[This Transcript is Unedited]
Hubert H. Humphrey Building
Room 705A
200 Independence Avenue, SW
Washington, DC 20201
Review of Agenda - Dr. Lumpkin
Jeffrey S. Blair
Dr. Simon P. Cohn
Ms. Margret Amatayakul
Adjourn to 50th Anniversary Symposium, National Academy of Sciences
DR. LUMPKIN: -- make a comment that within the last three weeks, I have been on the road a little bit. About three weeks ago, I was traveling with our governor in South Africa, therefore the tie, which is the flag of South Africa. It is a peace dove, which is very important. Actually, it is a peace dove that is white and blue.
I think that is important probably because they have gone through some racial issues in South Africa. A few. It is fascinating to see the amazing transformation that they have gone through from an apartheid system to a system of majority rule with essentially a minimal amount of violence. However, trying to win the peace after that transition is a very difficult one for them and one that certainly they will need a lot of help on.
The most overwhelming and striking issue, since I am being a health person, was the impact of HIV on their ability to make this sort of transition. It was certainly a fascinating visit.
[Comment concerning microphone.]
The second trip is I also had a week's vacation in Mexico, which is always very difficult for a state health director in Illinois since in 1985, in the middle of the largest outbreak of salmonella, the state health director in Illinois took a vacation to Mexico and when he came back did not have a job.
I did not tell anybody where I went until I came back, but this the modern age. As some of the people around the table know, I was able to access my email every day. It was almost like I was not gone.
It is a pleasure to be back here. We have some important work to do. This is perhaps one of the busiest and momentous days that we have had in the committee and certainly in a long time.
We have three major reports that we are in the process of delivering and finalizing. We have the Patient Medical Record Information Report, which we will be presenting and discussing today, and then this afternoon, we have the symposium on our 50th anniversary. In that symposium, we will be presenting the working document for discussion on the National Health Information Infrastructure, which all of you have seen, and the 21st Century Health Statistics Document that has been done. We have been very busy as a committee, and we are going to have a great celebration this afternoon.
Some details on that. After we complete our meeting, which will be about 11:30, we will have a 45-minute period of time for people to go upstairs and eat lunch if they so choose. At that point, we will then proceed to the National Academy of Sciences. There will be a bus out front at 12:15. If you miss the bus, you are on your own.
[Laughter.]
When we arrive at the Academy of Sciences, for those of you who choose to go upstairs, there will be some light snacks that are available, as will there be light snacks at the break. If you go to lunch and have the light snacks and then after that you go to the reception, you will no longer be light.
[Laughter.]
We will enter on the C side of the building. I assume that means Avenue C. Yes. That will be immediately after here. We will have a period of time for a break. After the reception, you are on your own to make it back to your various places that you may choose to stay tonight.
Subsequently, we will start again tomorrow morning at 8:00 for the Subcommittee on Standards and Security working session. Then the full committee will come together at 9:00. It says 9:15, but if we can try to get here at 9:00, we will certainly start at 9:15.
We are going to, at this point, unless there is any questions on the agenda or additions on the agenda, then we are going to go around and do our introductions. As in past meetings, as you know, we are going live over the Internet. Please, when you speak, speak into the microphone and have it relatively close to you so that we do not have reverberation.
DR. GREENBERG: I am Marjorie Greenberg, the Executive Secretary for the National Committee on Vital and Health Statistics, NCHS.
DR. COLTIN: Kathy Coltin, Harvard Pilgrim Healthcare.
DR. FRIEDMAN: Dan Friedman, Massachusetts Department of Public Health, a member of the committee.
DR. ROTHSTEIN: Mark Rothstein, Health Law and Policy Institute, University of Houston, a member of the committee.
DR. IEZZONI: Lisa Iezzoni, Harvard Medical School.
DR. BLAIR: Jeff Blair, Vice President of the Medical Records Institute, a member of the committee.
DR. NEWACHECK: Paul Newacheck, University of California at San Francisco, a member of the committee.
DR. WARD: Elizabeth Ward, a member of the committee, Foundation for Healthcare Quality.
DR. FYFFE: Kathleen Fyffe, member of the committee. I work for the Health Insurance Association of America.
DR. GELLMAN: Bob Gellman, Privacy and Information Policy Consultant.
DR. COHN: I am Simon Cohn with Kaiser Permanente and a member of the committee.
DR. SCANLON: I am Jim Scanlon with HHS, and I am the Executive Staff Director of the committee.
DR. LUMPKIN: I realize that I forgot to introduce myself. I am John Lumpkin, Director of the Illinois Department of Public Health and chair of the committee.
Why don't we have introductions from the audience. We do not have microphones everywhere, so those of you on the Internet may not hear them. When we do have discussion and have people speak, we will have them come to the microphone.
[Introductions of audience members.]
DR. LUMPKIN: Any conflicts of interest with the agenda for today and tomorrow? I see none.
Simon and Jeff: presentation and discussion of the report on uniform data standards for patient medical record information. I am going to perhaps take the prerogative of the chair and to thank you and the work group. Those of us who have seen the document through a number of iterations, of which there have been many ¾ in fact, I think there are more versions of this than there are of Windows.
It has really been exciting to see this document take shape. About three or four versions ago, I thought it was an excellent document, and it certainly is much better than that now.
DR. COHN: Great. I think I will let Jeff sort of make some leading comments, but like you, I also want to thank the hard work of both the work group and the subcommittee noting that they are both the same membership. I think we really appreciate the leadership that you have all shown.
Jeff, I really want to thank you specifically for your leadership in this area. Obviously, Margaret, I want to thank you for your help in terms of the staff support and real hard work on this document.
Jeff, would you like to make some opening comments?
DR. BLAIR: Hello, everyone. This was really one of those situations where you had the opportunity to work on a little bit of a challenging project but the teamwork that was present on the part of everyone, and the cooperation, and the staff support, was so consistent and so helpful. Before I say anything, I just have one special note of appreciation and that is to Margret Amatayakul for the outstanding job that she has done to be able to pull all of this information together and direct with the writing.
Actually, I am just going to give you a very high level brief summary of the history as we have gone through this for the record and for the Internet so that they sort of know what we are doing here. We are about to discuss the Report to the Secretary on uniform data standards for patient medical record information and the electronic Exchange of that information. This was required that the committee, the NCVHS committee study and make recommendations and legislative proposals on PMRI in accordance with the HIPAA law.
The activities that we had started about two years ago. We began with a work plan. We wound up having testimony from over 90 individuals and special interest groups to be able to gather information that went into this report. Back in December of this last year, we got to the point where we had pretty much been able to pull together most of the comments and outside testimony, and identified the issues, and began drafting the report. The copy that you have in your handouts right now is virtually the eighth draft of the report.
At this point, I am going to turn it over to Margret. I think I maybe would mention to you, for those to you - not everybody who is on the committee today was on the committee back in February. We did review the third draft of this report in February. We solicited outside comment, and that extended to the full committee at the end of April. This is - or some of you at least, it may be the third time that you have had the chance to take a look at this document as it has evolved.
Now, I will ask Margret and Simon to help us with your comments on the report.
MS. AMATAYAKUL: Thank you. First of all, thank you for your comments. It was a pleasure, really, to work on this report with the work group. What I will do is take you section by section and get comments and put together yet another draft. I guess that will be the final one, hopefully.
The executive summary starts out with an introduction. What I will do is I will go through each major section and call for comments if that will work for you.
DR. COHN: It will.
MS. AMATAYAKUL: Introduction to the executive summary comments?
DR. LUMPKIN: Let me ask this question. Does anybody have any - before the recommendations, does anybody have any comments? Let's take it in bigger chunks. Any comments on the executive summary?
DR. COHN: Except for the recommendations, correct?
DR. LUMPKIN: Except for the recommendations. We want to maybe wait until the end to take the recommendations in their entirety and then go to the - because it really restates the ones that are at the end of the document.
DR. COHN: I think that would be very appropriate.
MS. AMATAYAKUL: We do have one change in the section called Data Quality and one additional sentence.
DR. COHN: Do you have that written down, Margret, someplace?
MS. AMATAYAKUL: Yes. We deleted a couple of sentences and changed the last sentence under Data Quality.
PARTICIPANT: Do you have a page reference?
MS. AMATAYAKUL: This is page six.
DR. COHN: At the bottom.
MS. AMATAYAKUL: At the bottom. I will read you the paragraph as we have revised it. It is very difficult to measure the quality of healthcare data, yet every provider can point to examples where data quality has clearly been suspect or could not be validated. Information systems today do not incorporate sufficient data editing capability, uniformity in units of measure or other controls.
Data quality is also impacted by the inability to uniquely identify patients. This can result in loss of data for patient care. The administrative simplification provisions of HIPAA address this issue by calling for a unique identifier for individuals. However, there is public concern about the issuance of a unique identifier for individuals prior to the passage of federal legislation to protect the privacy of patient medical record information. Data quality, accountability and integrity must be incorporated into message format and vocabulary standards to improve the ability to exchange data across providers when authorized for continuity of care.
DR. COHN: Do we have copies of that to pass out? No.
DR. LUMPKIN: Can we perhaps get a copy? Maybe we can make copies for everyone to take a look at.
DR. COHN: Margret, I did not know if you wanted to - if you were going to bring out the suggested minor change regarding the QUIC Report because -
MS. AMATAYAKUL: Yes, I have changed the date to 1998.
DR. LUMPKIN: That was a quick change.
[Laughter.]
DR. GREBERMAN: I would like to show the relationship to how that was - because clearly 1998 was before the IOM report.
MS. AMATAYAKUL: We also added a sentence that follows the data quality section. This is entitled, "Other Issues." "Other issues considered in this report include the need for healthcare privacy legislation, the need to address the diversity of state laws with respect to retention and authentication of patient medical record information, and the need for a national health information infrastructure. Barriers to adoption of internet application such as reported in Networking Health need to be overcome."
DR. HERRERA: I am Chris Herrera from Pharmacia. May I make a comment related to the data quality statement here?
DR. LUMPKIN: Actually, what we are going to do, we are going to try to get a copy of that revised language, so why don't we hold off until then.
Anything else on the executive summary?
MS. AMATAYAKUL: We are going to skip the recommendations here and cover them at the end.
DR. LUMPKIN: Yes.
MS. AMATAYAKUL: The next section we will go to is Section II Introduction. It starts on page nine. There is a description of purpose and scope, intended audience for the report, background and general rationale that has a series of questions.
DR. LUMPKIN: Any comments on that section?
DR. COHN: I presume that we are talking about substantive changes as opposed to wordsmithing or typos.
DR. LUMPKIN: Yes.
Section One?
MS. AMATAYAKUL: There is also a section on page 15 of, Process of Studying Issues and Making Recommendations.
DR. COHN: Let's go to III, I think.
MS. AMATAYAKUL: Section III, Overview of Standards for Patient Medical Record Information. Section A is -
DR. LUMPKIN: Wait, I am sorry.
