Atlanta, Georgia
The National Health Information Infrastructure Workgroup of the National Committee on Vital and Health Statistics (NCVHS) held hearings on April 22, 2003, at the Sheraton Buckhead Hotel in Atlanta, Georgia. The meeting was open to the public. Present:
The National Health Information Infrastructure (NHII) Workgroup held hearings April 22, 2003 on the NHII population health dimension. The groups received 14 presentations and talked with 3 panels about the Public Health Information Network (PHIN) and public health privacy issues, improving reporting from primary sources to registries, and public health surveillance and NHII.
Panel 1: Overview of Public Health Information Network and Public Health Privacy Issues - PHIN Policy and Implementation
Dr. Loonsk said the vision for PHIN was to transform public health by coordinating functions and organizations; enabling close to real-time data flow; supporting computer-assisted analysis and decision support; facilitating professional collaboration; and using information technology (IT) to rapidly disseminate information to public health, the clinical care community, and the public. The vision was broad and crossed multiple functions including detection and early monitoring for bioterrorism, syndromic surveillance and initial indicators of possible outbreaks. PHIN included information resources and knowledge management; ability to focus information and present it in ways that supported decision-making, alerting and communication; and large and still developing information system response needs. Dr. Loonsk stressed the need to reduce the reporting burden and outlined broad thrusts for achieving PHIN.
Ms. Davies reported on the Washington State Department of Health’s interest in electronic laboratory reporting and integrated data repositories and the Washington Electronic Disease Surveillance Systems (WEDSS), comprised of multiple projects, each addressing a component of the notifiable condition surveillance system and using appropriate national standards to assure interoperability together and with external systems. Ms. Davies said PHIN provided states with a road map for designing information systems and utilizing nationally accepted standards. It would help them develop systems more efficiently and effectively. Ms. Davies noted concerns and suggestions about PHIN and encouraged the Centers for Disease Control and Prevention (CDC) to be involved in identifying standards and ensuring that the states had the opportunity to participate.
Ms. Murphy considered the relationship between public health priorities and privacy. She said the HIPAA privacy rule was intended to foster and perpetuate public health reporting. She considered it fairly flexible and potentially misunderstood as covered entities struggled with massive change and all they had to put into place to comply with HIPAA. Ms. Murphy cautioned there was tremendous potential for the flexibility inherent in the privacy rule with respect to public health reporting to be lost in the shuffle. Ms. Murphy noted aspects of the privacy rule that allowed for flexibility, identified categories of state law that might benefit from HIPAA accommodations, and offered key issues to consider to foster and enhance the public health systems access to individual health information and utilization of that information in an era in which privacy considerations were given high priority.
Panel 2: Improving Reporting from Primary Sources to Registries - Immunization Registries
Gail Williams, MPH, CHES
Ms. Williams said meeting the challenge of vaccinating the 11,000 children born on average each day required the development and implementation of community- and state-based immunization registries. The National Immunization Program (NIP) encouraged development of these immunization registries meeting local needs, a flexible approach that resulted in registries differing in functionality and operating in different electronic environments. Some 31 percent of U.S. children were currently in an immunization registry. Ms. Williams noted areas that challenged the immunization registry progress, presented recommendations and urged the Work Group to acknowledge and support the critical role registries play as a backbone of PHIN.
Mr. Hopfensperger noted families moved, had multiple providers, and didn’t always have immunization records. Without a registry, providers often either had to delay immunization or start over. Registries built functionality about forecasting into systems and enabled reminder recall, inventory control, and immunization level assessments. Mr. Hopfensperger said the immunization registry was available to other states and public health programs at no cost.
Ms. O’Connor reported on the California Cancer Registry (CCR) as part of CDC’s national program of cancer registries and the National Cancer Institute’s Surveillance Epidemiology and End Results Program (SEER), noting its early beginning, current status, and goals. She discussed CCR’s electronic reporting systems, statewide cancer database, and the path CCR took to facilitate cancer reporting in California. Ms. O’Connor identified the system’s key issues: rapid case finding, data extraction, data integrity and management, enterprise management, partnership development and maintenance, and data utilization. She noted the cancer data system in California was workable but complex, decreased efficiencies, and made reporting data difficult. Ms. O’Connor said CCR aimed to improve on that system by ensuring Web-based direct reporting and a single statewide data management system.
Mr. Edmonds noted that about three percent of the children in America had a major birth defect. The National Center on Birth Defects and Developmental Disabilities’ (NCBDDD) focused on learning about risk factors and developing preventative activities. Cooperative agreements CDC funded with 33 states focused on research and collecting surveillance data for public health programs. Mr. Edmonds explained that the data from birth defects programs was both linked to and integrated with data from other programs, databases, and registries. Mr. Edmonds identified a number of challenges, but he emphasized that prenatal surveillance identified a large percentage of defects and the role of the National Birth Defects Prevention Network (NBDPN).
While emergency and trauma registries have to be used locally, Dr. Mears emphasized that they also have to be of value and perform sufficiently at state and national levels. Focusing on EMS, trauma and emergency department data, Dr. Mears noted the Subcommittee’s position paper on NHII depicted the healthcare provider, population and personal health as overlapping circles. He emphasized that at the local level of EMS and trauma there was a delivery model critical to all three. Dr. Mears described a quality management continuous loop linking trauma, EMS, and the emergency department, emphasizing that data should identify issues of quality, drive how resources were deployed, and translate them into quality.
Panel 3: Public Health Surveillance and the NHII - Overview of System/System Deployment
Dr. Broome reported CDC’s progress with basing public health surveillance on systems using the standards for interoperability the Committee recommended. She outlined CDC’s approach to surveillance through the National Electronic Disease Surveillance System (NEDSS), a component of PHIN. NEDSS took a broad initiative using national data and information system standards (included in PHIN standards) directed towards surveillance at state and local health department levels, units responsible for public health practice and surveillance. Dr. Broome noted that the standards’ conceptual data model was taken down to the level of both the logical data and physical database model for the NEDSS Base System, derived in the context of the Health Level 7 (HL7) reference information model (RIM). Both were evolving models and she said considering how they might evolve harmoniously was a challenge. Dr. Broome reported that the base system was a NEDSS compatible system for state and local use developed in collaboration with CDC and state and local partners. The person-based system included core demographics and incorporated HL7 messaging capability.
