plan and your testimony. I would encourage you to look at Houston, for one, just because of the medical center and the need there. And so if you could just have the staff look at that so--because we don't always go to Dallas from Houston. Thank you. Ms. DeParle. Yes, sir. Mr. Upton. Ms. Capps. Mrs. Capps. I will submit my statement for the record. But I also want to thank the Chair for holding this hearing. And I want to thank you for being here to address such an important topic. Seniors are waiting to make sure their issues are going to be addressed by the readiness of a number of agencies coming together. And I'm appreciative of the efforts that you're taking on a massive task ahead. I'm shocked to see the results of HHS, AMA, and hospitals' associations surveys and--rather the lack of results. And we've been hearing a little bit of this in our districts too, how well prepared are some of our facilities for meeting the needs on January 1. And I'm looking forward to hearing how you would be addressing this. Thank you. Mr. Upton. Ms. Eshoo. Ms. Eshoo. Thank you, Mr. Chairman, for having this joint hearing. I think it's a very important one. The word readiness is almost always been applied to our armed forces in the military. But readiness has taken on a new connotation as we try to prepare ourselves for the new century and what that means with all of our competing systems. So I'm looking forward to hearing the testimony today and how ready we indeed are. And I will also have some questions. But I thank those that are here to answer our questions to testify and also to the leadership of our committee for putting this together. It's a timely hearing to have. I yield back. [Additional statement submitted for the record follows:] Prepared Statement of Hon. Tom Bliley, Chairman, Committee on Commerce Several months ago, this Committee began an in-depth look at the health care industry and its efforts to become ready for the Year 2000. Letters were sent to the Health Care Financing Administration and health care associations representing Medicare contractors and Medicare providers asking them about their progress in becoming Year 2000 ready, or Y2K compliant. Over the past year, this Committee has received regular updates on the progress the Department of Health and Human Services, specifically the Health Care Financing Administration, has made in addressing their Y2K problems. Today, we will hear how Medicare providers are coping with Y2K. The Medicare program has over one million Medicare providers who serve thirty-eight million Medicare beneficiaries. Each and every day, our nation's seniors rely on the Medicare system for their health care needs. These Medicare providers consist of doctors, hospitals, nursing homes, home health agencies and others who are responsible for treating our seniors. What we know about their readiness to prepare for the Year 2000 is less than what we don't know. I am concerned for the health and well being of America's seniors and disabled persons who rely on HCFA, its contractors and providers for medical care. Any disruption in benefits can be an issue of life or death for many seniors and disabled individuals. If claims are unable to be processed due to lack of Y2K compliance, our nation's health care system will be put at risk. Second, I am concerned that if either HCFA, its contractors, or its providers are not Y2K compliant, the opportunities for waste, fraud and abuse will increase significantly, thus putting the fiscal solvency of Medicare at great risk. Medical care to our nation's seniors must not go uninterrupted as we enter the new millennium. Our Medicare providers have a duty to make sure their information systems, medical equipment and clinical records are able to function as we enter the year 2000. This hearing should be a wake-up call to our health care providers to make sure they are ready for the new millennium. We need to know more and that is why I applaud the chairmen of these two subcommittees for holding this hearing today. I would like to welcome all of our panels here today. Thank you all for coming and testifying before us today. Mr. Upton. Well, thank you. We're delighted to have the three witnesses that we have--and Nancy-Ann DeParle, administrator of HCFA, Joel Willemssen from the General Accounting Office, as well as George Grob from the Department of Health and Human Services. This has been a long-standing tradition and practice in this subcommittee, as you know, to testify under oath. And my first question is do you have any reason to need counsel this afternoon? Figuring not, would you stand and raise your right hand. [Witnesses sworn.] Thank you. You're now under oath. And we will start with the very Honorable Nancy-Ann DeParle. Ms. DeParle. Thank you, Mr. Chairman. Mr. Upton. Let me just note for all the witnesses, if you will try to limit your remarks to 5 minutes. Your whole statement will be made a part of the record, but if you could try to limit to 5 minutes, that would be terrific. And thank you very much for submitting your testimony in advance. TESTIMONY OF HON. NANCY-ANN MIN DEPARLE, ADMINISTRATOR, HEALTH CARE FINANCING ADMINISTRATION, DEPARTMENT OF HEALTH AND HUMAN SERVICES; JOEL C. WILLEMSSEN, DIRECTOR, CIVIL AGENCIES INFORMATION SYSTEMS, ACCOUNTING AND INFORMATION MANAGEMENT DIVISION, GENERAL ACCOUNTING OFFICE; AND GEORGE GROB, DEPUTY INSPECTOR GENERAL, DEPARTMENT OF HEALTH AND HUMAN SERVICES Ms. DeParle. Thank you, Mr. Chairman, and Representative Klink and distinguished members of the subcommittee, both subcommittees. Thank you for inviting me here to discuss my number one priority, which is the Year 2000 computer challenge. The Health Care Financing Administration continues to make solid progress in meeting our responsibility to make our internal and external systems compliant and to develop contingency plans to ensure payments in the event of unforeseen problems. As of today, all 75 of our external claims processing contractors in the Medicare program have certified that they have renovated and future-date tested their systems as we instructed them to. Seventy-three of the 75 met this deadline by March 31, and all of our mission and non-mission critical internal systems, including the systems that process managed care payments and do enrollment, are now compliant and have been tested. Providers also have Y2K challenges and responsibilities. And I know that's one of the focuses that this committee has today. And as you know, Mr. Chairman, as we discussed, HCFA doesn't have the authority or the resources to step in and personally fix all the provider computer systems. Providers themselves have to make sure that their systems are Y2K compliant, not just so they can get paid, but to ensure continued high quality care for their patients. One of the problems that we've had in the health care industry is that it is so diverse and so diffuse. So we, at the Health Care Financing Administration, have gone directly to the providers. We have undertaken unprecedented outreach efforts to help providers know what they must do to meet their responsibilities. In fact, we sent a letter in January to 1.3 million health care providers outlining the Year 2000 challenge and including a checklist for what they need to do to get their systems ready. We also have a Website, a 1-800 number, a speakers bureau, and experts prepared to share the insights we have gained in our own Y2K efforts. And, Representative Green, you invited us to come to Houston. I want you to know that we have people ready to go with you, if you want, to your hospitals and other providers. And to all the members, we've offered to send people out to your districts, if that would help, to meet directly with providers. We're looking for opportunities to do that. We're sponsoring conferences and learning sessions throughout the country. Colleagues at the Small Business Administration and FDA, and other agencies, have been participating with us in those--and we're meeting regularly with the provider trade groups. We are also targeting groups for special attention based on the results of some of the surveys that we've received, including the most recent survey that the Inspector General has done. The good news is that I think provider organizations are increasing their efforts to measure and promote Y2K compliance among their members. But as you said, Mr. Chairman, there are a lot of unknowns here based on the surveys. And I'm going on what I do know. So based on information about the percentage of Medicare fee-for-service providers that met our April 5 deadline for submitting Y2K compliant claims, I feel relatively optimistic about providers' ability to be ready on the billing or financial side. Just based on the fact that upwards of 99.98 percent, I think, of the Part B providers or submitters are submitting appropriate claims. And it's upwards of 93 percent on the Part A side. But I do have more questions. I think there is a question mark about provider's readiness in terms of equipment and patient care. And as you know, under John Koskinen's leadership, the Department of Health and Human Services, along with the Veterans Administration and Department of Defense, are aggressively working with providers on those issues. We at HCFA still have a great deal of testing and retesting to do over the next 8 months. We've come a long way. But as you said, Mr. Chairman, we still have a long way to go. We're in the process also of validating our contingency plans based on making sure that we can continue all of our business processes. I want to acknowledge that we've had a lot of help with our Y2K effort. We have benefited greatly from the advice of our independent validation and verification contractor, AverStar, as well as advice from the HHS Inspector General and the General Accounting Office. And I want to thank personally June Gibbs Brown from the IG's office and Joel Willemssen from the General Accounting Office, because they have played a role, not just as critics, but as people who are trying to help us get to a solution; and that is something that I have benefited greatly from. I thank them. And, Mr. Chairman, I also want to thank the members of the committee. We would not have made the progress that we've made this year without the support and the funding that you and others in Congress have provided to us. And I want to thank you for that. The GAO recently advised us that our testing regimen for the remainder of the year should be more rigorous, that we need to be more precise with the contractors about what we expect and more exacting about the documentation we get from them on testing. That is a difficult challenge because we are modifying systems and have been throughout the year in order to comply with changes in the Balanced Budget Act and other changes in the law at the same time that we're preparing for Y2K. But I want to be clear, I will do whatever it takes to make sure that our systems are able to process and pay accurate and timely claims. Medicare beneficiaries should not worry about a disruption in service. There is no higher priority at HCFA than Y2K. We will meet our responsibilities, and we will also continue to do what we can to help providers meet their responsibilities. Thank you. [The prepared statement of Hon. Nancy-Ann Min DeParle follows:] Prepared Statement of Hon. Nancy-Ann Min DeParle, Administrator, Health Care Financing Administration Chairman Upton, Chairman Bilirakis, Congressman Klink, Congressman Brown, distinguished committee members, thank you for inviting me here today to discuss my number one priority--the Year 2000 computer challenge. It is a challenge that we at the Health Care Financing Administration (HCFA) and the health care providers who serve our programs' beneficiaries must meet. I am happy to report today that we continue to make remarkable progress. All of HCFA's Year 2000 systems issues will be resolved and thoroughly tested and retested before January 1, 2000. It is equally essential that providers ready their systems for the new millennium. Our systems will be able to accurately and timely process and pay claims, but providers must be able to generate and submit legitimate claims to our contractors. We are, therefore, engaged in an unprecedented outreach effort to raise awareness of the need to be Year 2000-ready and provide information to health care providers and other parts of the health care system where we have little authority and control. As a part of our broad provider outreach effort, we have: <bullet> mailed a letter on the importance of the Year 2000 and how to achieve compliance to each of our 1.3 million providers; <bullet> established a website (www.hcfa.gov/y2k) with information and checklists on what providers must do to meet their Year 2000 responsibility; <bullet> held Year 2000 Action Week conferences in 12 cities across the nation to raise provider awareness of Year 2000 issues; <bullet> created a speakers bureau with agency staff around the country who are speaking to provider groups about Year 2000 readiness; and <bullet> initiated other efforts to work with provider groups and institutions to help them meet their Year 2000 responsibilities. Background Our foremost concern has been, and continues to be, ensuring that our more than 70 million Medicare, Medicaid, and Children's Health Insurance Program beneficiaries continue to receive the health care services they need in the new millennium. We are aggressively addressing Year 2000 issues in the systems over which we have responsibility. We continue to test and retest our renovated systems. I am pleased to announce that we have made extraordinary progress on our renovation, testing, and implementation of Year 2000-ready systems. <bullet> All of our internal systems were renovated, tested, certified, and implemented by the government-wide Year 2000 deadline of March 31, 1999. In fact, our 25 mission-critical internal systems were compliant, including end-to-end and future-date testing, three months ahead of that deadline. Among other things, these internal systems: --manage the eligibility, enrollment, and premium status of our 39 million Medicare beneficiaries; --make payments to approximately 386 managed care plans on behalf of over six million beneficiaries; and --operate HCFA's accounts receivable and payable operations. <bullet> As of last week, 73 of 75 mission-critical claim processing systems, operated by private insurance contractors that process Medicare claims and pay bills, were certified as compliant, including end-to-end and future-date testing. Since last week the remaining two contractors have furnished documentation of certification, and we are evaluating that information now. The process by which we analyzed and certified these claims processing systems has received much attention, appropriately, from the Congress, the GAO, and the provider community. I would like to take a moment to explain the process we used for declaring a system to be compliant. As you are aware, we required that all mission-critical systems be renovated, tested, and implemented by the federal government's March 31, 1999 deadline. Seventy of the systems were actually self-certified as compliant by the contractors at the end of 1998, but we accepted only 54 of those certifications--those with qualifications that we deemed to be minor--at that time. And we asked the contractors to address and resolve those qualifications. We then required that all contractors, including those that we had previously certified as compliant with qualifications, to complete their Year 2000 readiness work by March 31, 1999, and submit written reports on the status of their systems by April 5, 1999. We thoroughly reviewed all of the certifications and accompanying qualifications, if any, that we received by April 5, 1999. We supplemented our analysis of the paperwork with evidence gathered by our own on-site review teams. We provided all the certifications and accompanying qualifications to our independent verification and validation (IV&V) expert, AverStar, and, in conjunction with them, then made an assessment of each system. Also, as a part of our ongoing collaboration with the Department of Health and Human Services Office of the Inspector General (OIG) and the General Accounting Office (GAO), we provided these oversight bodies all of the certification and qualification information and reviewed our analysis and conclusions with them. Because of the rigor and thoroughness of our testing and reviews, I am quite confident that our systems will be able to process and pay claims timely and appropriately at the turn of the millennium. Our progress on remediation and testing has been so successful that we would like to attempt to carry out the Fiscal Year 2000 and Calendar Year 2000 provider payment updates as close to their statutory schedule as possible. We had previously announced to the Congress and provider community that we might have to delay these updates. In consultation with our IV&V contractor, we recently determined that the updates to hospitals, skilled nursing facilities, home health agencies, and other Part A providers can be implemented on schedule on October 1, 1999 without jeopardizing our Year 2000 readiness. Our IV&V contractor describes these changes at that time as ``low impact.'' However, because of the potential for system disruptions, we cannot make changes to the International Classification of Disease, 9th Revision, Clinical Modifications (ICD-9-CM) coding for fiscal 2000. We also hope to implement the updates to physicians and other Part B providers and suppliers starting January 17, applying them retroactively to all claims for services on or after January 1. Our IV&V contractor describes this as the ``optimal solution'' because it avoids a payment freeze while providing a reasonable amount of time for cleaning up any Year 2000-related problems identified in early January before the systems changes would be made. Of course, our top priority will remain the readiness of our systems, but as long as our Year 2000 efforts continue on track, we will try our best to meet our statutory obligations and implement these updates on schedule. All of our remediated claims processing systems are implemented and paying claims today. And we have given providers the opportunity to test with those systems to determine whether their claims, including future-dated claims, can be successfully accepted and processed. Our test results have been encouraging, thus far. For example, a major national hospital network has future-date tested successfully with nine claims processing contractors. We do not know of any other payers that are giving providers the opportunity to test the submission of future- dated claims. Such provider testing gives us a better indication of how many providers have actually done the necessary renovations to make their billing systems compliant. As such, we will continue to closely monitor these provider tests, as well as track the number of providers and other claims submitters who test simulated future-date claims with the claims processors. This will help us refine and target our future outreach efforts to providers who may not be making adequate progress in meeting their Year 2000 responsibility. Of course, providers receive payment from sources other than Medicare. We hope that our outreach efforts will prompt providers to ensure that other payers also are meeting their Year 2000 obligations. Being able to submit claims and get paid is, however, only one reason why health care providers must meet their Year 2000 responsibility. Computer system problems could impact quality of care and patient safety. Patient management systems, clinical information systems, medical devices, such as defibrillators and infusion pumps, and even elevators and security systems all must be checked, renovated, and tested to make sure they are ready so that providers can give quality care. We are concerned that some providers will not meet the Year 2000 challenge on time. Health care sector monitoring by us, the OIG and others, indicates that some providers are substantially behind in their remediation efforts and could well fail. Providers have the primary responsibility to ready their own systems for the Year 2000 in a timely manner to meet the millennium challenge successfully. We do not have the authority, ability, or resources to step in and fix systems for others. We are providing assistance to the extent that we are able, but in some cases that likely will not be enough. This matter is of urgent concern, and literally grows in importance with each passing day. Provider Outreach Activities. From our own efforts, we know first hand the difficulties inherent in achieving Year 2000 compliance, and we are eager to share with providers and their billing agents the lessons we have learned along the way. Therefore, as I have mentioned above, last year we initiated a vigorous outreach campaign to raise awareness of this critical issue and to encourage providers to take the steps necessary for ensuring their own millennium compliance. <bullet> We are leading the health care sector of the President's Council on Year 2000 Conversion. We chair twice-monthly meetings in coordination with a number of provider trade associations and our public sector health partners, like the Food and Drug Administration, the Defense Department, the Department of Veterans Affairs, and the Labor Department, among others, to share insights, raise millennium awareness, and encourage all providers to become Year 2000 compliant. <bullet> This past January, in an unprecedented step, we sent a letter to each of our more than 1.3 million Medicare and Medicaid providers stressing the importance of Year 2000 readiness, including the need to assess readiness, test systems, as well as develop contingency plans for unanticipated failures. We also provided an inventory checklist of office equipment and supplies they need to assess for Year 2000 compliance. A copy of this letter was printed in the Federal Register and distributed to every Member of Congress. <bullet> We established a website dedicated to the Year 2000 (www.hcfa.gov/y2k) advising providers how to identify mission- critical hardware and software and assess its readiness; test systems and their interfaces; and develop contingency plans should unexpected problems arise. The website also includes links to other pertinent sites, such as the Food and Drug Administration's website on medical device readiness. The site registered nearly 25,000 visits last month. <bullet> Last month, we set up a Year 2000 toll-free phone line, 1-800- 958-HCFA (1-800-958-4232) where callers can receive up-to-date answers to Year 2000 questions that relate to medical supplies, their facilities and business operations, as well as referrals for more specific billing-related information. The hotline also will update callers on HCFA's Year 2000 policies and provide general ``how to'' assistance to help callers prepare their own computer systems for the millennium. <bullet> In March, we hosted Year 2000 Action Week seminars in Washington, D.C. and eleven other cities, including Baltimore; Boston; New York; Philadelphia; Atlanta; Chicago; Dallas; Kansas City; Denver; San Francisco; and Seattle. These conferences provided attendees with detailed information about what doctors' offices, hospitals, equipment suppliers, pharmacies, and other health care providers and their billing agents need to do to be Year 2000-ready. <bullet> Two weeks ago, we began a series of provider educational conferences which will take place over the next three months in twelve cities across the country. We have already held conferences in Kansas City and Atlanta. Tomorrow, we will hold a conference in Cleveland. In May, we will visit Hartford, Salt Lake City, Los Angeles, Fargo, and Minneapolis. And in June, we will be in Tampa, Phoenix, and Portland, Oregon. These one-day conferences are offered free-of-charge and feature readiness strategies, as well as information about biomedical equipment and pharmaceutical risks. The seminars have been well-received by providers. Over 175 providers attended our conference in Kansas City and Atlanta drew over 200 participants. I invite any of the members of these subcommittees to participate in these events and my staff would be pleased to work with your staff to make arrangements. <bullet> We are developing smaller, more individualized Year 2000 educational sessions targeted towards rural providers, in consultation with rural provider associations. <bullet> And agency staff across the country have been actively involved in sponsoring and participating in conferences, symposiums, and other outreach programs through our speakers bureau. They have made literally hundreds of presentations on Year 2000 issues to providers and others around the nation. We have been working to address the Year 2000 readiness of managed care plans. Our primary objective--to ensure that our own internal mission critical systems for paying managed care plans are compliant-- is done. At the same time, we have been proactive in our efforts to raise managed care plans' awareness of the importance of being Year 2000-ready. We have established a Year 2000 managed care workgroup that is focusing its efforts in three critical areas: readiness education and information; certification; and contingency planning. Similar to our efforts to reach the provider community at large, we have sent managed care plans letters providing guidance on Year 2000 readiness; posted updated information on our Year 2000 website; and conducted several national conferences geared specifically towards managed care. In addition, we meet regularly with managed care industry groups and trade associations to discuss and resolve Year 2000 issues. We know that our partners, including the American Association of Health Plans (AAHP) and the Health Insurance Association of America (HIAA) have been actively involved in outreach to their members. Importantly, we required all Medicare managed care organizations to submit certifications to us about their Year 2000 readiness by April 15, 1999. We are quickly working to obtain an initial sense of the certifications submitted under the managed care data request. We also are requiring them to provide contingency plans by July 15, 1999. Also, earlier this year, we contracted with an IV&V expert, SRA, Inc., to help us assess health plan readiness. We currently are establishing criteria for identifying managed care organizations that will receive on-site reviews and are planning reviews at all national Medicare plans and those with more than 50,000 Medicare enrollees. We share the OIG's concern over the readiness of small plans and will include a number of these smaller plans in our review efforts. By September 1999, we should have a more accurate assessment of overall plan readiness. We will work closely with and monitor those plans at greatest risk and are developing contingency plans should problems arise in this area. I was pleased to learn that some provider associations, including the American Medical Association and the American Hospital Association, have begun to assess the Year 2000 readiness of their membership and to step-up their educational efforts on the critical nature of this problem. This is an essential undertaking. Quite simply, Year 2000 compliance cannot be a one-way street. All providers must meet the Year 2000 challenge head on, or risk not being able to receive prompt payment from Medicare, Medicaid, or virtually any other insurer, as well as risk serious compromise to patient care and safety. We also welcome Congress' help in making all providers aware of the need to become Year 2000-ready and appreciate your ongoing attention to this critical issue. You can help in identifying additional opportunities to publicize the Year 2000 message and we encourage you to stress the importance of this issue whenever you meet with providers. Achieving Year 2000 Readiness. One of the first steps providers should take to achieve millennium readiness, and perhaps the easiest, is changing Medicare claims to the Year 2000-compliant format allowing for 8-digit date fields. We required that all providers and their billing agents submit Year 2000- compliant claims by no later than April 5, 1999. To ease the transition to the new format, our claims processing contractors made compliant billing software available to all providers and submitters for free or at minimal cost. Our electronic claims monitoring indicates that, as of last week, more than 99.98 percent of Part B claims submitters (either physicians, suppliers, or their billing agents) and over 93 percent of Part A submitters (hospitals, other institutions, or their billing agents) that submit claims electronically are using the 8-digit fields. Most of those not yet using the new format are in the process of testing their format changes. We will continue to work closely with providers and health industry trade groups to reach our goal of 100 percent compliance. While the ability to submit 8-digit date claims is an important step toward Year 2000 readiness, it is only a first step. The ability of a provider to submit a claim with 4-digit years does not mean its office computer or practice management software will function into the millennium. If the systems do not function, a provider may not even be able to obtain the information needed to generate a paper claim. Providing quality care to beneficiaries goes well beyond billing and claims processing. It depends upon doctors, hospitals, and other service providers ensuring that their medical equipment will work and their offices remain open. It also depends upon pharmaceutical and medical supply chains continuing to operate uninterrupted. Providers also need to make sure they are able to submit claims to their State Medicaid systems, and in turn, the State systems must also be ready. We are conducting on-site visits, with the assistance of an expert IV&V contractor, in every State to review Year 2000 readiness and provide advice where necessary. To date, we have visited all 50 States and the District of Columbia. GAO staff have accompanied us on some of these visits. Our preliminary surveys are consistent with earlier work by the GAO that suggests some States may not be ready on time. We and our IV&V team will revisit approximately 35 states between May and the end of August to follow-up on earlier visits and to continue to monitor progress. Again, we do not have the ability, authority, or resources to step in and fix State systems, and can provide only limited assistance. We are sharing whatever survey information we gather directly with the States, to provide them, at a minimum, with an independent appraisal of their Year 2000 issues and progress. It is the responsibility of each State to determine the appropriate steps it must take to meet its Year 2000 responsibility and the needs of its beneficiaries. Contingency Planning. Regardless of success in renovating and testing systems for Year 2000 readiness, both we and providers must have business continuity and contingency plans prepared in case unanticipated problems arise. We have undertaken an extensive effort to develop these plans for all our mission-critical business processes, as should providers. Our priorities are to ensure that we can: <bullet> continue prompt and accurate payments to providers, suppliers, and others; <bullet> safeguard the Medicare Trust Funds by preventing and recovering inappropriate payments; <bullet> protect quality of care; and <bullet> sustain beneficiary entitlement and enrollment. For HCFA, contingency planning is an agency-wide effort with active participation of all of our senior executives. We are closely following the GAO's advice on contingency planning outlined in their August 1998 guidance, Year 2000 Business Continuity and Contingency Planning and in their September 1998 report, Medicare Computer Systems--Year 2000 Challenges Put Benefits and Services in Jeopardy. We have developed and are now validating our contingency plans. This validation phase of our effort will run through the end of June. We intend, however, to provide the Office of Management and Budget with a status of our business continuity and contingency planning on June 15, 1999, as all Federal agencies are doing. Each contingency plan has a designated Emergency Response Team responsible for executing the various contingency plans, if necessary. During the validation phase, these teams will run practice exercises and rehearse plans in a simulated environment. It is important to note that contingency planning is not a static process. We will continue to rehearse and refine our plans throughout the coming year and up until December 31, 1999. We will make changes, if necessary, as we learn more about the readiness status of those with whom we interact, such as providers, pharmaceutical and medical equipment suppliers, and States, among others. Our contingency plans will, of course, factor in the possibility of provider failure. I hope the subcommittees will appreciate the delicate balance that exists between our top two contingency planning goals of paying providers promptly and preventing payment errors. Let me stress that I firmly believe that no contingency plan should cause providers who fail to prepare for the Year 2000 to be rewarded for their lack of attention, effort, or due diligence. It is quite clear that it would not fulfill our fiduciary responsibilities to pay monies from the Medicare Trust Funds in the absence of appropriate evidence that a covered service was delivered to a beneficiary. Conclusion. We have made remarkable progress in meeting the Year 2000 challenge, as have many providers. However, we remain seriously concerned with the progress of some providers in meeting their own Year 2000 challenges. We are committed to raising awareness and providing as much assistance as we can, but in some cases that may not be enough. We all share a common goal of having our systems and programs function and care for our programs' beneficiaries continue throughout the millennium transition. I thank you for your attention to this essential issue, and I am happy to answer any questions you may have. Mr. Upton. Thank you very much. Mr. Willemssen. TESTIMONY OF JOEL C. WILLEMSSEN Mr. Willemssen. Thank you, Mr. Chairman, Mr. Ranking Member, Chairman Bilirakis. Thank you for inviting us to testify today. As requested, I will briefly summarize our statement on Medicare and on the health sector overall. Regarding Medicare, HCFA has continued to make progress in its efforts to become Y2K compliant. For example, HCFA is more effectively identifying and managing risks, further defining its testing procedures and enhancing its testing oversight, developing business continuity and contingency plans and continuing its outreach efforts with providers. Despite this progress, HCFA still faces a considerable amount of work and risks. For example, systems will have to undergo a significant amount of change between now and July. HCFA plans to conduct final tests of these change systems between July and November and then recertify systems as compliant. To date HCFA's testing of its external systems has not been rigorous enough. HCFA's contractor has reported concerns with test documentation, readiness, and coverage. The agency also still lags in developing an integrated schedule that has milestones for testing of all systems. HCFA's late start and the limited time remaining has also led to planned concurrent testing that is overlapping testing. HCFA also still lacks a detailed end-to-end test plan explaining how multiple systems will be tested to make sure that they can work together. HCFA has several other areas that it needs to work on in the time remaining, including getting all of its data exchanges compliant, testing, business continuity and contingency plans, implementing provider payment updates, transitioning workloads of contractors leaving the program, and overseeing managed-care organizations' Y2K efforts. Looking beyond Medicare and at the health sector overall, available data that's out there indicates that there's much work remaining. According to the report of the President's Council on Year 2000 Conversion issued last week, the health care sector has not made adequate progress in addressing Y2K. In response to the council chairman's request, the amount of readiness information on this sector has increased recently. However, the picture is still incomplete, because many have not responded to surveys. One crucial area for providers and for the health sector overall is that of biomedical equipment. For this type of equipment, progress has been made in obtaining Y2K compliance information for manufacturers. Specifically, FDA has established a biomedical equipment clearinghouse that provides the public with such information. Less progress has been made in reviewing biomedical equipment results. Last year we recommended that HHS take steps to review manufacturers' compliance test results for critical care and life support biomedical equipment to give added assurance that such equipment was indeed compliant. The response to our recommendation has been disappointing. HHS said that submitting compliance certifications was sufficient. In contrast to that position, some hospitals in the private sector believe that testing biomedical equipment is necessary to show that they have exercised due diligence in the protection of patient health and safety. In fact, hospital officials have told us that their testing has identified some noncompliant equipment that manufacturers had certified as compliant. Pharmaceuticals represent another health-related area with growing recognition of Y2K risks. Pharmaceutical trade associations have performed recent surveys of their memberships and based on those surveys believe there should be an uninterrupted flow of medicines. However, the association surveys do not provide detailed information on the information on the Y2K readiness of specific manufacturers. In an effort to assure the public that Y2K is being addressed, last evening, the Food and Drug Administration informed us that it is now sending surveys to drug manufacturers requesting specific compliance information. That concludes a summary of my statement. I would be pleased to address any questions at the conclusion of Mr. Grob's statement. [The prepared statement of Joel C. Willemssen follows:] Prepared Statement of Joel C. Willemssen, Director, Civil Agencies Information Systems, Accounting and Information Management Division, GAO Messrs. Chairmen and Members of the Subcommittees: We appreciate the opportunity to join in today's hearing and share information on the readiness of automated systems that support the nation's delivery of health benefits and services to function reliably without interruption through the turn of the century. This includes the ability of Medicare and Medicaid to pay for services to millions of Americans and the overall readiness of the health care sector, including such key elements as biomedical equipment used in the delivery of health services. Successful Year 2000--or Y2K--conversion is critical to these efforts. We reported in February that while some progress by the Department of Health and Human Services' (HHS) Health Care Financing Administration (HCFA)--and its contractors--had been made in addressing the numerous recommendations we made last year <SUP>1</SUP> to improve key HCFA management practices associated with its Y2K program, many significant challenges remained.<SUP>2</SUP> At the time, we also reported that while some progress had been achieved, many states' Medicaid systems were at risk, and much work remained.<SUP>3</SUP> --------------------------------------------------------------------------- \1\ Medicare Computer Systems: Year 2000 Challenges Put Benefits and Services in Jeopardy (GAO/AIMD-98-284, September 28, 1998). \2\ Year 2000 Computing Crisis: Medicare and the Delivery of Health Services Are at Risk (GAO/T-AIMD-99-89, February 24, 1999). \3\ Year 2000 Computing Crisis: Readiness of State Automated Systems That Support Federal Human Services Programs (GAO/T-AIMD-99-91, February 24, 1999). --------------------------------------------------------------------------- Beyond Medicare and Medicaid, the information available on the national level concerning Y2K readiness throughout the health care sector--including providers, insurers, manufacturers, and suppliers-- indicates much work remains in renovating, testing, and implementing compliant systems. Also, as we recently testified, while information on the compliance status of biomedical equipment is available through a clearinghouse maintained by the Food and Drug Administration (FDA), the test results for this equipment are not reviewed.