MS. AMATAYAKUL: -- on page 17.
DR. LUMPKIN: I think we may have skipped too far.
DR. COHN: Okay.
DR. LUMPKIN: I was thinking that maybe we should walk through sub item one on page 10. I am not sure that we are all on the same page on this. Let me just say that on sub item one, there is only one typo, and I told Simon that I was not going to raise this, but I figure here is a chance to embarrass him live on the internet. The word "accident" is included on the last page in there. Simon, as a good emergency physician, should know that car crashes are not accidents; they are crashes.
DR. COHN: We are talking about highway crashes.
DR. LUMPKIN: Yes. Sub item two? Three? Four? Five on page 12? Six? Seven? Eight? Nine? Ten on page 15? I guess we are ready for Section III.
MS. AMATAYAKUL: Overview of Standards for Patient Medical Record Information on page 17. Section A, PMRI Standards Concepts basically is a set of definitions of terms: patient medical record information, electronic exchange of PMRI, uniform data standards, health information infrastructure, health information versus PMRI, and HIPAA administrative simplification requirements for PMRI.
On page 18, B: Evolution of Healthcare Informatics Standards. There is a section on healthcare informatics standards history; two, standards development organizations; and three, accreditation and coordination of standards development organizations.
Section C: We changed the title around a little bit just to be consistent with the other titles. Instead of "Overview of Data Standards Issues," we are calling it "Overview of Issues Relating to Data Standards for PMRI." That way we get PMRI in there.
The first issue that we discuss is interoperability. On page 20, there is a subsection standard implementation guides. Page 21 has conformance testing.
DR. LUMPKIN: On page 21, and this is just a wordsmithing issue under "addressing gaps and inconsistencies to improve interoperability," that paragraph. I just think it could use a little bit of rewriting. I had some difficulty understanding that paragraph. It is not a showstopper, but if we are going to do a little bit of editing for understandability.
MS. AMATAYAKUL: Okay. Page 21, number two discusses the comparability issue, and that includes terminology concepts, vocabulary, characteristics and attributes. Data capture challenges.
[Pause. No audience response.]
DR. LUMPKIN: You are on a roll.
MS. AMATAYAKUL: Okay, page 24 discusses data quality, data accountability and data integrity issues. It breaks them down by data quality, data accountability and data integrity.
DR. LUMPKIN: I just had a brief comment on that one again. This is just an editorial. You are using the term the second critical choice provides the basis for assessing and continuously improving performance, effectiveness and efficiency in the healthcare system. You are really talking about quality. I think just inserting the word, "i.e. quality", since that is an important buzzword nowadays, is just a small editorial change.
MS. AMATAYAKUL: Can you identify which section you are talking about?
DR. LUMPKIN: At the top of page 24, right under three, the first paragraph.
MS. AMATAYAKUL: Okay.
DR. LUMPKIN: Just to kind of work the word "quality" in there because it is implied but not stated. You might as well take credit for everything that you can.
DR. COHN: You are talking about where it says "effectiveness and efficiency"? You are saying that you would like "quality, efficiency, effectiveness and overall quality"?
DR. LUMPKIN: Right.
MS. AMATAYAKUL: On page 25, we discuss other issues. They include on page 26, privacy, confidentiality and security. Page 26 also has diverse state laws. Page 27 has business case for standards development. Page 28 has national health information infrastructure.
DR. NEWACHECK: Just a comment on this section. First, I want to congratulate the work group on a really excellent report. I think this is very well written, very accessible, and it will be a real contribution.
I wondered in this section on the national health information infrastructure, there is a paragraph, the second paragraph on page 29 that indicates individuals will need access to PMRI. I assume that what we are talking about is all individuals should have access to their medical records. I wonder if it could be a little bit more explicit about that and make that a stronger point with just a little wordsmithing perhaps.
DR. COHN: I am just trying to think of it. Where exactly are you?
DR. BLAIR: Margret already has a wordsmithing correction on exactly that point.
MS. AMATAYAKUL: Not on this one.
DR. BLAIR: Not on this one? Okay.
DR. NEWACHECK: Somewhere in the report, in any case, I thought it would be helpful to make that point strongly.
DR. COHN: Yes, I should also comment that on page 27, there is a paragraph that has to do with authentication requirements. There is actually a bill that apparently has passed the House and Senate called E-Sign. Hopefully we are going to have some briefing on that tomorrow. That may affect somewhat how we characterized that paragraph, and I would ask the indulgence of the committee that that may get modified based on what we subsequently come to understand from tomorrow.
MS. AMATAYAKUL: Page 29, data elements to produce PMRI content.
[Pause. No audience response.]
Then on page 30, we discuss the current status of data standards.
DR. LUMPKIN: Let's go back to page 27, the middle paragraph under authentication that Simon talked about where you say, "Currently both Illinois." Can you put in parenthesis, the home state of the chairman?
[Laughter.]
I am sorry.
MS. AMATAYAKUL: On page 30, we begin the discussion of current status of data standards, and we include message format standards. On the top of page 31, in that paragraph, we did make an addition to the last sentence where it says, "new standards such as object-oriented request broker architectures and document mark-up language standards, for example, XML. We added, "are being incorporated into message format syntax development activities" and are gaining interest. It just to emphasize that work has already been started on that.
Then there is the section on medical terminologies. Page 32 has a section on data quality, data accountability and data integrity. Then we are to the recommendations.
DR. LUMPKIN: Before we go through the recommendations, everyone now has a copy of the page six.
MS. AMATAYAKUL: I am sorry for the scribbling, but this was done last minute, obviously.
DR. LUMPKIN: Okay. Maybe if you can read what we have, and then we can sort of figure out what goes where.
MS. AMATAYAKUL: The first two sentences are the same, and then we have deleted the second sentence. The third sentence, I am sorry. It reads, "It is very difficult to measure the quality of healthcare data, yet every provider can point to examples where data quality has clearly been suspect or could not be validated. Information systems today do not incorporate sufficient data editing capability, uniformity in units of measure, or other controls. Data quality is also impacted by the inability to uniquely identify patients. This can result in loss of data for patient care," and then go along the left side, "The administrative simplification provisions of HIPAA addresses this issue by calling for a unique identifier for individuals. However, there is public concern about the issuance of a unique identifier for individuals prior to the passage of federal legislation to protect the privacy of PMRI."
Then you go back down to where I have started writing again, "Data quality, accountability, and integrity must be incorporated into message format and vocabulary standards to improve," follow the arrow, "the ability to exchange data across providers when authorized for continuity of care."
DR. LUMPKIN: This is not the section that talks about the problems with data editing?
DR. COHN: With data quality. Oh, you mean the - John, which piece, I am sorry. I am looking at this, and I apologize because I have not seen this before either. It appears that the - I mean, I think what is said is very reasonable, but then jumping back to data quality I find to be a little jarring. I think that maybe as I look at this, it seems to me that there is a sentence that is sort of missing here that has to do with, we once again call for comprehensive privacy legislation, et cetera. It seems to me that is where the thought goes after this.
DR. LUMPKIN: We did that in the recommendations.
DR. COHN: I agree, too. I am just sort of having a hard time trying to pull this in with the final sentence on data quality. I think that is -
DR. LUMPKIN: Okay.
MS. AMATAYAKUL: There is also on the back the additional sentence that identifies the need for healthcare privacy legislation but maybe we could somehow merge that and make a smoother transition in the previous sentence.
DR. LUMPKIN: We had a question on data quality. Does this change that question?
MR. HERRERRA: This is Chris Herrera from Pharmacia Corporation. I am on the ICH, which is the International Conference on Harmonization of Data Standards, electronic standards for transferring data. I want to make two comments. The sentence where we say that the information systems do not incorporate sufficient data editing, the systems do. It is the criteria for editing that are not well defined. There are many information systems out there, but you need to input the criteria to do the data editing, and they will. What criteria should one use to edit the data? That is where there is a certain amount of discrepancy.
DR. LUMPKIN: Jeff?
DR. BLAIR: Simon observed that - first of all, let me kind of put this in context a little bit. I did not mean to ignore your comment about the data editing. That is covered in a little bit more detail within the third section of the report, which is the overview of standards and the issues. Right now, my comments are more focused toward this paragraph in the executive summary.
In our last CPR workgroup meeting, it was felt as if we needed to mention the issue of a unique patient identifier and to put it into the context of the impact of not having a unique identifier within the context of data quality, accountability and integrity. As we tried to fold in this information, we felt that we had too much, and we were going through a second modification today.
I would like to make a suggestion here and just see if you feel comfortable with this. Simon, you just pointed out that even though we shortened this to, I guess, two or three sentences, as we begin to wind up talking about the issue of the fact that it is difficult to get the public comfortable with the unique identifier before there is legislation for privacy, what if we were to have those two sentences maybe as a footnote so that we do not break the train of thought in the paragraph which is focused on quality? So if we only have the sentence there indicating that if you do not have a unique identifier it could result in loss of data, and then go right to the concluding sentence in that paragraph, and have the two sentences that talk about the fact that HIPAA tried to address this by calling for a unique identifier and that there is public concern, maybe if we had those two sentences as a footnote. Would that help?
DR. LUMPKIN: I think that, at least what I heard the one time that we tried to hold a hearing on this issue -
PARTICIPANT: Where was that?
[Laughter.]
DR. LUMPKIN: The difficulty of trying to summarize that in one sentence, while it is true that people are uncomfortable with having a unique identifier prior to privacy legislation, I do not think that what is implied is that they would then be comfortable with a unique identifier after privacy legislation. I do not think that is true. I just wonder if we ought to maybe talk about - even though HIPAA talks about a unique identifier, what we maybe should talk about is a unique identifier or an unambiguous way of identifying an individual. That would leave us some wiggle room to try to figure out what we should do if privacy legislation passes.
DR. BLAIR: An unambiguous way of identifying an individual?
DR. COHN: John, I think that is sort of where that is - is that what that sentence means to you where we say an inability to uniquely identify patients in terms of the wiggle room there? That is where it goes in that direction, I think.
DR. LUMPKIN: Right, because what we are talking about is the - what we want to do is to link information with the person. That means either you have a unique identifier, which is really just a means of doing that in an unambiguous way. That data is mine; it is not my son's who happens to have the same name, or my father's, who has a different name.
Those are the kinds of issues that came out when we had the hearing also of the advantages of the unique identifier. It is just such a charged issue that we need to finesse it a little bit and recognize that this document is not going to be able to discuss all of the issues on both sides of that one, and we just need to point out and talk about the importance of privacy legislation and move on. I am not suggesting a way to do that, but I think that we just need something in there to do that.
DR. COHN: John, actually, I agree with your comments, but I am struggling on how exactly to do this. I think that we have been trying to wordsmith this one for a while. I think that to me, the issue is that there is a connection between the issue of inability to uniquely identify patients and privacy. I am just wondering if that is the link that we want to forge as opposed to reminding everyone about the whole issue of individual identifiers, unique individual identifiers, to me, since we are not recommending in this report that there be unique individual identifiers.