In 1997 the University of Nebraska Medical Center (UNMC), Nebraska Health and Human Services (NHHS), and Computer Science Corporation collaborated in developing a Web-based laboratory data reporting and order entry system: the Public Health Laboratory Information Program (PHLIP) and Nebraska became the first state to implement the NEDSS Base System. Disease categories tracked included hepatitis, meningitis, and vaccine preventable diseases. Three public health entities used the system: the Douglas and Lancaster County Health Departments and NHHS. Mr. Hall listed anticipated benefits of the NEDSS base system. The most immediate challenge was NETSS/NEDSS parallel testing. Lab Corp., the first laboratory to send data into the NEDSS base system, was targeted to begin feeding data into the operational base system May 5. Current state law and reporting rules were based on the paper system. Mr. Hall said they have to rewrite the rules to facilitate electronic reporting and possibly offer incentives to reporting entities.
Dr. Platt presented examples of how the private healthcare delivery system could play an important role in supporting public health purposes. The National Bioterrorism Syndromics Surveillance Demonstration Project, a system based on office visits and calls to nurse triage and health information centers, involved 20 million people in 50 states. A barrier to participation was the reluctance of health plans to place confidential, proprietary data outside their control; this system let health plans create that data set on their own server, and programs provided by the data center performed analysis and reporting. The software identified new episodes of illness and mapped individuals by zip codes. The data center aggregated for each syndrome. Each night, aggregated data was searched for clusters and data was posted on a Web site with public and private areas. When a cluster exceeded a threshold the local health department was notified. Dr. Platt said health plans, in partnership with public health agencies, could play an instrumental role in understanding reasons for the success or failure of public health initiatives and be important agents in the dissemination and implementation of major public health initiatives.
Mr. Morris discussed the information flow and data exchange that occurred with bioterrorism response and, although it wasn’t fully automated, the infrastructure in place. Observing that, in a bioterrorism outbreak, information flowed everywhere and many partners participated simultaneously, Mr. Morris discussed routing information and the policy of routing. Mr. Morris outlined what might happen in an anthrax situation similar to what occurred in 2001, noting that the major load in the anthrax situation was laboratory testing of environmental specimens. He emphasized the need for enhanced infrastructure to handle the information flow. Mr. Morris pointed out that PHIN must support dynamic discovery of new nodes and services, which involved being able to parse a message as well as receive it. He noted that the network also had to support authentication across multiple security boundaries with a single set of credentials. Mr. Morris said the way to do this—interoperability--was what the PHIN standards were all about. He discussed two types of interoperability: physical and semantic. Mr. Morris said the keys to success were implementation of standards; discovery and implementation of routing policy and procedures; expansion of the infrastructure in local, state, and federal levels and among clients; available state/local expertise across the board for both the messaging content and implementation; and central authority for authentication credentials and identify binding.
Dr. Sosin reported that, as a part of an effort coordinated by CDC with state and local health departments aimed at strengthening infectious disease detection efforts in major metropolitan areas, CDC worked with eight large metropolitan areas to: (1) assess their epidemiology and surveillance capacity for bioterrorism surveillance, and (2) identify short-term technical assistance opportunities. In narrowing the focus for technical assistance to clinician alerting and 24/7 call systems, CDC drafted a set of proposed standards and possible solutions with an emphasis on solutions that could be applied with minimal additional effort to an unlimited number of interested cities. Dr. Sosin said a key lesson learned was that alerting served at least two key functions at the local level; providing information to change clinical practice and building relationships to enhance consultation and reporting of disease. Dr. Sosin identified additional guidance needs. CDC concluded that the detailed assessments conducted in the eight cities reflected the epidemiology and surveillance capacity for bioterrorism detection in most large metropolitan areas.
Noting current national interest in the CDC’s work, Dr. Lumpkin said the hearing was focused on public health and surveillance. He reported responsiveness at HHS’s senior levels to issues raised by the Workgroups’ final report. At the Department’s urgings, in November the National Institute of Medicine (NIM) released a report on rapid advances in healthcare with a section on health informatics. In Detroit, the Secretary opened up a town hall meeting by announcing adoption of the clinical data standards recommended by the Committee and endorsing both Consolidated Health Informatics (CHI) and the proposal for FDA to release rules for bar coding pharmaceuticals/medical supplies. Dr. Lumpkin said the reality since September 11 underscored the significance of an ability to monitor, use and approve health information supporting a high-quality, efficient and effective healthcare system. Dr. Lumpkin emphasized that preparedness was a key component of population health and their mission as they moved this agenda forward.
Panel 1: Overview of Public Health Information Network and Public Health Privacy Issues - PHIN Policy and Implementation
Dr. Loonsk envisioned PHIN as transforming public health by coordinating functions and organizations; enabling near real-time data flow; supporting computer-assisted analysis and decision support; facilitating professional collaboration; and using IT to rapidly disseminate data to public health, the clinical care community, and the public. The vision was broad, crossing multiple functions, and included detection/monitoring for bioterrorism, syndromic surveillance and early indicators of outbreaks, routine surveillance and reporting operations of NEDSS, and analysis/conversion of data at all levels of public health to facilitate decision-making. PHIN included information resources and knowledge management; ability to focus and present information in ways supporting decision-making, alerting and communication as well as evolving information system response needs.
CDC aimed to create a framework integrated with other networks and systems. This dual-use network had to meet routine public health, homeland security, bioterrorism preparedness and response. A well-trained, active public health workforce constantly worked to identify events and sustain a capacity to manage and respond. Dr. Loonsk emphasized reducing the reporting burden. Identifying relevant industry technical and data standards was a first step in reaching a level of network preparedness that kept up with the Committee’s and CHI’s activities, maintain harmonization, and develop specific data exchanges and technical specifications as NHII grew.
CDC and HRSA awarded over a billion dollars in cooperative agreements in 2002 that utilized IT functions and specifications identifying technical and data standards, requiring supported IT activities to utilize them. Functional software components were developed to implement these standards and a final step supported conformance testing. Ongoing needs included standards identification and specification.
Dr. Loonsk outlined thrusts for achieving PHIN: technical systems architecture for interoperability, a sub-component related to implementing a live network for exchange of specific data, work on a shared data model and vocabularies for public health participants. Developing areas included: Web services and interchange enabling querying organizations, security ensuring data were well protected and secure practices for continuity of operations, and standards for content delivery with identification and tagging of content, information architecture, and metadata about content facilitating timely delivery.
