VOLUME I OF II
____________________________________________________________
The following proceedings were held in the Marriott
Denver City Center, Denver, Colorado, on Wednesday, May 15,
2002, commencing at 8:07 a.m.
____________________________________________________________
COMMITTEE PARTICIPANTS
DOUGLAS L. WOOD, M.D., Chair
Mayo Clinic
Rochester, Minnesota
MR. JEFF BLOOM
AIDS Patient Advocate
Washington, D.C.
G. KRISTEN CROSBY, M.D.
Vice President and Chief Medical Officer
Olympic Health Management Systems, Inc.
Bellingham, Washington
MR. BRUCE DEVEREUX CUMMINGS
President and CEO
Olean General Hospital
Olean, New York
GARY C. DENNIS, M.D.
Howard University Hospital
Washington, D.C.
MS. MICHELE M. EVINK
Director of Pharmacy
Clarke County Hospital
Osceola, Iowa
NOTE: SUSAN DESMOND-HELLMANN, M.D., MR. RONALD W. DOLLENS, MR. THOMAS R. HEFTY, MR. GARY MENDOZA, MR. LEONARD D. SCHAEFFER, and MS. KAREN B. UTTERBACK were not present.
MR. EUGENE A. FAY
Vice President of Reimbursement
and Government Affairs
Province Healthcare Company Health
Brentwood, Tennessee
MR. GARY B. REDDING
Commissioner
Department of Community
Atlanta, Georgia
MR. JOHN FINAN, JR.
President and CEO
Franciscan Missionaries of Our
Lady Health System, Inc.
Baton Rouge, Louisiana
MR. JACK A. ROVNER
Michael Best & Friedrich,
LLC
Chicago, Illinois
LISA GIGLIOTTI, J.D.
Human Services Policy
Coordinator
Office of the Governor
Lansing, Michigan
MS. JUDITH A. RYAN
President and Chief
Executive Officer
The Evangelical Lutheran
Good Samaritan Society
Sioux Falls, South Dakota
MS. HEIDI MARGULIS
Senior Vice President,
Government Relations
Humana, Inc.
Louisville, Kentucky
MS. PATRICIA O. SHAFER,
R.N., M.N.
Beth Israel Deaconness
Medical Center
Boston, Massachusetts
MS. MARY M. MARTIN
Chairman of the Board
The Senior Coalition
Crofton, Maryland
MS. JUDITH G. SUTHERLAND
Visiting Nurses
Association
Littleton, Colorado
HONORABLE STEPHEN H. MARTIN
Senator, 11th District of
Virginia
Chesterfield, Virginia
MR. WILLIAM TOBY, JR.
Healthcare Consultant,
Retired
Rockville Centre, New York
NANCY H. NIELSEN, M.D.
Internist
Buffalo, New York
MS. PATRICIA M. WALDEN
Southington Care Center
Southington, Connecticut
ERIK OLSEN, M.D.
Member, Board of Directors, AARP
Mesa, Arizona
KERN C. WILDENTHAL, M.D.
University of Texas
Southwestern Medical
Center at Dallas
Dallas, Texas
MS. SUZANNE R. PATTEE,
Consultant, Public Policy and
Patient Affairs
Cystic Fibrosis Foundation
Bethesda, Maryland
TABLE OF CONTENTS
CMS Presentation:
Jared Adair
Panelists:
Steven Lazarus
Christine Jensen
Carolyn Bruce
Virgilio Licona, M.D
Robert Heird
Committee Business:
Committee Business
Report of the Data and Information Subcommittee
Report of the Flexibility Subcommittee
Report of the Communications and Oversight Committee
Report of the Flexibility Committee
Public Comments:
Jane Orient,M.D
Linda Gorman
Jaime Smith
Robert Lapp
Steven Lazarus
Kathleen Brennan
P R O C E E D I N G S
DR. WOOD: I'd like to welcome all of the members of the public who are attending today, as well as folks to my left, who have taken time out of another meeting of theirs going on a block and a half away to come today and talk to us about aspects of HIPAA administration.
This meeting of the Secretary's Advisory Committee is one of our regional hearings that is also a working meeting of the committee. So in the course of today and tomorrow, we will be addressing a number of specific recommendations that have been developed by the subcommittees and acting on those particular recommendations as we send them on up to senior JJS leadership.
This morning, we're going to begin with a panel on aspects of HIPAA administrative simplification, and then we'll move into our committee work later in the morning. For this particular panel, we're privileged to have with us several people, both from CMS and from the field, who can give us I think an extremely good overview of how things are progressing in this very important area. The committee has a very intense interest in many aspects of this activity.
The approach that we have used for the members of the public, for all of the work of this committee, has been to identify major areas of concern and to begin with an overview by CMS personnel that can frame for us the statutory requirements of what they have to do, their interpretation of that statutory requirement, and the basis on which they are making their decisions about implementation or the development of regulation.