DR. BLAIR: Could I suggest this because I -
DR. LUMPKIN: Jeff, maybe I have a way to fix that. That is, however, there is public concern about the issuance of a unique identifier for an individual especially in the light of absence of privacy legislation. That is a little bit crude, but I think that we can smooth that out just a little bit. It begs the issue of whether privacy legislation will make the concerns go away.
DR. COHN: Margret, do you have that?
MS. AMATAYAKUL: Yes. Are you suggesting then to remove the first part of the sentence, "The administrative simplification provision addresses this."?
DR. LUMPKIN: No.
MS. AMATAYAKUL: Just leave that and then add "unique identifier for individuals especially in light of the absence of privacy legislation"?
DR. LUMPKIN: Yes, on the side of the page where it starts and then moves up to the front of the page at the top. "However, there is public concern." Mark?
DR. ROTHSTEIN: This document is primarily a technical document and not a document going to the issues of privacy, confidentiality and security. As a result, I would like to see some language in here, and I think this might help the problem that we are discussing, the sort of disclaimer, which would say something like, "Use of these kinds of records raise a myriad of privacy, confidentiality and security issues that are beyond the scope of this document and therefore require a great deal of in-depth study.
It is also the subject of Congressional consideration, et cetera, and we have addressed those issues and other documents and will continue to do so. My concern is that people will get a - will read this and think everything related to privacy and confidentiality and security we have managed to take care of in a page, which obviously is not the case.
DR. LUMPKIN: Can I ask if perhaps you would be willing to put together a couple of sentences to that effect
DR. ROTHSTEIN: Sure.
DR. LUMPKIN: And maybe you could help us identify just where that would be, and keep in mind that we do have a discussion of the privacy issue just briefly under "Other Issues" in the third section, and then that is - we felt that was necessary in order to include in our recommendations support for privacy legislation to protect the privacy of healthcare information. We do have some of those thoughts in there and maybe also - well, go ahead and make your thoughts.
DR. COHN: Jeff, what I am actually hearing is that Mark was offering to come up with a couple of sentences probably under these "Other Issues" related to the first sentence which has to do with the need for privacy legislation. You probably want to even amplify on that, maybe even to the point where we have a small heading that says privacy.
DR. LUMPKIN: I think it would be in the executive summary and also incorporated into that section under privacy.
Can we move on to the recommendations?
DR. IEZZONI: John, I just have one really quick comment. In Figure 2, which is entitled, "Medical Terminologies," all of these terminologies -
DR. LUMPKIN: Yes, page 32.
DR. IEZZONI: Yes - are not medical. Could you add ICIDH or whatever its current name is to that? Since our subcommittee is spending a lot of time working on that, it is kind of a shame that that classification is not listed here among the different, quote, medical terminologies. You might want to think about a broader name for it than medical.
DR. LUMPKIN: Healthcare?
DR. IEZZONI: Healthcare.
DR. COHN: Healthcare terminology.
DR. LUMPKIN: where would you put it? Would you put it under other codes, clinically specific codes?
DR. IEZZONI: Yes, you know, I might put it under "Other Codes."
DR. LUMPKIN: Okay. Recommendations?
MS. AMATAYAKUL: Let me just comment that hopefully your document has been copied back to back so that the box that incorporates the guiding principles on page 36 is facing the recommendations page.
DR. LUMPKIN: Yes.
MS. AMATAYAKUL: There is an introduction to the recommendations.
DR. LUMPKIN: If I could maybe just ask, are there any comments on the guiding principles because those are important. Okay, recommendation one.
MS. AMATAYAKUL: Number one, the first recommendation is to adopt the guiding principles for selecting PMRI standards as the criteria to select uniform data standards for patient medical record information.
Two, consider acceptance of forthcoming NCVHS recommendations for specific standards. You have the timeline.
Three, provide immediate funding to accelerate the development and promote early adoption of PMRI standards, and that should take the support for government participation in standards development; broader participation of expert representation; enhancement, distribution and maintenance of clinical terminologies; on the next page, coordination of data elements among all standards; improvement of drug data capture and use; and then early adoption of PMRI standards within government programs to provide broadened feedback.
DR. LUMPKIN: Just a question. I am trying to remember. This report is to the Secretary?
DR. COHN: Yes.
[Comments off microphone.]
MS. AMATAYAKUL: Number four, for each standard recommended by NCVHS, commit funding for: development of a uniform implementation guide, development of conformance testing procedures, ongoing government licensure of those terminologies selected for adoption so that they could be available for use within the public and private sectors at little or no cost.
DR. SCANLON: Do we want to be so specific as to say that it should be a licensure process, or would you say a similar arrangement.
DR. COHN: What sort of similar arrangement?
DR. BLAIR: I think, if I recall the wording there, doesn't it say government licensure or other mechanisms?
DR. COHN: No.
AUDIENCE: [Comment off microphone.]
DR. BLAIR: Thank you for catching that.
MS. AMATAYAKUL: Number five is: Support demonstration of the benefits and measurement of the costs of using uniform data standards for PMRI that provide for interoperability, data comparability and data quality.
Six is: Support increases in funding for research, demonstration and evaluation studies. Seven is: Accelerate the development and implementation of a national health information infrastructure. Eight is: Promote United States' interest in international health data standards development through HHS participation in international organizations and in cooperation with the Secretary of the Department of Commerce through monitoring the activity of U.S. system vendors.
Nine: Promote the equitable distribution of the costs for using PMRI standards among all major beneficiaries of PMRI. This may take the form of incentives for submission of data using the PMRI standards that can support a variety of purposes including quality improvement.
Ten: Encourage enabling legislation for use and exchange of electronic PMRI including comprehensive federal privacy and confidentiality legislation and uniform recognition by all states of electronic health record keeping; and national standards for PMRI retention and electronic authentication.
DR. LUMPKIN: Lisa, you are frowning.
DR. IEZZONI: Let me make a comment here. I am just thinking about what is happening at our hospital right now.
[Laughter.]
DR. LUMPKIN: That can make a lot of us frown.
DR. IEZZONI: Yes, I know. Let me just tell you a little story about this and see how this fits.
DR. BLAIR: Lisa, could you get a little closer to the microphone.
DR. IEZZONI: I need to see something in here about how this will work in clinical practice. There is language about demonstrating benefits and measurement of costs, but there is not language about doctors, nurses, and physical occupational therapists, how it will really affect them as they are at the bedside or in the office caring for patients. I need to see that in here.
I will tell you the story about our hospital. Actually, this story was repeated to me by a man from Chicago last week at an Institute of Medicine committee that I was on, so it is not just the hospital in Boston, it is the hospital in Chicago.
Doctors are still worried about going to jail because of the CPT guidelines from HCFA. What our hospital with consultants has come up with is a paper form that the physicians will now have to fill out to show that they have ticked off all of these different boxes to quality for different levels of ENM(?) coding.
Most of the doctors in our clinic have switched over to computerized medical records. But because they are now needing to do this for ENM documentation so that they will not go to jail, and I am using this language in a very inflammatory way simply to make the point, they are probably going to only document the paper record, the paper form, and no longer put anything into the computer. So what that means is that when a patient comes into the emergency room where in the past all of their clinical information from this that used to be online and readily available, it no longer will be because it is now in a paper record to support the ENM documentation to allow people to be billed and allow that process to go forward without them going to jail.
Now, I know that is somewhat tangential to what we are talking about right here, but the reason why I was frowning is because it just raises the whole issue of how does this affect doctors in the office, at the bedside, nurses and other clinicians. We just need to have some language in here, Simon, about that.
DR. COHN: I think I share some of your concerns though I would - maybe I can read you the first sentence in the recommendation area in the executive summary, which I think was meant - now, I would say that it may not fully address what you are mentioning, because certainly there are a couple of issues that you have just brought up that are probably even beyond the scope of this document.
DR. FYFFE: Simon, before we go on, could I ask Lisa to just clarify? I missed the point as to why the physicians are afraid to put the information online.
DR. COHN: What third-party usage -
DR. IEZZONI: It is not that they are afraid; they are having to duplicate it. If they are already filling out a paper form to show that they have looked at various aspects of the physical exam and clinical history and review of systems, if they have to fill out a paper form to meet their ENM coding guidelines, they do not want to have to type it again into the -
DR. FYFFE: They do not want to do double work.
DR. COHN: Yes.
DR. IEZZONI: They do not want to do double work.
DR. COHN: Yes, and Lisa, you are really talking about the fraud and abuse issues from HCFA.
DR. IEZZONI: That is why I prefaced my story to say that it was relevant but it was the motivation for why I was frowning.
DR. COHN: I understand, and I guess let's take a look at the first sentence of the recommendations in the executive summary on page seven. At least the intent of that was to sort of begin to address, I think, some of those issues. It may be a little off the mark, but this reads, "This report reflects the belief that significant quality and cost benefits can be achieved in healthcare if clinically-specific data are captured once at the point of care and derivatives of these data can be made available for all legitimate purposes. I think that was really where we were trying to go.
Really, what you are talking about is gee, a nice computer system, now you have all of these other processes, other things, paper, computer, you have a computer system but you have a paper-based encounter system that now you have to fill out 12 things on and write the diagnosis on sometimes. That makes everybody nuts. I agree with you on that.
Now, the question is, does this address it? Or is this not going far enough?
DR. IEZZONI: The language is so technical. Words like "derivatives" of these data, phrases like "derivatives of these data," so that it just does not come across on a basic, concrete, emotional level about care at the bedside needs to be made more efficient and the information that clinicians communicate with each other more accurate. Just simple statements in common English language, I think, would probably make me feel happier. I think that your sentiment is probably there, but I think that just making it just more straightforward, simple, descriptive language would probably make the point more compellingly.
DR. COHN: So you are saying that - John, go ahead.
DR. LUMPKIN: Let me suggest that I think our difficulty is with this document and a lot of the work of the committee is that because we are addressing many of these issues piecemeal, none of them stand on their own. If you take this within the context of the NHII document and what it will be when we complete this process that should be the piece that explains that. If you look at the NHII document and you look at some of the scenarios that are in there, I think that may be a more realistic piece. We can recognize that as a weakness of this particular document but suggest that - and I know it discusses the NHII but it does not mention the NHII document. Maybe a sentence in there that maybe a sentence in there that would reference that document and saying a more accurate description or real-life description of how this would work can be seen by reviewing that particular document.
DR. BLAIR: A good link.
DR. LUMPKIN: I think that the issue that Lisa is getting to, which is a crucial one for the NHII, which is this or any other automated system will never be adopted unless people see it as a tool to do their work.
DR. IEZZONI: To care better for patients.
DR. LUMPKIN: Right, and the work -
DR. IEZZONI: I really need to feel comfortable that the patient language is in there. Doing their work is absolutely true, that is what they are doing, but they are also caring for people. I just want to have a little bit of that feeling in the document.