The complexity of systems architecture was linked to participants collaborating to support the public health mission. Funding activities focused on health departments at state and local levels. With HRSA, CDC worked on clinical care activities and integration involving work in public health laboratories and state and federal agencies participating in public health and response. Work on systems architecture included directories of participants in public health.
Dr. Loonsk viewed the live network for information exchange as part of the technical architecture and data exchange standards. Unambiguous exchange of data required specifying an entire related set of standards. Sharing encryption and security enabling systems to cross organizational boundaries was a necessary step. Also needed was compatibility between systems. CDC identified an industry-based data model with vocabulary and messages derivative of industry standards. To ensure partners could achieve understandable interchange, CDC relied on clinical standards, HL7 activities around RIM, and identification of technical standards. CDC targeted a public health logical data model derivative of HL7 RIM and the public health domain information model. CDC built on and coordinated component activities.
Ms. Davies reported on the Washington State Department of Health and electronic laboratory reporting, integrated data repositories, and activities consolidated under WEDSS. Multiple projects addressed components of the notifiable condition surveillance system and using appropriate national standards to assure interoperability together and with external systems. Ms. Davies outlined why IT standards were appropriate and necessary, noting that data sharing was appropriate for notifiable condition surveillance. Data sharing needs included: collection from data reporters; distribution within an organization and to public health agencies (at individual case record and aggregate levels for trends analysis); and dissemination to data reporters, the healthcare system, and general public.
Standards around the data sharing process simplified their work and made it possible to: (1) go to a new reporting entity quickly and set up a mechanism for electronically receiving data, (2) improve data quality because it was consistently received electronically. Setting up standards and getting people to use them was costly but ultimately saved money.
Standards supported efficient use of resources: ensuring consistent approaches and maximizing developed applications’ and systems’ utility and meeting business needs. Implementing software engineering practices consistently across an organization minimized costs: requiring a less diverse set of IT resources and supporting and maintaining systems over time. The smallpox vaccination program and SARS demonstrated IT standards helped implement systems quickly.
Ms. Davies said PHIN provided states with a road map for designing information systems and utilizing nationally accepted standards and would help develop them efficiently and effectively. Integration of state systems through implementation of a common set of IT standards made sense: mechanisms for data sharing didn’t have to be determined on a state-by-state basis.
Ms. Davies noted concerns about PHIN. States were in different stages of maturity and might not be able to implement all PHIN elements. Each state had its own IT policies (often not set by state health agencies) and resource constraints might prevent some from implementing particular PHIN standards. Noting standards were selected by the industry, Ms. Davies said in many cases, public health was slow in adoption and standards were difficult to implement. She expressed concern over the lack of staff experienced with ebXML and JAVA. Ms. Davies cautioned that development and adoption of PHIN standards had been fast-tracked, with minimal state involvement in selecting standards. She advised that the states weren’t required to use CDC-developed systems, contending the emphasis had to be on the standards, not specific applications.
Ms. Davies urged organizations outside CDC to focus PHIN standards on data exchange, encouraging a focus on standards associated with data sharing including vocabulary, transfer mechanisms, and security. She urged CDC programs to focus standards on data exchange and application development. She recommended establishing a realistic timeline and prioritized implementation sequence for PHIN standards. She emphasized the need to clearly define PHIN compliance and clarify the relationship between PHIN, HAN and NEDSS standards. Ms. Davies advocated state and local health agency involvement. Noting this was a system-wide change, she encouraged CDC to be involved in identifying standards and ensuring that the states had the opportunity to participate.
Ms. Murphy noted increased need for public health authorities to exchange data with others and that local and state health departments needed help realizing appropriate third-party relationships. State law, often more restrictive than the HIPAA privacy rule, had to be considered. Ms. Murphy contended the rule was designed to foster and perpetuate public health reporting and allowed access and use of that data. She noted the privacy rule allowed covered entities to report information into the public health system without individual authorization under many accommodations. Generally, if state law mandated this information be reported, it could be so without individual authorization.
Ms. Murphy stressed the need to focus on accommodations for research, cautioning about the need for an understanding of the distinction between public health practice and epidemiological investigation that didn’t have to meet more cumbersome research requirements.
She identified categories of state law that might benefit from HIPAA accommodations.
In terms of disclosures for public health activities, Ms. Murphy clarified that the privacy rule defined public health authority to include non-governmental entities a traditional authority contracted with or might delegate authority to. If a contract delegated authority to a third party, the rule indicated that third party might be considered a public health authority to which reporting might occur without individual authorization. Health oversight contained that same allowance. Activities of a public health entity considered covered varied between jurisdictions.
Ms. Murphy offered four key issues for consideration. She emphasized potential for reduction in reporting to public health authorities, due to misperceptions and misunderstandings about the privacy rule, reiterating that, in the view of many who had studied it from a public health perspective, the rule was flexible and designed to allow for continued public health reporting and use of that information. Noting discomfort in the provider community, she advocated an intensive education and communication campaign to appropriate constituency groups, provider and state legislator associations, and AG offices.
Ms. Murphy advocated open, public dialogue to facilitate innovative, appropriate data relationships between public health authorities and third parties. She called for developing documented relationships between the traditional public health system and third parties in order to expand the potential for data usage, analysis, research and taking data into the field. She counseled that the public health community would benefit from concrete discussion and model contract development around agency relationships public health governmental agencies could enter into, standardized contractual arrangements, and model agreements with appropriate confidentiality provisions. Ms. Murphy noted increased pressure for health information from the media and public. She urged the public health system to strive for consistency in the level of detail offered, after weighing privacy and public safety considerations.
Panel 1: Overview of Public Health Information Network and Public Health Privacy Issues - Questions and Discussion
Ms. Davies recommended an external focus on standards and data transfer. She cautioned CDC about focusing PHIN on application development, noting it was difficult for a federal agency to fully understand and address a state agency’s business needs. She suggested that state consortia do joint application development. Noting that states and local public health agencies that couldn’t develop systems needed a safety net, Dr. Loonsk conveyed CDC’s support for standard-based systems that weren’t CDC developed. She expressed confidence that transitional software could integrate complex systems. Asked if she felt pressured to adopt CDC-promulgated applications, Ms. Davies noted that program application modules (PAM) specific to CDC programs were required to ensure data could be sent to CDC with the NEDSS-base system. She questioned whether PAM could nest in that system.