<SUP>4</SUP> Finally, information on the Y2K readiness of pharmaceutical and medical-surgical manufacturers is incomplete. --------------------------------------------------------------------------- \4\ See Year 2000 Computing Crisis: Action Needed to Ensure Continued Delivery of Veterans Benefits and Health Care Services (GAO/ AIMD-99-136, April 15, 1999). --------------------------------------------------------------------------- hcfa's ability to process medicare claims into the next century As the nation's largest health care insurer, Medicare expects to process over a billion claims and pay $288 billion in benefits annually by 2000. The consequences, then, of its systems' not being Y2K compliant could be enormous. We originally highlighted this concern in May 1997 and made several recommendations for improvement.<SUP>5</SUP> Our report of last September warned that although HCFA had made improvements in its Y2K management, the agency and its contractors were severely behind schedule in making their computers that process Medicare claims Y2K compliant. In February, we testified that although HCFA had been responsive to our recommendations and that its top management was actively engaged in its Y2K program, its reported progress was highly overstated. We testified that none of HCFA's 54 external mission-critical systems reported compliant by HHS as of December 31, 1998, was Y2K ready, based on serious qualifications identified by the independent verification and validation (IV&V) contractor. Further, we reported that HCFA continued to face serious Y2K challenges. Specifically, HCFA \5\ Medicare Transaction System: Success Depends Upon Correcting Critical Managerial and Technical Weaknesses (GAO/AIMD-97-78, May 16, 1997). --------------------------------------------------------------------------- <bullet> lacked an overall schedule and critical path to identify and rank Y2K tasks to help ensure that they could be completed in a timely manner; <bullet> needed a formal risk management process to highlight potential technical and managerial weaknesses that could impair project success; <bullet> continued to have thousands of electronic data exchanges that were not Y2K compliant; <bullet> faced a significant amount of testing in 1999, especially since changes will continue to be made to its mission-critical systems to make them compliant; and <bullet> needed to sustain its efforts to complete and test business continuity and contingency plans to ensure that Medicare claims will be processed next year. The Office of Management and Budget (OMB) also continues to be concerned about HCFA's progress. In its March 18, 1999, summary of Y2K progress reports of all agencies for the reporting quarter ending February 12, 1999, it concluded that HCFA remains a serious concern due to external systems testing, implementation schedules, and the qualified compliance of a number of external mission-critical systems. OMB further stated that although Medicare contractors had been making an intensive effort to complete validation and implementation by the governmentwide deadline of March 31, 1999, some external contractors may not succeed. Due in large part to HCFA's status, OMB designated HHS as a tier 1 agency on its three-tiered rating scale, meaning it had made insufficient progress in addressing the Y2K problem. HCFA's Actions To Achieve Compliance and Bolster Outreach Efforts to Medicare Providers HCFA has been responsive to our recommendations. To more effectively identify and manage risks, HCFA is relying on multiple sources of information, including test reports, reports from its IV&V contractors, and weekly status reports from its recently established contractor oversight teams. In addition, HCFA has stationed staff at critical contractor sites to assess the data being reported and to identify problems. HCFA also is more effectively managing its electronic data exchanges. It issued instructions to its contractors (fiscal intermediaries and carriers) to inform providers and suppliers that they had to begin submitting Medicare claims in Y2K-compliant data exchange format by April 5 of this year. HCFA now reports that 93 percent of the fiscal intermediaries and 99 percent of the carriers are complying. HCFA also established new instructions for contractors to report on data exchanges, and created a new database to track status. HCFA continues to further define its testing procedures. It required that existing qualifications be addressed and tested by March 31, 1999. It also issued instructions--on January 11, 1999--for all contractors to recertify their systems from July 1 to November 1, 1999. To more clearly define this testing, HCFA issued additional recertification and end-to-end testing guidance on March 10, 1999. HCFA has also begun to use several Y2K-analysis tools to measure testing thoroughness, and its IV&V contractor is assessing test adequacy of the external systems (e.g., test coverage and documentation). In addition to the IV&V contractors' efforts, HCFA has engaged a separate contractor to conduct independent tests on some of its mission-critical systems. HCFA further plans to perform end-to-end testing with its Y2K-compliant test sites. These end-to-end tests are to include all internal systems and contractor systems; however, they will not include testing with banks and providers. Another area in which HCFA has demonstrated progress is developing business continuity and contingency plans to ensure that, no matter what, beneficiaries will receive care and providers will be paid. HCFA established cross-organizational workgroups to develop contingency plans for the following core business functions: health plan and provider payment, eligibility and enrollment issues, program integrity, managed care, quality of care, litigation, and telecommunications. HCFA's fourth and final iteration of this plan was issued on April 1, 1999, and the plan is expected to be tested by June 30. HCFA has continued to strengthen its outreach efforts to the providers of Medicare services. On January 12, 1999, the Administrator sent individual letters to over 1.3 million Medicare providers in the United States, alerting them to take prompt Y2K action on their information and billing systems. Three days later, the Administrator sent a letter to Congress, with assurances that HCFA is making progress and stressing that physicians, hospitals, and other providers must also meet the Y2K challenge. HCFA also offered to provide speakers in local congressional districts, is holding a series of conferences throughout the country, and has established a toll-free information hotline. Reported Status of HCFA's Mission-Critical Systems HCFA operates and maintains 25 internal mission-critical systems; it also relies on 75 external mission-critical systems operated by contractors throughout the country who process Medicare claims. These external systems include six standard processing systems and the ``Common Working File.'' Each contractor relies on one of these standard systems to process its claims, and adds its own front-end and back-end processing systems. The Common Working File is a set of databases located at nine sites that works with internal and external systems to authorize claims payments and determine beneficiary eligibility. In HHS' latest Y2K quarterly progress report to OMB, dated February 10, it reported that as of December 31, 1998, all 25 of HCFA's internal mission-critical systems were reported to be compliant, as were 54 of the external systems. Yet as we testified in February, none of these 54 systems was Y2K ready because all had important associated qualifications (exceptions), some of them significant.<SUP>6</SUP> HCFA issued a memorandum in early January requesting Medicare carriers and fiscal intermediaries to resolve these qualifications by March 31, the federal target date for Y2K compliance. HCFA reported to us on April 19, 1999, that most of these qualifications have been resolved and that 73 of 75 external systems are now compliant (the total number of external mission-critical systems decreased from 78 to 75 because three contractors plan to leave the Medicare program before the end of the year). --------------------------------------------------------------------------- \6\ GAO/T-AIMD-99-89, February 24, 1999. --------------------------------------------------------------------------- HCFA's IV&V contractor's analysis of the qualifications was consistent with what HCFA reported to us. Specifically, the IV&V contractor's analysis of the 53 external systems concluded that 19 had no remaining qualifications, 33 had qualifications it deemed ``low impact'' (i.e., could be addressed within the next 3 months or would have a minor impact on the site's ability to meet Medicare requirements), and 1 had qualifications deemed critical. The IV&V contractor recommended that all qualifications be resolved by June 28, 1999, so that HCFA's final testing of its mission-critical systems could begin on July 1, 1999, with no open qualifications. Despite Reported Compliance, HCFA's Mission-Critical Systems Still Require Additional Y2K Renovation and Testing The HCFA mission-critical systems that have been characterized as Y2K compliant are not, however, the final systems that will be processing Medicare claims on January 1, 2000. These systems will undergo a significant amount of change between now and July 1, 1999, for both Y2K and other reasons. These changes will require a complete retest to ensure that the systems have not been contaminated by the changes and that they still are indeed Y2K compliant. Specifically, these changes will address (1) outstanding qualifications, (2) additional Y2K changes, (3) a critical software release of the Common Working File, and (4) legislative mandates.<SUP>7</SUP> In addition to the changes required to address outstanding qualifications, changes are also occurring because of other compliance issues not listed as qualifications. For example, three standard system maintainers are currently updating their systems because the earlier renovation was performed with noncompliant compilers.<SUP>8</SUP> Each of these three upgrades is scheduled to be completed by July 1999. In addition, analyses using tools that determine the Y2K readiness of software code are uncovering additional Y2K programming errors. For example, 28 programming errors were recently identified using a Y2K tool on the Florida standard system. These errors are to be corrected and tested by June 1999. According to HCFA officials, such errors were uncovered based on an inspection of only about one seventh of the software code associated with the Florida standard system. If time permits, HCFA is considering using this Y2K tool on 100 percent of the code on all of the standard systems. --------------------------------------------------------------------------- \7\ These legislative mandates include software changes required to implement new policies for the Balanced Budget Act of 1997, such as hospice updates and Medicare+Choice. \8\ A compiler is a computer program that converts human-readable source code into a sequence of machine instructions that the computer can run. --------------------------------------------------------------------------- In addition to these Y2K-related changes, HCFA is planning a major software release of the Common Working File in late June, and legislatively mandated changes are to occur through June. HCFA plans to conduct final tests of its systems between July 1 and November 1, 1999, then recertify all mission-critical systems as compliant without qualification or exception. These final tests will ultimately determine whether HCFA's mission-critical systems are Y2K compliant. The late 1999 time frames associated with this testing represent a high degree of risk. Other Critical Risks and Challenges Remain Testing is a critical area in which HCFA faces significant challenges. Complete and thorough testing is essential to providing reasonable assurance that new or modified systems will process dates correctly and will not jeopardize an organization's ability to perform core business operations. Because the Y2K problem is so pervasive, potentially affecting an organization's systems software, applications software, databases, hardware, firmware, embedded processors, telecommunications, and interfaces, the requisite testing can be extensive and expensive. Experience is showing that Y2K testing is consuming between 50 and 70 percent of a Y2K project's time and resources. According to our guide, to be done effectively, testing should be planned and conducted in a structured and disciplined fashion.<SUP>9</SUP> --------------------------------------------------------------------------- \9\ Year 2000 Computing Crisis: A Testing Guide (GAO/AIMD-10.1.21, November 1998). --------------------------------------------------------------------------- To date, HCFA's testing of its external systems has not been rigorous. HCFA's IV&V contractor has reported concerns with test documentation, readiness, and coverage associated with HCFA's external mission-critical systems. Specifically, the IV&V contractor reported that the quality of test documentation has been found to be incomplete and inadequate during a significant number of site visits. In addition, the results of using a Y2K tool to assess renovation quality and test readiness on each of the standard systems revealed that both indicators are primarily rated in the low to medium ranges, meaning that errors exist that could cause Y2K-related system failures. The IV&V contractor also reported that HCFA's contractors have no satisfactory mechanism for determining the quality of test coverage (e.g., systems functionality, HCFA-mandated dates, interface coverage) associated with the self-certification testing. Because of this, HCFA issued instructions on April 9, 1999, that required contractors to submit information on the functionality covered by their test cases. Until test coverage is determined and testing is fully executed, the quality of the testing conducted will remain unknown. In addition, two standard system maintainers did not test with the Common Working File, rather, they used a system that simulates the functions performed by the Common Working File. Testing with a system that simulates the Common Working File is less than ideal since the simulated system is not identical to the actual system. HCFA has acknowledged this and plans to have these two standard system maintainers test with the Common Working File during the recertification testing. Further, testing has not been completed in the optimal sequence to ensure compliance of all systems. Since each contractor relies on one of the six standard systems to process its claims, ideally each of these six standard systems should have been completely tested before the contractors tested their front-end and back-end processing systems with their respective standard systems. However, only the Florida standard system maintainer completed future-date testing before the system was provided to its 29 contractors. Thus, more than half of the contractors tested with standard systems that had not completed Y2K testing. Managing multiple testing baselines and ensuring that corrections to one system's testing errors does not lead to problems in another system is a major challenge. In September 1998 we recommended that HCFA rank its remaining Y2K work on the basis of a schedule that includes milestones for renovation and testing of all systems, and that it include time for end-to-end testing and development and testing of business continuity and contingency plans.<SUP>10</SUP> Such a schedule is extremely important because of the number of systems, their complexity, and interdependencies among them. However, HCFA still lacks an integrated schedule. The complexity and required sequencing of the 75 external and 25 internal systems associated with the recertification requires an integrated testing schedule to avoid scheduling constraints. For example, the Common Working File and standard systems should be tested initially so that the contractors can test with fully compliant systems. Without an integrated schedule, HCFA cannot effectively prioritize remaining work or ensure that all Y2K testing will be completed on time. --------------------------------------------------------------------------- \10\ GAO/AIMD-98-284, September 28, 1998. --------------------------------------------------------------------------- HCFA's late start and the limited time remaining raises risks that the recertification testing will likewise not be as rigorous as necessary. Two areas already have us concerned--testing overlap and a decrease in the number of future dates that will be tested. HCFA officials told us that contractors will begin to test with the Common Working File before it is completely Y2K-tested. Ideally, these tests should be done sequentially so that each contractor can test with a fully Y2K-tested Common Working File. Also, although HCFA's recertification will test four future dates, two more than the self- certification testing, this total is fewer than what HCFA had originally planned. Initially, HCFA planned to test with nine future dates. In addition to such individual systems testing, HCFA must also test its systems end-to-end to verify that defined sets of interrelated systems, which collectively support an organizational core business function, will work as intended. As mentioned, HCFA plans to perform this end-to-end testing with its Y2K-test sites. These tests are to include all internal systems and contractor systems, but will not include testing with banks and providers. HCFA has required its contractors to future-date test with providers and financial institutions. Even excluding banks and providers, end-to-end testing of HCFA's internal and external systems is a massive undertaking that will need to be effectively planned and carried out. HCFA has not yet, however, developed a detailed end-to-end test plan that explains how these tests will be conducted or that provides a detailed schedule for conducting them. A final aspect of testing concerns the independent testing contractor. HCFA expects this testing to be completed by August 31. This contractor currently plans to test eight internal systems and the six external standard systems. Originally, all 25 internal mission- critical systems were to be tested. In addition, because of the changing nature of the Medicare systems and the limited remaining time, the independent testing will be conducted with systems that were available January 1999, not with the exact systems that will be operating on January 1, 2000. HCFA also faces risks because it has thousands of data exchanges that are not yet compliant. HCFA's systems--both internal and external--exchange data, both among themselves and with the CWF, other federal agencies, banks, and providers. Accordingly, it is important that HCFA ensure that Y2K-related errors will not be introduced into the Medicare program through these data exchanges. HCFA's total number of data exchanges dropped significantly since February 10, 1999. The number of internal data exchanges declined from 7,968 to 3,209, while the number of external data exchanges dropped from 255,383 to 141,866. HCFA officials attributed this decrease to ``performing a major cleanup of the data.'' As of April 9, 1999, HCFA reported that only four of its 3,209 internal data exchanges were still not compliant, and that over 3,000 of its 141,866 external data exchanges were not compliant. To ensure that HCFA's internal and external systems are capable of exchanging data between themselves as well as with other federal agencies, banks, and providers, it is essential that HCFA take steps to resolve the remaining noncompliance of these data exchanges. Given the magnitude of HCFA's Y2K problem and the many challenges that continue to face it, the development of contingency plans to ensure continuity of critical operations and business processes is absolutely critical. Therefore, HCFA must sustain its efforts to complete and test its agencywide business continuity and contingency plans by June 30. Another challenge for HCFA is monitoring the progress of the 62 separate business continuity and contingency plans that will be submitted by its contractors. We will continue to monitor progress in this area. Other issues that further complicate HCFA's Y2K challenge are planned October 1, 1999, and January 1, 2000, provider payment updates; the known and unknown contractor transitions that are to take place before January 1, 2000; and the unknown status of the managed care organizations serving Medicare beneficiaries. We have requested detailed information on the specific changes that the October 1 and January 1 updates will require to determine the amount of testing that will be necessary after these changes are made. HCFA already is faced with too much to test in too little time, and these updates further contribute to already monumental testing challenges. As reported in HHS' quarterly submission to OMB, HCFA is concerned about the possibility of Medicare contractors, fiscal intermediaries, and carriers leaving the program and notifying HCFA of this after June. If this were to occur, the workload would have to be transferred to another contractor whose Y2K-compliance status may not be known. According to both contractor and HCFA officials, it requires 6-12 months to transfer the claims processing workload from one contractor to another. At present, HCFA is transitioning the work of the three contractors that are leaving the program. HCFA required the 386 managed care organizations currently serving 6.6 million Medicare beneficiaries to certify their systems as Y2K compliant by April 15. As of April 21, 1999, HCFA had received certifications from 315 of the organizations. Similar to fee-for- service contractors, 271 of the 315 certifications contained qualifications. We plan to review these certifications as part of our ongoing work for the Senate Special Committee on Aging to determine whether the managed care organizations' systems are Y2K compliant and whether a formal recertification would have to be performed later this year. medicaid systems are at risk Similar to Medicare, the systems supporting the Medicaid program also face Y2K challenges and risk. In fiscal year 1997, Medicaid--a joint federal-state program supported by HCFA and administered by the states--provided about $160 billion to millions of recipients. Medicaid provides health coverage for 36 million low-income people, including over 17 million children. Its beneficiaries also include elderly, blind, and disabled individuals. In surveying states' Y2K status last summer,<SUP>11</SUP> we found that many systems were at risk and much work remained to ensure the continuation of services. The states' reported compliance rate for Medicaid systems was only about 16 percent, and 18 states reported that they had completed renovating one quarter or fewer of their Medicaid claims processing systems. These 18 states had Medicaid expenditures of about $40 billion in fiscal year 1997--one quarter of total Medicaid expenditures nationwide, covering about 9.5 million recipients. --------------------------------------------------------------------------- \11\ Year 2000 Computing Crisis: Readiness of State Automation Systems to Support Federal Welfare Programs (GAO/AIMD-99-28, November 6, 1998). We sent a survey to the 50 states, the District of Columbia, and three territories (Guam, Puerto Rico, and the Virgin Islands). All but one of the 54 entities surveyed responded. --------------------------------------------------------------------------- In response, HCFA administered two state self-reported surveys and conducted several on-site visits and found that overall state Medicaid systems status had improved little. To obtain more reliable Y2K state Medicaid status information, HCFA also hired a contractor to conduct independent verification and validation of states' systems. HCFA reported in HHS' February 1999 quarterly report to OMB that based on seven site visits, some of the dates that states had reported to us in July/August 1998 had already slipped, underscoring the need for on-site visits to secure more accurate information. In addition, according to HCFA, while four states appeared to have made some progress in the 6 months since our survey, three states' status remained the same. Further, HCFA found that one state's Medicaid eligibility system was not as far along as the state had reported in our survey. To assist states with their effort, HCFA's IV&V contractor plans to make on-site visits to all 50 states and the District of Columbia by the end of this April. For states considered at risk, HCFA will conduct second site visits between May and September 1999 and, if necessary, third visits between October and December 1999. The later visits will emphasize contingency planning to help the states ensure continuity of program operations in the event of systems failures. y2k readiness of the health care sector: much work remains At this point, I would like to broaden our discussion to the Y2K- readiness status of the health care sector, including biomedical equipment <SUP>12</SUP> and pharmaceutical and medical-surgical products used in the delivery of health care. While it is undeniably important that Medicare and Medicaid systems be compliant so that the claims of health care providers and beneficiaries can be paid, it is also critical that the services and products associated with health care delivery itself be Y2K compliant. However, with just over 8 months until the turn of the century, the level of progress to date is not reassuring. --------------------------------------------------------------------------- \12\ Biomedical equipment refers to both medical devices regulated by the Food and Drug Administration (FDA), and scientific and research instruments, which are not subject to FDA regulation. --------------------------------------------------------------------------- Virtually everything in today's hospital is automated--from the scheduling of procedures such as surgery, to the ordering of medication such as insulin for a diabetic patient, to the use of portable devices as diverse as heart defibrillators and thermometers. It, therefore, becomes increasingly important for health care providers such as doctors and hospitals to assess their health information systems, facility systems (such as heating, ventilating, and air conditioning equipment), and biomedical equipment to ensure their continued operation on January 1, 2000. Similarly, pharmaceutical manufacturers and suppliers that rely heavily on computer systems for the manufacture and distribution of drugs must assess their processes for compliance. Given the large degree of interdependence among components of the health sector--providers, suppliers, insurance carriers, and patients/ consumers--the availability and sharing of Y2K readiness information is vital to safe, efficient, and effective health care delivery. In response to an October 1998 request from the Chair of the President's Council on Year 2000 Conversion, several federal agencies and professional health care associations surveyed key components of the health care sector. Accordingly, the amount of readiness information on this sector has increased in recent months. The survey results, however, indicate that much work still remains in renovating, testing, and implementing compliant systems. Further, readiness information on the health sector is still incomplete because a significant number of sector members did not respond to the surveys. According to a survey that the American Hospital Association (AHA) sent to 2,000 of its members in February 1999, much work remains. For example, based on the 583 responses received as of March 1, 1999, the hospitals reported that only about 6 percent of the medical devices, 13 percent of information systems, and 24 percent of physical plant/ infrastructure are compliant. However, most hospitals indicated that they expect to be compliant by the end of the year.<SUP>13</SUP> --------------------------------------------------------------------------- \13\ Compliance refers to the hospitals' information systems, medical devices, and physical plant/infrastructure. --------------------------------------------------------------------------- The American Medical Association's (AMA) survey to 7,000 physicians showed that approximately 47 percent of the 522 physicians that responded by mail or telephone indicated that they do not have a good understanding of Y2K conversion, and have practices that are not Y2K ready. Almost all of these physicians reported that they would be ready by the end of the year. The survey disclosed no difference between the Y2K preparedness of large physician groups and solo or small physician groups (10 physicians or fewer). However, AMA stated that caution should be taken in interpreting the survey results due to the low response rate. According to responses received to a December 1998 survey sent by HHS' Office of the Inspector General to a sample of 5,000 Medicare providers--1,000 each to hospitals, nursing homes, durable medical device manufacturers, physicians, and home health agencies--except for hospitals, providers reported making limited progress in assessing their biomedical equipment for Y2K compliance. All providers reported making limited progress in testing data exchanges between their computers and external vendors, and developing emergency backup plans in case of computer failures. Further, many Medicare providers did not respond to this survey. For example, the response rates for medical device manufacturers, physicians, and home health agencies were less than 30 percent. A survey sent by the Association of State and Territorial Health Officials and the Centers for Disease Control and Prevention (CDC) to 57 state and territorial health officials in December 1998 showed that two thirds of the 29 respondents did not have contingency plans. CDC is also concerned about the lack of readiness information on local public health agencies. Finally, according to the second quarterly report by the President's Council on Year 2000 Conversion, the health care sector has not made adequate progress in addressing the Y2K problem.<SUP>14</SUP> The report stated that while recent surveys indicate that health care providers have a high level of confidence that they will complete much of the work on mission-critical systems before the end of the year, the actual number of systems made compliant to date is relatively low in areas from recordkeeping to infrastructure. The report noted that recordkeeping systems are ``of great concern'' because they play an essential role in processing payment claims to insurance companies and government health agencies. --------------------------------------------------------------------------- \14\ The President's Council on Year 2000 Conversion: Second Summary of Assessment Information, April 21, 1999. --------------------------------------------------------------------------- Biomedical Equipment: Status Information Available for Many Items, But Test Results Not Reviewed The question of whether medical devices such as magnetic resonance imaging (MRI) systems, x-ray machines, pacemakers, and cardiac monitors can be counted on to work reliably on and after January 1, 2000, is critical to medical care delivery. To the extent that biomedical equipment uses embedded computer chips, it is vulnerable to the Y2K problem. Such vulnerability carries with it possible safety risks. This could range from the more benign--such as incorrect formatting of a printout--to the most serious--such as incorrect operation of equipment with the potential to adversely affect the patient. The degree of risk depends in large part on the role the equipment plays in a patient's care. Responsibility for oversight and regulation of medical devices, including the impact of the Y2K problem, lies with FDA. Last September we testified that FDA, like the Veterans Health Administration (VHA)--a key federal health care provider--was trying to determine the Y2K compliance status of biomedical equipment.<SUP>15</SUP> FDA's goal was to provide a comprehensive, centralized source of information on the Y2K compliance status of biomedical equipment used in the United States and to make this information publicly available on a web site. However, at the time, FDA had a disappointing response rate from manufacturers to its letter requesting compliance information. And, while FDA made this information available to the public, it was not detailed enough to be useful. Specifically, FDA's list of compliant equipment lacked information relating to the particular make and model of the equipment. --------------------------------------------------------------------------- \15\ Year 2000 Computing Crisis: Leadership Needed to Collect and Disseminate Critical Biomedical Equipment Information (GAO/T-AIMD-98- 310, September 24, 1998). --------------------------------------------------------------------------- To provide more detailed information on the compliance status of biomedical equipment, as well as to integrate more detailed compliance information gathered by VHA, we recommended that VA and HHS jointly develop a single data clearinghouse that provides such information to all users. We said development of the clearinghouse should involve representatives from the health care industry, such as the Department of Defense's Health Affairs and the Health Industry Manufacturers Association. In addition, we recommended that the clearinghouse contain such information as (1) the compliance status of all biomedical equipment by make and model, and (2) the identity of manufacturers that are no longer in business. We also recommended that VHA and FDA determine what actions should be taken regarding biomedical equipment manufacturers that have not provided compliance information. In response to our recommendation, FDA--in conjunction with VHA-- has established the Federal Year 2000 Biomedical Equipment Clearinghouse. With the assistance of VHA, the Department of Defense, and the Health Industry Manufacturers Association, FDA has made progress in obtaining compliance-status information from manufacturers. For example, according to FDA, 4,251 biomedical equipment manufacturers had submitted data to the clearinghouse as of April 5, 1999. As shown in figure 1, about 54 percent of the manufacturers reported having products that do not employ a date, while about 16 percent reported having date-related problems such as incorrect display of date/time. FDA is still awaiting responses from 399 manufacturers. [GRAPHIC] [TIFF OMITTED] T6606.001 Note: Total number of manufacturers = 4,251. Source: FDA. FDA has also expanded the information in the clearinghouse. For example, users can now find information on manufacturers that have merged with or have been bought out by other firms. In collaboration with the National Patient Safety Partnership,<SUP>16</SUP> FDA is in the process of obtaining more detailed information from manufacturers on noncompliant products, such as make and model and descriptions of the impact of the Y2K problem on products left uncorrected. For example, FDA sent a March 29, 1999, letter requesting that medical device manufacturers submit to the clearinghouse a complete list of individual product models that are Y2K compliant. --------------------------------------------------------------------------- \16\ The National Patient Safety Partnership is a coalition of public and private health care providers, including VA, the American Medical Association, the American Hospital Association, the American Nurses Association, and the Joint Commission on Accreditation of Healthcare Organizations. --------------------------------------------------------------------------- We reported last September that VHA and FDA relied on manufacturers to validate, test, and certify that equipment is Y2K compliant.<SUP>17</SUP> We also reported that there was no assurance that the manufacturers adequately addressed the Y2K problem for noncompliant equipment, because FDA did not require medical device manufacturers to submit test results to it certifying compliance. Accordingly, we recommended that VA and HHS take prudent steps to jointly review manufacturers' compliance test results for critical care/life support biomedical equipment. We were especially concerned that VA and FDA review test results for equipment previously determined to be noncompliant but now deemed by manufacturers to be compliant, or equipment for which concerns about compliance remain. We also recommended that VA and HHS determine what legislative, regulatory, or other changes were necessary to obtain assurances that the manufacturers' equipment was compliant, including the need to perform independent verification and validation of the manufacturers' certifications. --------------------------------------------------------------------------- \17\ GAO/AIMD-98-240, September 18, 1998. --------------------------------------------------------------------------- At the time, VA stated that it had no legislative or regulatory authority to implement the recommendation to review test results from manufacturers. In its response, HHS stated that it did not concur with our recommendation to review test results supporting medical device equipment manufacturers' certifications that their equipment is compliant. It said that the submission of appropriate certifications of compliance was sufficient to ensure that the certifying manufacturers' equipment was compliant. HHS also stated that it did not have the resources to undertake such a review, yet we are not aware of HHS' requesting resources from the Congress for this purpose. More recently, VHA's Chief Biomedical Engineer told us that VHA medical facilities are not requesting test results for critical care/ life support biomedical equipment; they also are not currently reviewing the test results available on manufacturers' web sites. He said that VHA's priority is determining the compliance status of its biomedical equipment inventory and replacing noncompliant equipment. The director of FDA's Division of Electronics and Computer Science likewise said FDA sees no need to question manufacturers' certifications. In contrast to VHA's and FDA's positions, some hospitals in the private sector believe that testing biomedical equipment is necessary to prove that they have exercised due diligence in the protection of patient health and safety. Officials at three hospitals told us that their biomedical engineers established their own test programs for biomedical equipment, and in many cases contacted the manufacturers for their test protocols. Several of these engineers informed us that their testing identified some noncompliant equipment that the manufacturers had previously certified as compliant. According to these engineers, to date, the equipment found to be noncompliant all had display problems and was not critical care/life support equipment. We were told that equipment found to be incorrectly certified as compliant included a cardiac catheterization unit, a pulse oxymeter, medical imaging equipment, and ultrasound equipment. VHA, FDA, and the Emergency Care Research Institute <SUP>18</SUP> continue to believe that manufacturers are best qualified to analyze embedded systems or software to determine Y2K compliance. They further believe that manufacturers are the ones with full access to all design and operating parameters contained in the internal software or embedded chips in the equipment. VHA believes that such testing can potentially cause irreparable damage to expensive health care equipment, causing it to lock up or otherwise cease functioning. Further, a number of manufacturers also have recommended that users not conduct verification and validation testing. --------------------------------------------------------------------------- \18\ An international, nonprofit health services research agency. This organization believes that superficial testing of biomedical equipment by users may provide false assurances, as well as create legal liability exposure for health care institutions. --------------------------------------------------------------------------- We continue to believe that, rather than relying solely on manufacturers' certifications, organizations such as VHA or FDA can provide users of biomedical equipment with a greater level of confidence that the equipment is Y2K compliant through independent reviews of manufacturers' compliance test results. The question of whether to independently verify and validate biomedical equipment that manufacturers have certified as compliant is one that must be addressed jointly by medical facilities' clinical staff, biomedical engineers, and corporate management. The overriding criterion should be ensuring patient health and safety. Y2K-Readiness Information on Pharmaceutical and Medical-Surgical Manufacturers Is Incomplete Another question critical to the delivery of health care is knowing whether there will be sufficient supplies of pharmaceutical and medical-surgical products available for consumers at the turn of the century. As the largest centrally directed civilian health care system in the United States, VHA has taken a leadership role in the federal government in determining whether manufacturers supplying these products are Y2K-ready. This information is essential to VHA's medical operations because of its ``just-in-time'' <SUP>19</SUP> inventory policy. Accordingly, VHA must know whether its manufacturers' processes, which are highly automated, <SUP>20</SUP> are at risk, as well as whether the rest of the supply chain will function properly. --------------------------------------------------------------------------- \19\ This term refers to maintaining a limited inventory on hand. \20\ Pharmaceutical manufacturers rely on automated systems for production, packaging, and distribution of their products, as well as for ordering raw materials and supplies. --------------------------------------------------------------------------- To determine the Y2K readiness of its suppliers, VA's National Acquisition Center (NAC) <SUP>21</SUP> sent a survey on January 8, 1999, to 384 pharmaceutical firms and 459 medical-surgical firms with which it does business. The survey contained questions on the firms' overall Y2K status and inquired about actions taken to assess, inventory, and plan for any perceived impact that the century turnover would have on their ability to operate at normal levels. In addition, the firms were requested to provide status information on progress made to become Y2K compliant and a reliable estimated date when compliance will be achieved for business processes such as (1) ordering and receipt of raw materials, (2) mixing and processing product, (3) completing final product processing, (4) packaging and labeling product, and (5) distributing finished product to distributors/ wholesalers and end customers. --------------------------------------------------------------------------- \21\ This organization is responsible for supporting VHA's health care delivery system by providing an acquisition program for items such as medical, dental, and surgical supplies and equipment; pharmaceuticals; and chemicals. The NAC is part of VA's Office of Acquisition and Materiel Management. --------------------------------------------------------------------------- According to NAC officials, of the 455 firms that responded to the survey as of March 31, 1999, about 55 percent completed all or part of the survey. The remainder provided either general information on their Y2K readiness status or literature <SUP>22</SUP> on their efforts. As shown in table 1, more than half of the pharmaceutical firms surveyed responded (52 percent), with just less than one third (32 percent) of those respondents reporting that they are compliant. The table also shows that 54 percent of the medical-surgical firms surveyed responded, with about two thirds of them (166) reporting that they are Y2K compliant. --------------------------------------------------------------------------- \22\ This includes annual and quarterly financial reports required by the Securities and Exchange Commission for companies listed on the New York Stock Exchange. Table 1: Status of Companies Surveyed by VHA as of March 31, 1999 ------------------------------------------------------------------------ Pharma- Medical- Responses ceutical surgical ------------------------------------------------------------------------ Y2K compliant....................................... 