DR. LUMPKIN: I do not disagree with you. I just think that to the extent that we have a dichotomy between doing their work and caring for people we have created a problem already in the system. I lapse into my comments later today.
Yes, sir, if you would please identify yourself.
DR. RODDA: Roy Rodda, University of Maryland, Baltimore County. I had a question, which is not unrelated to this question about physicians and whether recommendations are adequately addressed getting into the workflow of the physician. I had a question about the claims attachment for the documents going from the provider to the payer.
I am concerned that the concern about fitting into the physician workflow is one that we have had for decades and still not made much progress in terms of the computerized patient record. It seems what is in the particular emphasis for the success of it relates to the concern between the provider and the payer relationship. I am curious to what extent the committee feels that the opportunity ultimately for a payer to wanting a claims attachment to see a medical record and to have that standardized would be more of a push ultimately to get these standards accepted than the argument actually about improving care in terms of the physicians and their work flow.
I am curious, with your insight, what - I do not see anywhere in this document a reference to claims attachments. I wonder if it is irrelevant perhaps or whether it would be useful to add it.
DR. BLAIR: Could I attempt to answer your question? I am Jeff, by the way. Who am I speaking to?
DR. RODDA: My name is Roy Rodda.
DR. BLAIR: Thank you, Roy. The administrative simplification provisions of HIPAA called for a number of initiatives. One of the initiatives is for standards to be developed for transmission of health claim attachments and a number of the individuals on this committee have been working on that and to prepare a notice of proposed rule making for health claim attachments.
This report focused - we tried to focus very directly on the HIPAA direction for this activity, which is uniform data standards for patient medical record information, and it does relate to health claim attachments. We do have a couple of references in the report to the fact that whatever comes out of the standards selection process as a result of this activity would be compatible and consistent with the standards that are selected for health claim attachments.
I do not think that is a direct answer to your report; it is just that we felt as if there was a separate initiative for health claim attachments, so we did not figure that was a major element within the scope of what we were doing. We referenced that activity.
I am not sure if that is deficient or adequate. Is there anybody else? Is Clem here?
DR. COHN: No, actually Clem is not here. I find myself having a little bit of trouble because I do not think we finished Lisa's comment yet.
DR. LUMPKIN: Yes, and I wanted -
DR. COHN: I wanted to address two issues. One, Lisa, regarding yours, and then I will try to address the other comment.
I am actually wondering with your comment about whether a sentence in the recommendations, in the executive summary, that says after this sort of high-level discussion of quality and cost benefits, maybe a sentence that says clinicians should only have to document their care once, period, might be a little more understandable. Is that sort of what you are thinking, or do you think that it even needs to be beyond that? Then I will make a comment on the other one.
DR. IEZZONI: I guess what I was immediately reacting to was your recommendation number five to support the demonstration of the benefits.
DR. COHN: Oh, okay.
DR. IEZZONI: Then you went on to talk about interoperability, data comparability, data quality, but you did not talk about enhancing patient care. That is what kind of started my frowning process that John picked up on. [Laughing.] I should not have so expressive a face, I am afraid. It gets me into a lot of trouble.
DR. LUMPKIN: But it is good trouble.
DR. COHN: So you would like to see the support of the benefits including to patient care?
DR. IEZZONI: Yes.
DR. COHN: Something like that?
DR. IEZZONI: And basically the ability of clinicians to care for patients.
DR. BLAIR: Is it that you would like to see it in recommendation five? Is that where you would want that to be?
DR. IEZZONI: That would be fine. I guess what I am concerned about is how you would define "benefits" there. I just want to make sure that one of the benefits that you do focus on is caring for patients.
DR. BLAIR: Excellent.
DR. COHN: Thank you. That was great. Margret, did you get that?
MS. AMATAYAKUL: So we will add: "Areas in which value may be demonstrated include the ability of clinicians to support patient care," and go on?
DR. BLAIR: I think it was in addition.
MS. AMATAYAKUL: Yes, in addition.
DR. BLAIR: Item number five was created in large part because people were concerned about whether there was some cost benefit.
DR. IEZZONI: Absolutely.
[Simultaneous comments.]
Dr. BLAIR: I just do not want to lose the cost part of it as well as the patient care.
DR. IEZZONI: It needs to be there. I would prefer that you say, instead of "support patient care," that you just say "care for patients."
DR. BLAIR: Yes.
DR. LUMPKIN: Yes.
DR. IEZZONI: That is just more straightforward. That is what we are trying to do here.
DR. BLAIR: Good.
DR. COHN: Margret, did you get that. Now, are we talking about that one or are we moving to another issue?
DR. LUMPKIN: Are we still on this issue?
PARTICIPANT: No.
DR. COHN: Then let's talk about the other one, the other issue. Bob, do you have an issue on top of that? Okay. The mixed issue is obviously about claims attachments. I am actually once again looking at the executive summary, the first - the introductory paragraph on recommendations where it says basically that the report will be consistent and compatible with the financial and administrative transactions standards including the claims attachment standards.
Then may want to talk about accelerating the adoption or accelerating the use of the claims attachment standard. Maybe that is a way to - because I think it is a legitimate issue. The whole point - one of the things that this will do is to help with the claims attachment, help expand its use, et cetera, or it should anyway.
Is that a reasonable solution to that, Margret?
MS. AMATAYAKUL: So, instead of saying "including the claims attachment standards," say, "and accelerating the use of the claims attachment standards"?
DR. COHN: Accelerating the implementation and use of the upcoming claims attachment standard.
PARTICIPANT: [Comments off microphone.]
DR. BLAIR: Come to the microphone, please.
DR. HUMPHREYS: I am standing in for -
DR. BLAIR: And identify yourself, please.
DR. HUMPHREYS: Betsy Humphreys. I am standing in for my friend and colleague, Clem MacDonald, who I believe would at this point have said, wait a minute, there are a lot of arguments in the field about for what purposes and how frequently people should demand and be required to submit claims attachments. I think that he would regard them as inflammatory words, the way that you phrased them.
DR. COHN: Maybe we will talk about accelerating the implementation of the claims attachment standard as opposed to the use.
DR. LUMPKIN: I think claims attachments are part of what we are doing, and I am just not sure that we need to change what we have here. We should note that we are laying the basis for a different world and a different environment. Once we get down this road, we are going to need to visit a lot that we do. If we are successful in developing standards for patient medical record information, the whole concept of a standard for claims attachment may be passé because much of the information that you want will be already in a standardized form, and then we can address the issue of how that may be used to support a claim.
PARTICIPANT: Absolutely, yes.
[Simultaneous comments.]
DR. COHN: That is the point of the claims attachment standard.
DR. LUMPKIN: Kathy.
DR. COLTIN: There is quite a bit in the report in different sections about data quality, but when you get to the recommendations, there was not any specific recommendation around data quality and what should be done.
DR. LUMPKIN: Is this a new issue? Have we finished up on claims attachment?
DR. COLTIN: It is a new issue. Okay, I am sorry.
DR. LUMPKIN: Because Bob had a new issue before, and then we will take your new issue after Bob's. Are we done with claims attachment? Did you have one more comment on claims attachment?
DR. RODDA: As you were saying - Roy Rodda again. As you were saying that once we have standards then other things like claims attachments will be sort of trailing along. My point, which was partly in response to Lisa's, we were talking about how you are going to get compliance with the standards. I was pointing out that I thought that was a pressure from that side of the payers, which might have substantial impact on compliance. That might be worth raising the points in the document.
DR. LUMPKIN: Anything else on claims attachment? Bob, your point.
DR. GELLMAN: I am going to make some general comments, and I am going to make some suggestions for changes to this report. My general comments could probably be addressed to any of the reports, this one or the two that are scheduled to be discussed this afternoon. All of the reports are fine products and well motivated and all of that. I do not mean to suggest otherwise, but they all reflect the constant drive of this committee toward having more data, and more data sharing, and more impositions on privacy.
I think the committee has learned slightly over the last couple of years to at least pay some attention to privacy and say, oh, yes, we have to worry about privacy, but the privacy issues are never integrated into the core document in any way. You never find an example in any of these documents where privacy concerns are recognized directly, where there are sacrifices made to recognize privacy.
It is always, we want to have 100 percent of every capacity that we can dream up, and oh, yes, we have to deal with privacy. Whatever there is about privacy is just simply put aside in the interest of having more data and more interconnections.
I think that the committee is significantly out of touch with the public opinion here and with political trends. I am going to cite a couple of things sort of in support of that. Let me just - before I do, let me just make a couple of other points.
There is no discussion in here of the need - and these are tough issues. All of these issues are tough, and I do not mean to suggest otherwise, of the enormous costs that all of these recommendations, all of these reports, would entail. The costs are just simply ignored. What is cited instead are a couple of anecdotes about some of the benefits, which are perfectly legitimate, but we are talking here about costs that are ten or hundreds of billions of dollars and whether all of this is worth the expense is simply ignored.
I am going to cite two things that happened recently. On June 13, the Senate approved an amendment to the Department of Defense appropriations bill that would bar the use of Department funds for the release, transfer or disclosure of any DoD employee's medical records. The amendment was offered by Barbara Boxer, and it does include an exception for consent, it includes an exception for law enforcement, and it includes an exception for national security; nothing else. All of the other uses of health records that we could all identify would be prohibited.
This has passed the Senate. You can imagine what that kind of a rule, if done broadly across the nation, what effect that would have on all of the activities that we are discussing. I would be surprised if this amendment becomes law.
The second example comes from Canada. This is from a report from the Globe and Mail in Ottawa from May 30th. I am just going to read a couple of paragraphs of the story. "Human Resources Minister Jane Stewart yielded to public anger yesterday and ordered the big brother database to be dismantled, backtracking from her initial staunch defense of the program. The minister told the news conference that her department had already eliminated computer links between its database and those of Canada customs and revenue agency and the provincial social assistance offices. The database contained as many as 2,000 pieces of information on almost every Canadian including income tax returns, child benefit statements, immigration and welfare files, and records on employment insurance."
What we have here, this is not a specific health database. What we have here is exactly the kind of database and record linkage that we are talking about in all of these reports, wouldn't it be wonderful if we had it. Well, what happened in Canada was they had it, people found out about, and because of public outcry, the thing was dismantled.
You can all sit here and dream up all of these fancy computer systems and data linkages and health statistics things, but I do not think the public is going to put up with a lot of this stuff in the health area. I do not know where or when these public concerns are going to be heard, but they will be at some point. I think that if they are not dealt with, if these privacy fears are not dealt with in a more forthright and more integrated way, this is what you are going to get.
I have suggestions for four changes. I will make these as motions if and when the time comes.
On page 35, I suggest that we add the following sentence as a separate paragraph in Section 4A, the introduction to recommendations, immediately before the last paragraph: Nothing in this report should be construed as supporting the promulgation or adoption of any standard providing for the assignment of a unique health identifier for patients until legislation is enacted specifically approving the standard.