Dr. Loonsk said informal processes involving state and local health departments in development, adoption, review, and governance of PHIN standards led to specific standards, specifications and fast tracking. Over a billion dollars was appropriated, more than a third for IT development. Standards developed for NEDSS and the Health Alert Network (HAN) were used to develop technical specifications attached to the cooperative agreement. A more formal structure was established for how public health partners had stewardship of the data and technical standards. Dr. Loonsk said expenditure of funds for state spending on information systems was problematic. Ms. Davies suggested that funds local health agencies spent didn’t show up in HHS records.
Ms. Murphy noted the challenge in achieving coordination among public health system components so balanced public health information (PHI) served the public interest. In effectuating a culture of privacy, her department piggybacked off what they’d done complying with HIPAA. They also developed a preemption analysis determining state laws that HIPAA might preempt. When they decided that technical compliance with a standard would impede public health services and they weren’t required to comply, they carefully and narrowly chose not to. Implicit in this was their intent to comply with state laws more stringent about privacy. Ms. Davies said her department went through similar processes and identified themselves as a hybrid entity. Washington State promoted HIPAA provisions, putting emphasis on parts of the agency requiring a technical level of compliance.
Panel 2: Improving Reporting from Primary Sources to Registries - Immunization Registries
Upon consent, Ms. Williams said children were enrolled in community- and state-based immunization registries via linkage with electronic birth certificates or first contact with the healthcare system. A complete, accurate history was downloaded at each immunization encounter to the provider’s integrated information system. The registry provided automated decision support, reminder/recall notifications, and official documentation. Fifty states, six cities, and eight territories or commonwealths receive federal immunization funds and were developing or implementing immunization registries. Nearly a third of U.S. children were in a registry. Having records of 95 percent of the nation’s children in an immunization registry was a Healthy People 2010 objective.
Four areas challenged immunization registry progress: confidentiality of registry information and privacy of participants; participation of all immunization providers and parents; appropriate technical functioning of registries; and a sustainable funding stream. NIP, in collaboration with privacy experts and registry stakeholders, developed National Vaccine Advisory Committee (NVAC) approved minimum specifications and implementation guidelines recommending written authorized user agreements; confidentiality policies consistent with applicable state, federal, and local regulations; parental notification; optional participation; usage only for intended purposes; specification of those with registry access and levels of access; defined penalties for unauthorized disclosure; and specification of the duration of registry date retention and what happened to data afterwards.
Concerns about adverse impact a single-focus information system requiring multiple record systems and duplicate data entry might have on office practices was a barrier to participation. NIP worked with software vendors and standards organizations to add value to products by creating immunization registry interfaces. NIP developed test cases measuring the sensitivity and specificity of de-duplication algorithms used by registry developers to uniquely identify registry participants. NIP also pilot tested a process comparing provider-verified immunization histories collected in the National Immunization Survey (NIS) with immunization registry records. Preliminary results indicated this methodology might enable NIP to assess the quality of registry data by evaluating it against “gold standard” clinical data. Registry participation offered multiple incentives to providers and parents, including increased immunization coverage and improved office efficiency. Registries also identified clusters of vaccine-associated adverse events, identified and re-vaccinated children who’d received immunizations from sub-potent vaccine lots, and monitored implementation.
NIP encouraged development of immunization registries meeting local needs. CDC in conjunction with NVAC conducted conformance efforts (e.g., identified and developed core data elements, vaccine codes, technical functional standards, record exchange guidelines and certification processes) aimed at promoting a single, national platform-independent standard to link immunization registries and other information systems. Self-reported data indicated registries’ progress in achieving functional standards including: privacy and confidentiality, reminder/recall, exchange of information using HL7, information available at encounter, ability to process within four weeks of administration, and records created within six weeks of birth including all NVAC core data elements.
She urged the Workgroup to promote registries as an integral data-driven component of immunization programs, acknowledge registries’ role as the backbone of PHIN, promote adoption of the HIPAA claims attachment transaction, educate the provider community on HIPAA disclosure, support Vaccines for Children Program funds, and increase accountability of registry resources.
Mr. Hopfensperger said immunization registries were key to Healthy People 2010 objectives. The Wisconsin Immunization Program (WIP) was a collaboration with the private sector to improve immunization rates. Individuals moved, had multiple providers, and parents didn’t always have immunization records. Without a registry, providers delayed or started over. Registries built forecasting functionality into systems and enabled reminder recall, inventory control, and immunization level assessment for private practice and county, city, or local health department jurisdiction.
Data sent was password protected and encrypted. Organizations and individuals had user agreements. Information downloaded bi-weekly from vital records minimalized demographic data entry and increasingly reflected population-based immunization levels. Files were updated weekly. Parents could opt-out upon signing for a birth certificate or when presenting to their immunization provider.
Wisconsin’s population was five million. The birth cohort was 68,000. The system served 2.5 million clients. Over 17 million immunizations were entered since implementation in 2000. Over 500 providers served 1,500 sites. A registry was developed in collaboration with Medicaid and public health that included joint overall responsibility for system design and operation (with data managed by public health), fiscal oversight, and future service level agreements between vendors and the department.
Mr. Hopfensperger advised that private sector providers wouldn’t participate if data had to be entered more than once. Historical information was downloaded using a flat file ASCII transfer of data. Wisconsin Immunization Registry (WIR) was HL7 compliant and close to functional standards described by CDC. Interface options included: single direction from provider, single direction to provider, and bi-directional primarily through the HL7 standard. WIP was developing a real-time interface with electronic medical records (EMR).
Medicaid used data for the Government Performance and Results Act (GPRA) that provided the federal government’s accountability for programs that defined performance objectives, undertook improvement activities, and demonstrated gains. Other Medicaid/WIP initiatives were WIR immunization coverage data to provide outreach to high-risk areas and performance improvement measurements used to monitor managed care. Future enhancements include: adding enhanced Vaccine Adverse Event Report System (VAERS) reporting to WIR, developing a real-time interface with EMR systems, GIS mapping for pockets of need assessment, automatic ordering of state-supplied vaccines based on inventory threshold levels, parent access via the Internet to their child’s immunization records, and an electronic signature.
Maine, Massachusetts, and the U.S. Virgin Islands, as well as the Minnesota, North Carolina, and Georgia Departments of Health used the system, which was available to other states and public health programs at no cost.