65 166 Will be compliant by 1/1/2000 or earlier*........... 90 70 Provided no compliant date.......................... 50 14 Total number of responses......................... 205 250 Non-responses....................................... 179 209 Total number of firms surveyed.................... 384 459 ------------------------------------------------------------------------ *Estimated compliance status ranged from 3/31/99 through 1/1/2000; about 71 percent of pharmaceutical firms and 80 percent of medical-surgical firms estimated they will be compliant by 7/31/99. One firm responded that it will be compliant by 1/1/2000. Source: VA. We did not independently verify these data. On March 17, 1999, NAC sent a second letter to its pharmaceutical and medical-surgical firms, informing them of VA's plans to make Y2K readiness information previously provided to VA available to the public through a web site (www.va.gov/oa&mm/nac/y2k). VA made the survey results available on its web site on April 13, 1999. The letter also requested that manufacturers that had not previously responded provide information on their readiness. NAC's Executive Director said that he would personally contact any major VA supplier that does not respond. On a broader level, VHA has taken a leadership role in obtaining and sharing information on the Y2K readiness of the pharmaceutical industry. Specifically, VHA chairs the Year 2000 Pharmaceuticals Acquisitions and Distributions Subcommittee, which reports to the Chair of the President's Council on Year 2000 Conversion. The purpose of this subcommittee is to bring together federal and pharmaceutical representatives to address issues concerning supply and distribution as it relates to the year 2000. The subcommittee consists of FDA; federal health care providers; and industry trade associations such as the Pharmaceutical Research and Manufacturers of America (PhRMA), Generic Pharmaceutical Industry Association, the National Association of Chain Drug Stores, and the National Wholesale Druggists' Association; and consumer advocates. In response to the Chair's request for Y2K-readiness information on the pharmaceutical industry, several of these trade associations, representing both brand name and generic pharmaceutical manufacturers, have surveyed their members on this issue. Table 2 summarizes the survey results available to date. Table 2: Summary of Y2K-Readiness Survey Results From Pharmaceutical Manufacturers ------------------------------------------------------------------------ Number of Industry Trade Association Members Number of Summary of Surveyed Responses Results ------------------------------------------------------------------------ Pharmaceutical Research and 25 \1\ 24 All respondents Manufacturers of America have Y2K plans (PhRMA). and are developing contingency plans to ensure continuous supply of medicines to patients. Respondents expect to collectively spend $1.75 billion to address Y2K problem. Most repair work is expected to be completed in early to mid- 1999. Generic Pharmaceutical Industry \2\ 16 14 All respondents Association (GPIA). have Y2K plans and individually expect to spend no more than $1.5 million on Y2K problem. Most repair work is expected to be completed in June or July 1999. National Association of 12 7 Most respondents Pharmaceutical Manufacturers have Y2K plans. (NAPM). Association of Military \3\ 41 41 All respondents Surgeons of the U.S. (AMSUS). have Y2K plans. Respondents are spending from $2 million--$70 million on Y2K problem. All repair work is expected to be completed by June 30, 1999. ------------------------------------------------------------------------ \1\ These members comprise more than 90 percent of the industry capacity represented by PhRMA, which represents more than 95 percent of the research-based pharmaceutical manufacturers in the United States. \2\ This number only represents those members that are generic pharmaceutical manufacturers. \3\ Of the members surveyed, 24 are also members of PhRMA and 22 of these participated in the PhRMA survey. Source: Associations listed. We did not independently verify these data. In addition, the National Wholesale Druggists' Association sent a survey to 240 of its associate members that are pharmaceutical manufacturers requesting information on patient stockpiling of pharmaceutical products. Three quarters of the 77 members responding as of November 1998 said they could currently fill orders which will provide patients with a 3-month supply. Less than 20 percent of the respondents said they could provide a 1-year supply. Finally, in January 1999, the National Association of Chain Drug Stores sent a survey to over 130 of its members and received responses from about 25 percent. These respondents indicated that they will finish Y2K renovations by September 30, 1999, and two third of the respondents have developed contingency plans. Based on their survey results, these industry trade associations believe that computer systems and software application problems will not substantially impede the ability of the supply chain to maintain an uninterrupted flow of medicines. However, in contrast to VHA's survey, the associations' surveys were provided in summary format and did not contain detailed information on the Y2K readiness of specific manufacturers or members of the supply chain. This information is necessary if consumers are to have confidence that there will be a sufficient supply of medications on hand at the turn of the century. FDA's Y2K Efforts for Pharmaceutical and Biological Products Industries Focused Initially on Awareness FDA's oversight and regulatory responsibility for pharmaceutical and biological products <SUP>23</SUP> is to ensure that they are safe and effective for their intended uses. Because of its concern about the Y2K impact on manufacturers of these products, FDA has taken several actions to raise the Y2K awareness of the pharmaceutical and biological products industries. In addition, it is thinking about conducting a survey to determine the industry's Y2K readiness. --------------------------------------------------------------------------- \23\ Biological products include vaccines, blood, and blood products. --------------------------------------------------------------------------- One of FDA's actions to raise industry awareness was the January 1998 issuance of industry guidance by the Center for Biologics Evaluation and Research (CBER) on the Y2K impact of computer systems and software applications used in the manufacture of blood products. In addition, as shown in table 3, FDA has issued several letters to pharmaceutical and biological trade associations and sole-source drug manufacturers. Table 3: FDA Letters to Manufacturers Regarding Y2K ---------------------------------------------------------------------------------------------------------------- Date FDA Source Recipient Purpose ---------------------------------------------------------------------------------------------------------------- October 1998......................... Center for Drug Pharmaceutical To relay to members Evaluation and manufacturer trade FDA's expectation that Research. associations. the pharmaceutical industry would (1) make resolution of Y2K a high priority, (2) ensure that production systems were fixed and tested prior to January 1, 2000, and (3) urge manufacturers to develop Y2K contingency plans. October 1998......................... Center for Biologics Biologics manufacturer Same as above. Evaluation and trade associations. Research. January 1999......................... Center for Drug Sole-source drug Same as above. Also (1) Evaluation and manufacturers. noted that the impact Research. of Y2K on pharmaceutical safety, efficacy, and availability merits special attention for firms who are the sole manufacturers of drug components, bulk ingredients, and finished products; and (2) stated that pharmaceutical industry suppliers must have Y2K- compliant systems to protect against disruption in the flow of product components, packaging materials, and equipment to pharmaceutical manufacturers. ---------------------------------------------------------------------------------------------------------------- Source: FDA. Further, on February 11, 1999, FDA's director of emergency and investigation operations sent a memorandum on FDA's interim inspection policy for the Y2K issue to the directors of FDA's field investigations. The policy emphasizes FDA's Y2K awareness efforts for manufacturers. It states that FDA inspectors are to (1) inform firms of FDA's Y2K web page (URL http://www.fda.gov/cdrh/yr2000/year2000.html); (2) provide firms with copies of the appropriate FDA Y2K awareness letter; (3) explain that Y2K problems could potentially affect aspects of the firms' operations, including some areas not regulated by FDA, and that FDA anticipates that firms will take prudent steps to ensure that they are not adversely affected by Y2K; and (4) provide firms with a copy of FDA's compliance policy guide ``Year 2000 (Y2K) Computer Compliance.'' In addition, FDA and PhRMA jointly held a government/industry forum on the Y2K preparedness of the pharmaceutical and biotech industries on February 22, 1999. The objectives of this forum were to (1) share information on Y2K programs conducted by health care providers, pharmaceutical companies, FDA, and other federal agencies; (2) provide a vehicle for networking; and (3) raise awareness. On March 29, 1999, FDA revised its February 11, 1999, interim inspection policy. The revision states that field inspectors are now to inquire about manufacturers' efforts to ensure that their computer- controlled or date-sensitive manufacturing processes and distribution systems are Y2K compliant. Inspectors are to include this information in their reports, along with a determination of activities that firms have completed or started to ensure that they will be Y2K compliant. Further, FDA inspectors may review documentation in cases in which firms have made changes to their regulated computerized production or process control systems to address Y2K issues. The purpose of this review is to ensure that the changes were made in accordance with firms' procedures and applicable regulations. If inspectors determine that a firm has not taken steps to ensure Y2K compliance, they are to notify their district managers and the responsible FDA center. FDA's interim policy describes steps inspectors are to take in reviewing manufacturers' Y2K compliance. However, FDA stated that the primary focus of its inspections for the remainder of 1999 will be to ensure that products sold in the United States are safe and effective for their intended use and comply with federal statutes and regulations, including current ``good manufacturing practice'' requirements (GMP).<SUP>24</SUP> FDA officials explained that the agency does not have sufficient resources to perform both regulatory oversight of the manufacturers and in-depth evaluations of firms' Y2K compliance activities. --------------------------------------------------------------------------- \24\ These include federal standards for ensuring that products are high in quality and produced under sanitary conditions (21 CFR parts 210, 211). --------------------------------------------------------------------------- Nevertheless, according to the March 29, 1999, memorandum, field inspectors are to note, in the administrative remarks section of their inspection reports, any concerns they may have with a firm's Y2K readiness. These reports are to be reviewed by FDA district managers. According to FDA, if a Y2K-related concern affects the identity, strength, quality, purity, and potency, as well as safety, effectiveness, or reliability of a drug product, the district manager can discuss this issue with FDA's Office of Regulatory Affairs and determine a course of action, including product correction or removal. Like VHA, FDA is interested in the impact of Y2K readiness of pharmaceutical and biological products on the availability of products for health care facilities and individual patients. FDA's Acting Deputy Commissioner for Policy informed us on March 24, 1999, that the agency is thinking about surveying pharmaceutical and biological products manufacturers, distributors, product repackagers, and others in the drug dispensing chain, on their Y2K readiness and contingency planning. In anticipation of a possible survey, the agency published a notice in the March 22, 1999, Federal Register, regarding this matter. The Acting Deputy Commissioner said that potential survey questions on contingency planning would include steps the manufacturers are taking to ensure an adequate supply of bulk manufacturing materials from overseas suppliers. This is a key issue because, as we reported in March 1998, <SUP>25</SUP> according to FDA, as much as 80 percent of the bulk pharmaceutical chemicals used by U.S. manufacturers to produce prescription drugs is imported. --------------------------------------------------------------------------- \25\ Food and Drug Administration: Improvements Needed in the Foreign Drug Inspection Program (GAO/HEHS-98-21, March 17, 1998). --------------------------------------------------------------------------- In summary, HCFA and its contractors have made progress in addressing Medicare Y2K issues that we have raised. However, until HCFA completes its planned recertification between July and November, the final status of the agency's Y2K compliance will be unknown. Given the considerable amount of remaining work that HCFA faces, it is crucial that development and testing of HCFA's business continuity and contingency plans move forward rapidly to avoid the interruption of Medicare claims processing next year. Also, because many states' Medicaid systems are at risk, business continuity and contingency plans will become increasingly critical for these states in an effort to ensure continued timely and accurate delivery of benefits to needy Americans. Regarding the health sector overall, while additional readiness information is available, much work remains in renovating, testing, and implementing compliant systems. Aggressive action is needed in obtaining information on the Y2K readiness of hospitals, physicians, Medicare providers, and public health agencies. Until this information is obtained and publicized, consumers will remain in doubt as to the Y2K readiness of key health care components. In addition, while compliance status information is available for biomedical equipment through the FDA clearinghouse, FDA has not reviewed test results supporting manufacturers' certifications; this would provide the American public with a higher level of confidence that biomedical equipment will work as intended. The public also needs readiness information on specific pharmaceutical manufacturers to address concerns about the stockpiling of drugs and medications. Messrs. Chairmen, this concludes my statement. I would be pleased to respond to any questions that you or other members of the Subcommittees may have at this time. Mr. Upton. A bonus. I think you're the first witness this year that has completed his time or her time when the green light has been on. Mr. Grob. TESTIMONY OF GEORGE GROB Mr. Grob. Good morning, Mr. Chairman and members of the subcommittee. Thank you for this opportunity today to discuss Medicare health providers' readiness for the Year 2000. In a nutshell, health care providers got off to a late start and they're behind the power curve. Recent events indicate a productive spurt of activity, but a concerted, disciplined effort will be needed for them to be ready on January 1 in the Year 2000. In order to gauge the readiness of health care providers, we designed two preliminary surveys which address several key areas, including Y2K awareness, computer systems readiness, contingency planning, and vendor cooperation. These surveys were developed with the assistance of HCFA and of many of the health care provider organizations, some of whom will speak in the next panel. And we appreciate their help and support in the survey. And in late December 1998, we sent anonymous surveys to a random sample of 5,000 providers representing hospitals, nursing facilities, home health agencies, durable medical equipment suppliers, and physicians. Response rates range from a high of 49 percent for hospitals to a low of 22 percent for the physicians. In January we sent a similar survey to 407 Medicare+Choice managed care organizations. We received responses from 76 percent of them. We cannot make any statements about people who did not respond to our survey. Overall, we found that in January 1999 about half of the fee-for-service providers reported that their computer systems were Y2K ready. You can see this on the charts over here, about half of them with respect to their billing systems and with respect to their medical records. Okay? And most providers who were not ready, believed they will be ready. And--Mike, if you show the next two charts--you will see much higher numbers of people who think they will be ready, almost pushing 90 or 100 percent if you add the two numbers together. However, our survey indicated that many providers have not taken the steps necessary to justify their optimism. And if I can make reference to Mr. Klink's remarks about the unreliability of information from people from whom we have not received information, I could add, that even from those from whom we did receive information, we have indications of potential problems. Less than two-thirds had renovated or replaced their computer systems. Many had not tested their new or renovated systems. Less than 1 in 5 had tested data exchange with their vendors. For most, the readiness of biomedical equipment continues to be a great unknown. And only one-fourth to one-half had developed contingency plans. The responses from our Medicare managed-care organizations were similar, but half of them had tested their systems and two-thirds had developed contingency plans. What may be a better indicator of providers' progress is not what they said in our survey, but how they are currently submitting claims. Since the release of our survey, HCFA established April 5, 1999, as the deadline for submitting 8- digit dates on electronic claims. After this date, claims that are not in the required 8-digit format would be returned. This requirement was stressed in a January letter to all Medicare providers as well as published on the Website in numerous provider association newsletters. It appears that health care providers have stepped up their effort to submit claims that are Y2K compliant. On April 14, the Department reported that more than 99 percent of Part B claims and 90 percent of Part A claims were sent to HCFA with newly required 8-digit dates. While this preliminary information is promising, because of our findings, we are concerned that some providers have yet to perform the necessary steps to ensure that all of their systems will be ready on time. Unlike most public agencies, where there is a constant measurement and evaluation of Y2K progress, health care providers are under no requirements for renovation schedules, end-to-end testing of systems, independent verification of compliance efforts, et cetera. Neither HCFA nor any of the provider associations, such as the physician and hospital associations, have the authority to compel individual health care providers to act. With the exception of HCFA's April 5 deadline for 8-digit claim submissions, there are no readiness timelines or schedules which providers must follow. In essence, there is nobody ``in charge'' of the providers with regard to the Year 2000 readiness. The primary responsibility lies with the providers themselves. We hope the provider community, both individual providers and their national associations, will rise to the challenge. However, it is also important that the Department monitor the progress and assist them by making Y2K information readily available. HCFA has done a lot of this recently, and that's encouraging. But everyone must do his part to have any hope of making it. I will be pleased to answer any questions you may have. Mr. Upton. Or her part. Mr. Grob. Or her part. [The prepared statement of George Grob follows:] Prepared Statement of George Grob, Deputy Inspector General for Evaluation and Inspections, Department of Health and Human Services Good morning, Mr. Chairman and members of the Subcommittee. I am George Grob, Deputy Inspector General for Evaluation and Inspections, Department of Health and Human Services. I am here today to discuss Medicare health care providers' readiness for the Year 2000. background The Y2K problem impacts health care systems in several ways. For instance, medical records systems need to be updated to ensure providers are able to access patient histories. Biomedical devices such as defibrillators and infusion pumps must be checked to ensure they will continue to operate properly. Furthermore, both government and provider computer systems must be able to process claims after December 31, 1999 to ensure that providers get paid for services rendered. As all of you know, the Health Care Financing Administration (HCFA) has made Y2K readiness its top priority. Recognizing the seriousness of this challenge, the Office of Inspector General is taking numerous steps to monitor Y2K progress. For example, we continuously evaluate the status of HCFA contractors' and other Medicare computer systems. Meanwhile, we have also collected information from Medicare health care providers regarding their readiness for Y2K. It is the latter initiative that I wish to discuss with you today. In order to gauge the readiness of health care providers, we designed two surveys which addressed several key areas, including Y2K awareness, computer system readiness, contingency planning, and vendor cooperation. The surveys were developed with assistance from HCFA and several provider associations, including the American Association of Homes and Services for the Aging, the American Health Care Association, the American Hospital Association, the American Medical Association, the Health Industry Distributors Association, the National Association for Home Care, the National Association for Medical Equipment Suppliers, the Health Insurance Association of America, and the American Association of Health Plans. In late December 1998, we sent anonymous surveys to a random sample of 5,000 providers representing five provider groups: acute-care hospitals, nursing facilities, home health agencies, durable medical equipment (DME) suppliers, and physicians. Response rates ranged from a high of 49 percent for hospitals to a low of 22 percent for physicians. In January, we sent a similar survey to 407 Medicare + Choice managed care organizations. We had responses from 310, or 76 percent of those surveyed. Our findings are based solely on the providers who responded to our survey. We cannot make any statements about the Y2K-readiness of those providers who did not respond. survey findings Overall, we found that as of January 1999, about half of fee-for- service providers reported that their computer systems were Y2K-ready; and most providers who were not ready believed they will be Y2K-ready by December 31, 1999. However, our survey indicated that many providers had not taken the steps necessary to justify their optimism. For instance, of the fee-for-service providers responding to our survey: <bullet> Less than two-thirds had renovated or replaced their computer systems. <bullet> Many had not tested their new or renovated systems. <bullet> Less than 1 in 5 had tested data exchange with their vendors. <bullet> For most, the readiness of biomedical equipment continues to be a ``great unknown.'' <bullet> Only one-fourth to one-half had developed contingency plans. The responses of managed care organizations were similar, although half of the plans have tested their systems and about two-thirds have developed contingency plans. recent developments What may be a better indicator of providers' progress is not what they said in our survey, but how they are currently submitting claims. Since the release of our survey, HCFA established April 5, 1999 as the deadline for submitting eight-digit dates on electronic claims. After this date, claims that are not in the required eight-digit format would be returned. This requirement was stressed in a January letter to all Medicare providers, as well as published on HCFA's web site and numerous provider association newsletters. Therefore, by monitoring providers' adherence to the new claim requirements, we can evaluate the progress providers have made in getting their billing systems ready for the new millennium. While the ability of a provider to submit claims in an eight-digit format does not mean that all of its systems are ready, it does serve as an indication that the provider has taken a critical step toward full Y2K compliance. It appears that the health care providers have stepped up their efforts to submit claims that are Y2K compliant. On April 14, 1999, the Department reported that more than 99 percent of Part B claims and 90 percent of Part A claims were sent to HCFA with the newly-required eight-digit date. This is a significant increase from December 1998 when Medicare carriers reported that approximately 96 percent of Medicare Part B bill submitters and only 33 percent of Part A submitters that bill electronically were doing so in a compliant eight- digit date manner. We are monitoring the situation closely. remaining concerns While this preliminary information is promising, because of our findings, we are concerned that some providers have yet to perform the necessary steps to ensure that all their systems will be ready on time. Unlike most public agencies, where there is constant measurement and evaluation of Y2K progress, health care providers are under no requirements for renovation schedules, end-to-end testing of systems, independent verification of compliance efforts, etc. Neither HCFA nor any of the provider associations, such as physician or hospital associations, have the authority to compel individual health care providers to act. With the exception of HCFA's April 5th deadline for eight-digit claim submission, there are no readiness timelines or schedules which providers must follow. The HCFA is in a somewhat stronger position with Medicare + Choice managed care organizations since it contracts directly with them to provide care to Medicare beneficiaries. The agency is requiring these organizations to certify that they understand HCFA's Y2K compliant definition and have tested all of their data systems/interfaces to ensure Y2K compliance. The HCFA is also requiring them to have a contingency plan in place in the event that internal systems or key external business partners fail. However, HCFA does not have the authority to require all health care providers to meet similarly specific requirements. At this time, we have no additional updated information about the readiness of providers' medical record systems or biomedical equipment. We believe the primary responsibility for ensuring Y2K readiness lies with providers themselves. We hope the provider community--both individual providers and their national associations--will rise to the challenge. However, with no one ``in charge'' of the providers, it is important that the Department monitor the progress of the providers, and assist them by making Y2K information readily available. This concludes my testimony. Thank you, Mr. Chairman, for the opportunity to discuss Medicare providers' readiness for the Year 2000. I would be happy to answer any questions you may have. Mr. Upton. Well, thank you. I certainly always appreciate your testimony and your hard work in trying to comply with what is going to be going on at the end of the year. And I would have to say about a year ago not a lot of Americans knew what Y2K meant. And there has been a quick realization in terms of what it will mean to all of us. And I know that for me, I visited one of my large hospital operations 2 weeks ago back in Michigan--this is a hospital chain that services about 170,000 folks throughout the county that I live in--and one of the questions that I asked the administrators and a number of people that were on the tour, literally for the entire afternoon, was how much was it going to cost the hospital for compliance. And they sort of scratched their head and they said, well, probably about $250,000. At least that is where we are today--and in terms of what I hear from your statement this afternoon, despite the late start, it seems that you feel, and the survey that was done with the hospitals, my own sense is that we're probably going to meet the deadline for the billing and the payments, because of the hard work, particularly that's been done the last couple of months. Would that be your gut reaction as well, from all three? Ms. DeParle. As I said, that's my feeling. Again, there are so many unknowns here. So I'm going on what we know. And as I said, we know that a very high percentage of claims submitters are submitting claims to us that are compliant that have the 8- digit fields. So I believe, yes, that they've gotten the message there and that on that side of it they will be compliant. I think the greater unknowns to me are in the patient care and equipment side of things. Mr. Upton. Well, that's what I wanted to get to. And we had a chance to talk a little bit earlier this morning when you came by, and, you know, I remember looking at the kidney dialysis unit with about 25 patients that were there and literally there around the clock. People get appointments for the 3- or 4-hour program while they're on these machines and literally every other day three times a week. And, Mr. Willemssen, you indicated in your testimony that particularly on the biomedical equipment that the response was disappointing; the test results didn't know exactly where they were. I think you had had some communication with HHS in terms of what their knowledge was. And, you know, whether it be that or a CAT scan or any of these other megadollar pieces of equipment that so many Americans rely on, that could, in fact, be a real problem. In other words, the billing operation, the providers are going to be taken care of. But the real question about care for the patient coming in with the equipment is, in fact, a real-- could be a real problem. Is that your sense? Mr. Willemssen. Yes. And I would point out, FDA has made good progress in terms of posting information on the compliance that manufacturers are certifying to. But it has not made as much progress in looking independently at test results for those critical-care and life support items. Mr. Upton. Now, you all at the GAO did contact HHS, right, in terms of what they were doing? Mr. Willemssen. Oh, yes. Mr. Upton. And you found that response to be? Mr. Willemssen. HHS's response was quite disappointing. In fact, the response we got to our recommendation was we don't have the resources to do this. However, we were unaware that any such request for resources was ever put forward to the Congress. Mr. Upton. Mr. Grob, do you have any comment on that? Mr. Grob. We haven't independently looked at that particular issue. Mr. Upton. You haven't. Mr. Grob. We have not at that issue. We are a--we have---- Mr. Upton. Can you pull the mike just a little closer. Mr. Grob. I'm sorry. We have in our audits noted the problem with the equipment. In fact, in our survey less than one-third of the people who responded to our survey and, again, the response rate wasn't what we wanted it to be, only one- third of them said they were aware of the Y2K readiness of the biomedical equipment that they used. Mr. Upton. So is there any--do you contemplate any action going back to those that didn't respond at all? Mr. Grob. We can't make people respond to our surveys. It has to be a voluntary response on an item like that. In fact, we even made our serveys anonymous so people wouldn't be afraid to answer questions from the Inspector General's Office. And we felt the response rate would be higher. Mr. Upton. Is that anonymous going in the door or anonymous coming back to you? Mr. Grob. Either way. They knew that it was an Inspector General survey, but we had set it up in such a way that they knew that we wouldn't know who answered. And after much discussion, we believed that we would get a much higher response rate if we did it that way. And, in fact, our surveys have the highest response rates of any surveys that have been conducted on this, even though they still range from about 25 to 50 percent. Mr. Upton. Okay. Mr. Klink. Mr. Klink. It's hard to know where to begin, to be honest with you. It's such a large issue. Let me start first off, Ms. DeParle, your comment about--you're optimistic that the hospitals are getting--let's deal with the hospitals for the time being. If we can believe the survey, which I want to get into how accurate that may be later on, but if we can believe it just for the time being, how do you get from around 13 percent now to somewhere in, you know, the 85, 90, 95 percent in the next 8 months? How are you convinced that we're headed in the right direction? Ms. DeParle. Well, first of all, I'm not relying on the surveys, because I do think there are a lot of unknowns, as you pointed out, Representative Klink, on those, although the IG survey, which is the most recent data and had the best response rate, better than the RX2000 survey that I looked at before and the Gartner Group, seems to show a higher percentage of hospitals are compliant. And I even thought, going into it, there might be some difference between rural and urban. So, we asked the IG to oversample rural providers. And it turns out that there doesn't seem to be much difference. It seems to relate more to bed size. So putting that in one place and then looking, as I said, at sort of the ``proof is in the pudding,'' and what I'm looking at is the providers that are submitting compliant claims to get paid by Medicare. And since we required them to be compliant by April 5 of this year, upwards of 93 percent of Part A claims submitters are submitting compliant claims. That says something different to me. Let me be clear, it does not say that they've done everything in their hospital that they need to do to be Year 2000 compliant. What it says is they're able to submit a bill to us in a compliant format. And that gives me the basis for saying I'm relatively optimistic. But I would agree with you and with the other panelists that there are still unknowns here. Mr. Klink. Mr. Willemssen, do you agree with what the administrator just characterized? Mr. Willemssen. I would definitely agree that there are many unknowns. I would also mention two other points---- Mr. Klink. Do you share her optimism? Let me ask you that. Mr. Willemssen. I'm by nature more of a pessimistic sort. What I would also point out is if you look at the health sector compared to many other sectors in our country on Y2K readiness, the health sector does not fare well. It is generally not in good shape, again not because of what we know, but because of what we don't know. One other item I would point out for consideration in the 8 months remaining until January 2000 is in some of the other sectors an approach that is occasionally proven effective is to actually publicize those respondents who did respond to a survey instrument, and then it becomes clear who hasn't responded. And it tends to put, in some cases, some peer pressure on those nonrespondents to, indeed, also respond to surveys. So it's something that may be of consideration within the health sector, too, that has been used effectively elsewhere. Mr. Klink. Let's step back a second, Mr. Willemssen. How effective is a survey instrument in making these determinations, in your estimation? Mr. Willemssen. Well, on the one hand, a survey instrument gives you information that you previously didn't have. So it's better than nothing. Unfortunately, it is self-reported data, self-reported data that for the most part has not been verified and validated by an outside party. That goes hand in hand also with the low response rates that have frequently been realized. It is a difficult venture to try to get as much useful information. Among the things that can be done is asking questions and surveys about what kind of independent ver- ification and validation efforts the respondent has that can give further proof of their statements of compliance. So there are some vehicles around that, but it is a difficult challenge. Mr. Klink. Not only that, Mr. Willemssen, are you asking them to fill out the survey and give you their best guess? But I notice that some of the surveys--again I'm not picking on these groups because they attempted to do something at least-- but it even tells them that they need to verify whether or not they understand what Y2K is all about. Are there some--just kind of give me your idea--and I see the red light is on--what are the primary weaknesses of a survey that attempts to figure out where providers are in relationship to the Y2K readiness? Mr. Willemssen. A key weakness is those providers themselves don't have necessarily the needed information at hand to know whether their practice, so to speak, is compliant; whether it's related to biomedical equipment, pharmaceuticals, or various commercial off-the-shelf items provided by vendors. That