I will stop if people want to talk, or I will read the other changes, which are in different parts of the report.
DR. COHN: Please read that again because I do not have a copy of your sentence.
DR. GELLMAN: Nothing in this report should be construed as supporting the promulgation or adoption of any standard providing for the assignment of a unique health identifier for patients until legislation is enacted specifically approving the standard.
DR. LUMPKIN: I have a question. Isn't there legislation that currently exists specifically approving that standard?
DR. GELLMAN: Approving what standard?
DR. LUMPKIN: HIPAA mandates the - I mean, it is being held in abeyance, but there is legislation that mandates the identification and publication of rules for a unique identifier for personal health information.
DR. GELLMAN: Yes, but there is no legislation that says a specific standard has been approved.
DR. FYFFE: It has not been approved yet. The standard has not been approved.
DR. LUMPKIN: I think that clarifies for me what your statement is saying.
DR. BLAIR: May I ask a question, Bob?
DR. GELLMAN: Yes.
DR. BLAIR: My understanding is that at this time, the executive branch is deferring the identification of a unique identifier until privacy legislation is in place. What you are saying, the last part of your sentence, I think I would have thought you would have said at the last part of your sentence, "until federal legislation to protect the privacy of healthcare information is in place." What am I missing here?
DR. GELLMAN: No, I did not say that for a variety of reasons. We can have legislation, and it can be rotten. You know, having legislation is not the be all and end all. We have HIPAA rules that are coming down the pipe. They are not legislation, but if they were, they are pretty mediocre, and they do absolutely nothing to deal with the issue of a unique patient identifier. It would not make me feel any happier about the idea nor, I suspect, would the public feel any happier about it if the regulations went into effect tomorrow.
DR. COHN: Bob, could I just ask a question also. I am actually - I do not have it in front of me, and I do a lot better when I see amendments that actually are written. Do you have additional copies of these?
DR. GELLMAN: I just have the one copy.
DR. COHN: I am actually just wondering if the first part of your sentence, which has to do about supporting a unique health identifier, is really the operative piece here as opposed to then. Maybe you can read it again for me? Let's see if that makes any sense or not.
DR. GELLMAN: Nothing in this report should be construed as supporting the promulgation or adoption of any standard providing for the assignment of a unique health identifier for patients until legislation is enacted specifically approving the standard.
DR. COHN: Is there a value added about that in told piece there?
DR. GELLMAN: I am not sure that I understand you.
DR. COHN: If there is a period that goes before -
DR. GELLMAN: No periods. One sentence.
DR. COHN: I am just wondering what the value added of that modification there is.
DR. GELLMAN: You mean the legislation reference?
DR. COHN: Yes.
DR. GELLMAN: Saying that you need Congressional support in order to have a health identifier.
DR. BLAIR: Just to interject for a minute. What Bob is proposing is similar to language we have had in HHS appropriations for two years in a row and probably will get it again in the 2001 budget. It basically indicates that - I think the spirit is quite similar that HHS would not issue a final standard or assign standards until Congress has approved them.
PARTICIPANT: Literally approved.
PARTICIPANT: We cannot hear you.
DR. BLAIR: Bob's language is very similar in spirit to language that HHS has had in its appropriation for the past two years and probably will have again for 2001. The objective, in essence, it states that HHS cannot use any funds, any of the appropriated funds, to in essence assign - promulgate or assign a unique identifier without Congress actually approving it. What Bob is saying in spirit is quite consistent with what the Congress has done for HHS -
DR. GELLMAN: It is virtually word for word.
DR. BLAIR: Yes, I checked.
[Simultaneous comments.]
DR. LUMPKIN: Richard.
DR. HARDING: This may be a question of a point of order. Is this a motion that is on the floor, and if so, should I second it?
DR. LUMPKIN: Actually, we do not have a main motion. We are just discussing this. We are going to try to work out language. My guess is that the way that it is scheduled on the agenda, which we will have a final vote on this tomorrow, so I think we will get clean language, at least of this particular amendment typed up, maybe not redo the whole document. If we can get language that Bob is suggesting be included, either worked out with the committee or as a separate motion, then we can, I think, proceed orderly through and pass it tomorrow. Jeff?
DR. BLAIR: That is fine. You had some other suggestions?
DR. GELLMAN: Yes. Are we done with this?
MS. AMATAYAKUL: May I ask one question? You referred to unique identifier for patients, and HIPAA uses the term "individual" which is actually broader. Which do you intend?
DR. GELLMAN: The language of the appropriation bill says, "..a unique identifier for individuals (except in an individual's capacity as an employer or healthcare provider)." I just thought that was rather detail unnecessary here. We are really talking about patient identifiers for the most part, so I just amended, if you will, the Senate language just to be clearer.
MS. AMATAYAKUL: Okay.
DR. GELLMAN: Second thing?
DR. LUMPKIN: Actually, and this is just a style issue. It seems to me that in this kind of document, the term "nothing in this should be construed" might read better as saying, "This report does not."
DR. GELLMAN: I do not care.
DR. LUMPKIN: Okay.
DR. GELLMAN: The second point: On page 26, the second sentence of the third paragraph. I propose to strike it. This is the sentence that reads, "To support the uniformity and efficiency of privacy protection across the United States, it is strongly desirable that this legislation establish a standard that would be uniform across all states."
Similarly, on page 27, I propose to strike the words "data confidentiality" in the last sentence in the next to last paragraph on the page. The sentence reads, "Diverse state statutes and regulations result in discrepancies concerning data confidentiality, authentication, retention, permanence and other data features that can increase costs and delay availability of electronic PMRI solutions."
The point here is to deal with this issue of uniformity or to not deal with the issue of uniformity. We have said other things about uniformity in other documents, and to include in this document something that says we want total federal uniformity on data confidentiality seems to me to be inappropriate and inconsistent with what we have said before and inconsistent with what is in HIPAA right now. I do not see any reason why we should address this.
DR. BLAIR: I think it might have been the sentiment of the work group that this was beneficial. However, the main positions taken by NCVHS with respect to privacy and confidentiality of healthcare information are taken in the subcommittee on privacy. My thought is that if we delete the data confidentiality piece from that sentence, it would not be a major thing unless other people feel strongly that that needs to be retained.
DR. LUMPKIN: Bob, let me just see if I can clarify the first one on page 26, "support the uniformity, efficiency." I believe our position is that we support a baseline of privacy protection, in other words a floor exemption preemption and not a ceiling preemption in privacy. I think that is what our position is. Is that correct?
DR. GELLMAN: I can read you what we said in 1997 on that. It is a complicated and an unclear conclusion. We did not say expressly one thing or another.
[Laughter.]
DR. LUMPKIN: Okay.
DR. GELLMAN: I suspect that what you just described is what you would find agreement on by most people except for those who want to have total uniformity, total federal uniformity. That seems to be - the float line here is between those who want to say stronger state laws are good and those who say we want to have one, single, uniform standard.
What I am suggesting here is to simply take out the language that says we want a uniform federal standard. I am not proposing language that says we are against it; I am just taking it out.
DR. LUMPKIN: Mark?
DR. BLAIR: Could you go back to the previous one? That is the second one that you suggested. Then you were suggesting something else be removed prior to that but I did not - I was not able to identify the context of where that was?
DR. GELLMAN: There were two. There was page 26, the third paragraph under Privacy, Confidentiality and Security. It starts, "In order to secure public support for the benefits of a national health information infrastructure including standards for PMRI, federal legislation is essential to protect the confidentiality of healthcare information." Then it goes on to say, and this is what Bob is recommending be removed, "To support the uniformity and efficiency of privacy protection across the United States, it is strongly desirable that this legislation establish a standard that would be uniform across all states." He is suggesting that we make the first statement without the second statement.
DR. COHN: Yes.
DR. LUMPKIN: Then on page 27, which is under the section on diverse state laws, the final sentence states - I will read the paragraph, and then I will read the final sentence that Bob is suggesting. "In summary, certain state laws and regulations and regulations are barriers to development and implementation of electronic exchange of PMRI because the laws and regulations of some states require maintenance or retention of patient records on paper or other media that are incompatible with full computerization of PMRI."
Then it goes on to state, which Bob is suggesting be removed, "Diverse state statutes and regulations result in discrepancies concerning data confidentiality, authentication, retention, permanence, and other data features that increase costs and delay availability of electronic PMRI solutions."
Just a question, Bob. Would you be comfortable if the term "data confidentiality" were removed because I think there may be issues about -
DR. GELLMAN: That is what I proposed. I did not propose striking the whole sentence.
DR. LUMPKIN: I am sorry, okay. So it would read, "…discrepancies concerning authentication, retention, permanence," excluding the term "data confidentiality." Mark.
DR. ROTHSTEIN: Yes, I made a comment on the page 26 amendment.
DR. BLAIR: Is Bob finished with his list of his suggestions?
DR. LUMPKIN: Why don't we discuss this one.
DR. ROTHSTEIN: This relates to Bob's second motion. I would be more comfortable if the first two sentences were rewritten in that paragraph, that is the third paragraph on page 26. I do not think that we want to say the purpose of federal legislation is to secure public support. I think I would be more comfortable if we said the following, beginning with the second sentence, "Federal legislation is essential to protect the confidentiality of healthcare information," then go back to the first sentence and modify it, "Public support for a national health information infrastructure, including standards for PMRI is unlikely in the absence of such legislation."
PARTICIPANT: That is fine.
PARTICIPANT: That is good.
DR. LUMPKIN: That is good. You did not, by chance, write that down, did you?
DR. ROTHSTEIN: Yes, I did.
DR. LUMPKIN: Okay, good. Anything else on these two issues?
DR. BLAIR: Bob, do you have some more?
DR. ROTHSTEIN: Two more.
DR. LUMPKIN: Let me just say, I think that it sounds, on that particular issue, we can craft something for tomorrow that would incorporate those things. I am sorry, Dan.
DR. FRIEDMAN: I just wanted to go back to that sentence that is in the process of being deleted and get some sort of a sense of whether or not there would be support for adding - keeping the sentence that starts, "To support the uniformity and efficiency of privacy protection across the United States, it is strongly desirable that this legislation establish a minimum standard."
DR. BLAIR: The only thing is I think that there is not a consensus on the committee at this point as to whether it should be a minimum or a maximum. The pieces are that if it is a minimum, then the different states wind up or some of them - especially if federal legislation is not as strong as Bob indicated that we would like it to be, then states may wind up having higher protection statutes to protect privacy, and you wind up having vendors once again having to have different standards for the vendor systems which costs more, and then you wind up having information between transferred between states which may not be compliant with different states for confidentiality. My inclination would be to accept Bob's recommendation that we avoid that debate at this stage and just simply remove it because we do not have consensus on whether it should be a minimum or a maximum.
[Simultaneous comments.]