California Cancer Registry
CCR’s primary sources reported to ten designated regional registries. CCR was part of CDC’s national program of cancer registries and NISEERP. Each regional registry functioned as a central registry. CCR consolidated reports and created statewide cancer data. CCR’s primary reporting sources included 450 hospitals. Some 8,000 physicians and 400 pathology laboratories tend 135,000 cancer cases identified annually. CCR’s standards essentially mandated an ASCII layout to vendors; hospitals that didn’t use CCR’s software could report. CCR had begun implementing standards for pathology laboratory electronic reporting and had standards for physicians manual reporting with an abstract form or who’d opted for regional registry staff to collect data. CCR’s reporting sources primarily reported to three regional registries.
Ms. O’Connor identified the system’s key issues: rapid case finding; data extraction, integrity, management and utilization; enterprise management, partnership development and maintenance. Case finding focused on diagnosis and treatment, took over a year, and manual review of the pathology report was laborious. CCR moved towards direct electronic reporting from hospitals and freestanding pathology laboratories. CCR undertook two pilot projects, funded by CDC, involving electronic case finding from pathology laboratories. An electronic review of the report using word lists and SNOMED showed that two percent of malignant cases weren’t identified and that electronic pathology case finding facilitated cancer reporting.
In 2002, CCR implemented an Internet-based cancer data management system, EUREKA, used by five regions. Objectives include creation of a single consolidated statewide cancer database and electronic interfaces between EUREKA and systems. A single consolidated, statewide database was targeted for June. Ms. O’Connor noted, however, that data integrity management, requiring different computer edits and coordination of databases, was a business issue.
CCR had issues with data extraction and asked physicians to report cancer cases they’d identified but couldn’t complete due to insufficient or conflicting information. CCR planned to pre-populate an abstract to key entry or provide for Web-based reporting. CCR had implemented a workable cancer data system in California, but Ms. O’Connor noted the system was complex, decreased efficiencies, and made reporting data difficult. CCR aimed to improve the system: ensure direct reporting from hospitals and pathology laboratories, Web-based physician reporting, and a single data management system statewide with one database.
Mr. Edmonds noted that three percent of the nation’s children had a major birth defect. Much had been learned about prevention (e.g., neural tube defects) and NCBDDD focused on risk factors and preventative activities. Standard operation procedures collected quality data, used it for epidemiologic research into causes of birth defects and other diseases, and developed prevention programs.
Birth defect surveillance programs were initiated in the 1960s with the epidemic of Thalidomide and limb malformations. CDC’s Metropolitan Atlanta Congenital Defects Program was the model for many state programs. In 1996, the Birth Defects Prevention Act mandated and appropriated that CDC fund states for development of surveillance programs and regional research centers. Some 35 states receive funding and operate birth defects surveillance programs. Cooperative agreements with 33 states focused on research and collecting surveillance data for public health programs. CDC focused on surveillance programs that: collected quality data, improved access to care for children with birth defects via special healthcare needs programs and referrals, improved timely ascertainment of NTD cases, developed prevention and intervention programs, and encouraged surveillance of prenatally diagnosed cases and intervention activities (e.g., folic acid prevention).
About 20 states having cooperative agreements with the registry were in a three-year cycle and received $100,000-$200,000 annually. CDC hoped to make awards to eight-or-ten states whose agreements expired in April. Ten centers do etiologic research of birth defects, conducting a collaborative national case control study involving 14,000 interviews.
CDC used various approaches to fund states. CDC’s collection methods included: staff abstracting and filling out reports in the field, abstracts complied by other agencies, electronic filing and reporting by staffs and hospitals via laptops and Web-based reporting, electronic reporting from agencies sending batch reports, and programs scanning printed records.
Data from birth defects programs were linked and integrated with data from other programs, databases, and registries. Programs linked data sets and some created files for analysis or surveillance. A CDC program linked environmental databases and CDC advocated similar programs. The District of Columbia had a system linking immunization registries, newborn hearing screening, birth defects, and metabolic. Some states integrated databases and had a system for hospitals to report newborn hearing screening, immunization, and birth defects directly to the health department’s central registry.
Mr. Edmonds noted numerous states had problems with HIPAA and Family Educational Rights and Privacy Act (FERPA). Misinterpretations about the rules made it difficult for the states to get data from hospitals. Legislative restraints in some states kept programs from sharing data with appropriate partners.
Prenatal surveillance identified a high percentage of defects (e.g., neural tube defects) that were subsequently terminated. NBDPN, a private organization established by CDC, developed standard guidelines and approaches to birth defect surveillance, providing states with a benchmark for standard practice. CDC encouraged states to work on data integration, emphasizing integrating newborn hearing screening and metabolic birth defects.
While emergency and trauma registries were used locally, Dr. Mears said they had to have value and perform at state and national levels. He noted that, at the local level of EMS and trauma, there was a delivery model critical to the healthcare provider, population and personal health depicted as three overlapping circles in the Subcommittee’s position paper on NHII. The circles in the model were balanced and any change impacted them. Noting the significance of the chain of survival on the trauma scenario, Dr. Mears emphasized that incidence data had to link to EMS data, which needed to link to the emergency department, hospital, and final outcome data.
Dr. Mears emphasized the need to be careful designing data sets and standards. Observing that the closer one was to the patient, the more data was available for evaluating the system and clinical care, he noted that most data sets were designed at the national level and weren’t particularly useful for state and local systems. Noting a successful project required input from organizations that touched patients, Dr. Mears said NCEMS involved organizations in a consensus process with the national EMS information system/registry project.
Dr. Mears described a quality management triangle/loop between trauma, EMS, and the emergency department. Even though patients received local care, quality (defined by system performance or patient care) was the target. Dr. Mears said data should identify issues of quality, drive how resources were deployed, and translate them into quality. He emphasized that this was a continuous loop.
He cited a survey asking EMS services about data that could most successfully be used at the national level that identified four issues: education to drive curriculums and local education; better measures of outcome for evaluating systems and performance; research that helped identify problems, target issues, and evidence-based answers; and an ability to justify what was done from a reimbursement standpoint.
Dr. Mears acknowledged issues of confidentiality and privacy, but contended that the issue at the local level, especially with volunteers and systems on a budgetary edge, concerned resources. He emphasized that the cost of local systems had to be supportable, so systems weren’t overburdened. Dr. Mears said migration to electronic systems would be lengthy, but local systems believed it would happen and weren’t opposed.