kind of information is not always available. So it is a challenge in some cases to accurately respond. Mr. Klink. Mr. Grob, could you just give a quick follow-up to that? Do you agree? Mr. Grob. May I--a few comments, first of all. I think what everyone has been saying about the surveys is true: what you see is what you get. These are questions with answers not validated. But some perspective is useful here. These surveys were done at a time when nothing was known. The response rates are relatively high compared to all other surveys that were done. We saw the surveys that we did as sort of an awareness campaign. Even sending out the surveys was enough to sort of turn on the awareness to the subject. Another thing we tried to do with our surveys was model them after the disciplined approach which the Health Care Financing Administration has to follow and which GAO has recommended; so we hope that our surveys could be used by the providers as a self-test that they could administer to themselves. They could turn them in to us and we had our samples, but we also encouraged the various providers to take it and see, because it will take you through the steps that you need in order to get ready. So we thought they could be educational as well. And one other thing, if I could mention about the thing that Ms. DeParle said, our survey results showed in January that half the providers, only half of them, thought that they would be ready to submit 8-digit bills within 6 months of January. Only half of them thought they would be able to. But here it is only 3 or 4 months later and virtually all of them are submitting this bill. So the uncertainty about the surveys runs both ways. And what I would say is that there has been a lot of activity in the last few months as a result of the growing awareness that would give us more confidence than we had at the time that the surveys were taken. So those are some thoughts. I'll have more, perhaps, when the light comes on again. Mr. Upton. Thank you. Dr. Coburn. Mr. Coburn. Thank you. I guess my only real question is, Does everybody out there know there's a problem? You know, what have we done to test to know that they know there's a problem? Ms. DeParle. What we've done is--and when you ask a question like that, I have a feeling you may have a view on it, since you're a health care provider yourself. But what we've done is to go directly to every provider, and as you know better than anybody, we, HCFA, don't generally do that. We go through the carriers and intermediaries and they deal with providers. This time I sent a letter directly to 1.3 million providers that work in the Medicare program telling them about Y2K, what it is and with a checklist of what they needed to get done. And we had a survey group--I think it was RX2000 again--go behind that. And they reported back to me that it had a--I want to say about a 40 percent retention rate, which they said was very high for something like that; that a lot of people might have thrown away. The providers remembered having received the letter and remembered that there was an issue that they needed to do something about. So that's--I guess I believe that the chairman was right that a year ago a lot of them wouldn't know what we were talking about. And I have found when I talk to providers that now they all know. They groan when I bring it up, and they all say they will be glad when we're at the point when we don't have to talk about it again. So I guess I do think now, Dr. Coburn, that most of them do know about it. Mr. Coburn. Can we imply from the response rate--was it April 5 mandated deadline? Ms. DeParle. Yes. Mr. Coburn. That the knowledge associated with just the dating, can we extrapolate that to say that has application at the other areas where Y2K is a problem? Ms. DeParle. No, sir, I wouldn't do that, for two reasons. One is, as you know, I don't know how your practice is run, but many providers use claims submitters, billing services. And, in fact, some doctors have told me, ``Oh, I got your letter and I gave it to my billing service; it's their responsibility.'' Well, that's partly true, and it's partly not true. Yes, the billing service has to translate whatever the doctor gives them to make sure that it can be paid by Medicare, but that may not say whether Dr. Coburn's office is really ready, either on the billing side to generate a bill or on the equipment and patient care side. So that's why I've been cautious about kind of limiting my response to saying I feel more confident today based on the April 5 response that they will be ready on the billing side to submit a compliant claim. But I can't say that about biomedical equipment or about patient care. And I would--again you're the one with the experience as a provider, but I suspect that a lot of providers delegate that responsibility. Mr. Grob. I can shed some light on the awareness, because I'm looking at our survey form here--and the first question that we asked our respondents was about their awareness. Most of them said they were aware of it; they were quite aware of the impact. They had given thought on it. They were concerned about the impact that it would have in their care. These are in the high 90's, even 99 percent. But as soon as we asked them if they had done certain things, they said, no, or maybe, or some. And it's interesting that you get that. If we were getting self-serving answers to all of the questions, you could suspect it. But we're getting what seemed to be pretty frank answers to the questions that we were asking. So when they say, yes, they're aware and they've done some initial planning, I think we can believe that now. I'm reading the answers from the hospitals where we got a 49 percent response rate--not great, but still not bad in this field. As you go through the questions, the percentages get lower as you go through the process. So my sense of it is that there in January, they were at the beginning of the process-- awareness and assessment--and then it was falling off. Mr. Coburn. Do you know the other thing to bear in mind in this is you've got to be ready for Year 2000, but a lot of small practices are going to spend a lot of money, and a lot of them are waiting to spend that money till the very last moment that they have to spend it. So I think that gives us some insurance. Our group just spent $60,000 upgrading computers and programs for five doctors, which is ludicrous, because of this. The other question I have is, is there anything we can do on the equipment side to put the onus on the manufacturer? I was just sitting here during your testimony thinking about all the pieces of equipment that I have in my practice, from an EKG machine, to a fetal nonstress monitor, to laboratory equipment. That all has internal dating. Is there a possibility that we can require a notification for manufacturers as to the Y2K certification by model number so we don't have to move advanced dates and think we've got it and not got it? Mr. Willemssen. That kind of information is now available in the FDA data base for specific types of biomedical equipment items, and they are moving to obtain all of that, the particular make and model numbers which the Department of Veterans Affairs has had for many of those devices for some time. So there have been good strides in that area. That kind of data is publicly available on FDA's Website, again, in terms of what the vendors are saying, what is compliant and what is not. Mr. Coburn. Okay. Thank you. Mr. Upton. Thank you. Mr. Brown. Mr. Brown. Thank you, Mr. Chairman. First, I have some questions from the gentlelady from California, Ms. Eshoo, that she would like answered both to--put to both panels. If I could enter those in the record and ask unanimous consent that---- Mr. Upton. No problem. All members will have the chance to put questions into the record. Mr. Brown. Thank you. Administrator DeParle, walk us through the implications of what occurs if a provider isn't ready, if a provider has serious Y2K problems with regard to that provider being able to accurately assemble a bill stating what is owed by the government. What happens to that provider? Walk us through that, if you would. Ms. DeParle. Well, we are in the process right now of validating contingency plans for lots of different scenarios. But as I have said a number of times, we are starting from the assumption that providers have to be able to submit a valid claim. We believe that it would be a mistake to suggest that they can just sit back and not worry about this problem, because it's a problem that we all have and providers need to make sure their systems are ready. Having said that, we will, as I said, be addressing in our contingency plans, areas like the one that you've brought up. There is also, of course, the option, and this happens nowadays, sometimes providers have a problem, and as long as providers have documentation, they could submit a paper claim. However, you can imagine with almost a billion claims a year our contractors would not be in a position to process a high percentage of paper claims. So that is why we think the number one thing we have to do to get ready is to make sure that providers are doing the remediation and the testing they need to do to be able to submit compliant claims; and that's why I regarded the April 5 deadline as so important. And I regard the fact that providers are submitting, for the most part, compliant claims to be a good sign of progress there. Mr. Brown. Thank you, Mr. Chairman. That's all I have. Mr. Upton. Mr. Bilirakis. Mr. Bilirakis. Thank you, Mr. Chairman. Mr. Chairman, I ask unanimous consent my opening statement be made a part of the record. Mr. Upton. Without objection. [The prepared statement of Hon. Michael Bilirakis follows:] Prepared Statement of Hon. Michael Bilirakis, Chairman, Subcommittee on Health and Environment Thank you Chairman Upton. I am pleased to co-chair this hearing today with you on how Medicare providers are preparing for the Year 2000 date problem, commonly known as Y2K. If left unfixed, this ``computer glitch'' could have a devastating impact on the ability of any physician, hospital or health care organization to provide medical services to patients. By now, we have all heard about some of the potential horror stories: supply shortages of critical drugs, malfunctions of EKG machines and other lifesaving devises, or inaccessible medical records during a life or death situation due to a computer malfunction. The list goes on and on. This hearing will also focus on another particularly troublesome Y2K problem: will providers be able to submit claims in a Y2K compliant form in order to obtain reimbursement from HCFA. I believe that even a short-term disruption in provider reimbursement may have severe ramifications for patients. We must avoid a situation where home health agencies, nursing homes and other health care providers operating under tight financial margins are forced to close their doors because Medicare didn't pay them for their services. America's seniors simply cannot afford to lose access to care because our nation's health care providers didn't take appropriate steps to become Y2K compliant. Y2K problems facing both the government and providers are enormous. However, both HCFA and Medicare contractors are making some progress toward achieving their compliance goals. Many providers, by contrast, appear ill-prepared to meet their Y2K challenges by the end of this year. A recent survey by the Inspector General of HHS found that only half of physicians, hospitals and nursing homes billing systems are Y2K compliant. Fewer than 20% of providers have even tested how their computers' interact with outside vendors. Many organizations lack a contingency plan to process claims and guaranteed patient care should their computers malfunction. The health care industry could be more adversely affected by the Y2K bug than almost any other sector, yet it has not taken the necessary steps towards addressing its problems. Our first panel has three witnesses who will testify about HCFA, Medicare contractor and provider readiness for the Y2K bug. We especially thank Nancy-Ann Min DeParle, Administrator of HCFA for being with us today. Ms. DeParle, we would like an update on HCFA's efforts on becoming Y2K compliant. We would also like to know how HCFA will direct all medical providers to be Y2K compliant by December 31, 1999. Our second panel of experts are representatives from our nation's largest health care associations. Witnesses will discuss their organization's outreach efforts and will provide the Committee with recommendations the federal government may take so that patients' access to care is not compromised. I want to welcome all of our witnesses. I appreciate everyone taking the time out of their busy schedules to join us and I look forward to hearing your testimony. Mr. Bilirakis. I apologize for being late, but the airplane did not cooperate. We have an awful lot of that these days. In fact, this particular flight is being canceled based on the new schedule coming out in a week or so, so that is going to make things that much more difficult. Madam Administrator, Mr. Willemssen, and Mr. Grob, first of all, welcome. And I know that you're besieged by this problem, not only besieged in terms of trying to solve it but besieged by virtue of Congress constantly holding hearings and that sort of thing. The equipment manufacturers were invited to testify today and didn't want to do so. You know, I guess everybody says leave us alone; we're trying to solve the problem. I don't know. But, you know, I take a look at the chart--and by the way I might add that paperwork is important. The software is important. Obviously, reimbursements to providers are darn important, but they're not life and death issues. What's life and death is the equipment, for crying out loud. And I guess those charts show provider readiness, I suppose for the most part, but DMEs are on there, on the paperwork, I don't know. But even based on the optimistic responses and, you know, I guess a response--and Mr. Grob made a comment that he was--they seem to be candid responses, honest responses which I'm very glad to hear. But I mean, 70 percent, 75 percent, I mean that's better than the actual figure today. But still that means 25, 30 percent are not going to be ready. Mr. Grob. That's not quite true. But I won't be able to ease your concerns completely. That's 75 percent, say, of those who said they were not ready. So if half of them said they were ready and then three quarters of the remainder said they would be, then that's going to tease the total number up a bit. Mr. Bilirakis. Whatever that percentage then ultimately comes out to be half of whatever it is? Mr. Grob. Yes. But your point is still well taken. You're talking about maybe between 80 and the high 90's who think they will be ready, even if they haven't taken all of the steps that would be required to do so. Mr. Bilirakis. You know, we run into an awful lot of strange things in life and strange things in this job and, you know, based on things that we learn and whatnot. But what really blows my mind is that everybody has known that the Year 2000 was coming for crying out loud. You know, we put people on the moon. We've done so many great things. And yet it seems like we fell asleep at the switch, and a lot of you, Madam Administrator, others have taken over in recent times, and so we can't certainly blame you for that. But the real world is that it looks like we aren't going to be 100 percent ready, and when it comes I think to--when it comes to equipment, medical equipment, anything less than 100 percent is just not acceptable, because it means life or death. So what should we do? What should we do? What can we do? What can we as a Congress do maybe to help out here? How about the--there's some--equipment manufacturers have shown an interest. They've shown an awareness. They've shown some progress, and there are others, based on your testimony, haven't. I mean, what the heck can we do? We've got to be ready, as far as those chips are concerned, as far as those computers are concerned. Go ahead. Mr. Willemssen. If I may answer that in terms of biomedical equipment, among the things that you can do is call FDA up here and ask them about critical-care and life support items; why do you not want to independently look at the test results to make sure that those items are indeed compliant? Contrasting that approach, you may want to invite some hospitals up who have actually gone and independently tested some of those items and found that they are not compliant. I think that kind of approach can further publicize the issue, publicize the critical health nature of the issue, and hopefully get further action. Mr. Bilirakis. But, Mr. Willemssen, the thing about it is here it is practically May. We don't really have that much time to go. Mr. Willemssen. That's correct. Mr. Bilirakis. And you're right in terms of improving the improvement or improving the progress, if you will. But it still looks like by the Year 2000 we're not going to be ready. We're not going to be 100 percent or we may be 90 percent ready, 85 percent, 95 percent or something of that nature. In the meantime, because of the life or death issues--and I'm referring mostly to the equipment here. And I do have one question to the administrator that I would like to present, maybe for the record; and maybe you can respond in writing, because my time is up. But in the meantime, what do we do about the fact that there's going to be medical equipment out there with life or death repercussions and they are not ready? Mr. Willemssen. As part of that, I would narrow it down to critical-care and or life support equipment, because there are so many pieces of different biomedical equipment. Let's focus on those most important critical-care and or life support items. And I would say that the Federal Government needs to make sure that those items have been independently checked. And I think there's time in the remaining 8 months to do that and to publicize the results so that providers are aware of whether an item that is critical care and or life support and that has been deemed noncompliant so they have an opportunity to take action, that is, either replacing the item or putting an upgrade in. Mr. Bilirakis. My time is up. And I'm not going to take any more advantage. But I guess I think in terms of that great big word penalty or maybe the people who should be made aware or should be aware and who are not cooperating out to be should in some way or other be penalized, but maybe that's another subject that we ought to talk about. Thank you, Mr. Chairman. Mr. Upton. Thank you, Mr. Chairman. Ms. DeGette. Ms. DeGette. Thank you, Mr. Chairman. I'm wondering if you can comment particularly, Ms. DeParle, and Mr. Grob, on whether or not you think certain provider categories like doctors, hospitals, nursing homes, groups like that are more vulnerable to not being Year 2000 compliant than other groups? What I want to know is, are we concerned--are we more concerned of hospitals as a category that aren't Y2K compliant versus nursing homes, or is there any differentiation there? Ms. DeParle. I guess I will take a shot at it. I would say on the equipment side--I'm concerned about all of them. But based on the survey that the Inspector General did and primarily on the responses to the survey, because they were lower in some areas, I have asked my staff to focus on skilled nursing facilities and on home health agencies as our next level of targeted outreach, that those areas seem to me not to be responding in as high a percentage as the hospitals and that we needed to do more targeted outreach to them. And, particularly, with respect to nursing homes, as you know, in addition to the Medicare beneficiaries who use nursing homes, we have a substantial Medicaid population who is residing there. And I would be very concerned both from a billing, financial perspective and a patient care perspective if the nursing homes were not ready. So we've made that judgment. Again, as everyone here has emphasized, it's based on the data that we have. There are a lot of unknowns here, but that is my sense of it. Mr. Grob. I really have to speculate. And it's a mixture across the board. We've given a lot of thought of this ourselves, and we came up with not a very definitive answer. It runs something like this: the more sophisticated providers, such as hospitals who have many feeder information systems, much more equipment, more elaborate facilities, have the biggest problem, but they seem to be the ones that are concentrating most on it. And those that have the simpler problems of submitting simple bills, I will say an office visit bill, a medical record that could be a paper record that could easily be handled, say physicians would be the best example of that, they would probably have the smallest problem. But on the other hand, they don't seem to be focusing as much on it, at least were not focusing on it. But I don't know which of those factors end up with the result that you worry the most about. Ms. DeGette. I appreciate your candor. Let me follow up, because I know that HCFA has threatened to withhold Medicare reimbursements from entities that are not fully Year 2000 compliant. And I think that's probably a significant deterrent to the big hospitals and some of the others who have the capability and the sophistication to deal with this. But what happens if some of these other people who are providing very important patient care, nursing homes to the elderly and others. You know, you don't want to sit here and say I'm sure today we're not going to take away your reimbursement. But what reassurances do you have to give these folks that if they get their act together, you're still going to---- Ms. DeParle. Well, what I've been saying is, all of our contingency plans are based on the assumption that providers will be able to submit compliant claims. And as I mentioned earlier, I think it's very important that that message be sent. And from what we can tell, as Mr. Grob suggested, providers are listening. And, again, the ``proof is in the pudding.'' But I judge that by their having met our April 5 deadline. In fact, some percentage of the ones that didn't meet the deadline, we believe we know who they are, and we've been dealing with the trade associations on that. We think some of them that did not meet the deadline are no longer Medicare providers, so we think it's a very small percentage. Ms. DeGette. But groups like nursing homes and these folks who are not reporting in, as you say, you really don't have a clear idea as to whether or not they're compliant. And I think if you're going to be withholding--potentially withholding reimbursements to them, something more needs to be done to reach out and make them compliant or make sure that you help them get compliant. Ms. DeParle. Well, I may have confused things a little bit. When I say I felt like we didn't have as good information on them, I meant I was referring to the Inspector General's survey. And they were, as I recall, less responsive than hospitals and some of the other organized care facilities were. But when it comes to our submission of compliant claims and meeting the April 5 deadline, I don't have any evidence to suggest that skilled nursing facilities or home health agencies missed the deadline in any higher percentages than anyone else. But just anecdotally, my sense is that is a place we need to focus. Again, partly just looking at the risk. The risk feels higher to me there, especially with the kind of vulnerable beneficiaries that you have who are residing, for example, in a skilled nursing facility. Again, what we have said is that if a provider submits a valid compliant claim to us, to one of our carriers or intermediaries, we will be able to pay it; and we're developing contingency plans in the event that for some reason one of our contractors was not ready. And as I said this afternoon, we have a lot of work to get done between now and the end of the year to make sure we're ready, but I believe we will be ready to pay a claim that a provider can submit to us. Ms. DeGette. Thank you, Mr. Chairman. Mr. Upton. Thank you. Dr. Norwood. Mr. Norwood. Thank you, Mr. Chairman. I'm led to believe that if you all do everything that you can do by December 31, that on January 1, there would be some surprises with the Y2K problem. In other words, some of this actually can't be worked out until we physically get to the date. Am I right in the area there? Ms. DeParle. I think that's right. I find those surprises every day. But I think that certainly then there will be---- Mr. Norwood. But in this particular case, we can pretty well be assured that there will be some surprises January 1, 2 and 3, for which perhaps we can go right in and correct the problems then after we physically get to the date, but you cannot in any way correct them until you get to the date, because you're not sure what they're going to be. Under those circumstances, I would like to understand why your contractors then could not be ready to utilize paper at least the first month? Ms. DeParle. I don't mean to suggest that the contractors will not be ready to accept some paper claims, Dr. Norwood. The concern is that with almost a billion claims being processed, it would send the wrong message if I were to say to you, everyone in Georgia can submit a paper claim because the contractor for Georgia could accept them. I don't believe the contractors could accept that volume of paper claims. So those kinds of scenarios are certainly among the things we're looking at in our contingency planning and our goal is to be ready so that that there are no surprises---- Mr. Norwood. But we already agreed there are going to be some? Ms. DeParle. There probably will be, but it won't be the things we will be thinking about today. It might be something that we hadn't even thought of. But if you operate on that basis, we cannot accommodate 900 million paper claims. And so we have to do everything we can, and I think this committee and the Congress needs to help us to do everything that we can to make sure that we mitigate the risk. That's how we will be prepared to deal with surprises. Even if you agree that surprises are going to occur, you minimize the number of those and the nature of them if you have mitigated the risk. And a big factor in risk mitigation is making sure that providers are ready. Mr. Norwood. I would agree with you. And I certainly agree with you that we don't want to send the message out that all during January of 2000 don't worry about it, just send in a paper claim. I don't want to send that message either. However, it might be useful for everybody concerned to understand that we are sort of going to expect the contractors to be able to handle some of this, as a contingency too; that we don't want to encourage it. We hope nobody needs it. But part of the responsibility on the Y2K problem is your subcontractors, and we need to have some assurances that they don't draw a line in there and say, well, too bad you can't work out the problems on your computer and we will see you next year. Ms. DeParle. It won't be done that way, Dr. Norwood. What we are talking about is contingency planning. The contractors have to develop plans that we accept and the contingency planning at HCFA will be done at the highest levels by HCFA, not by individual contractors. And we have also---- Mr. Norwood. I would like the things that you accept to be things that I would accept. Ms. DeParle. Sir? Mr. Norwood. I would like for you to say to me some of the things that you're willing to expect from your contractors and would accept are some of the things that I might be willing to accept as well. Let me ask each of you briefly to read the tea leaves for me. I ask you this question based on your hard work, based on your experience, your knowledge, expertise in this area. How do you think each of you--how do you think January will look? What do you really think is going to happen? Ms. DeParle. Do I go first? Mr. Norwood. We don't hold you to it. I'm asking you to read the tea leaves. I'm saying it up front. I know this is not scientific, but you do have lots of information. You do have a lot of feel for this. How does this feel to you? Ms. DeParle. I am feeling more and more confident. I believe there may be some limited problems that would be a week or so in duration, not a major catastrophe where we can't pay claims. I'm focusing on my piece of the problem and on that I feel confident that our contractors will be ready to pay claims. And, again, on the provider side, based on the dramatic increase in activity and understanding that I've seen over the past 6 months or so--and I think it's consistent with what Mr. Grob said about the IG's analysis--I believe providers will, for the most part, be ready. Mr. Willemssen. I would say it's probable that there will be some system-based disruptions. That's why it's especially important that HCFA continue its excellent efforts in the business continuity and contingency planning area because in the event that those system disruptions do occur, then HCFA will be ready with those contingency plans. The other thing I would add is I know that the time is getting late, and we're in April; but we still have 8 months to do something that will impact what happens in January 2000. Mr. Norwood. So it's just probable that there will be--Mr. Chairman, I know my time is expired. It's just probable that there will be interruptions? Mr. Willemssen. I think it's probable there will be disruptions, because there are so many systems; there's so many data exchanges, so many data flows, that even in an ideal world, you can't guarantee perfection. And that's why the need for contingency plans. Mr. Norwood. Well, I would agree with you. I think it's absolutely assured there will be some problems. I don't see how it's avoidable. Mr. Grob. My prediction. I predict that in the Medicare arena the billing will probably be okay. And I think that the medical records will probably be okay. I'm less optimistic about the equipment. And my reason is that for the billing and the medical records, I see in place various activities that are addressing that quite systematically with schedules, where I don't see the same schedules and systematic addressing of the equipment. Now beyond that--disruptions that might occur as a result of electrical systems, transportation systems, communications systems--I'm not prepared to even begin to guess at that at all. Mr. Norwood. I thank the chairman. Mr. Upton. Mr. Grob, I know you're a Cub fan too. That's why you're just an optimist, right? Mr. Grob. I can't help it. Probably in the long run, it's the wrong line of work as a result. Mr. Upton. I have--you know, as I think about the questions by my colleagues and your answers and in reading through your testimony, I have really sort of three questions. And I know, Ms. DeParle, you talked a little bit earlier about maybe there's a way we can get access to the lists of those providers, at least in our own districts of those that both responded and those that did not. Is that possible to do for the members of the subcommittee? Ms. DeParle. We do have--we do know which providers are submitting compliant claims. And, in fact, as we discussed earlier, we have made those lists available to the trade associations so they can help us contact the providers and claims submitters directly. So, yes, we can work with you on that. Mr. Upton. Yes. I think that would be valuable for all the members of the subcommittee. And I sure would like to see the ones in my district as I know many of them, if not all. The second question that I have, again, it sort of goes back to those that did respond. There's really no way to find some independent verification. It's just like if you had to take paper claims for Georgia, all of a sudden 900 million--you can't do it, and you're talking about, you know, tens of thousands of different providers. There's no way you can have a Whirlpool repairman go visit every one of those households and figure out who is doing the job and who is not. Whirlpool is in my district, not Maytag. Ms. DeParle. There's one thing we can do, Mr. Chairman; and I've been remiss in not mentioning this. Our contractors are doing testing with a number of providers. And, for example, I was down in Florida last week with the Federation of American Health Systems, the proprietary hospitals--I don't know if one of those is in your district or not--but one of the large national chains told me that they have tested against our contractors, and I think seven different contractors, in a number of different States, and everything worked. And, in fact, what they told me was that they were so glad that Medicare was doing that testing, because there are other insurance companies that were not allowing them to test. So one thing I can say to you is that we can do this testing; we've made providers aware of that. That would help providers to feel more confident right there. Mr. Upton. You know, Ms. DeGette asked a question a little bit earlier--I think it was Ms. DeGette--about having further hearings, particularly, and I would like to have one with both FDA and the device manufacturers to come up and tell us what they're doing. But I related to a small plant tour that I had a couple weeks ago. I visited a steel plant. And as we walked into this plant that was decades and decades old, literally on every piece of machinery there, there was a little sticker as to whether it had been checked out or not. And I think that it would be a valuable exercise to see at least some encouragement, if not perhaps a mandate, for device manufacturers of real critical care to have some say or some relay of in- formation to those folks using that. It's almost like a warranty as to whether or not they need--whether it's in compliance or not. As I think about Dr. Coburn's practice, a 5- member operation, different small practices around the country, without some information, without some checklist, they really are lost. And it's almost like starting all over again. What would your comment be on that, Mr. Grob? Mr. Grob. It seems to be---- Mr. Upton. Is there anything in place to see some type of requirement or some expert that can come in and help providers large and small? Mr. Grob. I don't think there's answers to that. I think the GAO has described what is the case, which is there's an attempt to jack up considerably the information sharing and to make it public. So that if you look on FDA's Website, you also have the equivalent of that for those who get to information that way, because manufacturers are writing in, declaring about their equipment, you know, and providing, I guess, numbers to call where people can find information about the equipment. What's been pervading this hearing is interesting from this point of view: it has an HCFA orientation to it, although the FDA issue arises as well. But---- Mr. Upton. You have that empty chair next to you right there. Mr. Grob. The empty chair, okay. But in no case do we have anyone who is in charge of that. Medicare at most is probably half the medical care--I don't know what the percentage is these days. And all the things that HCFA has been doing has almost been on behalf of the entire industry because all of its testing and all of its standards will spill over into the rest of the industry. But that's not the case with the Food and Drug Administration. Where HCFA has been successful, in addition to its testing and its rigorous schedules and its GAO and OIG oversight--the additional success, for example, with the billing--has been the increase in knowledge, the increase in expectations, and the knowledge of the consequences of it not happening. So to some extent, jacking up the public knowledge of what's going on, as you suggested earlier, might be, without any other authority, the most immediate effective thing that can be done. However, I have to categorize everything I just said as speculation on my part. We haven't done a formal study of this particular aspect of the problem, but have given some thought of the overall mechanisms that are available to push this on a little bit. Mr. Willemssen. If I might add, Mr. Chairman, much of the information on equipment items from a vendor perspective is available currently via the FDA Website. It's a matter of further publicizing that availability. And, again, if I may repeat, making sure that for critical care and life support items that there's some independent check on their compliance status. Mr. Upton. All right. In fact, I think I'm going to ask Dr. Coburn when I see him next, I wonder if his practice, in fact, checked before they spent the money that they did to replace it. Mr. Klink. Mr. Klink. To the administrator. On the panel after you, one of the witnesses, Annette L. Mackin, chief financial officer VNS of Rochester and Monroe County in New York--and part of her testi- mony, I want to read to you a line to you and I want you to react to it, if you would. She said: ``The NAHC's main concern is that HCFA will fail to take into consideration unique challenges facing home health care and hospice providers and becoming Y2K compliant. Failure to reimburse claims would be a death now for providers who are already struggling with lower reimbursement rates and increased regulatory burdens. HCFA by withholding reimbursements on claims that are not Y2K ready will unfairly and adversely impact those smaller providers who cannot survive interruptions in payment.'' And it goes on and on. How do we get to that position? Isn't it possible for them to just do things the old-fashion way, that is, sit down with a piece of paper and send out a bill, or, in fact, have we become so dependent on computers that that is an impossibility today? Ms. DeParle. No, it's not an impossibility. And as I said, we are--among our contingency plans we're looking at things like what if providers had to submit paper claims. But that's not how I hear that testimony that you just read. What some providers, Mr. Klink, have wanted is for us to say that even if they can't submit a claim or show any documentation that we're going to put money out the door. And I think this committee knows of my concern about program integrity. I know of your concern. I talked to most of you individually about your concerns about waste, fraud, and abuse in the Medicare program. So I think it would be a mistake to suggest to providers at this point, when there are 8 months to go, ``don't worry about it; you're not going to have to worry about submitting a valid claim.'' The first step is for our providers to get ready for the Year 2000. I believe they can do it. And, second, if there are providers who for some reason can't submit a computer-generated claim, as I said, we have contingency plans in place. But I don't want to suggest that it's going to be easier, that we want them all to sit back and not do what they need to do. Mr. Klink. How realistic is it to believe if they have to go back to billing the old fashioned paper way, that the error rate, in fact, would go up significantly? Ms. DeParle. Oh, I don't know that I can speculate about what would happen with the error rate. But I can tell you that given our resources, if it were a large number of providers who had not made the changes they need to make to their computer systems to be able to submit a valid claim, we would not be able to pay them in a timely manner. So what I have said is all of this effort over the last 18 months that we have put forward, making this our number one priority, was to make sure that our claims processing systems were ready, so that if a provider can submit a valid claim, we will be able to pay it. Mr. Klink. My concern, and I don't want to get off into the weeds here because we've got a limited amount of time, but you testified before about how many of them you thought would comply by being able to do the 8-digit format. My question is, what systems are there behind that claim form that actually put all of that information together to make sure that, yeah, you used an 8-digit format, but how do you know the accuracy of everything that's being done once we think we're Y2K compliant? Ms. DeParle. We don't know for a fact the accuracy of everything that's being done, and that's one of the things we're going to focus on over the next few months. As I said, based on that and based on the Inspector General's survey results, I believe that home health agencies and skilled nursing facilities need some special outreach to make sure that they are, in fact, prepared to submit valid claims. Mr. Klink. See, that's where I'm confused. And I don't mean to be difficult. I want to get to the bottom of this. On one hand, you're optimistic that they are getting their billing systems together; on the other hand, we don't know what's going into all the information that's coming