DR. LUMPKIN: We should remember that Mark has also agreed to write a couple of sentences -
DR. ROTHSTEIN: Which I have already done.
DR. LUMPKIN: Which will be included in that section probably at the end, noting that this is not intended to be a full discourse on the issue of privacy, here are other documents that the committee has done, and refer them to that. That will be included in this section and in the executive summary. Bob.
DR. GELLMAN: If you will refer to page 36. I suggest that we amend the guiding principle. I guess actually that I have three additional changes. Amend the guiding principles in two ways: First, on item two, I propose that we strike everything after the word "health community" and insert in lieu thereof, "with anonymized data to the greatest extent practicable," so that it would read, "Meet the data needs of the health community with anonymized data to the greatest extent practicable."
PARTICIPANT: Get rid of all of the other words.
DR. GELLMAN: Get rid of all of the other words.
DR. BLAIR: Just tell me what words you are getting rid of?
DR. GELLMAN: I will read it. The existing thing says, "Meet the data needs of the health community, particularly providers, patients, health plans, clearinghouses and public health organizations." I really only deleted those just because I think to start talking about anonymized data in terms of patients and providers gets very messy.
It is not necessarily the main thrust of what I am getting at, so I just though it would be easier as a general principle to say anonymized data for the healthcare community to the greatest extent practicable, and it clearly is not in the case of a patient seeing his or her own record or somebody treating a patient or something like that. It is just a very broad and loose standard. The point is that we need to use more anonymized data, and it should be built into the standards.
DR. BLAIR: Is there anyone who would not feel comfortable with accepting that change?
DR. COHN: Actually I have some issues.
DR. LUMPKIN: Mark and then Simon.
DR. ROTHSTEIN: I am 100 percent behind the sentiment, but I wonder, Bob, if you would be comfortable with "in the least identifiable form" language instead of anonymized because that raises all sorts of issues for people.
DR. GELLMAN: Okay, let's work out some language.
DR. LUMPKIN: Okay, Simon.
DR. COHN: I was going to comment on, I think I am in favor of that as an additional guiding principle, but I am not sure that that is what the point of this particular number was in terms of the guiding principle. This is basically saying that it is supposed to meet the needs of patient care, delivering high quality care, et cetera. I think it is additional as opposed to a replacement. Are you comfortable with that?
DR. GELLMAN: Yes, that is okay.
DR. LUMPKIN: We now have a - we are going to fit in there somewhere closer to the top than the bottom an issue about least identifiable form, use of data and the least identifiable form.
DR. GELLMAN: Another change to the principles, are we done with this one? I am proposing a new item four, renumbering the succeeding items to basically say, "NCVHS will aim to promote PMRI standards that," and the new language is, "will include strong protections for the privacy of patients." I really did not see anything in the standards here that addressed privacy.
DR. LUMPKIN: Can that be combined with the issue of least identifiable form?
DR. GELLMAN: It could be, but it seems to me they are two separate issues with some relationship.
DR. BLAIR: One thing, Bob, because I certainly agree with that thought and that sentiment. These are guiding principles for the selection of standards. We wind up having a recommendation which says what you are saying, I think, or supports that. Do you feel as if that is a thought that belongs in the guiding principle for the selection of standards?
DR. GELLMAN: Yes! I think it is essential that this be - this is a point that I tried to make earlier that privacy comes in after all of the decisions are made and say, okay, now that we have made all of the decisions, we built the system, we have developed the standards, what are we going to do about privacy. If you do not incorporate it into the standards at the earliest opportunity then you end up with privacy always getting ignored.
DR. FYFFE: So it is an afterthought.
DR. GELLMAN: Right.
DR. LUMPKIN: Okay.
DR. GELLMAN: That is the point. It needs to be incorporated in the standards actually -
DR. BLAIR: In the selection process, okay.
DR. GELLMAN: That also lead into my last suggestion. On page 37, I am suggesting -
DR. LUMPKIN: Can we just see if there are any other comments related to your last suggestion?
DR. COHN: it is fine.
DR. LUMPKIN: You have that in writing?
DR. GELLMAN: I have all of this in writing.
DR. LUMPKIN: He has it all in writing.
DR. GELLMAN: On page 37, these are in the recommendations. The third recommendation says, "Provide immediate funding to accelerate the development and promote early adoption of PMRI standards. This should take the form of support for…" and then there are a whole series of recommendations. I call your attention to B1. B1 says, "Broader participation of expert representation in standards development through," and then B1 says, "Outreach projects to those groups who may be underrepresented in the standards development process." I propose that it will read, "Outreach projects to those groups including advocacy organizations that represent patient and Internet privacy interests who may be underrepresented in the standards development process."
DR. FYFFE: Can you repeat that?
DR. GELLMAN: Sure. It will read, " Outreach projects to those groups including advocacy organizations that represent patient and Internet privacy interests who may be underrepresented in the standards development process." One of my concerns is that all of this standards work goes on. This is not a criticism of anybody except, to a certain extent, the patient and privacy groups who simply do not have the resources to participate in these things.
All of the standards stuff goes on. Participants are self-funded. The privacy groups do not have the money to participate. To a certain extent, there are few that have even the expertise to get involved. One of the things that I have learned from being on this committee, you have to be involved in this for a while before all of this becomes clear, and even then, it is not entirely clear.
I think that - and I have said this to some of the people in the privacy community that they need to be more involved in the standards process. If we are recommending that we should have more representation and more funding, let's specifically say that we want the privacy people to participate as well.
DR. LUMPKIN: Comments? I guess I have one. I have a little bit of discomfort with that, and not because of what you enumerate but because once you start enumerating, there are some groups that I feel are underrepresented in the process such as minorities, such as the poor, such as people who are employees as opposed to payers. I am uncomfortable with only enumerating that group without expanding it. I see we are issue, and I think if we are going to do that, we need to make a conscious decision and perhaps expand that section so that we have a clear idea of those who would be underrepresented.
DR. COHN: Yes. I would not have any objection to that. I recognize the problem of doing this, but I think it is important to be said. If you think it is important to identify other groups that should participate, I do not have a problem with that.
DR. COHN: I was actually going to suggest that maybe instead of that being at the level of a recommendation, maybe that needs to be in the body of the text around the business case for standards development, page 27 and 28, where we add a sentence that says, "for example," and list a couple of these. Only because I tend to agree. We want to make a broad assertion that there needs to be these projects, but I do not think that it is at the level of a recommendation that we add every -
DR. LUMPKIN: There would be something in that section to discuss those groups, which tend to be disenfranchised from the standards process.
DR. BLAIR: Excellent.
DR. GELLMAN: All right. I can live with that.
DR. LUMPKIN: We will try to work out some language for tomorrow.
DR. COHN: Right.
DR. LUMPKIN: Is that it?
DR. GELLMAN: That is it!
DR. LUMPKIN: Kathy.
DR. COLTIN: I was going to just speak to the point around data quality. There are very excellent references to some of the problems and the need to address data quality throughout the report. I did not see anything specific, really, in the recommendations other than the reference in number five that the demonstrations would have benefit for data quality.
What I was suggesting was that perhaps under 6A, where you have "promote data capture systems that can make it faster and more economical," that you add, "faster, more economical, and more accurate." Just on the point that was made by the gentleman in the audience around the editing functions of systems. One of the things that I have observed is that even when these editing functions are built into systems, they are often built in in a way that allowed the user to disable them. Disabling them can actually improve throughput and efficiency. I think we need to balance the need for faster and economical with more accurate. That is part of my rationale for putting it there.
DR. BLAIR: Good.
DR. LUMPKIN: Okay, I think we have one more hand in the air? Kathleen.
DR. FYFFE: Page 33, there is a mysterious arrow missing.
DR. BLAIR: The mysterious arrow?
DR. FYFFE: Yes.
[Simultaneous comments and laughter.]
DR. FYFFE: This figure three, there are actually four arrows. It does not photocopy at all. It is completely blank.
DR. BLAIR: Oh!
DR. FYFFE: Let's get rid of the fancy colors and just do black and white on that. What does that mysterious arrow say?
MS. AMATAYAKUL: Warehousing.
DR. BLAIR: Warehousing.
[Simultaneous comments.]
PARTICIPANT: That changes everything now.
[Laughter.]
DR. FYFFE: Thank you.
PARTICIPANT: We were trying to get that by you.
DR. LUMPKIN: Okay. Thank you. I think that we can take the document. I think we have pretty much worked through the issues. I do not know that there are any disagreements that we have remaining. If the work group, I think they are meeting tomorrow morning, will take a look at that, and if they bring back all of the comments that we have had, the individuals who have things written at that end, and if there is any issue that we think that we have not worked through this morning left, please bring that back also. Hopefully, we can take our vote tomorrow afternoon.
We are on schedule. We have a break. Our presenter for the 11:00 presentation is here. He can take a break, too. We will get back at 11:00.
[Brief recess.]
DR. LUMPKIN: A housekeeping announcement. The bus actually has a limited number of seats. At 12:15, it will be available for members of the committee and staff. Now, the question is, since the bus has been rented for a certain period of time, it can come back and pick people up who are not members of the committee or staff at 12:40. I would just like to see a show of hands of those who would like the bus to come back for them.
Where is the bus going to be, on Third?
DR. JACKSON: Independence.
DR. LUMPKIN: It is going to be on Independence.
DR. JACKSON: In the front of the building.
DR. LUMPKIN: In front of the building. I do not think the turnaround is there anymore.
PARTICIPANTS: [Comments off microphone.]
DR. LUMPKIN: The National Research Council has issued a report on, "Networking Health: Prescription for the Internet." We are going to have a presentation on this from Ted Shortliffe, who is - I guess the best way to describe him is certainly he has been involved in many areas of informatics. I just found out that he is actually an informatics physician as opposed to someone like me who is sort of a physician informatics person, because he got his PhD in informatics before he got his MD.
DR. SHORTLIFFE: Nominally.
DR. LUMPKIN: Nominally, but hey.
PARTICIPANT: He is a regular doctor.
DR. LUMPKIN: He is a regular doctor, too, you know. It is okay.
[Laughter.]
Ted has been kind enough to come here. As you know, he is in the middle of a major move. As I understand it, they picked up your furniture yesterday, they are dropping it off tomorrow. Maybe.
We really appreciate you being here today and not only this morning but also this afternoon to help us celebrate our 50th anniversary. We really appreciate you coming. There are - the book that he is going to be presenting is available to committee members. It is actually working its way up. It may be on one of those slow elevators. Every member will get a copy of the book.
[Discussion concerning microphones.]
DR. LUMPKIN: We are going live over the Internet.
DR. SHORTLIFFE: Oh, we are. Without slides.
DR. LUMPKIN: Without slides. I think they will be posted later or something if we have copies of them.
We do keep them on file, so if you miss a meeting or so on and you want to hear a particular discussion, you can go to the website and listen to it. Now, that is assuming that you can get it through your firewall. I personally cannot get this through our firewall at our state health department.