Dr. Mears noted resource help was needed for a technical assistance perspective and model administrative and statutory languages. Issues of bioterrorism and funding pathways down to the states prompted the question of mandatory participation. Dr. Mears noted a shortage of resources at the local level and cautioned about the difficulty of analyzing outcomes if systems weren’t properly prepared. He said local systems would benefit from adding data and documentation into the curriculums of healthcare providers. Most importantly, resources had to be applied to emergency departments and trauma data systems to support future development, oversight, and administration. He noted the lack of funding at the Federal level applied to EMS, Trauma, and ED data systems compared to the rest of the healthcare field. As an overall healthcare system, we have to develop these entry level information systems to have a true picture of healthcare access, outcomes, and system performance with respect to delivery and patient care. These systems will not develop in a timely fashion without federal funding initiatives to promote their importance.
Dr. Mears reiterated that the ideal registry could be used locally. Data in real-time format, allowing systems decisions, would be passed up to regional, state, and national levels. Dr. Mears also stressed the need for a unique identifier that enabled following patients through the system.
Panel 2: Improving Reporting from Primary Sources to Registries – Questions and Discussion
Mr. Hopfensperger said that, in accepting flat file information, data sets were defined based on CDC requirements and standards were consistent with HL7. Regarding their immunization registry and ability to share information from the common client index, he said lead levels and other information in the system made it more a medical record. He viewed it as the hub for which spokes would be developed. Dr. Mears said he didn’t know of any EMS data system that could use HL7. HL7 was difficult in disconnected environments with a messaging scheme; few definitions related to pre-hospital care. EMS was problem oriented, its curriculums didn’t teach final diagnosis, and EMS often didn’t have data to make one. ISS, ICD-9 and other diagnostic codes in those systems weren’t functional.
Mr. Hopfensperger said, to avoid double entry, some providers with EMR systems waited for an interface. Others couldn’t electronically interface or were concerned about putting their information in a registry. WIR did what they could to make the system user-friendly, including helping new providers with only hard-copy records enter data. Asked about the extent of interstate electronic exchange of immunization registry data, testifiers said people received records from another state, but the systems hadn’t been able to electronically link.
Ms. Williams said registries were cost effective and efficient. She noted there were few incentives beyond legislation, but emphasized that with immunization registries providers knew the vaccines children received, could estimate coverage, determine if vaccines were sub-potent, and give updated vaccinations or re-vaccinate children. Dr. Shortliffe said individual practitioners knew immunization registries were relevant to patients’ everyday care and avoided duplication of manual effort, but he pointed out that quality benefits were distributed over many providers and hard to measure and realize centrally. Mr. Hopfensperger noted studies showed an increase in office efficiencies using immunization registries. He predicted a domino effect as bigger providers came on board. Dr. Lumpkin remarked that, if conceptually NEDSS was considered the core of surveillance systems, a strategy had to be developed for harmonizing the system. Ms. O’Connor said CCR had begun that collaboration with users of NEDSS standards to develop electronic pathology laboratory system.
Panel 3: Public Health Surveillance and the NHII - Overview of System/System Deployment
Dr. Broome updated the Committee on CDC’s progress basing public health surveillance on systems that used standards for interoperability the Committee recommended. She outlined CDC’s approach to surveillance through NEDSS, a component of PHIN. She noted limitations of the surveillance approach: multiplicity of categorical systems, unsuitableness and incompleteness of paper forms, and push back from burdened partners. Addressing these issues, NEDSS took a broad initiative using national data and information system standards subsumed into PHIN standards directed towards surveillance at state and local health department levels.
Dr. Broome noted that the standards’ conceptual data model was taken down to the level of the logical data and physical database model for the NEDSS base system and derived within the context of the HL7 RIM. Considering how these evolving models might develop harmoniously was a challenge. Dr. Broome said electronic data transfer to health departments using HL7 messaging standards the Committee endorsed was a critical tool in transforming public health surveillance.
PHIN/NEDSS has awarded planning grants to 50 states, six cities, and one territory since fiscal 2000 and has awarded funds to implements NEDSS to 36 jurisdictions. Sixteen opted to implement state-level systems compatible with NEDSS standards. Another 20 proposed to use the NEDSS Base System. In 2002, over a billion dollars went to increase state and local public health departments’ preparedness capacity. Thirty percent of the funding was initially estimated to go toward IT investments; grant guidance from CDC and HRSA incorporated PHIN standards as a prerequisite for use of IT investment funding. Noting events like smallpox, vaccination strategies, and SARS compounded actual demands and responsibilities, Dr. Broome stressed the importance of using core funding for NEDSS to leverage progress in state and local health department information systems.
The Base System was a NEDSS compatible system for state and local use developed by Computer Sciences Corporation in collaboration with CDC and state and local partners. The person-based system included core demographics and incorporated HL7 messaging capability. CDC intended the system to be able to adapt to local circumstances and provide substantial control for access to sensitive information public health received. She described a four-dimensional security model based on the program and geographic areas appropriate for users to access; whether the user had permission to view only, edit or delete; and the forms users were authorized to work with. NEDSS grants offered the Base System. CDC received applications from all 50 states and was making awards.
Dr. Broome suggested that the SARS threat offered an optimum opportunity to demonstrate why NHII was vital. Noting that NHII wasn’t about one institution or area, but required active collaboration among the myriad of partners critical to achieving progress, she noted CDC was actively involved in public/private partnerships.
CDC believed they provided the ability for clinical partners to fulfill their responsibilities to the public in identifying notifiable or newly emerging diseases and bioterrorist events. Noting CDC’s active collaboration with FDA to develop a version 3.0 adverse-event-reporting message so a clinical care partner could use similar tools and mechanisms for reporting, Dr. Broome emphasized CDC’s belief that using NHII standards would decrease the burden on respondents.
Nebraska was the first state to implement the National Electronic Disease Surveillance System (NEDSS) Base System. Douglas and Lancaster county health departments and NHHS Public Health Assurance Division perform public health surveillance. Disease categories currently tracked include hepatitis, meningitis, and vaccine preventable diseases. The University of Nebraska Medical Center provided key elements of the system infrastructure and management support. The Nebraska State Information Management Services developed a single-site log-on portal, Guardian, and provided key infrastructure support.