into the claims that are being filed with HCFA. And we have no idea whether the error rate will go up or go down. And I guess, you know, the tone of my voice is only out of my own frustration, because I can't--I mean, I can't get a handle on this either. But I sure as heck know that those Members of Congress, not just the ones sitting here, but our friends, are going to be hearing from our hospitals and providers back home once claims are not being paid in a timely fashion; and there's a threat that the doors are going to be closed and services are going to be shut down, then everybody will be paying attention. We got 8 months to really get our arms around there. Mr. Willemssen, if we really wish to understand what is going on with regard to these provider groups, what do we really need to do beyond these survey instruments to kind of get at the underlying roots of the problems that we're faced with? Mr. Willemssen. Well, one, I would say HCFA should continue its very strong outreach efforts. I think the administrator has talked about some of the things that she's done over the last several months. I think to continue that is especially important, so that from the perspective of awareness that that awareness level continues to escalate. Second, I believe it's important to start considering publicizing information on exactly who is providing readiness information on Y2K and who is not. This can possibly spur others to act accordingly. And as I mentioned earlier, this has been a successful mechanism in other sectors that we may want the administrator and others to consider applying to this particular sector. Mr. Klink. Mr. Chairman, you've been very patient today. And, again, I want to thank you. I don't know that we've much more than begun to scratch the surface. I know that in elections and politics we do polling to tell us where we are, how popular we are, what issues, but we actually sample--and I used to be in the TV business, and we had these firms that made very good money going out and sampling what people were listening to, what they were viewing. I don't know if we can do the same thing by choosing certain provider groups and going in and doing a full audit, have the auditors actually go in and take so many rural hospitals and so many urban hospitals and so many in the Midwest and however scientifically they do this. But I really am concerned that this is going to be an issue come the first of the year that all of our colleagues are going to be interested. I will make you a deal. I would like to be able to come to Michigan and sit--if we can conduct a field hearing, if we can get cooperation of our witnesses to come there, and I would invite you to come to Pennsylvania. I think that we need to get to take a look at what some of our local hospitals are doing, and we can do that armed with the information as to which hospitals and which providers in your district have actually filled in the survey and which have not, and we can do the same thing in my area. It might give us a little better handle on where these survey instruments are accurate and where they are not. If we can see specifically where some of our providers are in becoming Y2K compliant. And I certainly would welcome the opportunity to come into your district as well. Mr. Upton. I think that's a good idea. I'll look at my Cubs-Pittsburgh schedule here in my wallet and see what we might be able to do. Mr. Bilirakis. Mr. Bilirakis. Mr. Chairman, I've said that we all should be concerned and not belittle our concern with the reimbursements to the providers and whatnot, Okay? And we have representatives from providers in the next panel; we will hear from them. So I don't mean to belittle all of those. But I guess is there a provider out there--is there a single provider out there no matter how big or how small who does not know that there's a Y2K potential problem and that something has got to be done? I think that there probably isn't a single provider out there. And I--if they're not ready by the first of the year, they're just not going to be reimbursed on time, is that correct, Madam Administrator? Ms. DeParle. What we've said is that providers need to be able to submit a valid claim. Mr. Bilirakis. All right. If they're not, if they're not valid, then there is going to be a delay in reimbursements; is that right? Ms. DeParle. That's probably right. Mr. Bilirakis. They're going to be penalized, and the penalty is serious. And my own son is one of those providers, et cetera, et cetera. I'm not trying to belittle that. It's a paperwork thing when we're talking about equipment? Ms. DeParle. It's a paperwork and a program integrity issue. Mr. Bilirakis. It's a lot of those things. It affects the patients, too, when the providers are not happy, because they're not reimbursed on time; she's not reimbursed on time and all of that. So we know that that's serious. And I don't mean to belittle it. But, you know, we know that there's equipment out there, critical, EKG monitoring equipment, other type of monitoring equipment, all sorts of things of that nature that there isn't that business where they're not going to get reimbursed, a patient dies. I guess I should know the answer to this, but I know it's an FDA situation---- Ms. DeParle. Yes, sir, I agree with you. And I said, I think, before you were able to get here today, that I'm dealing with the financing side of it. That's an important side of health care as you well know. But I agree with you that patient care and safety of pa- tients is the most important thing. And that is the thing that I think that all of us have agreed is the biggest question mark. Mr. Bilirakis. All right. I'm a medical equipment manufacturer provider, okay; and I'm not a big guy. I'm a little guy. I'm not--I don't want the press to pick up that I have that as a side. But if I were and I'm a little guy, can I--I mean, do I have--I have the power without too much of expense to get this thing done in time? Mr. Willemssen? Mr. Willemssen. You would have the means to find out information in all likelihood on the equipment you're using and what the vendor or the manufacturer of that equipment is saying about its Y2K compliance status. Mr. Bilirakis. All right. So if I---- Mr. Willemssen. That kind of information is, for the most part, readily available via the FDA Website, which the VA site has supplied a lot of information to so that the FDA Website has a lot of rich data. Mr. Bilirakis. All right. So should there be some kind of a timeline insofar as I'm concerned or if I haven't shown enough interest in terms of progress and that sort of thing that I maybe lose that contract or I lose that right to furnish the durable medical equipment, which again stands for life and death? Mr. Willemssen. Yes. I think that's a very good point you raise. What has happened, for example, at the Department of Veterans Affairs is that they notify all of their medical facilities of particular pieces of equipment that have been deemed noncompliant, and they direct all of those facilities to get that equipment out of their inventories and replace it as soon as possible. And I think that is a model that can be used by other medical facilities across the country. Mr. Bilirakis. Do you know if we know whether FDA--they're not here to respond for themselves--do you know if FDA is showing any kind of inclination that they're doing anything similar? Mr. Willemssen. I think it is charitable to say FDA has been predominantly reactive on this issue rather than proactive. Mr. Bilirakis. Before my time is up, Ms. DeParle--Nancy, in your testimony, you discuss the difficulties of implementing system changes so close to the end of the year. We know how very difficult that will be. Is it, therefore, your position that if Congress passes any legislative changes to provider reimbursement during 1999 that the law's effective dates should not be triggered until sometime next year, let's say the springtime of the Year 2000? Ms. DeParle. In general, yes, sir. We have, as you know, had a big challenge in trying to implement the Balanced Budget Act on top of making all of these Y2K changes. And we've had to, in fact, delay some provisions. And there is a distinction, I will just suggest to you, there are some changes that are easier to make than others. If you were to enact a new prospective payment system, I would plead with you not to require us to do anything on that until well into the next year. If it's a simple change in a price, what our systems experts called a pricer, that is easier to do. But my colleague, Mr. Willemssen, tells me every time we talk that any change we make introduces risk. I don't have the luxury of operating a fixed system, because we've got new beneficiaries coming on every day. Mr. Bilirakis. That effective date can vary depending on how major the change might be; is that right? It doesn't necessarily have to be one date? Ms. DeParle. That's right. We would want to work with you on that. And I appreciate your acknowledging the difficulty that we have. Mr. Bilirakis. Thank you. Thank you very much, Mr. Chairman. Mr. Upton. Thank you. Panel, we very much appreciate your time well spent with us this afternoon. And we wish you a terrific week, and we look forward to seeing you in the future; and we've not been disappointed by your performance. And you are now formally excused. Ms. DeParle. Thank you. Mr. Willemssen. Thank you, Mr. Chairman. Mr. Grob. Thank you. Mr. Upton. The next panel, panel 2, we have Mr. Ron Margolis, chief information officer of the University of New Mexico Hospital, representing the American Hospital Association. Mrs. Annette Mackin, CFO of Rochester and Monroe Counties, National Association for Home Care, New York. And Dr. Richard Corlin, Speaker of the House of Delegates from the American Medical Association here in Washington. Again, I appreciate you all submitting your testimony in advance. We had a chance to take a look at it. And as you know, as was the first panel, we have a long history of testifying under oath before this subcommittee. And do any of you need to have a lawyer or have private counsel? Would you then rise, raise your right hand? [Witnesses sworn.] Mr. Upton. Thank you. You are now under oath. Your testimony is submitted for the record in its entirety. And we would like to limit your presentation to 5 minutes. And we will start with Mr. Margolis. Thank you. TESTIMONY OF RONALD MARGOLIS, CHIEF INFORMATION OFFICER, UNIVERSITY OF NEW MEXICO HOSPITAL, AMERICAN HOSPITAL ASSOCIATION; ANNETTE L. MACKIN, CHIEF FINANCIAL OFFICER, VNS OF ROCHESTER AND MONROE COUNTIES, INC., NATIONAL ASSOCIATION FOR HOME CARE; AND RICHARD F. CORLIN, SPEAKER OF THE HOUSE OF DELEGATES, AMERICAN MEDICAL ASSOCIATION Mr. Margolis. Thank you, Mr. Chairman, for the opportunity to come before you today to discuss and clarify hospital readiness to the best of my ability. Mr. Chairman---- Mr. Upton. Can you bring the mike just a little bit closer. Mr. Margolis. Good. I feel like a disc jockey. Mr. Chairman, I am Ron Margolis, chief information officer at the University of New Mexico Hospital in Albuquerque. I'm here on behalf of the American Hospital Association, 5,000 hospitals, health systems, networks, and other connected-related providers of care. The AHA and its members are committed to ensuring the smooth delivery of high quality health care is not disrupted by potential Year 2000 problems. A very recent February survey of AHA members found that the majority expect to be Y2K compliant by January 1. Almost all expect to be sufficiently prepared so that the critical operations will not be affected; that ambulance communication systems, for example, will not fail; that patient monitoring systems will be fully operational; and that billing and reimbursement systems will be working properly. On the topic of this hearing, information systems, we found similar results: 12.9 percent of hospitals said their information systems were already Y2K compliant. Another 85 percent expected their information systems to be ready by year end or expected no operational problems. Less than 1 percent, .5 to be exact, expected noncompliance with possibly adverse effects. Of course, hospitals and health systems are establishing contingency plans in case of disruption. Hospitals are in the business of dealing with the unexpected, floods, hurricanes, other potentially disastrous events that unfortunately are a fact of daily life. It is incumbent upon hospitals to also prepare to the potential Y2K disruption of any essential services. And our survey indicates that members are doing just that. They are directing their efforts both internally across their facilities and externally within their communities. This includes working with such entities as utility companies, emergency medical service suppliers, and other health care providers. Contingency planning is not something that must be done only by hospitals. On average, hospitals and health systems receive roughly half of their revenues from Medicare and Medicaid. If that much revenue were to be cutoff, hospitals could not survive and, of course, patient care would be jeopardized. That's why it is imperative that the Health Care Financing Administration establish a fail safe contingency plan itself that anticipates and addresses how to respond in case payment mechanisms, either on the provider side or on the government side or in some intermediary connection such as the phone system, failed. We have offered to work with HCFA and we look forward to hearing from the agency on the details of its contingency planning. We believe that a system of advanced payments based on past payment levels is one way to ensure that beneficiaries continue to receive the care they need by assuring that hospitals have the resources they need to care for Medicare and Medicaid patients. Also, the Medicare Payment Advisory Commission has included its hospital perspective payment system update recommendation for fiscal Year 2000 and additional .5 percent to cover the hospital's costs of becoming Y2K compliant. We ask Congress to increase the congressionally mandated hospital update factor by this .5 percent to reflect this MedPAC recommendation. At the University of New Mexico hospitals, we're working very hard to ensure that our information systems are ready for Y2K. Critical systems include information systems for patient care, medical devices, medical records, billing, and others all served by emergency and backup power. External contingencies such as a power outage or a phone transmission loss or a failure of HCFA to be able to respond to claims submitted. Our power supplies, for example, are represented by two levels of fail-safe. The major computers which do the patient information systems, which are responsible for electronic medical records, and which support the network that connects patient monitoring devices are on what's called uninterruptable power, which is basically a large battery backup system which provides upwards of 3\1/2\ hours of continued service should there be a power outage. In addition, we have just completed the testing and installation of a major diesel fuel generator system, which keeps that system charged. May I have an extra couple of minutes? I'm sorry to run overtime. Phone systems, we have overnight backups of previous day's activities, which allows us to recreate at any point in time any failure in data that may have occurred, so we can go back 5 days or 5 years and recreate what happened. The system can be restarted, recreated from the data base so that, for example, on January 3, if we found that our January 1 bills were not received properly, we could go back and recreate them in various formats. We also could accumulate bills for several days, or several weeks for that matter, should HCFA or a phone system failure preclude us from sending the bills in on time. Our internal information systems, we're in the process right now of completing end-to-end testing of computer systems. What is required for this is parallel testing using live data with January 1 dates and thereafter, leap year dates and thereafter, the other critical dates that will occur very shortly after the beginning of January 1. For us self-sufficiency is not just in-house, but also it includes the general community, county of Albuquerque, including the emergency, police, fire and other hospitals, as well as referring hospitals and transportation services. Mr. Chairman, the Year 2000 issue will affect every aspect of American life. Few, if any of us, are as important as are the health care community. Americans hospitals and health systems and the AHA are partners in the effort to prepare for the year 2000. We encourage Congress and our Federal agencies to work with us as well. In this project of highest priority, together we can ensure a smooth and healthy transition into the new millennium. Thank you. [The prepared statement of Ronald Margolis follows:] Prepared Statement of Ronald Margolis on Behalf of the American Hospital Association Mr. Chairman, I am Ronald Margolis, chief information officer at University of New Mexico Hospitals in Albuquerque, New Mexico. I am here on behalf of the American Hospital Association's (AHA) nearly 5,000 hospitals, health systems, networks, and other providers of care. The AHA and its members are committed to taking the steps necessary to prevent potential Year 2000 problems from interrupting the smooth delivery of high-quality health care. We appreciate this opportunity to update you on our efforts, to outline the role that the AHA has taken in aiding the health care field, and to highlight some areas in which the government and its agencies can help as they play their critical roles in this historic effort. progress on y2k compliance The majority of the nation's hospitals expect to be completely ``Y2K compliant'' by January 1, 2000, based on the results of a nationally representative survey we conducted. Of the balance, almost all expect to be sufficiently prepared that critical operations will not be affected. The survey occurred in February 1999, and asked hospitals about their Y2K readiness by the end of this year in three areas: information systems, medical devices and infrastructure/physical plant. Our Y2K readiness survey indicates that almost all of the nation's hospitals expect to be prepared to meet the Y2K challenge. Respondents represented not-for-profit and investor-owned hospitals in urban and rural areas. Following are highlights. Information Systems Information systems include financial, billing, human resources, clinical, inventory control, and other systems. <bullet> 12.9% of hospitals said their information systems were compliant when they responded in February 1999 <bullet> Another 84.7% of hospitals either expected their information systems to be Y2K compliant by year end or expected no problems in their operations <bullet> 0.5% expected non-compliance with possible adverse effects Medical Devices <bullet> 5.7% of hospitals said their devices were compliant when they responded in February <bullet> Another 90.4% of hospitals expected their devices to be Y2K compliant by year end or expected no problems in their operations <bullet> 0.5% expected non-compliance with possible adverse effects Physical Plant/Infrastructure Physical plant/infrastructure includes such areas as heating and cooling, environmental control systems, telecommunications, and security systems. <bullet> 23.8% of hospitals were compliant when they responded in February 1999 <bullet> Another 71.7% expected to be Y2K compliant by year end or expected no problems in their operations <bullet> 0.4% expected non-compliance with possible adverse effects In the survey, less than one percent of hospitals predicted possible ``adverse effects'' in their critical operations as a result of the change to the Year 2000. The AHA survey comes on the heels of a report issued last month by the Health and Human Services' Office of Inspector General (OIG) that also indicates high confidence in hospital Y2K readiness by the end of the year. The OIG report reaffirms what we've been hearing from our hospitals on their Y2K efforts. The fact that hospitals represented the largest percentage of responses to the OIG report shows their willingness to be forthcoming in their Y2K preparation. Our confidence in the accuracy of our polling methods is shared by the Medicare Payment Advisory Commission (MedPAC), the federal body that advises Congress on issues affecting the Medicare program. MedPAC relies on other AHA member surveys when the commission deals with Medicare payment issues. Part of hospitals' Y2K preparation is to meet HCFA's requirement that Medicare bills be submitted in an 8-digit format--two slots each for the month and date, and four slots for the year. HCFA found that, as of mid-April, 90 percent of Part A bills, from organizations such as hospitals, skilled nursing facilities and home health agencies, were submitting Y2K compliant claims. Since this marks a more than 30 percent increase from the 58 percent compliance HCFA cited just two months ago in congressional testimony, we have every reason to believe that the percentage will approach 100 percent very soon. The AHA survey results also respond to questions and statements suggesting that rural hospitals, contrary to what has been widely reported anecdotally, are keeping pace. According to the rural hospitals that responded to our February survey, 93 percent said their information systems were either totally compliant or were moving toward compliance without major difficulty; 92 percent said their medical devices were either totally Y2K compliant or were moving toward compliance without major difficulty; and 96 percent said their physical plants were either totally Y2K compliant or were moving toward compliance without major difficulty. These findings are in line with the OIG's survey, which also found no statistically meaningful differences in Y2K readiness between rural hospitals and other categories of hospitals. And the Healthcare Year 2000 Readiness Assessment #2, prepared for HCFA by the Rx2000 Solutions Institute and released in January, identified hospitals as the healthcare sector that is ``among the most aggressive towards meeting its Year 2000 deadlines.'' Taken together, all of this--the AHA survey, the OIG survey, HCFA's information about billing compliance, statements by key government representatives, and the Rx2000 survey--points toward the same conclusion: hospitals expect to be ready to meet the Y2K challenge. contingency planning America's hospitals and health systems are in the business of dealing with the unexpected. They are used to mobilizing quickly in the face of floods, hurricanes and potentially disastrous events that are an unfortunate fact of life. There is no reason to believe that they will not also be ready for the Year 2000. The AHA believes that the best approach for hospitals to manage potential disruptions on January 1 is to anticipate them. Specifically, it is incumbent upon hospitals to prepare now to respond to the potential loss or disruption of any essential hospital processes or services, and our survey indicates that our members are doing just that. They are directing their efforts both internally across hospitals' facilities, and externally within communities. This includes working with such entities as utility companies, emergency medical services, and other health care providers. According to the AHA's survey, 66 percent of hospitals have initiated contact with utilities in their area; 44 percent have initiated contact with other hospitals; 38 percent have initiated contact with fire and police authorities; 36 percent have initiated contact with ambulance services; and 35 percent have initiated contact with their local governments. The AHA, along with state, regional and metropolitan hospital and health system associations, is working hard to make sure that America's hospitals and health systems are informed about, educated on, and assisted with Year 2000 contingency planning. We recently distributed to every AHA member a briefing on hospital contingency planning. This briefing emphasizes the interdependent nature of health care, and stresses the need for hospitals to plan in advance, with their key partners, how they will handle potential Y2K-induced losses or disruptions. This executive briefing was followed up early last month by ``how- to'' materials for hospital contingency planning, including a business continuity planning guide. In addition, the AHA will be working with the Federal Emergency Management Administration to coordinate emergency preparedness efforts at a national level with contingency planning taking place at individual hospitals in local communities. We plan to bring together representatives of major health systems and health care manufacturing and supply companies to discuss how we can provide guidance to the health care field on issues related to Y2K preparedness and concerns about health care equipment and pharmaceutical and medical supply stockpiling. HCFA's contingency plan On average, hospitals and health systems receive roughly half of their revenues from government programs like Medicare and Medicaid. If that much revenue were to be suddenly cut off, hospitals could not survive, and patient care could be jeopardized. Hospitals would not be able to pay vendors. They would not be able to purchase food, supplies, laundry services, maintain medical equipment--in short, they would not be able to do the job their communities expect of them. All this would occur even as hospitals and health systems faced the substantial costs of addressing their own Year 2000 system needs--costs that are not recognized in the calculation of current Medicare payment updates. We applaud HCFA's announcement that the Fiscal Year 2000 PPS update will no longer have to be delayed while the agency prepares its computer systems for Y2K. We congratulate the agency's personnel for tackling the problem in such a way that it apparently will no longer require nearly $300 million in payment updates to be held back from the hospitals that need them. However, at the same time we are concerned that HCFA has not announced that it has an adequate contingency plan in place. HCFA also must make sure its contractors--including Medicare+Choice plans--take steps to ensure that their performance will not be interrupted by Year 2000 problems caused by the millennium bug. HCFA should continue to make readily available its work plan, and progress reports, for bringing the contractors and Medicare+Choice plans into compliance and monitor their efforts. Letting providers know what changes may be required of them is also important. This would allow providers, contractors and plans to prepare simultaneously and ensure that their systems are compatible. Even if HCFA and its contractors express confidence that their payment mechanisms will not be affected by the millennium bug, unforeseen problems could crop up. Therefore, it is imperative that HCFA establish a fail-safe contingency plan that anticipates and addresses how to respond in case payment mechanisms, either on the provider side or on HCFA's side, are disrupted at the turn of the century. We have offered to work with HCFA to ensure that these concerns about the Year 2000 are adequately addressed. However, HCFA has not yet shared with us any details of their contingency planning. Medicare beneficiaries' health care needs will remain constant, regardless of how well payment systems are prepared for Year 2000 problems. If carrier and fiscal intermediary payment systems are clogged up by the millennium bug, hospitals' ability to continue providing high-quality health care could be severely affected. A system of advance payments, based on past payment levels, is one way to ensure that beneficiaries continue to receive the care they need, by assuring that hospitals have the resources necessary to care for Medicare patients. Congress should require HCFA to commit to such advance payments, or to other alternatives that would ensure continuity in case of a Y2K failure. It is important to note that Medicare is not the only payer for hospital services. Similar payment delays could occur if private health insurers and, in the case of Medicaid, individual states, have not addressed their own Year 2000 problems. HCFA has the authority and leverage to prevent this from happening, and we urge the agency to exercise that authority. the supply chain--more information is needed More than 60 percent of the hospitals responding to the AHA's Y2K readiness survey cited lack of information from suppliers as the number one barrier to achieving total Y2K compliance. The AHA is working with the Food and Drug Administration (FDA) to ensure that hospitals obtain the compliance information they need on medical devices and equipment. The AHA is also now focusing on a broad range of other suppliers to get the vendor information its members need, from medical device manufacturers to pharmaceutical and other medical supply companies. Experts in the field are advising health care organizations to employ a risk management methodology to identify their most critical supply issues, focusing on those that are critical to patient health. Hospitals must know how their suppliers and manufacturers plan to deal with potential disruptions to the flow of medical and surgical supplies, or the raw materials necessary to produce those supplies. Prudent contingency planning will require an exchange of information between suppliers and providers. In the absence of reliable information, hoarding and stockpiling may occur, creating the very supply chain disruptions that everyone should be working to avoid. the role of the aha and other associations Mr. Chairman, all of the activities I've described above are part of an overall effort by the AHA and its state associations to help hospitals and health systems in their Y2K preparation. This effort includes: <bullet> Developing a members-only Y2K section of AHA's Web site with up-to-date news and resources to help manage the Y2K computer challenge; <bullet> Using a toll-free 800 number to provide Y2K information to members on educational opportunities, peer and consultant referrals and speaker recommendations, and other customized resources; <bullet> Creating the ``Y2K: Mission Critical'' executive briefing, a notebook for hospitals that outlines the Y2K problem and offers information on how to deal with it; <bullet> Using AHA's publications to provide members with the latest information, including ``The Clock's Ticking'' column, devoted entirely to Y2K, in AHA's weekly newspaper; <bullet> Developing the members-only ``Y2K Communications Action Kit,'' a resource with tools to help communicate a hospital's Y2K progress with the public; <bullet> Distributing a contingency planning workbook, which contains templates to help hospitals create internal and external back up plans for their facility with their community partners; and <bullet> Working with state hospital associations to sponsor Security Third Millennium (SIIIM), an Internet-based tool that helps health care providers get information that can help minimize malfunction or failure of biomedical devices and equipment on January 1, 2000. Protecting Public Confidence, Staying Abreast of Progress We believe it is critical that the communities we serve understand what hospitals are doing to prevent any disruption to the provision of health care services. The AHA, in collaboration with our state, regional and metropolitan associations and other key strategic partners, is working hard to stress to our member hospitals the importance of managing the Y2K issue from a public confidence perspective. We have made available tools to counsel hospitals and health systems about how to talk with the public about Y2K and health care. A Y2K Communications Action Kit was developed that was distributed in early March to all of our members. Our members were encouraged to adapt the materials in the kits for use in their communities. The kit includes samples of how to communicate to various audiences about the Y2K issue. We are continuing our efforts to make sure that hospitals and health systems have the latest information on what their colleagues and other organizations are doing to address the Y2K problem. And we are helping them learn about potential solutions. Our State Issues Forum, which tracks state-level legislative and advocacy activities, is hosting biweekly conference calls dedicated entirely to the Year 2000 issue. On these calls, state hospital association and AHA staff share information. A special AHA task force on the Year 2000 problem has been drawing up timelines for action to make sure our members get the latest information and know where to turn for help. Articles are appearing regularly in AHA News, our national newspaper, in Hospitals and Health Networks, our national magazine for hospital CEOs, in Trustee, our national magazine for volunteer hospital leadership, and in several other national publications that are published by various AHA membership societies. Several of these societies, such as the American Society for Healthcare Engineering, the American Society for Healthcare Risk Management, and the Association for Healthcare Resource and Materials Management, are deeply involved in helping their members attack the millennium bug in their hospitals. the costs of compliance What are the costs of Y2K compliance expected to be? An earlier AHA survey researching this issue points to a huge financial investment by hospitals and health systems. The bottom line is that America's hospitals and health systems expect to spend somewhere around $8 billion to become Y2K compliant. Smaller hospitals, those with fewer than 100 beds, will spend close to $1 billion on Y2K fixes, or an average of $435,000 each. Hospitals with between 100 and 300 beds will spend $2.5 billion, an average of $1.2 million each. Hospitals with 300-500 beds will spend nearly $2 billion, or $3.4 million each. The largest amount of spending, $2.2 billion, will occur at hospitals that have more than 500 beds. Much of the $8 billion that hospitals expect to spend on Y2K compliance will be spent this year. This presents an immense challenge, because that spending comes on top of significantly declining Medicare reimbursement in the Balanced Budget Act of 1997. The Balanced Budget Act reduced payments to hospitals by $44.1 billion over five years. the role of congress As I have described, health care providers and the associations that represent them are devoting significant time, resources and energy to preventing potential Year 2000 problems from affecting patient safety. It is essential that we all look for ways to help prepare America's health care system for the turn of the century, and Congress can play an important role. Your attention to this issue, through hearings such as this, reflects your understanding of the gravity of the situation. One major step toward Y2K compliance occurred when Congress passed its ``Good Samaritan'' legislation. By shielding from liability the sharing of information among businesses that provide it in good faith, this law encourages all parties--providers, suppliers, manufacturers, and more--to work together. We ask you to help America's health care system avoid Year 2000 problems by taking several other steps: <bullet> Congress should provide the FDA with any additional authority or resources it needs to ensure the necessary information is disclosed by medical device manufacturers, and to serve a ``rumor control'' function regarding devices. <bullet> Congress should insist that HCFA use its authority to make advance payments under Medicare. These payments, based on past payment levels, should be implemented to ensure adequate cash flow for providers in case carrier and fiscal intermediary payment systems fail, or other disruptions to the normal operation of payments systems should occur due to the date change. <bullet> Last week John Koskinen, chairman of the President's Council on Year 2000 Conversion, mentioned the possibility of creating a contingency fund from which states (in the case of Medicaid, for example) or hospitals could draw monies needed to continue operating in case of a Y2K disruption. We support that principle, and would be glad to be a part of any discussions concerning how such a fund should be set up. <bullet> MedPAC has included in its hospital prospective payment system update recommendation for fiscal year 2000 an additional 0.5 percent to cover hospitals' costs of becoming Y2K compliant. We ask Congress to increase the congressionally mandated hospital update factor by 0.5 percent to reflect this MedPAC recommendation. conclusion Mr. Chairman, the Year 2000 issue will affect every aspect of American life, but few, if any, are as important as health care. America's hospitals and health systems, their state associations, and the AHA are partners in the effort to prepare for the Year 2000. We encourage Congress and our federal agencies to work with us as well. Together, we can ensure a smooth--and healthy--transition into the new millennium. Mr. Upton. Thank you. Ms. Mackin. TESTIMONY OF ANNETTE L. MACKIN Ms. Mackin. Thank you, Mr. Chairman. Thank you for the opportunity to present testimony today on issues related to Y2K compliance and Medicare home health providers. My name is Annette Mackin, and I am the chief financial officer and the chief information officer of the Visiting Nurse Service of Rochester in Rochester, New York. I also serve on the board of directors of the National Association for Home Care. Mr. Upton. One second. If you can pull the mike a little closer, too, a little closer. There you go. Ms. Mackin. I will do it this way, how is that? When you get old, you have to have the bifocals. Mr. Upton. It's the people in the back of the room, too. Ms. Mackin. I serve on the board of directors of the National Association for Home Care, and I chair the government affairs committee. NAHC is the largest national organization representing home health care providers, hospices and home care agencies. Among NAHC members are every type of home care agencies, including the not-for-profit agencies like the Visiting Nurse Associations, for-profit chains, hospital-based agencies and freestanding agencies. The VNS of Rochester has over 950 employees, an annual operating budget of $43 million and serves over 11,000 clients in the Rochester and Monroe County and New York area. In 1998, the VNS received $14.3 million in Medicare revenues. The VNS began its Y2K compliance efforts in 1997. A multidisciplinary team developed an exhaustive inventory of all potential date-sensitive internal and external equipment software and services impacting the agency's normal operations. Each item on the inventory was then evaluated for compliance through vendor contacts and Internet searches. Our efforts were supplemented by efforts of the National Association for Home Care, who conducted an all-out effort including our home care and--educating our home care and hospice members on Y2K compliance. This has been a top priority since all home care claims received by our fiscal intermediaries on or after April 5 must be Y2K-compliant or they will be returned as unprocessable. Failure to receive reimbursement for services could quickly lead to additional severe cash-flow problems for agencies and could ultimately compromise patient care and access to care. NAHC is concerned that despite the best efforts of the home care community and HCFA, some home care agencies and hospices may still not be prepared for the millennium. Many of these providers, which will most likely be freestanding agencies in rural and remote areas, may lack the resources to participate in State and national association training or have access to information on Y2K. It is also very likely that smaller agencies do not have the technical people on staff to address Y2K issues. Home care agencies' efforts to comply with the Y2K requirements should be evaluated in light of the agencies' resources, both dollars and staff, and their access to information. In addition to lowering home care reimbursement rates by approximately 30 percent through the establishment of the interim payment system, the Balanced Budget Act of 1997 led to an imposition of--a myriad of new regulatory burdens on home care agencies. Such new requirements included sequential billing, the OASIS patient assessment data collection and transmission and increased medical review. Home care agencies have expended huge sums of money to comply with these new regulations. And despite 1998 changes to the current Medicare home health payment systems, virtually all agencies are reimbursed less than their actual operating costs of providing care. Moreover, maintaining regulatory compliance has siphoned funds away from necessary patient care and has left virtually zero dollars for overhead expenses such as new computer hardware, software and