DR. SHORTLIFFE: Which is a good lead-in because it deals with issues of research regarding security and how to make this all invisible to users so that it is a little less challenging for people to make optimal use of the internet.
I am really pleased that I had a chance to come and talk to this group about our report. It is a report that - that is the first time that I saw the book. The book is literally just out. There was an online version on the web that you could have seen prior to now and paper versions around but not the book. Now, it really looks official at this point.
The book's title is, Networking Health: Prescriptions for the Internet, which is basically an attempt to capture both the medical and the Internet and the future notions that were part of this study. It was done by the National Research Council and in particular by the Computer Science and Telecommunications Board of the NRC, which earlier did the "For the Record" report on privacy and confidentiality which I suspect many of you are familiar with as well because it has been a big issue for this committee as well.
The National Library of Medicine asked them to do the second study. This was our charge. Technical requirements and implementation strategies was what we were asked to address. I am sorry that I am in the way for some of you here.
First, there were really four parts to it. One was to try to help define the technical capabilities of the internet that were necessary to try to achieve the vision for how healthcare could make use of the internet in the long term. Second, to try to envision some of the applications, maybe some of which are not possible today but which are in the near term likely to be possible as the Internet evolves, especially if the right kind of research gets done and the right kind of technical capabilities are development.
Third was to discuss strategies for actually implementing some of these changes and the role that the healthcare community and the health research community could play in making these things happen. Finally, to what extent does the health sector have requirements in terms of the technical capabilities of the Internet that are unique to healthcare. Can we define ways in which healthcare really will push the envelope farther or in more complex ways than other segments of society have or will in the future.
There are five terms that we have used throughout the report that maybe require a little bit of definition: band width, latency, availability, security and ubiquity. These seem to be the parameters that need to be considered in understanding the Internet and the way in which it can impact on healthcare.
Bandwidth is a pretty common notion. Somehow or another, we all know that if we have high bandwidth, those pictures in a web page come up fast. If we have low bandwidth, they come up slow.
So, latency. What does latency have to do with bandwidth. I think a good way to think of it is when you start your RealPlayer in order to hear some stream in video or audio, that once it starts streaming, it may come through very quickly, but it is that pause, it is that period of time it takes between when you want to start it and when you actually get the first sound that is the latency built into the network, the time that it takes to get a stream actually coming to you.
There are some medical applications or healthcare applications in which that delay can be extremely important even if you have pretty good band width once it is actually streaming at you.
Availability. The up time. This is sort of the technical notion of availability. Is it up all of the time, how reliable is it, including all of the links in the services that are provided by the Internet.
The security issues. Again, sort of composed of availability but also confidentiality issues and all kinds of integrity considerations, the ability to keep data from being maliciously attacked or altered.
Ubiquity is only partly technical. It has to do with the digital divide, the issues of the extent to which the internet is made available broadly to individuals and whether or not the underserved can have the same kind of access to the healthcare applications of the internet as the most wealthy or economically advantaged in our society.
Because you have thought a lot about applications of the Internet, I do not want to go into this in great detail, but you might find this little chart useful. It is in the book. It is an attempt for us to take, for a variety of different kinds of applications, clinical care, consumer health, health care financing, public health, health education and biomedical research and along these five areas, to talk about just how important that area is in each of these categories.
You will see that basically there are pluses all over the place although there is an emphasis in some areas more than others regarding, for example, security, which is extremely important in clinical care and consumer health and maybe a little less important in biomedical research although there are folks working with genomic databases that might argue that point, I would imagine.
I am not going to talk a lot about applications. It seems to me from having read the work group report that will be presented this afternoon that you have thought a great deal already on this committee about the potential of the internet to have an impact in health care. I would like to focus instead on two principle areas that were covered in the report. One is the technical issues that are sort of what the NGI or the next generation Internet research agenda is all about. The second are some of the policy issues that naturally fall out as you look at this third of our four tasks, which was what are the strategies for actually implementing some of the changes that one can envision.
It turns out that the Internet today really does fail to meet the needs of many health care applications. This is clear. The quality of the service is just not adequate for many of the kinds of applications today before we really want to be dependent upon it. Security concerns continue to be a big issue for us. The reliability and availability is clearly a problem.
The ubiquity of high-speed access. I would say that we are getting to the point where ubiquity of access is pretty good but for lots of people, it is not high speed, and it is not even an option to get high-speed access. In rural areas, inner city areas, areas that are too far away from their local either cable company or central telephone office and therefore cannot get the cell service or good ISDM service or so forth. They are just not options.
In healthcare, we see private networks being used largely to avoid some of these kinds of problems, to give you more of a sense of security, more of a sense that you have the technology under your own control. There is a question, will the current research agenda for the internet address the kind of issues that right now are limiting the internet's utility in health care.
Now, maybe we should just use private networks. Why all of this emphasis on the Internet? After all, there already is a lot of investing going on in private networks. So here are some of the issues. First, they are expensive. It is a lot more expensive to put your own private network in, even within a large, integrated delivery network than it would be if you could really, comfortably use the internet for the communication among all of the hospitals in the network and the nursing homes and the private offices that might be part of the group.
It is a large investment, and you have to have people to manage it. It has still fragility like any network does.
Now, virtual private networks that share networking communications with other organizations give the advantages of private networks, but you can sort of farm out a lot of this. You can even run virtual private networks over the Internet.
There are some problems with virtual private networks, too. Perhaps the biggest one, and this really affects us in healthcare, is that private networks are inherently preordained where they connect. We live in a world in which healthcare is dynamically changing, the interrelationships, the patients who want to suddenly get on and access their physician or the data that wants to get shared between two hospitals even as a patient moves around the country and so forth. Part of the networks just do not support that kind of dynamic reconfiguration of network connectivity the way that the Internet does; it was built to do that. You give up a lot of that if you use private networks.
There are some applications, especially say within integrated delivery networks, where they want to control data within their own organization or within Kaiser or some large health plan like that, where at least judicious use of EPNs or private networks makes sense.
So, does healthcare place unique requirements on the Internet. After 18 months and many site visits and discussions, we frankly decided that we would be going way out on a limb to say there was anything that health care required that nobody else required. It is just obvious that we really care about a lot of the same things that other parts of society do, but we do not have a unique requirement.
The quality of service issue. If we had really high quality of service on the Internet, and so the medium quality videoconferencing really worked well over the Internet and you did not need to buy it from the phone company and so forth, there is nothing unique about that. We would use it like crazy in healthcare, but so will other segments of society as soon as that is available. Lots of other industries would like it.
Now, we can think of some really high-end applications like if you wanted to really move an entire mammogram study in two seconds, that would require a bandwidth that probably does surpass what anybody needs to do on the Internet today right now. It was really hard for us to argue that you needed to move a mammogram in two seconds. We really could not come up with a viable set of arguments that there were these kinds of high-end applications where everybody could say, absolutely, if I had that, I would make use of that, and health care is unique, and nobody else needs that.
I do not think that we can make our arguments about the uniqueness of healthcare and the Internet. This does not mean, however, that healthcare communities should sit back and let the rest of the world design the internet for the future because we have tremendous vested interest in the directions that it takes, what gets emphasized, the speed at which things occur.
The quality of service requirements for the Internet and healthcare are highly variable. We see rural health offices that could actually range anywhere from zero go five megabytes per second in their need, but at any given time, it would vary over that, but you cannot predict it. You would like to be able to request high quality service sort of on a momentary basis. For the next two minutes, I need really good service from the Internet.
Now, that is a research issue that the research community and the Internet has been looking at. How should we be able to allow you to get guaranteed bandwidth at least for a short period of time? What are the technology implications and the policy implications for how to do that.
In general, we do not need really tight latency. Latency, remember, I defined a minute ago. But if you are trying to control instruments at the other end of a link, and you are getting visual feedback, and there is any kind of delay, you are overshooting and so forth. Anybody who has talked on the old federal telephone system when there was a one second latency typically, and you were always interrupting each other and so forth. Just take that and apply it to the Internet with anything that is controlling stuff at the other end, and you find yourself in real difficulty. There are applications, certainly internet-based surgery or surgery simulation or any kind of instrument manipulation where latency would matter.
Significant issues of scalability: We are talking about trying to get the whole health system. Things that work on relatively small prototype experiments may not generalize very well to the entire population. This is an issue for the Internet in general. Everyone is worried about what happens when every light switch, toaster and refrigerator has its own IP address, which is actually pat of the future that people envision. It is a scaling problem that the Internet community is not yet ready to face.
Policies on quality of service: Who gets to demand really high service from the Internet at any given moment, for example? We have heard analogies to 911 kinds of service or ambulance packets on the Internet, ones that absolutely have to get through first, everyone else moves to the side and lets through those packets. How you implement that, how you validate a request for that kind of service on the internet are really research questions that have both technical and policy implications.
It is not clear that the current efforts are really on track to meet the needs of the health community in these areas because the current efforts are not being carried out by the health community, not at the basic research level in general. It is being done out of NSF-funded research projects, or Department of Energy research projects, or Department of Defense research projects, to a certain extent the Department of Commerce, NASA, and not very much out of HHS or NIH.
Now, are our requirements in security different from, say, the world of e-commerce? Well, I guess we all feel in our guts that somehow or another it is a lot worse to let out confidential health care information than it is to let out credit card numbers, for example. People have become pretty comfortable with putting credit card numbers online but would still be pretty reluctant to put their HIV test results or what have you online. So, there is a sense that it is especially important in our community. The question is, are the developing standards adequate for the e-commerce world to simply apply or transfer over to health care. In a minute, I will try to argue that they are not.
We need to create security associations on the fly. When you go into an emergency room, that physician needs access to your information. You do not have that all set up in advance. You do not have the right handshaking requirements for how the two ends of the communication are likely to identify one another and be sure that they are properly authenticated. So the existing models tend to be flawed.
E-commerce uses service certificates and user passwords. Right, you have a password when you log on to Amazon-dot-com. You put in your Mastercard number or your Visa number because you see that little lock closed in the lower left-hand corner of the browser. You are reassured that somehow or another there is a secure connection. There is a certificate that identifies that you are really talking to amazon.com and not somebody else. They have a certificate that your browser knows how to interpret properly.
You do not have a certificate. We do not have private, personal certificates. There is no infrastructure yet built for that kind of use, so our patients cannot really identify themselves in ways that are adequately secure unless you believe passwords are secure enough, and many of us are very worried about that as the sole means of identifying or authenticating people, be it providers or patients, on the internet.
We have a weak authentication system in place right now, and there has been much discussion about the need for some kind of public key infrastructure that would allow individuals to have the same kind of identifying technology behind them that would allow that kind of authentication. We saw recent legislation about digital signatures. I see you are going to hear about that tomorrow.
There is a wide ranging understanding of the importance of this kind of electronic authentication becoming more generalized, more appropriate for individuals, so that you can sign contracts on the internet or do other kinds of commerce. Clearly, that is the kind of capability that is necessary for health care applications as well.