Mr. Hall noted anticipated benefits of the NEDSS Base System: real time data, paperwork reduction, fewer errors, one-time entry, automated reporting, distributed access, results tracking, data warehousing, HL7 data standard, and platform independence. The first laboratory would begin feeding data into the operational base system May 5. The most immediate challenge was NETSS/NEDSS parallel testing. Currently data are entered in both NETSS and NEDSS systems and output data compared upon arrival at CDC. Each reporting entity participated in a weekly conference call with CDC, CSC and program managers to resolve discrepancies. Comparing incoming paper with electronic laboratory data reports validated data. Routing was manual when electronic lab reports lacked sufficient information. Mr. Hall reported that initial end-user acceptance was excellent. He said it was too early to gauge the administrative burden, but noted the need for trading partners to establish discipline.
State law and reporting rules were based on the paper system and the rules need to be rewritten to facilitate electronic reporting and offer incentives to reporting entities. Mr. Hall noted the process of administrative rule change will provide an opportunity to solicit buy-in, but emphasized that only with adequate infrastructure, ease of use, and proper motivation would they gain trust and cooperation. Even with highly motivated trading partners, Mr. Hall cautioned that they would be confronted with a variety of data streams. Moving the data toward a common standard would remain a challenge with a variety of solutions. Picking the optimum ones would require careful analysis and planning.
Mr. Hall reported that the initial upload of hospitals, clinics, labs, physicians, and other healthcare physicians into the NEDSS Base System to assist in implementation took significant time and resources. Much of their epidemiological data remains stored in NETSS and other systems. NEDSS base system reporting and analysis capacity will remain limited until the amount of stored data grows or they incorporated legacy data. As lab reporting via the NEDSS Base System grows, procedures will be needed to handle those results.
Mr. Hall identified areas of public health and vital statistics he believed would gain the greatest potential benefit through integration with the NEDSS Base System: maternal and child health (e.g., birth certificate, newborn screening and hearing, birth defects, vaccinations), vital statistics (automated movement of birth data from HIS to NBS), injury surveillance (trauma and head injury registries, E-code and EMS data). Most programs shared infrastructure, personnel, and collected a common data set and the NEDSS Base System could provide a common interface.
Panel 3: Public Health Surveillance and the NHII – Questions and Discussion
Dr. Broome clarified that laboratory reporting going into place May 5 was automatic messaging using the ebXML wrapper. The system was designed to support both traditional patterns of disease reporting by in a Web-based system and electronic messaging from pre-existing databases with real-time reporting. CDC aimed to accelerate capacity to participate in the Base System and made it available to each state. Dr. Broome said migration of legacy data into the system was a huge undertaking. CDC was mapping strategies and tools for the core legacy data sets and facilitating access to technical assistance to help states with legacy migration or integration with other systems. CDC will present a demonstration at the Subcommittee’s next meeting and welcomed participation in the May 13-15 PHIN conference.
Dr. Platt talked about ways the private healthcare delivery system could support public health purposes (e.g., a syndromic surveillance program Harvard Medical School and CDC were developing for early detection of bioterrorism events). He noted substantial opportunities to establish partnerships with health plans. Three attributes made them logical partners for the public health system: they dealt with defined populations and their work and knowledge was translatable to public health purposes; considerable information was available on patients, their care, health status and outcomes; and through their network of providers they could intervene and improve the delivery of care.
The National Bioterrorism Syndromics Surveillance Demonstration Project, a system based on office visits and calls to nurse triage and health information centers, involved 20 million people in 50 states. A centralized reporting capacity was being built. Their goal was to be live in April. Partners included CDC, American Association of Health Plans, Harvard Medical School, UPTOM (a nurse call center operating in each state responsible for the majority of covered lives, and a number of health plans. The demonstration project was scalable to a large number of data reporters and the system was organized so health plans could put data needed to create reports on a server they controlled. The data center provided programs for analysis and reporting using EDM XML communication software. Everything that left the health plans was de-identified and met the HIPAA standard.
Clinicians assigned diagnoses during encounters, recording them electronically. Each night the health plan extracted targeted encounters using diagnosis codes developed by CDC and DOD. Software identified new episodes, mapping them by zip codes. The data center aggregated a count by zip code for each syndrome. Each night, aggregated data was searched for clusters. That data was posted on a Web site with public and private areas. When a cluster exceeded a threshold determined by each local health department, it was notified. Plans reporting census tracks received more detailed information. Two-way communication could be used to signal the server holding the encounter information to create and send a line list to the department; however, the plans preferred that a clinical responder in the department be notified who then arranged to exchange additional information.
Dr. Platt said they strove to make the program compatible with the systems CDC developed and enable it to serve other uses. He reported running the system in Massachusetts for a year-and-a-half and, at the public health department’s request, reporting influenza-like illness through this system. Discussions were underway about creating a syndrome that corresponded to SARS. The program was NEDSS compliant, software was open source, and protocols and code would be in the public domain. Dr. Platt said this approach could be extended to look at emergency room data in ambulatory settings lacking defined populations and in fee-for-service care locations.
Dr. Platt noted other uses of health plan data to support public health purposes, including programs providing information on therapeutics and vaccine problems. He emphasized that plans, in partnership with public health agencies, could be important agents in the dissemination and implementation of major public health initiatives, such as cancer screening programs.
Mr. Morris discussed the information flow and data exchange that occurred with bioterrorism response and the infrastructure in place. Observing that, in an outbreak, information flowed everywhere and many partners participated simultaneously, Mr. Morris discussed routing information and policy, noting vagaries and requirements hadn’t been fully discovered. Questions included: what information was exchanged; at what level was there aggregate roll up; was data de-identified for certain audiences; who, where, when and what data was appropriate for which audience; and how was information formatted and transported?
Mr. Morris outlined what might happen in an anthrax situation similar to what occurred in 2001 where a patient presented with clinical symptoms, an astute physician notified the state health department. He noted that the major load in that situation was testing of environmental specimens and emphasized the need for enhanced infrastructure to handle the information flow. Mr. Morris outlined routing requirements at a high level. Mr. Morris emphasized that the same network should be used for routine and emergency data exchange. He noted, too, that collaboration agreements might not be in place. One might have defaults, but they could change.