technical consulting, much less having dollars to continue memberships in State or national associations that provide so much valuable information, particularly around Y2K compliance. It appears that HCFA has placed the lion's share of the burden of not only providing information, but of assuring compliance, on the associations that represent home care and hospice providers. NAHC has taken responsibility for educating its members, but cannot reach providers who do not belong to an association. HCFA has stated that provider failure to comply with Y2K for any reason will mean that the provider will not be paid for services rendered to Medicare beneficiaries. HCFA, however, has failed to reveal its own contingency plans in the event that their systems fail. How can HCFA expect providers to comply when it has given no assurances to providers that it has its own house in order and will be able to meet its payment obligations? HCFA has the capability to identify and communicate with all Medicare-certified home health and hospice providers. Home care associations don't have these capabilities, nor do they have the resources to conduct ongoing outreach efforts. NAHC is currently struggling with its efforts to contact hundreds of home care providers, members and nonmembers, who are believed to be out of compliance with Y2K requirements. HCFA should utilize the informa- tion it has to target those providers most at risk for not becoming compliant. Once targeted, HCFA can then engage in a more active information campaign for those at-risk agencies who are not members of any trade association and may not have the capabilities to obtain on-line information. Moreover, HCFA can work more closely with State and national associations to help get those who fly below the radar screen. HCFA has free software available to help providers, but many providers are not aware that such software exists. In conclusion, NAHC urges HCFA to take a more flexible approach when processing claims from providers that are not Y2K-compliant. NAHC is hopeful that HCFA will take into account where good faith efforts have been made by providers in becoming compliant or where providers have failed to be compliant because of factors outside of their control. In such cases HCFA should engage in outreach and help the provider achieve compliance as opposed to imposing financial penalties that could jeopardize the future of the agency, as well as access to and quality of patient care. Thank you. [The prepared statement of Anette L. Mackin follows:] Prepared Statement of Annette Mackin on Behalf of the National Association for Home Care Mr. Chairman, thank you for the opportunity to present testimony today on issues related to Y2K compliance and Medicare home health providers. My name is Annette Mackin. I am the Chief Financial Officer of the Visiting Nurse Service (VNS) of Rochester and Monroe County, Inc. I also serve on the Board of Directors of the National Association for Home Care (NAHC) and chair the Government Affairs Committee. NAHC is the largest national organization representing home health care providers, hospices, and home care aide organizations. Among NAHC's members are every type of home care agency, including: non- profit agencies like the Visiting Nurse Associations, for-profit chains, hospital-based agencies and freestanding agencies. My testimony today will focus on the difficulties and costs associated with getting a home care provider Y2K compliant. I will also outline NAHC's efforts to educate the home care community as a whole on Y2K issues. My testimony concludes with several suggestions that the Health Care Financing Administration (HCFA) can adopt to ensure that all Medicare home health and hospice providers are Y2K ready so that beneficiary safety and access to quality home care services is not compromised. y2k efforts of vns of rochester & monroe county, inc. The VNS of Rochester & Monroe County, Inc., has over 950 employees, an annual operating budget of $43 million, and serves over 11,000 clients in the Rochester, New York, area. In 1998, the VNS received $14.3 million in Medicare revenues. The VNS began its Y2K compliance efforts in 1997. A multidisciplinary team developed an exhaustive inventory of all potential date-sensitive internal and external equipment, software, and services impacting the agency's normal operations. Each item on the inventory was then evaluated for compliance through vendor contacts and Internet searches. Several critical internal systems were found to be noncompliant and resulted in significant financial expenditures to bring them into compliance. For example, the agency revenue, billing and statistical system was updated at a cost of $200,000 and the telephone and voice mail systems were updated at a cost of $150,000. Virtually all other software applications, such as payroll, human resource management, e- mail, and accounting, required updating to Y2K-compliant versions at costs averaging approximately $5,000 per application. We are currently testing all client servers and personal computers to ensure that the hardware as well as the software is compliant. Additional expenditures may be required to bring some of the older equipment into compliance. The next step in the process is the development of contingency plans to ensure that patients receive care and the agency can operate if major internal and/or external systems fail for any period of time. nahc's efforts to educate providers NAHC has conducted an all-out effort in educating our home care and hospice members on Y2K compliance. This has been a top priority since home health claims received by fiscal intermediaries (FIs) on or after April 5, 1999, that are not Y2K compliant will be ``returned as unprocessable.'' Failure to receive reimbursement for services could quickly lead to additional severe cash flow problems for agencies and could, ultimately, compromise patient care and access. Since July 1998, NAHC has provided outreach to members through its weekly newsletter, member e-mail listserv and website. NAHC has suggested strategic planning and preparation and has provided information to assist home care and hospice providers in following through on Y2K readiness efforts. NAHC has provided the addresses of numerous websites where NAHC members can obtain more information on Y2K compliance, including the websites established by HCFA, the Food and Drug Administration (FDA) and others. HCFA has released program instructions to its carriers and fiscal intermediaries, and NAHC has passed the information contained in these transmittals to the home care and hospice community in a timely fashion. NAHC has also held several educational programs and has featured the millennium compliance issue at industry conferences. For example, Kenneth Kleinberg, a leading expert in Y2K information technology issues from the Gartner Group, was a keynote speaker at NAHC's recent policy conference. During his talk to over 500 home care and hospice providers, he outlined the millennium readiness of the health care sector. In a smaller session, Kleinberg, HCFA's Joe Brosecker, and I provided more detailed guidance specific to home care to conference attendees. Further educational sessions are planned for NAHC's annual meeting to be held in October. NAHC is developing a Y2K Failure Contingency Planning Workbook for home care and hospice providers. The workbook will contain checklists and sample contingency plans to provide home care providers with concrete guidelines to follow to be assured Y2K compliance. NAHC is hopeful that use of this notebook will further ensure home care compliance with Y2K. NAHC is concerned that, despite the best efforts of the home care community and HCFA, some home care agencies and hospices may still not be prepared for the millennium. Many of these providers, which will most likely be freestanding agencies in rural or remote areas, may lack the resources to participate in state or national association training or to access information on Y2K compliance. Home care agencies' efforts to comply with Y2K requirements should be viewed in light of the agencies' resources and access to information. home health difficulties with y2k compliance In addition to lowering home care reimbursement rates by approximately 30% through the establishment of an interim payment system (IPS), the Balanced Budget Act of 1997 (BBA '97) led to imposition of a myriad of new regulatory burdens on home care agencies. Such new requirements included sequential billing, OASIS patient assessment data collection and transmission and increased medical review. Home care agencies have expended huge sums to comply with these new regulations. Despite 1998 changes to the current Medicare home health payment system, virtually all agencies are reimbursed less than their actual costs of providing care. Moreover, maintaining regulatory compliance has siphoned funds away from necessary patient care and has left little for overhead expenses such as new computer hardware, software, and technical consulting, much less dollars for continuing memberships in state or national associations that alert agencies and make efforts to help them with Y2K compliance. These regulatory burdens have also slowed down claims processing, drastically reducing cash flow to agencies. The vast majority of home care agencies are small businesses with little in the way of tangible assets. These small, ``mom and pop'' providers cannot operate if cash flow is significantly interrupted. NAHC's main concern is that HCFA will fail to take into consideration unique challenges facing home care and hospice providers in becoming Y2K compliant. Failure to reimburse claims will be the death knell for providers who are already struggling with lower reimbursement rates and increased regulatory burdens. HCFA, by withholding reimbursement on claims that are not Y2K ready, will unfairly and adversely impact those smaller providers who cannot survive interruptions in payment. The smaller agencies are also the ones that will have the most difficulty becoming Y2K compliant and yet will have the most to lose if their reimbursement is halted. HCFA has led many to believe that the cost of becoming Y2K ready is minimal, offering web-based resources addressing various aspects of the year 2000 challenge. Yet, many home care and hospice providers do not have access to the Internet and, therefore, this avenue of information is closed off to those less sophisticated providers. A NAHC survey of home care providers in July 1998 indicated that only one-quarter had computer systems sufficiently sophisticated to collect and transmit OASIS patient assessment data. This finding provides some indication of agencies' likelihood of having Internet access. Providers of home care and hospice services face unique challenges that are not faced by providers in other environments, such as hospitals or nursing homes. The patients they serve are homebound and may experience more severe consequences as a result of Y2K noncompliance, not only in health care, but in all aspects of their lives. Home caregivers must educate their patients to ensure that the home environment is millennium compliant on December 31, 1999. An agency can have contingency plans for everything, but if the patient does not have access to needed medications and medical equipment or, if their power or water source fails, the patient could face a tragic situation. recommendations It appears that HCFA has placed the lion's share of the burden of not only providing information, but of assuring compliance, on the associations that represent home care and hospice providers. NAHC has taken responsibility for educating its members but cannot reach providers who do not belong to an association. HCFA has stated that provider failure to comply with Y2K, for any reason, will mean that the provider will not be paid for services rendered to Medicare beneficiaries. HCFA, however, has failed to reveal its own contingency plans in the event that systems fail. How can HCFA expect providers to comply when it has given no assurances to providers that it has its own house in order? HCFA has the capability to identify and communicate with all Medicare certified home health and hospice providers. Home care associations don't have these capabilities, nor do they have the resources to conduct ongoing outreach efforts. NAHC is currently struggling with its efforts to contact hundreds of home care providers (NAHC members and non-members) who are believed to be out of compliance with Y2K requirements. HCFA should utilize the information it has to target those providers most ``at-risk'' for not becoming Y2K compliant. Once targeted, HCFA can then engage in a more active information campaign for those at-risk agencies who are not members of any trade association and may not have the capabilities to obtain on-line information. Moreover, HCFA can work more closely with state and national associations to help get to those who ``fly below the radar screen.'' HCFA has free software available to help providers but many providers are not aware that such software exists. In conclusion, NAHC urges HCFA to take a more flexible approach when processing claims from providers that are not Y2K compliant. NAHC is hopeful that HCFA will take into account good faith efforts made by providers in becoming compliant, or that providers who failed to be compliant because of factors outside of their control. In such cases, HCFA should engage in outreach and help the provider achieve compliance as opposed to using a heavy hand that could jeopardize the future of the agency as well as access to and quality of patient care. Mr. Upton. Thank you. Dr. Corlin. TESTIMONY OF RICHARD F. CORLIN Mr. Corlin. Thank you, Mr. Chairman. My name is Dr. Richard Corlin. I'm Speaker of the House of the Delegates of the American Medical Association and a practicing gastroenterologist. I want to thank you for inviting me to testify today. The Year 2000 problem will affect virtually all aspects of the medical profession. Most all physicians use computers in our practices for scheduling, reimbursement, and increasingly for more clinical functions, such as logging in patient histories. We and our patients also rely on medical equipment with embedded microchips. The AMA realizes that with this reliance comes the risk of malfunction due to the Y2K bug. We have consistently been directing our efforts toward assisting physicians to achieve compliance and have been focusing on three areas: cooperation, education, and communication. The AMA has been promoting cooperation through our involvement in the National Patient Safety Foundation. The AMA launched a foundation with the support of other health care organizations and safety experts. In addition, we helped to form a public-private partnership with the National Patient Safety Partnership, which was convened by the Department of Veterans Affairs. This partnership has shown particular leadership in the Y2K problem. For more than a year, the AMA has also been educating physicians and medical students with two of its publications, AMNews and the Journal of the American Medical Association. We have been raising physicians' level of awareness of the year 2000 problem with numerous articles on a variety of Y2K subjects. Nearly a year ago, the AMA also launched a national campaign with the Federation of Medical Societies focusing on both education and communication. As part of this campaign, the AMA has been holding regional seminars across the country to talk about the Y2K problem, encourage physicians to make Y2K assessments, identify and correct problems and establish contingency plans. We have made available to hundreds of thousands of physicians a solution manual entitled ``The Year 2000 Problem: Guidelines for Protecting Your Patients and Practice,'' which each of your offices have been given a copy of. This booklet talks about Y2K compliance requirements, how to obtain information about medical devices, self-assessment programs, contingency plans and a lot more. It also identifies a host of other resources for physicians to obtain help in becoming Y2K- compliant. An AMA subsidiary, AMA Solutions, Incorporated, has also been working extensively with physician group practices, hospitals and medical societies and has assisted them in hosting Y2K presentations. To better assess physicians' readiness, the AMA is presently conducting a series of Y2K surveys. With these surveys, we hope to identify those segments of the medical profession most in need of additional assistance. Although the results of our first survey were inconclusive due to the low response rate, the results did suggest that around three- quarters of the physicians responding have conducted a Y2K inventory of their practices. Seventy-one percent of the respondents have also developed a strategy for dealing with potential Y2K problems. Our most promising finding was that of those physicians who report that their practices were not yet Y2K-compliant, almost all, 94 percent, indicated that their practices will be compliant by the end of the year. We anticipate that our next survey, which we will conduct in the near future, will confirm many of these findings. To foster greater communication among physicians about the Y2K problem, the AMA last year established a special section on Y2K on its award-winning Website. It provides regularly updated information about the millennium bug, enabling physicians to assist each other in solving their Y2K problems. What more can be done? First, we cannot allow ourselves to become complacent. The AMA acknowledges that the year 2000 problem still poses a risk for patient care and may adversely affect physicians' administrative responsibilities. This month we are also asking State, county and specialty medical societies to join us in our educational facilities. Second, physicians and other patient advocates continue to call on medical device manufacturers to disclose immediately whether their products will malfunction. Only they have the information; and that applies to software manufacturers as well. Third, as we obtain information, we need to reassure patients that medical devices will continue to work safely. We do not want a lack of information to cause patients to panic. The patient has to be our No. 1 concern in all of our Y2K efforts. Thank you very much, once again, for inviting me to testify today. [The prepared statement of Richard F. Corlin follows:] Prepared Statement of Richard F. Corlin on Behalf of the American Medical Association Mr. Chairman and members of the Committee, my name is Richard F. Corlin, MD. I am the Speaker of the House of Delegates of the American Medical Association (AMA). I am also a practicing gastroenterologist from Santa Monica, California. On behalf of the three hundred thousand physician and medical student members of the AMA, I appreciate the opportunity to discuss the impact of the federal government's efforts to address the year 2000 problem, the anticipated impact on patients and physicians and the AMA's efforts to assist physicians in dealing with this problem. Introduction As most all of us know, many computer systems, software and embedded microchips cannot properly process date information or date data. As programmed, these devices and software can only read the last two digits of the ``year'' data field. Consequently, when data requires the entry of a date in the year 2000 or later, these systems, devices and software are incapable of correctly processing the data. This inability to properly process year 2000 date data is commonly referred to as the ``Y2K problem'' or the ``Y2K bug.'' By the nature of its work, the medical industry relies heavily on technology, on computer systems--both hardware and software, as well as medical devices that have embedded microchips. A survey conducted last year by the AMA found that almost 90% of the nation's physicians are using computers in their practices, and 40% are using them to log patient histories.<SUP>1</SUP> These numbers appear to be growing as physicians seek to increase efficiency and effectiveness in their practices and when treating their patients. Physicians' dependence on technology consequently creates some vulnerability to the Y2K bug. --------------------------------------------------------------------------- \1\ ``Doctors Fear Patients Will Suffer Ills of the Millennium Bug; Many Are Concerned That Y2K Problem Could Erroneously Mix Medical Data--Botching Prescriptions and Test Results,'' Los Angeles Times, Jan. 5, 1999, p. A5. --------------------------------------------------------------------------- Current Level of Preparedness Assessing the status of the year 2000 problem has been difficult not only because the inventory of the information systems and equipment that will be affected is far from complete, but also because the consequences of noncompliance for each system remain unclear. Additionally, the health care industry is extremely fragmented and consistently requires complex information transactions.<SUP>2</SUP> Nevertheless, if the studies are correct, malfunctions in noncompliant systems will occur and equipment failures can surely be anticipated. --------------------------------------------------------------------------- \2\ Violino, B., ``Health Care Not Y2K-Ready--Survey Says Companies Underestimate Need for Planning; Big Players Join Forces,'' Information Week, January 11, 1999. --------------------------------------------------------------------------- After conducting a series of 10 congressional hearings, the Senate Special Committee on the Year 2000 Problem (the ``Special Committee'') recently reported that the healthcare industry continues to lag behind other industries in addressing the Y2K problem.<SUP>3</SUP> According to its findings, the vast majority of physicians have yet to address the Y2K issue. The report attributed some of the industry's most significant problems to its highly decentralized health claims processing system, the anticipated domino effect, the lack of adequate parallel testing, the dearth of contingency plans, and the ongoing lack of cooperation from biomedical device manufacturers.<SUP>4</SUP> --------------------------------------------------------------------------- \3\ ``Investigating the Impact of the Year 2000 Problem,'' U.S. Senate Special Committee on the Year 2000 Technology Problem, February 25, 1999, p. 45. \4\ Id. at 45-48. --------------------------------------------------------------------------- The Special Committee's findings appear to reaffirm previous studies by various research and advisory groups. The Odin Group, a health care information technology research and advisory group, for instance, found from a survey of 250 health care managers that many health care companies by the second half of last year still had not developed Y2K contingency plans.<SUP>5</SUP> The GartnerGroup has similarly concluded, based on its surveys and studies, that the year 2000 problem's ``effect on health care will be particularly traumatic . . . [l]ives and health will be at increased risk. Medical devices may cease to function.'' <SUP>6</SUP> In its report, it noted that most hospitals have a few thousand medical devices with microcontroller chips, and larger hospital networks and integrated delivery systems have tens of thousands of devices. --------------------------------------------------------------------------- \5\ ``Health Care Not Y2K-Ready--Survey Says Companies Underestimate Need For Planning; Big Players Join Forces,'' InformationWeek, January 11, 1999. \6\ GartnerGroup, Kenneth A. Kleinberg, ``Healthcare Worldwide Year 2000 Status,'' July 1998 Conference Presentation, p. 2 (hereinafter, GartnerGroup). --------------------------------------------------------------------------- Based on early testing, the GartnerGroup also found that although only 0.5-2.5 percent of medical devices have a year 2000 problem, approximately 5 percent of health care organizations will not locate all the noncompliant devices in time.<SUP>7</SUP> It determined further that most of these organizations do not have the resources or the expertise to test these devices properly and will have to rely on the device manufacturers for assistance.<SUP>8</SUP> --------------------------------------------------------------------------- \7\ Id. at p. 8. \8\ Id. --------------------------------------------------------------------------- Despite the rather bleak outlook, other surveys offer some favorable information. Rx2000 Solutions Institute, a non-profit organization established to address Y2K issues in the health care industry, reports that recent data show that while Y2K progress among health care providers is lagging behind other industries, an increasing number of providers are beginning to address the issue. Rx2000 reports further that greater numbers of physicians and other health care providers have documented Y2K plans; currently, 76% of health care providers have plans for addressing the Y2K problem. Moreover, increasing numbers of physicians and other health care providers have set aside funds for Y2K remediation efforts and have begun exploring the Y2K status of their business partners. Results from the AMA's March 1999 survey, while inconclusive due to the relatively low response rate, nevertheless appear to confirm Rx2000's findings. Approximately three-quarters (76%) of the physicians who responded have conducted an inventory of their practices to determine whether they are Y2K dependent, and 71% of the respondents have developed a strategy for dealing with potential Y2K information systems problems. Very important, of the physicians who reported that their practices were not currently Y2K ready (53%), almost all--94%-- indicated that their practices will be Y2K compliant by December 31, 1999. With less than 250 days left, the medical industry continues to diligently prepare for the new millennium. While the Special Committee reported that the health care industry significantly lags behind most other industries, it also emphasized that Americans, and patients in particular, have no reason to panic. In response to reports that many Americans are preparing for the worst, Senator Dodd stated ``We''re discouraging people from going out and stockpiling.'' After the hearings, Senator Bennett, the Committee's Chairman, stated that ``I don't believe the health care industry's lack of preparedness will necessarily mean loss of life, but it could seriously impact care for millions.'' A Collaborative Effort Patient Care--Assessing the current level of risk attributable specifically to the year 2000 problem within the patient care setting remains problematic. We do know, however, that the risk is real and present. If certain imbedded microchips, for instance, were to malfunction due to a Y2K problem, monitors relying on those microchips could fail to sound alarms when patients' hearts stopped beating. Similarly, respirators could deliver ``unscheduled breaths'' to respirator-dependent patients. Digital displays could incorrectly attribute the names of some patients to medical data from other patients. These scenarios are not hypothetical or based on conjecture. Software problems have caused each one of these medical devices to malfunction with potentially fatal consequences.<SUP>9</SUP> --------------------------------------------------------------------------- \9\ Anthes, Gary H., ``Killer Apps; People are Being Killed and Injured by Software and Embedded Systems,'' Computerworld, July 7, 1997. --------------------------------------------------------------------------- The risk to patient safety is real. Since 1986, the FDA has received more than 450 reports identifying software defects--not related to the year 2000--in medical devices. Consider one instance-- when software error caused a radiation machine to deliver excessive doses to six cancer patients; for three of them the software error was fatal.<SUP>10</SUP> We can anticipate that, left unresolved, medical device software malfunctions due to the millennium bug would be prevalent and could be serious. --------------------------------------------------------------------------- \10\ Id. --------------------------------------------------------------------------- The AMA continues to strongly recommend that medical device manufacturers immediately disclose to the public whether their products are Y2K compliant. Physicians and other health care providers do not have the expertise or resources to determine reliably whether the medical equipment they possess will function properly in the year 2000. Only the manufacturers have the necessary in-depth knowledge of the devices they have sold. Nevertheless, medical device manufacturers have not always been willing to assist end-users in determining whether their products are year 2000 compliant. Last year, the Acting Commissioner of the FDA, Dr. Michael A. Friedman, testified before the U.S. Senate Special Committee on the Year 2000 Problem that the FDA estimated that only approximately 500 of the 2,700 manufacturers of potentially problematic equipment had even responded to inquiries for information. Even when vendors did respond, their responses frequently were not helpful. The Department of Veterans Affairs reported last year that of more than 1,600 medical device manufacturers it had previously contacted, 233 manufacturers did not even reply and another 187 vendors said they were not responsible for alterations because they had merged, were purchased by another company, or were no longer in business. One hundred two companies reported a total of 673 models that were not compliant but should be repaired or updated this year.<SUP>11</SUP> --------------------------------------------------------------------------- \11\ Morrissey, John, and Weissenstein, Eric, ``What's Bugging Providers,'' Modern Healthcare, July 13, 1998, p. 14. See also, July 23, 1998 Hearing Statement of Dr. Kenneth W. Kizer, Undersecretary for Health Department of Veterans Affairs, before the U.S. Senate Special Committee on the Year 2000 Technology Problem. --------------------------------------------------------------------------- After a series of U.S. Senate hearings, the Special Committee reported that ``[e]very major medical organization testified that they were experiencing significant problems with biomedical device manufacturers. In many cases, manufacturers were unable or unwilling to comment on their product's ability to function after the millennium change.'' Moreover, it stated that only after informing device manufacturers that the Congress would enact legislation requiring mandatory disclosure if the manufacturers did not voluntarily disclosing compliance information, did the manufacturers begin providing compliance data to the Food and Drug Administration (FDA). We continue to urge Congress to assist physicians and other health care providers in obtaining necessary compliance information for medical devices. Administrative Many physicians and medical centers are also increasingly relying on information systems for conducting medical transactions, such as communicating referrals and electronically transmitting prescriptions, as well as maintaining medical records. Many physician and medical center networks have even begun creating large clinical data repositories and master person indices to maintain, consolidate and manipulate clinical information, to increase efficiency and ultimately to improve patient care. If these information systems malfunction, critical data may be lost, or worse--unintentionally and incorrectly modified. Even an inability to access critical data when needed can seriously jeopardize patient safety. Other administrative aspects of the Y2K problem involve Medicare coding and billing transactions. In January 1999, HCFA instructed both carriers and fiscal intermediaries to inform health care providers, including physicians, and suppliers that claims received on or after April 5, 1999, which were not Y2K compliant would be rejected and returned as unprocessable. We have heard virtually nothing about HCFA encountering any significant problems with ``unprocessable'' claims due to Y2K noncompliance. We understand why HCFA has issued this ultimatum. We genuinely hope, however, that HCFA, to the extent possible, will assist physicians and other health care professionals who have been unable to achieve full Y2K compliance. Physicians are genuinely trying to comply with HCFA's Y2K directives. In fact, HCFA has already represented that 98% of the electronic bills being submitted by physicians and other Medicare Part B providers already meet HCFA's Y2K filing criteria. The AMA was pleased to hear recently that more 90% of the Department of Health and Human Services (HHS) critical systems are currently Y2K compliant. We note though that in late February 1999, a representative of the U.S. General Accounting Office (GAO) testified that the GAO had found that HCFA had considerably overstated its present level of Y2K compliance. In fact, ``all 54 external systems that were reported as compliant had important associated qualifications (exceptions), so of them very significant. Such qualifications included a major standard system that failed to recognize `00' as a valid years, as well as 2000 as a leap years; it also included systems that were not fully future-date tested.'' <SUP>12</SUP> The GAO further cautioned that HCFA needs to ensure that Y2K-related errors are not introduced into the Medicare program through data exchanges. According to the GAO, HCFA had reported as of February 10, 1999, that over 6,000 of its 7,968 internal data exchanges were still not compliant, and more than 37,000 of its nearly 255,000 external data exchanges were not compliant.<SUP>13</SUP> The GAO strongly recommended that HCFA perform detailed end-to-end testing, and test its agency-wide business continuity and contingency plans. The public consequently remains concerned that the federal government may not achieve full Y2K compliance before critical deadlines. --------------------------------------------------------------------------- \12\ February 26, 1999, Written Testimony of Joel C. Willemssen, Director, Civil Agencies Information Systems Accounting And Information Management Division U.S. General Accounting Office, The House Government Reform And Oversight Committee Government Management, Information And Technology Subcommittee, Year 2000 Computing Crisis: Readiness Status of The Department of Health And Human Services. \13\ Id. --------------------------------------------------------------------------- We believe that HCFA should lead by example, while fully cooperating with physicians and other health care provides in parallel and end-to-end testing that will ensure that the entire claims submission process will be fully functional before January 2000. Such testing would also allow for further systems refinements, if necessary. We understand and concur with HCFA, when it states that it does ``not have the authority, ability, or resources to step in and fix systems for others, such as States or providers.'' <SUP>14</SUP> The AMA believes though that the Y2K problem demands collaboration among and the full cooperation of all parties involved, including HCFA. --------------------------------------------------------------------------- \14\ February 24, 1999, Written Testimony of Nancy Ann Min DeParle, Administrator of the Health Care Finance Administration, The House Ways And Means Committee, Year 2000 Conversion Efforts And Implications For Beneficiaries And Taxpayers. --------------------------------------------------------------------------- Reimbursement and Implementation of BBA To remedy its own problems, HCFA has stated that it will concentrate on fixing its internal computers and systems. As a result, it has decided not to implement some changes required under the Balanced Budget Act (BBA) of 1997, and it plans to postpone physicians' payment updates from January 1, 2000, to about April 1, 2000. HCFA has indicated to the AMA that the delay in making the payment updates is not being done to save money for the Medicare Trust Funds. In addition, the agency has said that the eventual payment updates will be conducted in such a way as to fairly reimburse physicians for the payment update they should have received. In other words, the updates will be adjusted so that total expenditures in the year 2000 on physician services are no different than if the updates had occurred on January 1. We are pleased that HCFA has indicated a willingness to work with us on this issue. But we have grave concerns about the agency's ability to devise a solution that is equitable and acceptable to all physicians. Also, as it turns out, the year 2000 is a critical year for physicians because several important BBA changes are scheduled to be made in the resource-based relative value scale (RBRVS) that Medicare uses to determine physician payments. This relative value scale is comprised of three components: work, practice expense, and malpractice expense. Two of the three--practice expense and malpractice--are due to undergo Congressionally-mandated modifications in the year 2000. In general, the practice expense changes will have different effects on the various specialties. Malpractice changes, to some modest degree, would offset the practice expense redistributions. To now delay one or both of these changes will have different consequences for different medical specialties and could put HCFA at the eye of a storm that might have been avoided with proper preparation. To make matters worse, we are also concerned that delays in Medicare's reimbursement updates could have consequences far beyond the Medicare program. Many private insurers and state Medicaid agencies base their fee-for-service payment systems on Medicare's RBRVS. Delays in reimbursement updates caused by HCFA may very well lead other non- Federal payers to follow Medicare's lead, resulting in a much broader than expected impact on physicians. AMA's Efforts--A Chronology AMA policy directs the AMA to study the Y2K problem and its possible adverse effects on patient care and physicians, and to educate and assist physicians in becoming Y2K compliant. Diligently pursuing its policy, the AMA has devoted considerable resources to assist physicians and other health care providers in learning about and correcting this problem. As a precursor to its Y2K remediation efforts, the AMA in early 1996 began forming the National Patient Safety Foundation or ``NPSF.'' Our goal was to build a proactive initiative to prevent avoidable injuries to patients in the health care system. In developing the NPSF, the AMA realized that physicians, acting alone, cannot always assure complete patient safety. In fact, the entire community of providers is accountable to our patients, and we all have a responsibility to work together to fashion a systems approach to identifying and managing risk. It was this realization that prompted the AMA to launch the NPSF as a separate organization, which in turn partnered with other health care organizations, health care leaders, research experts and consumer groups from throughout the health care sector. One of these partnerships is the National Patient Safety Partnership (NPSP), which is a voluntary public-private partnership dedicated to reducing preventable adverse medical events and convened by the Department of Veterans Affairs. Other NPSP members include the American Hospital Association, the Joint Commission on Accreditation of Healthcare Organizations, the American Nurses Association, the Association of American Medical Colleges, the Institute for Healthcare Improvement, and the National Patient Safety Foundation at the AMA. The NPSP has made a concerted effort to increase awareness of the year 2000 hazards that patients relying on certain medical devices could face at the turn of the century. For more than a year, the AMA has also been educating physicians and medical students through two of its publications, AMNews and the Journal of the American Medical Association (JAMA). AMNews, which is a national news magazine widely distributed to physicians and medical students, has regularly featured articles over the last fourteen months discussing the Y2K problem, patient safety concerns, reimbursement issues, Y2K legislation, and other related concerns. Some of these articles will focus on the top ten Y2K issues for physicians. Beginning this month, the AMA will also be placing ads in AMNews in a further effort to bring physicians' attention to the Y2K issue. The AMA, through these publications, has been raising the level of consciousness among physicians of the potential risks associated with the year 2000 for their practices and patients, and identifying avenues for resolving some of the anticipated problems. The AMA has also developed a national campaign entitled ``Moving Medicine Into the New Millennium: Meeting the Year 2000 Challenge,'' which incorporates a variety of educational