There are experiments, as you know, with public key infrastructures, some of which are being done in the private sector. It is still all very experimental and not yet well emplaced.
We have issues of role-based access to medical records, right, different people getting different kinds of access to different parts of the record. Not an issue that it is easy to come up with examples of in many other areas of society. A lot of issues of intellectual property and digital rights management that come up in a health care setting, not unique to health care but clearly very important in health care.
The issue of access and ubiquitous access: If we believe, and I think that we do as a society, that income should not be the determinant of the quality of care you receive, and if we believe as any of us do that the internet is going to become an intrinsic part of high quality healthcare delivery in the future, then we need to be sure that everybody gets access.
Somehow or another, I think you will quickly agree that the typical knee-jerk solution to this, which is kiosks and public terminals in libraries and that kind of thing, that is not the way to provide high quality health care to individuals who are worried about the confidentiality of the information that they are accessing, who want to be able to check on pediatric guidelines in the middle of the night when the child has the fever and so forth. They are not going to run down to the local library to do that. So, it is how we provide ubiquitous access into the homes of individuals regardless of income, lifeline service, all of that kind of stuff. That becomes a key social issue for our community.
Internet access is getting close to ubiquitous but not at high speeds. Many of the applications that we envision will be at higher speeds, and so we have an issue of how the private sector is going to provide the kind of affordable access to the Internet at very high bandwidth that people are increasingly demanding.
Reliability and availability. I have yet to hear anyone volunteer to be the first person to have telesurgery over the Internet. We are seeing interesting experiments that begin to make you believe it just may happen some day. I mean, we are very early in this evolving technology. The Internet of 100 years from now, the notion that your surgeon is not within a few hundred miles of you may not seem as far-fetched as it does today.
We have to have that kind of future, exciting vision, I guess, guiding us a bit. You may find that unexciting, not wanting to be that far away from your surgeon, but if the surgeon who is hundreds and hundreds of miles away from you is clearly the best, you might think twice about that. You might say it is worth it.
Many health care applications are intolerant of any kind of interruption, so reliability is important. From a technical perspective, maybe this means something more than you just cannot have your routers crashing all of the time. We need research on how to do dynamic rerouting, how to do appropriate prioritization of traffic, identifying what a really important packet is that has to get through quickly, so new kinds of robust quality of service mechanisms.
Most of the issues that I have just raised in considering the needs of health care are also known to the networking research community. If they sat here, they would say, "Well, of course. Yes. Right. We think about that." They may not have thought about it in the medical context, and therein lays the key problem, I think. The issue is one of priorities and how to fine tune and making sure that health care perspective on some of these issues is reflected in the research agenda.
Design decisions in general in computer science and in technology/communications, are made with some kind of application in mind. People do not build systems in a vacuum based upon some sort of generic notion of what the world needs. Instead, they have something in mind. They may be working on some very low-level application or some very new technology at the lowest levels, but they have some idea that is motivating them for where that is going to lead.
Many of us would argue that some of the people doing that kind of low-level work have to have the medical applications motivating them. They have to be driven by the recognition that there are healthcare implications. They will make different design decisions if they are driven by the healthcare perspective.
This leads to some of the policy issues. There are many, and you have addressed a lot of them already. It was a sort of Coles to Newcastle(?), I think, a lot because NCVHS has been one of the key government-related organizations looking at some of these policy concerns. We, in fact, have the benefit of Don Detmer's testimony before our committee at one point during our deliberations and talked a lot about NCVHS and how it might fit into some of the recommendations that we have made. You will find the committee mentioned in several places in the report.
It is clear that there are social, cultural and political factors that affect health-related use of the Internet, and the policy issues reflect our core values of individual rights, public use and access, issues that you are very familiar with. The resolution of all of these technical issues that I have been talking about will be for naught if we do not get these policy issues right as well.
We are talking about cultural change, to a large extent. I hate to say it but the health community is simply not like the other communities that make use of the Internet. We see that in the extent to which the internet has actually been used to date, and some of the resistance, and some of the ways in which people have tended to perceive internet and internet uses in the context of all of the other competing factors in a very complicated health care financing situation and competitive environment that characterizes modern health care.
We tried to summarize the public policy issues along these five or six areas: protection of information; access to the information infrastructure, that is the ubiquity issue; intellectual property protection; the regulation of electronic health services; support for research from the federal healthcare area; and then building the workforce needed to actually carry this out, in other words, folks who can do networking research and also understand something about healthcare. There are not very many such people.
Without deliberate and sustained action, the fundamental conflicts represented in these policy areas will keep the Internet from fulfilling its promise to health care. That is a quotation from the report and I think a very important one. It just shows why we felt that that third part of our task talking about implementation strategies forced us to address issues of policy.
I know that time is of the essence and perhaps - I mean, I could go through the recommendations, but in a way, I think I laid the groundwork for you to look at the recommendations that are in the executive summary or in chapter six in the book. Maybe the best thing for us to do is, to the extent that there is any time at all, discuss it now. There will be more of this kind of discussion, I am sure, in the discussion of the workgroup on the national health information infrastructure. I do not want to run any longer, so let me stop. If there are questions or comments, I would be happy to address them now.
DR. LUMPKIN: I have a number of questions and comments, but seeing as how you are the reactor to my presentation later today, I am going to hold off.
[Laughter.]
Just to set the right tone. Questions or comments? Behind you?
DR. RODDA: Roy Rodda. Did you make a remark earlier that you were going to explain later how you thought security and health care was not necessarily a unique problem? I thought you said that, and then I was listening for it, and I did not notice it.
DR. SHORTLIFFE: I was talking about how we cannot simply adopt e-commerce mechanisms for authentication, that those are inadequate for the needs of healthcare authentication. So that if we just wait for e-commerce or the e-commerce community to produce the kind of authentication that we require -
DR. RODDA: But you are arguing that the healthcare needs would be unique in security?
DR. SHORTLIFFE: I think that the kind of authentication that we are talking about would end up being used broadly if it existed, but it is not the same priority that it is for others. That was often what you ran into, the matter of prioritization, that there were things that healthcare really needed, and it was not clear that they were going to get worked on as quickly if it was left to the rest of the world to decide that that was an important issue.
If the healthcare community generated solutions, they would quickly be adopted by others because they do have broad applicability. This, of course, is a key point. The technologies that we need to develop are not unique to healthcare. They will serve the needs of healthcare, they are biomedically motivated, but they have general applicability, and we in fact can give something back to the rest of society in the area of technology in the way that we have been, frankly, living on their contributions when it comes to technology for years because the internet itself basically is a development of the Department of Defense, as you know. As you look through all of the technologies that we use in healthcare, database technology and all of this stuff, we have not funded its creation in general, not the basic technology. A lot of the applications work has been funded out of the federal healthcare community but not the basic technology. There is no reason defense should be more involved in funding basic technology and IT than NIH.
DR. LUMPKIN: Jeff.
DR. BLAIR: In the research that you did for the book, did you come up with some interesting observations or insights with respect to other emerging technologies such as wireless communications or the extension of communication instruments as implants within humans?
DR. SHORTLIFFE: We did talk about those. Of course, wireless has a particular appeal, I think, in healthcare because the mobile nature of healthcare workers. Both within a building and for folks like visiting nurses or homecare, the advantages of handheld and wireless connectivity is clear. Again, this is work that is going on already in other segments of society. We have meter readers now using wireless technology and the like, FedEx and so forth. The question is, can we just take those technologies and use them in healthcare or are there unique requirements so that there should be a research program that is motivated by these medical applications. The same goes for sensors, but I actually think that the sensing technology is perhaps - it is emerging out of a more established segment of the biomedical research community namely by biomedical engineering, a lot of that.
DR. LUMPKIN: I might point out, being an emergency physician, analog wireless communication has been used in that field since the early 1970s, sending patient information across telemetry by paramedics to hospital emergency departments. Really, it is not a new thing, it is a transformation and an enrichment of a currently existing and used technology.
DR. GELLMAN: Could I ask you to talk about your last recommendation, the one that is addressed to HHS? The recommendation says that HHS should more aggressively address the broad side of policy issues. I just wonder, do you think that is really realistic given the track record of HHS over the years?
[Laughter.]
DR. SHORTLIFFE: It is very hard not to find yourself, as you think through these issues, coming back to HHS. I have tried to spend some time understanding the differences between HHS and other large federal agencies that have research as well as service components, like DoD for example.
You will note that that does not say exactly what HHS should do. If I were to tell you what I think HHS should do, it would be my opinion and not the report's opinion.
PARTICIPANT: Go ahead.
DR. SHORTLIFFE: It seems to me that there is - that this is a very impressive group of brainpower that sits in this committee. I would like to know who you feel you advise, who gets up in the morning and goes to bed at night thinking about - who works full-time for HHS, who has a sense of the responsibility for doing broad planning and conceptualization and big picture overview of HHS and information technology.
[Laughter.]
PARTICIPANT: Is that Marjorie?
[Laughter.]
DR. SHORTLIFFE: There are such people in the other agencies. I do not think that we have a national healthcare policy vision as it relates to IT, and some other countries do. You refer to, for example, the National Health Service and its efforts to try to develop a kind of national vision in the U.K. Because of the decentralized nature of HHS, it seems to me that most of the decision-making gets done agency by agency.
This is just one of those areas in which you do not want to wrest local control any more than you want to have the hospital totally control the information technology in the clinical laboratory. There are decisions that have to be made in the clinical lab because they really know the clinical lab and clinical lab data. You sure want to make sure that the clinical lab is well tied in and sort of headed in the same direction as the other components of the large organization.
It has to do with strategic planning and recognition of the role of information technology in the big picture. As an outsider, and I may be totally out of touch with this, my impression is that we are not in great shape in that area in HHS. We have something to learn from the other agencies, some of the other major agencies, of which DoD and DoE and NASA are perhaps the best examples. I did not include the Department of Education in that; they have the same problem.
DR. LUMPKIN: I think we have run out of time, but I would particularly ask the members of the privacy committee and the security and standards committee to take a look at this document and to the extent that there is time available to work into your work plan some of the suggestions, I think that they really bear some addressing including the final comment. Certainly to the extent that it was not explicitly stated in your document, we can particularly potentially explicitly state that in some recommendations that we work through as an advisory committee to the Secretary.
Thank you very much for being here this morning. We will see you this afternoon and wish you luck in your move.
DR. SHORTLIFFE: Thank you.
DR. LUMPKIN: We know that is always a traumatic event in one's life. I would like to make an observation. Of course, if you had decided to move to Chicago, you would be halfway there already.
[Laughter.]
DR. LUMPKIN: The buses will be out front at 12:15. We will convene tomorrow at 9:00 thereabouts. The subcommittee will be meeting at 8:00.
[Whereupon, at 11:35 a.m., a recess was taken until 9:00 a.m. the following day, Wednesday, June 21, 2000.]