He pointed out that PHIN must support dynamic discovery of new nodes and services, which involved being able to parse a message as well as receive it. He noted there was a host of complexities about routing information once it got directly to systems. The network also had to support authentication across multiple security boundaries with a single set of credentials. Exchanging data with 60 different entities plus 200 laboratories called for a single sign-on and access to multiple resources. Mr. Morris said the way to do this—interoperability--was what the PHIN standards were all about. He discussed two types of interoperability: physical and semantic. Physical interoperability was about the transport, ebXML, security encryption, PKI, directory services, and LDAP. Semantic was terminology or vocabulary, formatting, messages, and parsing.
He said considering infrastructure brought them to a common vision of what PHIN needed to be as a broad implementation of standard transport and implementation at the state, local and other levels. Noting that vocabulary maintenance was a significant factor on the terminology or formatting side, he emphasized utilizing standard coding systems in the messages exchanged. Mr. Morris also mentioned the importance of name spaces (and case) identifiers for indicating in the directory and other spaces organizations, people, and the messaging system used. Different systems at different places would assign the same access number and names space had to be identified so that the context for that specimen was kept.
Mr. Morris said the keys to success were implementation of standards; discovery and implementation of routing policy and procedures; expansion of the infrastructure in local, state, and federal levels and among clients; available state/local expertise across the board for both the messaging content and implementation; and central authority for authentication credentials and identify binding.
CDC worked with eight metropolitan areas to assess their epidemiology and surveillance capacity for bioterrorism surveillance and identify short-term technical assistance opportunities. Teams addressed: training for public health staff, notifiable disease education for clinicians, alerting within the public health community and between it and the clinical community, routine reportable disease systems, and 24/7 notification systems for disease reporting. CDC also inventoried data sources in use to support early detection of disease outbreaks.
CDC identified clinician alerting and 24/7 call systems as a critical dyad supporting timely, sensitive disease reporting. Dr. Sosin listed four sets of questions about alerting; directories for clinicians and public health/emergency response staff, alerting mechanisms for clinicians, Internet availability to local health departments, and EPI-X (a secure network with limited access to a defined public health community). Dr. Sosin noted limitations in clinician directories. Faxes were the most prevalent way of alerting the clinician community. E-mail, the most promising technology for blast messaging, currently was of limited use. EPI-X had accessibility limitations.
Narrowing the focus for technical assistance to clinician alerting in 24/7 call systems, CDC drafted proposed standards and solutions applicable with minimal effort to an unlimited number of cities. Standards concerning alerting mechanisms included: having two or more mechanisms for alerting clinicians, a well defined alerting protocol, and an ability to distribute messages within two hours. Clinician directory standards included: procedures for updating directories on a regular schedule and removing duplicate entries, including at least 75 percent of clinicians in the directory and all key specialties, including specialty and discipline information as well as multiple mechanisms for contacting clinicians. CDC also included standards around EPI-X.
CDC focused technical assistance for clinician alerting on supporting alerting message templates for urgent communications, exploration of commercial clinician databases to seed clinician directories, and brokering a communication technology services contract that jurisdictions could contract with directly for standardized alerting services to meet otherwise unmet standards.
CDC shared their assessment with 12 other cities and surveyed the applicability to their jurisdictions. CDC concluded that the detailed assessments reflected the epidemiology and surveillance capacity for bioterrorism detection in most large metropolitan areas.
Dr. Sosin noted lessons learned: (1) alerting assured that timely communications between public health and clinical medical could affect changes in practice behaviors and improve reporting and consultation by strengthening relationships, (2) federal support for alerting shouldn’t supercede but strengthen the local health department relationship with clinicians, (3) timely alerting built credible links and fostered reporting and consultation relationships, (4) city clinician directories were deemed inadequate.
Panel 3: Public Health Surveillance and the NHII - Questions and Discussion
Dr. Platt reported that all participating health plans made a commitment to provide 24/7 coverage by a clinical responder with access to the daily extract and text records contained in the electronic data system. Given an alert, public health reporting requirements and relationships kicked in and data was separated into two bins: one de-identified. Dr. Shortliffe anticipated that in some settings people might be cautious about participating. Dr. Platt said responders expected to be responsive to queries from public health departments and this was more likely to happen if plans understood that they had control. He reported that in Massachusetts they hadn’t had to go beyond line lists created every day and kept in the server ready to transmit whenever there was a question.
Dr. Broome commented on the challenge of ensuring that systems were secure and collecting the minimal data necessary to fulfill important public health functions while communicating occurred. Noting that collection was targeted for the public good and the importance of having a finger on the pulse for SARS, Dr. Broome emphasized educating people on public health’s long history of having individually identifiable information, respecting the security of that data, and communicating reasonably diplomatically.
Asked about the burden of receiving, Dr. Broome noted the human resources development needed for investigation, analysis and follow-up. Predicting that more complete systems would uncover more disease, she said the educational challenge was explaining that the country wasn’t experiencing a doubling of communicable disease, but that health departments were aware of much more. Dr. Broome noted a need for a greater investment in skilled IT professionals; but she emphasized that IT systems wouldn’t replace astute clinicians, responsive health departments and trained public health workers supported by the surveillance systems.
Dr. Sosin remarked that the default was that these systems were tuned to the level of resources that they had to respond. In syndromic surveillance, for example, thresholds would be set according to their response capability. As they learned more about the need to respond and its appropriateness, they’d have an opportunity to build their staff accordingly. Dr. Deering said the Committee could play a role in ensuring that every time it discussed these issues the human necessities and human resources requirements were considered. Noting the pattern of downsizing, she said it would be helpful as an advisory committee to make points that the government couldn’t make in its own defense. Dr. Lumpkin pointed out that supporting the public sector was the role of the private sector.
Dr. Lumpkin expressed concern about a city-based unit of analysis, cautioning that the unit of analysis shouldn’t be so narrow that it limited the ability to detect. Dr. Sosin said their recommendations and focus areas reflected their intention to address technical-assistance aspects of alerting and 24/7 systems relevant to any city, county, or state. He said DPHSI sought to provide generalizable technical assistance, making this as broadly applicable as possible.
Members meet in June to shape panel input into recommendations to present at the September meeting. Thanking the panel for a full day, Dr. Lumpkin adjourned the meeting at 4:00 p.m.
I hereby certify that, to the best of my knowledge, the foregoing summary of minutes is accurate and complete.
/s/ John R. Lumpkin 08/12/2003
_________________________________________________
Chair Date