seminars, assessment surveys, promotional information, and ongoing communication activities designed to help physicians understand and address the numerous complex issues related to the Y2K problem. In June 1998, the AMA launched this campaign by assembling State, County and Medical Specialty executives from around the country for an informational seminar, presenting an overview of the Y2K problem and its potential impact on the medical profession. In August 1998, AMA staff met with attendees of the American Association of Medical Society Executive (AAMSE) annual meeting to discuss, answer questions regarding, and in general raise the level of physician awareness of the year 2000 problem. During this meeting, the AMA also sought ways to work collaboratively with AAMSE to further education physicians and effectively address the Y2K problem. As a follow-up to this meeting, the AMA held a ``Federation Seminar'' in Michigan, where AMA staff met with the executives of the State and County medical societies (the ``Federation'') to coordinate efforts to assist physicians in identifying and resolving Y2K practice problem areas. The AMA actively participated in another Federation Seminar at the Minnesota Medical Society's Annual Meeting in October 1998. Another seminar series the AMA is sponsoring is the ``Advanced Regional Response Seminars'' program. We have been holding these seminars in various regions of the country and providing specific, case-study information along with practical recommendations for the participants. The seminars provide tips and recommendations for dealing with vendors and explain various methods for obtaining beneficial re- source information. Seminar participants receive a Y2K solutions manual, entitled The Year 2000 Problem: Guidelines for Protecting Your Patients and Practice. This seventy-five page manual, which we have made available to hundreds of thousands of physicians across the country, offers a host of different solutions to Y2K problems that physicians will likely face. It raises physicians' awareness of the problem, year 2000 operational implications for physicians' practices, and identifies numerous resources to address the issue. In addition to these seminars, an AMA subsidiary, AMA Solutions, Inc., has been enlisting the cooperation of physician group practices, hospitals and Federation members across the country to host Y2K presentations. We have already scheduled seminars on May 18 with the Indiana State Medical Association, on May 25 in Barberton, Ohio, and tentatively on May 26 with the Pennsylvania Medical Society. We will use The Year 2000 manual as the text for the classes. The AMA last year opened a web site (URL: www.ama-assn.org/not-mo/ y2k/index.htm) to provide the physician community additional assistance to better address the Y2K problem. The site serves as a central communications clearinghouse, providing up-to-date information about the millennium bug, as well as a special interactive section that permits physicians to post questions and recommended solutions for their specific Y2K problems. Last month we also included on this site an equipment inventory checklist for physicians to use to help assess their level of compliance. Additionally, the site includes a Tip of the Week that systematically provides practical compliance tips, as well as information about Y2K testing, up-to-date seminar information, toll- free Y2K help lines and more. To facilitate access to other Y2K information, the site also incorporates links to other sites that provide helpful resource information. The AMA is currently conducting a series of surveys to measure the medical profession's state of readiness, assess where problems exist, and identify what resources would best reduce any risk. The AMA already has already conducted its first survey, and intends to use the information we have obtained to identify which segments of the medical profession are most in need of assistance. Through additional timely surveys, we will appropriately tailor our efforts to the specific needs of physicians and their patients. The information will also allow us to more effectively assist our constituent organizations in responding to the precise needs of other physicians across the country. During its 1999 Annual Meeting, the AMA will be featuring a Y2K exhibit, to draw physicians' attention to the AMA website and the AMA Year 2000 manual. We will also be offering suggestions on how they can assess their readiness, answering their questions, and encouraging them to develop detailed contingency plans. We intend to set up this exhibit also at the Medical Group Management Association regional meetings in June and July. In an effort to offer leadership to the Federation, the AMA has been communicating with State, County and Specialty medical societies across the country, explaining the Y2K problem and urging them to alert physicians. We have offered our assistance to these societies and requested that they inform us of their efforts to assist physicians in becoming Y2K compliant. To ensure that the AMA itself is Y2K compliant, in 1996 we began reviewing our own computer systems and identifying areas on which to focus our compliance efforts. We established a timeline and have been consistently meeting our goals. In 1998, we established an Internal Steering Committee, composed of a diverse group of individuals from the entire organization. The committee seeks to ensure that all technology used by the Association is Y2K compliant. It also periodically reports to the Board of Trustees on the status of the AMA's Y2K compliance, so the Board may fulfill its fiduciary duties. The Challenge We suggest that both the public and private sectors encourage and facilitate health care practitioners in becoming more familiar with year 2000 issues and taking action to mitigate their risks. Greater efforts must be made in educating physicians, other health care providers and health care consumers about the issues concerning the year 2000, and how they can develop Y2K remediation plans, properly test their systems and devices, and accurately assess their exposure. We recognize and applaud the efforts of this Committee, the Congress, and the Administration in all of your efforts to draw attention to the Y2K problem and the medical community's concerns. We also recommend that communities and institutions learn from other communities and institutions that have successfully and at least partially solved the problem. Federal, state and local agencies as well as accrediting bodies that routinely address public health issues and disaster preparedness are likely leaders in this area. At the physician level, this means that public health physicians, including those in the military, organized medical staff, and medical directors, will need to be actively involved for a number of reasons. State medical societies can help take a leadership role in coordinating such assessments. We also must stress that medical device and software manufacturers need to publicly disclose year 2000 compliance information regarding products that are currently in use. Any delay in communicating this information may further jeopardize practitioners' efforts at ensuring compliance. A strategy needs to be developed to more effectively motivate all manufacturers to promptly provide compliance status reports. Additionally, all compliance information should be accurate, complete, sufficiently detailed and readily understandable to physicians. We suggest that the Congress and the federal government continue to enlist the active participation of the FDA or other government agencies in mandating appropriate reporting procedures for vendors. We applaud the Department of Veteran Affairs, the FDA, and others who maintain Y2K web sites on medical devices and offer other resources, which have already helped physicians to make initial assessments about their own equipment. We also have to build redundancies and contingencies into the remediation efforts as part of the risk management process. Much attention has been focused on the vulnerability of medical devices to the Y2K bug, but the problem does not end there. Patient injuries can be caused as well by a hospital elevator that stops functioning properly. Or the failure of a heating/ventilation/air conditioning system. Or a power outage. The full panoply of systems that may break down as our perception of the scope of risk expands may not be as easily delineated as the potential problems with medical devices. Building in back-up systems as a fail-safe for these unknown or more diffuse risks is, therefore, absolutely crucial. To the extent that physicians--particularly those in small practices, and other health care providers, do not have the required capital to remedy their Y2K problems, we welcome the Small Business Administration's (SBA) efforts to ensure that loans are made available on a restricted basis for businesses to correct Y2K problems. We understand that local lenders will begin offering the loans on May 3, with the SBA guaranteeing up to 90% of the loan amounts. We have been informed that these loans can be processed within two weeks and the rates are up to 2.75% above prime. Undoubtedly, this program will benefit many physicians and other health care providers, assisting them in becoming Y2K compliant. We welcome this initiative and appreciate Congress's initiative in creating the loan guarantee program. As a final point, we need to determine a strategy to notify patients in a responsible and professional way. If it is determined that certain medical devices may have a problem about which patients need to be notified, this needs to be anticipated and planned. Conversely, to the extent we can reassure patients that devices are compliant, this should be done. Registries for implantable devices or diagnosis- or procedure-coding databases may exist, for example, which could help identify patients who have received certain kinds of technologies that need to be upgraded and/or replaced or that are compliant. This information should be utilized as much as possible to help physicians identify patients and communicate with them. As we approach the year 2000 and determine those segments of the medical industry which we are confident will weather the Y2K problem well, we will all need to reassure the public. We need to recognize that a significant remaining concern is the possibility that the public will overreact to potential Y2K-related problems. The pharmaceutical industry, for instance, is already anticipating extensive stockpiling of medications by individuals and health care facilities. In addition to continuing the remediation efforts, part of our challenge remains to reassure patients that medical treatment can be effectively and safely provided through the transition into the next millennium. Conclusion We appreciate the Committee's interest in addressing the problems posed by the year 2000, and particularly, those problems that relate to physicians. Because of the broad scope of the millennium problem and physicians' reliance on information technology, we realize that the medical community has significant exposure. The Y2K problem will affect patient care, practice administration, and Medicare/Medicaid reimbursement. The AMA, along with the Congress and other organizations, seeks to better educate the health care community about Y2K issues, and assist health care practitioners in remedying, or at least reducing the impact of, the problem. The public and private sectors must cooperate in these endeavors, while encouraging the dissemination of Y2K information. Mr. Upton. Well, thank you, all of you. And as you were here for the first panel, I think you saw us reach into--from beyond the billing with HCFA really to the care and the life- and-death issues of the patients. And I have a number of questions myself. Dr. Corlin, you talked about all of the steps that the AMA has done particularly in sending the surveys out and looking for compliance and making docs aware of the situation. Too bad our three docs on the subcommittee--we have a bill on the House floor, so I think Dr. Coburn, Dr. Ganske and Dr. Norwood may have gone over to speak on the House floor on an important issue to a lot of us, particularly in rural areas, a satellite TV issue. And I hope we get there a little bit later this afternoon as well. But in any event, you heard Dr. Coburn talk about the costs to his five-member operation in Oklahoma. And I am going to be meeting with my docs in Michigan in about 2 weeks, and I'm going to be asking them how they are complying with Y2K. I guess what is disturbing to me, despite all of the good work by the AMA to reach out and to alert folks, in terms of some of the problems, and obviously we've seen a big educational issue over the last few years, that still you only received, I think in the testimony some of the information that came before me, only about a 6 percent response. Mr. Corlin. Eight percent. Mr. Upton. Eight percent. All right. I will give you 10 if you need it. But you know it's still pretty pathetic. Mr. Corlin. Yes, it is. Mr. Upton. And you talk about, you know, of the studies of those that responded, it seemed to be pretty good. But, you know, 90 percent, better than that, didn't even take the time to respond. Mr. Corlin. I share your concern, Mr. Upton, very much. So I think part of the reason is that physicians and physicians' offices get inundated with so many requests for certification and surveys and other information, that it just got lost--gets lost in the shuffle. That is an explanation. An explanation is different from an excuse. One of the things we're going to do is repeat the survey. And I think with the additional---- Mr. Upton. You need someone else to write it, you know. Mr. Corlin. I think with the additional educational efforts that have gone on in the past 90 days--and also I can tell you coming up at the June annual meeting of the House of Delegates, since I run that meeting, we are going to have a very strong presentation to the delegates who are there and use them as a network to get out to the other physicians. There are a few things I think we need to talk about though. First of all, the issue of are patients going to be directly damaged and put in harm's way by what's going on, or is this going to be a problem for the physician; and reimbursement, which, while it's a problem, it certainly is a problem of the lower order of magnitude. Many of the medical devices that are crucial for patient care, monitors, respirators and so on, can be checked now relatively easily. They have time clocks on them that are not integral to the operation of the machine, but are simply time marks. Many of those can be wound ahead to December 31, 1999, and run for 48 hours and see what happens. Many of those will be compliant. Probably the majority of those will continue to operate normally only printing out on the bottom of the strip, perhaps, the wrong date. That, while it may be a problem, it is not serious. We need to verify it is nothing more than that. Part of the difficulty we have is that some of the software manufacturers, Microsoft among them, have refused to certify their software as Y2K-compliant, and certainly when it comes to obtaining those operating bills, no physician office has that information. Nathan Myhrvold, who is the chief technician at Microsoft, who has been referred to by many as the brightest person in the world on this issue, has made the comment in the end analysis nobody can really know for sure, we just have to wait and see. That's not terribly reassuring to me with regard to that. With regard to the issue of billing systems, I take the greatest assurance from some of Nancy-Ann Min DeParle testimony, who said that 99.98 percent of the electronic claims currently being submitted are submitted in a Y2K-compliant manner; 80 percent of the claims are currently coming in electronically. So while that's not the be-all and end-all of our system, it means there is a far greater degree of either preparation or simply older systems being more compliant than we realized that exists in physicians' offices. Mr. Upton. Thank you. Mr. Klink. Mr. Klink. Also, Dr. Corlin, in quoting Nancy-Ann Min DeParle, while it was being provided to HCFA in an 8-digit billing format, she was unable to tell me how the information was gathered, and what kind of sources were behind it and what the error rate was or project what the error rate would be. So we really don't know where we're going. Mr. Corlin. We do not know where we're going with those that are not compliant. But if her testimony, as I heard it, was that 99.98 percent of the electronic claims currently coming in are Y2K compliant---- Mr. Klink. That's not what she--at least--I want to go back and revisit her testimony, because when I pushed her on the issue, I said it's coming in--she said it's coming in the 8- digit billing format. And I said, okay, what about the systems that are behind that billing format pulling the information together, how accurate is that information? And my recollection was--and we will check the record--that she wasn't sure about that, nor of the error rate. So let's get beyond that, because we will have to check and see whether your recollection is right or mine. I still want to get back to the survey, Dr. Corlin. You sent out 7,000 surveys to your 300,000 members on Y2K. And I have the survey in front of me. It's rather simple, it's only two pages long, relatively simple, check the box. Why do you think you only got a 6 percent or an 8 percent or 10 percent, if the chairman will give you the 10 percent, of the sampled members responding to the survey? Mr. Corlin. I thank the chairman, but it is only 8. I think I like the extra 2 also, but it's only 8. As I said, Mr. Klink, I think the reason is there is a massive overabundance of surveying and certification and work that goes to physicians' offices, and, unfortunately, things that do not require responses often don't get them. I can tell you, as an example from my particular office, I have a six-person gastroenterology group. We get, let's see, 26 times 6 is 156--we get 156 recertification requests just from managed care organizations in our office every year. We are totally swamped by that requirement to do so. Mr. Klink. Let me ask you a question. How many--because my time is going to run out here. How many of these surveys do they get that come from the AMA? Do you send them a lot? And certainly if they get a survey from the AMA, I would guess that they would take it seriously. Or my question is, is there not a sense of urgency by the doctors that belong to the AMA that this Y2K is a problem? Mr. Corlin. There is a sense of concern. I wouldn't know about--I can't say that there's a sense of urgency. We are going to repeat the survey. And earlier today, just prior to this hearing, we spoke with some of the representatives of HCFA about a way of perhaps jointly having HCFA and the AMA do the surveys to gather information over both signatures. Mr. Klink. So you think a survey instrument is the best way you can go about gathering the information? Mr. Corlin. I don't want to say that it's necessarily the best. I think the survey instrument is a good instrument, and particularly if we get a large enough sample with a large number return, it will be statistically significant. The suggestion we made or that HCFA considered doing a joint survey with us and that the survey be physically attached to reimbursement check and directed principally to the person who received the check to gather the information, rather than the physician in the practice, because, quite frankly, that person in the billing office may be more knowledgeable about the information than the physician is, even if his or her own office. Mr. Klink. As time is moving on, you're going to be given-- I mean, year 2000 is quickly approaching, 8 months and counting, and during that time, you still have to be concerned about what--how your doctors are going to deal with this. And you indicate that about 41 percent of your members have contingency plans in place if the systems should fail. Can you tell me the nature of those plans that are in place? Mr. Corlin. I can tell you what is not in place, which is only a part answer, but this relates back to a question that was asked earlier. We were not absolutely under any circumstances advocating that physicians as a contingency revert back to paper claims submission. That is a major regression. It is a potential escape that we don't think is appropriate, and we are intensifying our efforts, both directly and indirectly, with physicians to increase those percentages to get them compliant well before December 31 so that they can continue to submit their claims electronically. Mr. Klink. Dr. Corlin, let me get back to my question. If you're not going back to your paper, which was your answer, and you are not Y2K-compliant to bill by computer, what are we going to do? Mr. Corlin. We were attempting to educate the physicians both directly and networking with others, including the Patient Safety Foundation, which I indicated earlier we're having a meeting in 2 days in Los Angeles about that. We spoke earlier, as I indicated, to try to do something cooperatively with HCFA. We believe this is a problem that has got to be dealt with by educating physicians to get compliant in a timely manner. There's a massive incentive on the physician's part to become compliant; i.e., 50 percent of their money coming into their office depends on it. We think our educational efforts, combined with the incentive that's in place, will help to a very high degree. Will it be 100 percent? Of course not. No system that anybody could ever envision will be 100 percent effective. But we think it will be close enough by the end of the year that we can be comfortable saying we've done the best job that we can. Mr. Klink. Well, the best job we can sometimes can be a failing grade. Let me ask you, are there going to be any physical audits, where someone--beyond the survey instrument, is there going to be any survey audits? If so, how many? How will you determine how many you're going to have to do? Mr. Corlin. Mr. Klink, the AMA does not have the legal authority to go into any physician's office and do a physical audit. Mr. Klink. HCFA does; do they not? Mr. Corlin. That's up to HCFA. Mr. Klink. You said you're going to work with HCFA. That's why I'm wondering. Mr. Corlin. We're going to work with HCFA. Mr. Klink. It's like pulling teeth now. In your work with HCFA, are there any plans, Dr. Corlin, for there to be any actual physical audits, or are we going to just do the best we can by the end of the year and accept it at the end of the year, we've done as good as we can and que sera sera? That's the question I would like you to answer. Mr. Corlin. Mr. Klink, I am not in the dentist's chair, nor am I demanding you to pull teeth. I am trying to be open and responsive as I can. We will work with HCFA. We have made some suggestions to them. Whatever HCFA comes back to us with further suggestions, we are more than willing to sit down and work with them. I can't tell you now that I will agree to a suggestion that I don't know what it is. I can tell you that the AMA shares your concern with the seriousness of this problem, and we will work with HCFA or any other responsible body as vigorously as we can with any methods that we believe will be appropriate to get this problem solved. Mr. Klink. Mr. Chairman, here's--and I understand that the red light is on. Here's the problem that I have. We are going to be hearing from a lot of doctors, both those that are members of the AMA and those that are not; providers, may belong to the AHA, may not; may belong to other organizations and may not, and here we are 8 months ahead of time. And if we do not know and cannot get from these--the people who represent them exactly where we're going to verify this information, it puts us in a horrible position. And sure enough, if HCFA is, come at the beginning of next year, not making the reimbursements to these providers in a timely fashion because they're not Y2K-compliant and the billing is not work- ing, and we don't know--and I will tell you, Dr. Corlin, still from my questioning of you, and I didn't even get the other two witnesses, I still don't know what you're going to do for those people that aren't compliant. You said you're not going to paper, you're going to go to education. But I still--I don't know. And so when the providers, whether they're doctors or whether they're hospitals start screaming to their Congressmen at the beginning of the year, I don't know what I'm going to tell them. I don't know where in the world we can go on this. Mr. Corlin. Mr. Klink--may I respond, Mr. Chairman? Mr. Upton. Yes. Mr. Corlin. Mr. Klink, I would suggest if under those circumstances any medical provider complains to you after the first of the year that they're not being paid, I would offer to you that you might want to first ask them a few questions; did they read--if they're a physician, did they read AMNews, did they read the news that the AMA sent them, did they read the material that HCFA sent them, weren't they aware of the fact that the problem had to be corrected, and why didn't they take those steps within their own office to correct it? We can't hold a gun to people's heads and force them to become compliant with a system that, on the one hand their ethical responsibility, on the other hand their sense of personal desire to make some money out of their practice indicates they should want to do. Mr. Klink. My belief, Dr. Corlin, is if they didn't have the time to fill in this 2-page survey, they probably didn't have time to read all of those materials either. That's what they will tell me. Mr. Corlin. Well, sometimes the people have to live with the results of their own individual behaviors. Mr. Klink. You're a member, sir. Mr. Upton. Mr. Bilirakis. Mr. Bilirakis. Dr. Corlin, approximately how many of the medical doctors out there are members of the AMA? Mr. Corlin. Excuse me? Mr. Bilirakis. Approximately how many of the medical doctors out there are members of the AMA? Mr. Corlin. About 300,000, between physicians and medical students. Mr. Bilirakis. Percentage, I'm sorry, percent. Mr. Corlin. Mid-30's. Mr. Bilirakis. Mid-30's. Mr. Corlin. Yes. Mr. Bilirakis. So between 60 and 70 percent of the doctors are not members of the AMA? Mr. Corlin. That's correct. Mr. Bilirakis. All right. So all of your efforts, that booklet, which you have graciously also furnished to us, that goes out to your AMA members? Mr. Corlin. Well, it is made available on our Website to any physician. AMNews, which is our weekly tabloid-size periodical, goes to most--not every, but it goes to most physicians throughout the country, whether they're members or not. Mr. Bilirakis. I see. But there are plenty physicians out there, I guess, that would not have had any direct contact with the AMA through survey or through the booklet or anything of that nature regarding this particular subject? Mr. Corlin. That is possible. Mr. Bilirakis. That is possible. That's probable. Mr. Corlin. Yes. Mr. Bilirakis. Okay. Mr. Margolis, you've indicated that you have--you feel that the American Hospital Association doesn't see any problems as far as its hospitals are concerned regarding Y2K. I think you used the figures like 95 to 99 percent or something like that, right? Mr. Margolis. That's correct. They said they would be compliant by December 31. Mr. Bilirakis. Ms. Mackin, you indicated that there would be problems, and then you also expressed concerns that HCFA, of course, doesn't cover all of home health care, only the Medicare portion. Ms. Mackin. But in most cases, the billing systems are universal. So if we're in compliance for Medicare, we would be in compliance for the rest of the payers. Mr. Bilirakis. Yeah, Okay. And, Mr. Grob, I guess it was from the other panel, indicated that HCFA indirectly and HCFA during its work for Medicare is also helping on Medicare. And we're very pleased with that. Ms. Mackin. Yes. Mr. Bilirakis. But you expressed concerns that HCFA was not making--I'm not putting words in your mouth, but paraphrasing-- not making available to home health care agencies adequate information regarding Y2K? Ms. Mackin. Well, we made a lot of references to using Websites to download information, but there are significant number of agencies, particularly the very small and rural and remote areas, who don't have Website access because they haven't had the funds to invest, or they haven't felt the necessity to do that. So the kinds of information that those individuals have may be quite limited. Mr. Bilirakis. Are they all members of NAHC? Ms. Mackin. Some; some aren't. So, again, the accessibility of the information is limited. Mr. Bilirakis. Do you think there's some out there--forgive me for interrupting you. Do you think there's some of them out there, many of them out there, who are not aware of the potential of the Y2K problem? Ms. Mackin. I think that just about everyone is aware of the Y2K issue, but having the expertise or the wherewithal to know what to do about it may not be as pervasive. Many of these agencies are small agencies run by a nurse. They have essentially--you know, their staff consists of caregivers, but not too many of the support-type individuals, so they don't have access to that level. Mr. Bilirakis. Okay. Well, it's always pleasing to know that there are people like yourselves who are patient enough to wait your turn, but you sat there throughout the entire first panel, and so you heard me and you've heard others, Ms. DeGette and others, emphasize the--not belittling the billing area, but emphasize the DME, the durable medical equipment. Mr. Margolis and Dr. Corlin particularly, can you speak to that? Mr. Margolis. Medical equipment? Mr. Bilirakis. Yes, sir. Mr. Margolis. The medical equipment area in our hospital speaks very specifically--it comprises about 9,000 pieces of equipment from patient monitoring to defib devices, all of which contain computer microchips. Mr. Bilirakis. Would you say that it's an indication of most hospitals out there? Mr. Margolis. Yes, I think so. Mr. Bilirakis. Some more so. Mr. Margolis. A 400-bed hospital would probably have 8- to 10,000 devices. These devices are--we have a clinical engineering department among whose responsibility is to determine whether or not they're Y2K-compliant. We use resources both from the manufacturers, where they are--where they communicate with us through a letter of direct contact; resources that the AHA has put on line on the Web that we can check directly by model and serial number; and resources from the manufacturer's site. In many cases, there is confusion in this area in that manufacturers have not always been forthcoming or specific on specific series of devices or model numbers. And in some cases, they've used different internal chip component sets in the same model number over the years of production, so there's no way that one can rely 100 percent. So we've taken the approach of patient safety being that highest priority. And for devices which cannot be proven to be Y2K-compliant, we will staff accordingly so the patient is not dependent upon that device, nor is the nursing or the physician's staff dependent on the data collection of that device. By that I mean the device may have to be stopped and restarted at midnight, or the device may have to be taken out of service. Mr. Bilirakis. Would you do that; you say device start, stop, stop and restart it at midnight, would you--when would you emphasize the fact that that device is maybe not Y2K, you know, compliant, it hasn't met the Y2K situation? You are going to wait until December 31, or is there a time line before that? Mr. Margolis. No. As a matter of fact, in our inventorying process right now, we're identifying those devices by a way of a sticker. Someone mentioned that in an earlier panel, I believe. The sticker goes on as Y2K-inventoried when we actually recognize where that device is assigned and located. And after its determined, if it's determined, to be compliant, another sticker goes atop of that that says ``Y2K-compliant.'' So it will feel substantially comfortable in using that device. Now, for devices that are not compliant, another indication goes on as well as the fact that it's identified in the inventory of devices, and it will be either taken out of service, locked away in a closet in another unit, something like that, or if it is a critical device of which we have no others, it will be watched closely. There will be a nurse or a resident in attendance. In many cases, the device will simply stop, and it will have to be restocked. Mr. Bilirakis. Do you feel what you tell us in terms of the safeguards that you're taking at your hospital, it would be indicative of American Hospital Association hospitals around the country? Mr. Margolis. Yes, absolutely. Mr. Bilirakis. You're satisfied with that? Mr. Margolis. Those pieces of equipment are critical in the operation of a hospital, but not critical in the well-being of a patient so that it is a labor-reduction, productivity- improvement device. Mr. Bilirakis. But the scenario that you gave us, you feel confident will exist in all hospitals in the country? Mr. Margolis. Right. That is the recommendation of the American Hospital Association, so I feel that all hospitals will be following that template. Mr. Bilirakis. Dr. Corlin, very quickly, are you concerned with the durable medical equipment problem? Mr. Corlin. Yes, I am. I am concerned because of the comments that Mr. Margolis is making. And clearly the hospitals have far greater resources than physician's offices. We are educating our physician's offices; and we are trying to say, if there is a question, take advantage of the hospital's capability. A lot of the equipment can be brought over to the hospital and have it tested if you cannot get direct information from the manufacturers. We are also concerned that some equipment that prints out 4-digit year codes may be providing a false sense of security. The ``19'' may simply be a hard-embedded instruction to the printer and may not be a functional part of a real 4-digit computer year code. The final area of concern is the area of the offsite equipment, which impacts on direct medical equipment. Elevators, for example, if we have an outpatient surgery center on the fourth floor and I need a 911 call in a hurry and the elevator stops functioning properly, that patient is in real trouble if the paramedic is down on the first floor and cannot get up there. Telephone systems, not just the telephone company being available but many of the phone systems, now have a local computer system either in the office or in the basement of the building. Anyone that usually works through one of the new systems that people buy, they may have a chip in them. They have got to be checked. Backup generators, a whole variety of things that impact on something at the bedside that may not be directly at the bedside. These can have just as disastrous an effect if they are not watched properly. Mr. Bilirakis. Ms. Mackin. Ms. Mackin. The Visiting Nurse Service, affiliated with the University of Rochester Medical Center and Strahn Memorial Hospital, which is a 740-some odd bed acute care hospital, we have participated with them in their Y2K efforts as well; and a number of things that they are doing parallel what Mr. Margolis is saying as well. Mr. Bilirakis. You know, I asked the question about the concerns with HCFA not making available to your home health care agencies adequate information to help them? Ms. Mackin. I believe the national association has. Mr. Bilirakis. The gentleman behind you is nodding his head, yes. Thank you, Mr. Chairman. I appreciate your indulgence. Mr. Upton. Thank you, Mr. Bilirakis. Dr. Corlin, I have been in the Congress 12 years, and I have been on this House subcommittee for I think 7 years, and, consequently, I feel that I have a very good relationship with my health community in Michigan. I represent the Kalamazoo, St. Joe, Benton Harbor area and know the Michigan folks very well up in Lansing. And there are some major providers, and I speak to their groups fairly frequently. They come here, and I know them in a pretty good way, in lots of ways. There were some that went on our little bus trip 2 weeks ago to one of my major hospitals that really services my home county. And some of the AMA folks were there, some of the local physicians were there, and they made the point that they needed to make sure that this system worked because they would not be in business, knowing the delays already in place between getting reimbursement with Medicare--they haven't thought about Medicaid yet. But, at least with Medicare, they would not be in business if they were not compliant and if things did not work. And I know when I meet with a good number of them in the second week in May, my guess is that, based on your national statistics, probably not very many responded to the relatively simple questionnaire that you sent out, and I am going to razz them for you if you don't do it for yourself in 2 days. My guess is that, in the long run, they will be compliant because they know that they need that cash-flow for the folks that work in their operation and need to pay their bills. They have been squabbling for a long time about how long it takes to get reimbursed, and they can't take--even some of the long- time-established ones, they cannot take much longer of a delay in getting reimbursement from HCFA. Mr. Corlin. I agree with you a hundred percent. I think that any physician who expresses a concern about the issue now and acts in the most reasonably appropriate way in the broadest definition of that will be compliant because they will have had their operating system in their office adjusted. Whether it takes as much as Mr. Coburn said or not, I think they will comply. I think the only physicians--and I hope that this is a minuscule number who may not be compliant are those who simply ignore it or say it is not going to be a problem, and that is not a realistic attitude. We are doing everything that we can to see that as many physicians as possible realize that this is a real problem. It needs to be addressed, and the solution may be a costly one or it may be a minimal one, depending upon what you have in your office and how you operate now. I agree with you a hundred percent, and I do believe that every physician who spoke to you who said that they have their concerns and they are aware of the situation, they are going to be ready. Mr. Upton. Mr. Margolis, I was impressed with your testimony, and that is perhaps why AHA asked you to come testify before us. I have not been to New Mexico really before, and as you went through your checklist of things that you all did at the University Hospital, I sort of put it in context of Michigan, so I have sort of a sense of how big it is and certainly how important it is to the citizens of New Mexico. And I am just wondering, as you went through your checklist to get ready with the equipment and the stickers and phones and power and all of the different things, did you start from scratch on this? Were there AHA workshops that helped walk you through all of the different hurdles that you had to face? Mr. Margolis. We started about 15 months ago. It was prior to some of the AHA resources that are now available. We used not only AHA but resources within our community, the police, fire department and mayor's office, because the University of New Mexico Hospital, located in a geographically diverse State, much like your own, Mr. Chairman, is the only trauma 1 center in the State, and even in nearby regions in Colorado and Arizona. So we have a vast repertoire or documentation of emergency response and contingency plans. I think we are served by more than a dozen helicopter services so cases are flown in from far beyond the metropolitan geographical area. So we worked with those organizations to ensure that we had systems in place to respond to them, and that is what brought about our early contingency planning. But, as was pointed out earlier in the last panel, hospitals are accustomed to having contingency plans because one never can predict a train wreck or an equally disastrous accident in human terms. In Y2K you can predict the accident about to happen, but we don't know to what extent it is going to happen because there are a lot of elements of the system that need to be anticipated. We did a lot of the groundwork ourselves, but we borrowed heavily from other web sites. RX 2000 is a big one today. I would be glad to get you that list. With the electronic advantages of the Internet comes major advantages to any organization, particularly a hospital. You can share through your professional associations, the American Hospital Association and through other Internet resources what other pioneering organizations are doing, not saying that we are a pioneering organization, but we are trying to develop a standard, particularly with urban and rural size hospitals which is across all hospitals within the Hospital Association. That is, they are all looking at the same templates at this point in time. Mr. Upton. Did you have any help from the FDA or the device manufacturers in terms of outreach to you or were you the first called in? How did that relationship work? Mr. Margolis. I think we are outreaching to them. They have been a little hesitant in responding. The FDA commissioner 4 months ago was head of the Health Sciences Department, University of New Mexico, and so we have a little closer connection and understand many of the frustrations that the FDA is having because, again, they are looking for voluntary responses--substantially voluntary response from the device manufacturers, and many of them are smaller companies. Unfortunately, many are large companies with a reputation to protect, like GE or Siemens or other large, well-known companies. Mr. Upton. Stryker, my district. Well, I thank you. Mr. Chairman, do you have any other questions? Mr. Bilirakis. Mr. Chairman, thank you for that. I guess, Dr. Corlin and Ms. Mackin and Mr. Margolis, I have asked you if you are concerned with the computer equipment problem. If you were in our position and could do something, whatever it might be, regarding the potential real bad problems regarding medical equipment, what would you do, just very quickly? Don't take advantage of the chairman's indulgence here, but what would you do? Mr. Corlin. I would get general information and specific information. The general information I would want to get is, if a given piece of equipment fails because of Y2K, is it going to stop working or is it going to continue to work but on the strip it puts out have the wrong date on the bottom? If, for instance-- and I don't know which way it is going to go; I use this as an example--a cardiac monitor on a patient in an intensive care unit, if the time clock on the monitor--and I do not know how the time clock works. If it is an integral part of the functioning of the equipment and it fails, it may not act as a monitor and set off an alarm if the patient has an arrythmia. If the time clock is simply an event marker on the strip that gets printed out, it will continue to function properly and just print out that an arrythmia occurred on January 3, 1900, rather than January 3, 2000. The first thing I would find out is which is the category of failure that each piece of equipment would go into, and I would consider what are the most valuable ways and most effective ways that all of those pieces of equipment that had the type 1 failure, which is the serious failure, can be assured to be off line or changed to be brought into compliance by December 31. Mr. Bilirakis. So FDA would be able to give us all of this information? Mr. Corlin. What I would want to do under those circumstances is very, very quickly convene a panel, a meeting of FDA with real end users of the equipment so they can--the FDA can have the advantage of the real-world experience of the users and then develop the criteria having that input, yes. Mr. Bilirakis. Thank you. Anything to add, Ms. Mackin? Ms. Mackin. Mr. Willemssen's comments earlier were right on the money in terms of narrowing it down to the critical and the life support equipment and then making sure that they have been tested and all of the results are available to everyone. I think one thing we should keep in mind is that life support equipment is not just in the hospitals. There are patients at home who are on life support, and that is another venue where we need to---- Mr. Bilirakis. Right. That is probably of even more concern, because the hospitals seem to be on top of it. Ms. Mackin. Who is responsible for that patient's home environment? Is it the home health agency? Is it HCFA or the community? We need to address that. But after the critical equipment is identified, then we really need strong contingency planning so we know what to do because, as was said earlier, you can plan and plan but something will go awry, and we need to have the plans in place. It happens in our world now. When the sequential billing was implemented in the Florida shared system, it was a debacle. And if we are looking---- Mr. Bilirakis. You didn't have to bring that up. We know. It is not funny. I am sorry, I don't mean to be making light of it. Ms. Mackin. It is a fact of life. There will be problems. Mr. Bilirakis. Mr. Margolis? Mr. Margolis. I would just comment quickly, if a mechanism could be put in place that would require a timely response by the equipment manufacturers, rather than leaving the hospital or end user sort of in the dark or in some sort of in-between spot of not knowing for certain--because much of this equipment cannot be tested. We have tried that within our own hospital and some of the equipment fails and is then locked up and cannot be used again until it is returned to the manufacturer. And so we have concluded that it will not work after January 1, but we have lost the use of it for the next 8 months. Mr. Bilirakis. Thank you. Thank you very much, all three of you; and on behalf of myself and the health subcommittee particularly, we appreciate your being here. You have been very helpful, Mr. Chairman. Mr. Upton. I appreciate your testimony today, and it has been very helpful to us as we look at this very important issue. You have helped set the stage for a future hearing. We look forward to working with you in a meaningful way and certainly in the years ahead. Dr. Corlin, we welcome you to your new spot. I read with interest your remarks a week ago about Mr. Campbell's bill and appreciated reading that. You are excused. Thank you very much for being with us this afternoon. [Whereupon, at 3:42 p.m., the joint subcommittees were adjourned.] [Additional material submitted for the record follows:] Department of Health & Human Services Health Care Financing Administration June 28, 1999 The Honorable Michael Bilirakis, Chairman Commerce Subcommittee on Health and Environment 2125 Rayburn House Office Building Washington, D.C. 20515 Dear Chairman Bilirakis: Thank you for inviting me to testify at the April 27, 1999, joint subcommittee hearing on Year 2000 (Y2K) provider readiness. I appreciated the opportunity to update you on the progress we at the Health Care Financing Administration (HCFA) have made to ready our own systems for the millennium and our ongoing efforts to educate our health care partners on their obligations to become Y2K-ready. I also appreciate your efforts, through the hearing and other means, to urge health care providers to meet their Y2K obligations. I know you share our concern, which is to ensure that our more than 70 million Medicare, Medicaid, and Children's Health Insurance Program beneficiaries continue to receive the health care services they need in the new millennium. I am writing to update you, for the record, on our progress and to amplify some of the points I addressed at the hearing. I have also enclosed an edited transcript of the hearing and answers for the record to questions submitted to us by Congressman Buff. As you are aware, all of our internal systems and all of our contractors' claims processing systems have been renovated, tested, certified, and implemented. Because of the complexity of the Medicare program and the numerous small changes that need to be made to systems between now and this Fall, we will continue to check and retest our systems and will be recertifying as to their readiness this Autumn. We are listening to the suggestions of our Independent Verification and Validation (IV&V) expert and the General Accounting Office (GAO) to make our further testing efforts even more robust. I am pleased about our progress, confident in the readiness of our systems, and committed to do whatever it takes to make sure our systems are able to process and pay accurate and timely claims at the turn of the millennium. When I testified, there were still a number of providers or claims submitters that were not yet using the appropriate 8-digit date format to submit claims to us. I am pleased to report that the handful of noncompliant Part A claims submitters are testing their new formats with us now and we expect to report 100 percent compliance for Part A and Part B claims submitters very shortly. As I explained in my written testimony, and at the hearing during an exchange with Congressman Coburn, the ability to submit 8-digit date claims is, only a first step toward Y2K readiness. It does not necessarily mean that a provider's entire billing system is Y2K compliant, or that its office computer or practice management software will function into the millennium. While I am encouraged that the vast majority of providers responded responsibly to our April 5 deadline, and can satisfy our claims input requirements, the obligation remains on providers to make sure that any and all software used in their practices has been made compliant and has been future-date tested. And, as emphasized at the hearing, it is critically important that health care providers, manufacturers, and suppliers thoroughly and satisfactorily check all equipment and devices that go to the heart of quality care and patient safety for Y2K readiness. Importantly, HCFA is giving providers the opportunity to test with our claims processing contractors' systems to determine whether provider claims, including future-dated claims, can be successfully generated and submitted by the providers and accepted and processed by the contractors. This kind of testing can show providers whether their billing systems can successfully generate appropriate claims and it assures providers that data exchanges with HCFA do work. It helps us refine and target our future outreach efforts to providers who may not be making adequate progress in meeting their Y2K responsibility. We are strongly urging providers to take advantage of this testing opportunity. Of course, health care providers receive payment from insurance sources other than Medicare. Providers need to work with their other payers to verify that those payers are as ready as HCFA is to pay claims at the turn of the millennium. HCFA has, appropriately, gone well beyond our immediate claims processing and financing concerns to engage the provider community to address the totality of the Y2K problem. Our outreach effort is strong and the provider readiness survey results highlighted at the hearing, as well as subsequent studies, help us to focus our outreach efforts on provider sectors of greatest concern. For example, a recent survey by the HHS Inspector General yielded troubling results about the readiness of managed care organizations. We are working hard to raise managed care plans' awareness of the importance of being Y2K-ready and have meaningful contingency plans. We are meeting regularly with managed care industry groups. We required all Medicare managed care organizations to submit certifications about their Year 2000 readiness. We and our IV&V expert will be performing onsite reviews of the plans that seem to be the least prepared. And, we are requiring managed care organizations to provide contingency plans to us by July 15, 1999. I want to assure you we will not let down our efforts to reach out to the provider community. As you know, I recently sent a second letter to every Medicare provider and I will continue to personally reach out to providers. We hope the Congress will continue to send a strong message to providers and health plans as well. Finally, I am glad the hearing highlighted the importance of contingency planning. HCFA recently completed the latest draft of our contingency plan and my staff will be holding confidential briefings with your staff soon to discuss some of the details. The contingency plan is designed to guide HCFA's actions in the event of an unanticipated failure of HCFA's systems. We are also working with our partners--our claims processing contractors, managed care organizations, and States--to ensure they have valid contingency plans in place in the event they experience systems failure. I assure you that HCFA's contingency plan provides mechanisms to make sure that providers' claims will get processed and paid even if parts of HCFA's systems experience unanticipated failure. In addition, you can be sure we will have in place at the turn of the millennium, as we do today, financial and audit controls to help protect the integrity of the Medicare Trust Funds. Finally, as I emphasized at the hearing, we firmly believe that no contingency plan should cause providers who fail to prepare for Y2K to be rewarded for their lack of attention, effort, or due diligence. Being able to submit a valid claim is the minimal requirement that is necessary to ensure that a provider can operate in the Year 2000 environment and is actually furnishing covered services. That is why I have made it very clear that HCFA has no contingency plan to make estimated payments to providers that cannot submit a bill. Providers simply must have their own contingency plans in place to ensure that they can get accurate and timely claims to Medicare. We remain ready and willing to do all we can to help them succeed. In conclusion, I have reason to be confident about HCFA's readiness but know we still have much work to do. We will continue to do all we can to ready those systems that are under our control and we will continue to rely on the counsel of our Inspector General, the GAO, and the Congress throughout this endeavor. Providers still have much work to do to prepare their office systems and equipment for the millennium and we are working hard to get the message out to them. We will do all we can to work with the provider community, our sister agencies in federal and State governments, and the Congress to address the Y2K problem. Please do not hesitate to contact me if you have any questions. Again, thank you for holding an important and timely hearing on this important topic and HCFA's number one priority. Sincerely, Nancy-Ann Min DeParle Administrator Enclosures cc: The Honorable Fred Upton, Chairman The Honorable Ron Klink, Ranking Member The Honorable Sherrod Brown, Ranking Member The Honorable Richard Burr Joel Willemssen, General Accounting Office (without enclosures) George Grob, HHS-Office of the Inspector General (without enclosures) Richard J. Davidson, American Hospital Association (without enclosures) Nancy W. Dickey, M.D., American Medical Association (without enclosures) Val J. Halamandaris, National Association for Home Care (without enclosures) Questions for the Record Submitted by Congressman Richard Burr Question 1. How many Medicare contractors are there nationwide? Response: The Medicare program currently has 38 fiscal intermediaries and 22 carriers. Four fiscal intermediaries (Anthem, serving Connecticut; Hawaii Medical Services; Blue Cross of Minnesota; and Trigon, serving Virginia and West Virginia) are in the process of leaving the Medicare program. Their workloads will be transferred to other fiscal intermediaries by this summer, reducing the above counts. Question 2. My understanding of your billing practices is that when a Medicare bill is submitted, it goes to either a fiscal intermediary (FI) if it is a hospital or a Carrier if it is a doctor's bill for front end processing. Basic entry data is done by that ``first layer'' Medicare contractor and then sent to a standard maintainer for verification that the claim is for an actual Medicare beneficiary, that the codes are correct, and that Medicare covers the billed procedure. This appears to be the ``second layer'' of work Medicare contractors do. Finally, the ``third layer'' of billing or back end processing is typically done by the original FI or Carrier. This is where the medical necessity determination is made and the bill is ultimately paid. Have I outlined the correct billing framework? If I have not, please adjust my description. Response: Medicare claims flow from the physician, supplier, or other provider, or their billing agent to one of our claims processing contractors. The contractor's front-end software performs the initial claims processing functions, such as date stamping and procedure code verification. The claim then goes through the standard system software for processing. This software verifies medical necessity and makes other determinations necessary to conclude whether the claim should be paid or denied. (There are presently six standard systems, which are maintained by other contractors--the standard system maintainers.) The claim is then sent to the Common Working File (CWF) software where determinations are made about eligibility, additional sources of insurance, and deductible status, among other things. The CWF then makes the final determination to pay or deny the claim. Finally, if the claim is payable, it is sent through the contractor's back-end processes. These processes include the transactions that pay the claim such as providing information to other payers for electronic funds transfers and check writing. Question 3. How many Medicare contractors cited in Question 1 are front end and/or back end processors (please delineate those contractors which do not perform both functions) and how many are standard maintainers? Response: All fiscal intermediaries and carriers are responsible for the front and back-end processing of Medicare transactions. The standard systems are maintained by certain Medicare fiscal intermediaries and carriers and other data processing contractors. The Medicare contractors that also act as standard systems maintainers are: Blue Cross and Blue Shield of Arkansas (APASS system--Part A); United Health Care (HPBSS system--Part B); and Blue Cross and Blue Shield of Florida (Fiscal Intermediary Standard System--Part A). The data processing contractors that act as maintainers are: VIPS (VMS system-- Part B); GTE (GTEMS system--Part B); and EDS (MCS system--Part B). Each of the Medicare contractors that process claims have their own front- end and back-end systems that they are responsible for maintaining. Question 4. How many Y2K compliant front end and/or back end processors are connected to a standard maintainer which is not Y2K compliant? Response: As of April 23, 1999, all six standard systems and the CWF, having completed our rigorous testing, were deemed Y2K-compliant. Therefore, no front and/or back-end processors are connected to a non- compliant standard system maintainer. Question 5. Does North Carolina fall into the circumstance described in Question 4? Response: No. Question 6. GAO has significant doubts about the quality and thoroughness of HCFA's testing methods. What is HCFA doing to correct and improve those methods? Response: GAO raised several concerns in its recent testimony about our upcoming recertification testing efforts. Although we are convinced that our testing process has been rigorous and represents the most thorough testing ever performed on our systems, we are addressing each of the GAO's concerns. A description of the GAO's concerns and the activities we are undertaking to address them, are as follows: <bullet> Recertification test coverage should be better defined.--We are strengthening our test coverage requirements based on the recommendations of the GAO and our independent verification and validation contractor (IV&V), AverStar, so that our contractors will have improved mechanisms for determining the breadth of test coverage (systems functionality, HCFA-mandated dates, and interface coverage). Specifically, we are requiring a comprehensive end-to-end testing regimen, completion of rigorous test traceability matrices, as well as the application of test case and code coverage tools to contractor systems, and an auditable quality assurance process. We have used a test tool, Ready 2000, and are competing a contract for additional testing tools. In addition, we have hired a separate contractor, SETA, to conduct independent tests of our external standard systems. These tools and reviews will provide further assurance of the readiness of our external systems. <bullet> The sequencing of recertification testing must ensure that CWF and standard systems maintainers complete testing prior to FIs and carriers.--We are requiring the CWF and the standard systems maintainers to complete their functional testing before their systems are released to the contractors and to complete future-date testing before the claims processing contractors finish their testing. We acknowledge that this is not the ideal sequence for ensuring the compliance of all systems. However, we must proceed in this manner because the ideal sequence would have required a software freeze beginning in April--a nine- month freeze on any change to Medicare. We believe that our current test sequence approach provides a realistic balance between the requirement to meet our programmatic obligations and the need to provide appropriate assurance of Y2K compliance. We note that all of these systems, which are presently paying Medicare claims, have all completed extensive testing, including future date, integrated, and end-to-end testing. The retesting and recertification process is expected to validate that we have not introduced any new Y2K date handling errors in making mandated systems changes that affect only a small portion of the system code. <bullet> IV&V should certify the compliance of all external systems.-- We have expanded the scope of AverStar's work. They will provide certification of compliance for all contractors, including maintainers, during recertification. <bullet> An integrated test schedule should be developed.--We are developing a test schedule that will clearly illustrate the sequence of testing times and events for each component of the internal process, the external process, the CWF, the standard systems maintainers, and the fiscal intermediaries and carriers. Part of this schedule is still under development by our carriers and fiscal intermediaries. Our goal is to complete the schedule in June. Question 7. I am very concerned about the Y2K readiness of medical devices and information systems. What can we do to ensure that hospitals and providers have checked and, if necessary, fixed their equipment? Response: In our outreach efforts to providers, we have consistently stressed the important need for providers to ensure the Y2K readiness of all medical devices, as well as clinical and patient management systems. We refer providers to the Food and Drug Administration's (FDA) website to obtain needed information on the readiness of medical devices and have established links to the FDA's site on our own website. Callers to our toll-free provider Y2K phone line also are referred to the FDA site when questions about medical devices arise. In addition, we have sponsored a variety of Y2K educational conferences across the country and have arranged to have a representative from either the FDA or the Department of Veterans Affairs address the topic of medical device readiness. Finally, we have referenced the importance of medical device readiness as well as the FDA website address in the Y2K-related letters we have sent to all providers. Question 8. You have tested HCFA's computer codes for Y2K compliance, but you do not know what program functions those codes cover. A recent article in the Washington Post (Federal Page, April 26, 1999) mentioned that you requested contractors to send you a list of the tested functions. When is the deadline for contractors' responses? Have you received any of those responses? What are you going to do if they do not respond? Response: Each contractor was required to provide us with a test traceability matrix, a crosswalk of test cases to program business functions, detailing their plan for testing all of their business functions and all of the required test dates. We currently are in the process of reviewing these matrices which we have received from nearly all of our contractors. Development of a test traceability matrix is an iterative process between HCFA and the contractors. The contractors have worked closely with us to ensure that their test coverage is more than adequate. We do not expect any contractors to fail to respond to our request and will continue to work closely with them to ensure a rigorous recertification process. Question 9. How many different compliance test does HCFA have to run in the coming months to determine Y2K compliance? How many times has HCFA had to retest systems? Is systems retesting part of an overall strategy to address Y2K, or part of a strategy to address inadequacies in the structures of previous tests? Response: Y2K compliance testing is integral to our overall Y2K strategy. We plan to continue to test and retest all our internal and external systems throughout this year and up until January 1, 2000. We are following the GAO's recommended guidance on compliance testing. For initial systems certification, each Medicare contractor was required to renovate their systems and perform several levels of testing. These tests included: <bullet> Systems Testing--the initial level of functional unit testing of the individual components of the system. <bullet> Integration Testing--the level where components of the system are tested with each other. <bullet> End-to-end Testing--tests all levels, components, and functions involved in Medicare transactions from the submission of a claim to the claims processing contractor to the CWF processing and back to the contractor to the servicing banks to generation of provider payment notices and the printing of Medicare Summary Notices/Explanations of Medicare Benefits (MSN/EOMB). These tests were performed with current and future dates. The recertification process is necessary to ensure that changes to our systems made after the initial certification have not compromised the system's overall Y2K compliance status. To provide the highest level of assurance that all systems will function properly in the new millennium, we are requiring Medicare claim processing contractors to retest their systems beginning with system level testing through end- to-end testing. This additional testing will begin in July, when all Medicare coding changes to our systems are complete and our systems are frozen. This testing will continue through the end of October. We will then require all contractors to recertify their systems by November 1, 1999. We believe that the structure of the earlier tests is sound; nevertheless, we continue to incorporate new test cases, both to improve our test suite and to test any new functionality or changes we have added to the programs. Question 10. Is there an institutional hesitance to address Y2K problems at HCFA? If so, where does it come from? Has HCFA identified any problem areas within its organizational structure to deal with Y2K? Response: No, there is absolutely no institutional hesitance to address Y2K at HCFA. In fact, HCFA employees who are involved in the Y2K effort take their jobs and responsibilities in addressing this challenge seriously. In October 1997, after a nationwide search, HCFA hired Dr. Gary Christoph as our first Chief Information Officer and Director of our Office of Information Services. Dr. Christoph is responsible for managing HCFA's Y2K compliancy efforts, our enterprise information and Medicare claims processing systems, as well as the modernization of our overall information systems architecture. Y2K compliancy is our number one priority and is an Agency-wide effort. We have closely evaluated employees' skills and workload and redirected their work, where appropriate, toward the Y2K effort. In many cases, this required postponing other necessary, but less urgent, systems development work. For example, we have created a Y2K ``War Room'' in our Baltimore headquarters where employee work is dedicated solely to tracking Y2K efforts on a daily basis not only within our own agency, but also with our partners. We also have established contractor oversight teams specifically responsible for closely monitoring and managing Y2K work for all contractors involved in processing Medicare claims. These oversight teams include employees who are on-site overseeing and helping contractors across the country. These teams provide timely information on the contractors to the War Room. We also have rehired a number of retired HCFA employees to work exclusively on Y2K, thus providing us with immediate access to a pool of skilled workers without costly retraining or lengthy recruiting processes. Finally, HCFA is leading the Health Care Sector of the President's Council on Y2K Conversion, led by John Koskinen, the President's special advisor on Y2K. This effort includes working closely with provider trade associations and public sector health partners to raise awareness of the millennium issue and encourage all providers to become Y2K compliant. Question 11. Can HCFA meet the June 30 OMB compliance deadline? Response: Question omitted per Representative Burr's Staff Member, Christopher Joyner. Question 12. Would HCFA agree that informing the health care community about the potential problems facing the community is a function of the agency? Has it done so on Y2K issues? Can you please describe those efforts? Response: We wholeheartedly agree that informing the health care community about the Y2K challenge is an important function of our agency. While we do not have the resources, ability, or authority to step in and fix providers' systems for them, we have nevertheless engaged in an unprecedented outreach effort to raise awareness of this critical issue and to encourage providers to take the steps necessary for ensuring their own millennium compliance. From our own efforts, we know first hand the difficulties inherent in achieving Y2K compliance, and we are eager to share with providers the lessons we have learned. As a part of our outreach effort, we are leading the health care sector of the President's Council on Y2K Conversion. We chair twice-monthly meetings in coordination with a number of provider trade associations and our public sector health partners to share insights, raise millennium awareness, and encourage all providers to become Y2K compliant. Also, this past January, we sent a letter to each of our more than 1.3 million Medicare and Medicaid providers stressing the importance of Y2K readiness and providing an inventory checklist of office equipment and supplies providers need to assess for Y2K compliance. We sent a second letter to providers during the last week in May. We have established a website dedicated to the Y2K (www.hcfa.gov/y2k) advising providers how to identify mission-critical hardware and software and assess their readiness; test systems and their interfaces; and develop contingency plans should unexpected problems arise. The website also includes links to other pertinent sites, such as the FDA's website on medical device readiness. In March, we set up a Y2K toll-free phone line, 1-800-958-HCFA (1- 800-958-4232) where callers can receive up-to-date answers to Y2K questions that relate to medical supplies, their facilities and business operations, as well as referrals for more specific billing- related information. The hotline also updates callers on HCFA's Y2K policies and provides general ``how to'' assistance. Also in March, we hosted Y2K Action Week seminars in twelve different cities across the country, providing attendees with detailed information about what health care providers need to do to be Y2K- ready. And in mid-April, we began a series of provider educational conferences which will take place over the next three months in twelve cities. These one-day conferences are offered free-of-charge and feature readiness strategies, as well as information about biomedical equipment and pharmaceutical risks. I recently held a telephone conference call with more than 75 representatives from national, state, and local medical societies to apprise them of HCFA's Y2K readiness and to encourage them to take responsibility to ready themselves for Y2K. HCFA employees across the country have been actively involved in sponsoring and participating in conferences, symposiums, and other outreach programs through our speakers bureau. They have made literally hundreds of presentations on Y2K issues to providers and others around the nation. Our outreach activities will continue throughout the year. As time to remediate grows shorter, we will shift our focus from Y2K awareness to alerting providers to the need for contingency and business continuity planning. Question 13. What steps has HCFA taken to address the concerns of outreach to rural health care providers? How is this outreach being conducted? Response: We recognize the unique needs and challenges facing rural health care providers in addressing the Y2K challenge. We are developing smaller, more individualized Y2K educational sessions targeted toward rural providers, in consultation with several rural provider associations. So far, we have held conferences in Montana, North Dakota, South Dakota, and Minnesota. We held one of our major educational conferences in Fargo, North Dakota in late May which attracted more than 140 providers. We also have participated in several national conferences sponsored by the major rural health associations in Washington, D.C., San Diego, and Denver. In addition, we have entered into an interagency agreement with the Health Resources Services Administration (HRSA), Office of Rural Health Policy. Working in conjunction with HRSA and the National Association of Rural Health Clinics we have planned outreach conferences to be held over the next two months in Arkansas, South Dakota, Vermont, and a fourth rural location yet to be determined. We also have scheduled provider outreach conferences in North Carolina, Oregon, and Tennessee that we hope will attract rural providers. We have invited a representative of the Small Business Administration (SBA) to each of these conferences to share information about SBA programs that may be available to help rural providers fix or replace non-compliant systems and medical devices. Finally, we meet periodically with representatives of rural health trade associations to ensure that our outreach efforts are meeting the needs of rural providers. Question 14. Has concern in the private sector over liability issues related to Y2K affected HCFA's ability to work with providers and the community as a whole in addressing Y2K problems? Response: We do not have concrete evidence that liability issues related to Y2K are affecting our ability to work with providers in addressing Y2K problems. There are, however, two areas where liability may be having some impact on how forthcoming our provider partners have been in responding to requests for information from us and others. Relatively few providers have responded to surveys and assessments from the Department of Health and Human Services Inspector General and others, such as the American Hospital Association, the American Medical Association, and Rx2000, an organization created to address Y2K awareness in the health care industry. We also have had difficulty collecting information about provider readiness from billing service providers and software vendors. We suspect that liability concerns may be contributing to their reluctance to respond as well. Question 15. What progress has HCFA made on its Contingency Planning since the beginning of March? Response: We are closely following the GAO's advice on contingency planning outlined in their August 1998 guidance, Year 2000 Business Continuity and Contingency Planning and in their September 1998 report, Medicare Computer Systems--Year 2000 Challenges Put Benefits and Services in Jeopardy. We have developed and are now validating our contingency plans. This validation phase of our effort will run through the end of June. On June 15, 1999, we provided the Office of Management and Budget with a draft of our business continuity and contingency plans. Each of our contingency plans has a designated Emergency Response Team responsible for executing the various plans, if necessary. During the validation phase, these teams will run practice exercises and rehearse plans in a simulated environment. It is important to note that contingency planning is not a static process. We will continue to rehearse and refine our plans throughout the coming year and up until December 31, 1999. We will make changes, if necessary, as we learn more about the readiness status of those with whom we interact, such as providers, pharmaceutical and medical equipment suppliers, and States, among others. As part of our emphasis on the contingency planning efforts of our partners, we are conducting a review of Medicare Carrier and Fiscal Intermediary contingency plans. In October 1998, we instructed the Medicare contractors to undertake a contingency planning program. On April 8, 1999, we began examining those contingency plans emphasizing the reasonableness and completeness of the plans. We will provide guidance and assistance to those organizations that appear to have not adequately staffed and completed their contingency planning. In addition, we are re- quiring all Medicare managed care organizations to have contingency plans and submit them to us by July 15, 1999. Finally, we have increased our review and assistance to State Medicaid Agencies to ensure the continuity of Medicaid payments and continued access to care for beneficiaries. We have provided State agencies with advice on preparing business continuity and contingency plans and have requested that Agencies submit their plans to us. We currently are reviewing these plans to gain an understanding of States' particular plans to ensure the continuity of their health care programs in the unlikely event of systems failures. In addition, we have contracted with a Medicaid-related IV&V expert to assess the status of the States. Site visits are now underway. We also are working on a contract to provide technical assistance to States on contingency planning. Question 16. Since the bulk of payments that many rural health care providers receive are from government-insured patients, it will be extremely difficult for these providers to continue to operate without a contingency payment mechanism in place should Y2K disruptions occur. Does HCFA have any plans for a contingency payment mechanism should disruptions occur? Response: We are currently in the process of developing our own contingency plans to ensure we are able to process and pay any claim submitted. We are more concerned that providers may not have addressed their Y2K issues and may not be able to generate a claim. I hope you can appreciate the delicate balance that exists between our top two contingency planning goals of paying providers promptly and preventing payment errors. By its very nature, HCFA's contingency plan highlights the vulnerabilities in Medicare's systems that could occur in the event of Y2K failure. Portions of the plan could serve as a blueprint for fraudulent activity. I can assure you that HCFA's contingency plans provide mechanisms to ensure that providers' claims will be processed and paid even if HCFA's systems experience unanticipated failure. We also will have financial and audit controls in place at the turn of the millennium, as we do today, to help protect the integrity of the Medicare Trust Funds. I firmly believe that no contingency plan should cause providers who fail to prepare for Y2K to be rewarded for their lack of attention, effort, or due diligence. Being able to submit a valid claim is the minimal requirement that is necessary to ensure that a provider can operate in the Y2K environment and is actually furnishing covered services. It is quite clear that it would not fulfill our fiduciary responsibilities to pay monies from the Medicare Trust Funds in the absence of appropriate evidence that a covered service was delivered to a beneficiary. HCFA has no contingency plan to make estimated payments to providers that cannot submit a bill. The best risk mitigation strategy is, of course, for providers to ready their computers and systems well in advance of January 1, 2000. To assist all providers in achieving Y2K compliance, we have engaged in an unprecedented outreach effort, including mailings to all Medicare and Medicaid providers, a Y2K website and toll-free line, and numerous educational conferences, among other things. In addition, our Medicare contractors have made millennium compliant billing software available to all providers for free, or at minimal cost. This software allows providers to submit Y2K compliant claims to the contractors, so long as the software is used in conjunction with compliant computers. We also have given providers the opportunity to test the submission of future- dated claims with our claim processing contractors, so they can be certain their systems are ready, and we have encouraged them to do so.