We'd then like to hear from people in the field, who can tell us how this is actually working. And generally, those are also people who are expert in one or another of the areas that are affected by the statute or regulation. And on the basis of those two components, then, the committee actually considers and makes recommendations to the secretary for solutions or improvements. So all of the members of this panel will be helping us in that regard this morning.
We'll begin with the CMS overview, and that will be done by Jared Adair and Karen Trudel. And then after that, the panel discussion will include Steve Lazarus, Christine Jensen, Carolyn Bruce, Dr. Virgilio Licona, and Mr. Robert Heird. And we'll start, then, with the CMS presentation, and Karen and Jared will do that. There's been a division of labor that I've been sort of privy to, but I'm anxious to see how it works out. CMS PRESENTATION - JARED ADAIR
MS. ADAIR: Thank you, Dr. Wood. I am Jared Adair, and Karen Trudel will be at the podium, and she will be helping me with the slides. I don't believe that Karen -- that was not part of the division of labor.
DR. WOOD: Somebody told me this morning that HIPAA 6 Halloween is an expression. So if that's the beginning, this is pretty good work by this.
MS. ADAIR: But Karen will be doing the slides for me, and then both of us will try to respond to questions that come forward for us.
Implementing HIPAA is an enormous undertaking, both for the government and the healthcare industry. Many have in fact asked: Why are we doing HIPAA? The short answer: because it is the right thing to do. The longer answer is that HIPAA was enacted to address the cost and administrative burden associated with different electronic healthcare forms and data content requirements of healthcare payers throughout the country.
The healthcare industry recognized this and pushed for these standards. The industry realized that national standards for healthcare transactions would reduce administrative burden, since now healthcare providers and plans use a variety of different electronic formats for data interchange. By using EDI, or electronic data interchange, the industry realized a way to bring about cost savings over the long term by promoting the greater use of electronic transactions and the elimination of inefficient paper forms.
The administrative simplification regulations are expected to save the healthcare industry approximately $30 billion. But let me emphasize that HIPAA is -- in fact represents more than an IT issue. It is a cultural shift. The standards will revolutionize healthcare, electronic data interchange, facilitate communication of data among business partners, and pave the way for many E-health initiatives.
Congress passed legislation, putting the force of law behind the adoption of the standards, but just as importantly, the legislation required us, the federal government, to adopt industry standards where they are available. The law received widespread bipartisan support and was co-sponsored by Senators Kennedy and Nussbaum.
The law requires the Department of Health and Human Services to establish national standards for electronic healthcare transactions and national identifiers for providers, health plan, and employers as well as requirements for privacy and security of health data in cooperation with the healthcare industry.
CMS has been designated as the federal agency responsible for implementing the vast majority of HIPAA provisions. The law and the resulting regulations apply to both the public and private sectors. Anyone who transmits healthcare data electronically is impacted by this law. CMS in fact has a dual role as a regulator and a covered entity. CMS runs health plans, and therefore our contractors must be HIPAA-compliant.
Going back to the industry's original motivation for national standards, the law required the Department of Health and Human Services to work with the private sector to develop HIPAA standards. In order to establish wide industry input, the law mandated that we consult with the Workgroup for Electronic Data Interchange, the National Uniform Billing Committee, the National Uniform Claim Committee, and the American Dental Association.
The law also mandated participation of the National Committee on Vital and Health Statistics and CVHS, a federal advisory body designated to advise the secretary regarding HIPAA standards.
There are four basic parts to the administrative simplification portion of HIPAA. They are electronic transactioning code sets, standard unique identifiers, security, and privacy. All of the standards affect how covered entities conduct electronic transactions. The standard code sets that have been adopted for HIPAA, as required by the law, are already in place in the industry. For instance, in the case of a physician's office, AMA-owned CPT codes will be adopted as standard code sets for physician services. These code sets are already being used by the industry, and therefore providers are already familiar with them. There are common identifiers for providers, plan, and employers, and security to ensure data moved electronically is secure.
The privacy section of HIPAA pertains to protecting patients' medical information and is overseen by HHS's Office of Civil Rights. The regulations for each of these sections are in varying stages of development and internal review.
I am sure you will hear from others today, testifying that we are not moving quickly enough to get the remaining regulations published. Let me assure you that we are well aware of the keen interest the industry has in them and are working to publish them as soon as possible. In taking a look at the transactions covered on these two slides, I am sure that you will see they are the nuts and the bolts of how providers do business and get paid.
The transaction and code set regulation was published October -- August 17th, 2000, and it became effective in October of the same year. Two years from that was the effective date of the final regulation, when compliance is expected. Therefore, October 16th, 2002, is the date of compliance for this regulation. However, there was one exception, and that was for small plans, who got an extra year to comply. While October 16th of this year was the original compliance date for this regulation, this was amended by the passage of ASCA, which I will discuss in just a moment. But first, let's take a look at the update timing.
Congress recognized that the standards needed to be updated on a timely basis in order to continue to meet the industry needs, but they also realized that frequent change would pose an administrative burden. So the law addressed updating the standards in the following way: During the first year, updates should be conducted on an as-needed basis to come into compliance. After that, updates are expected no more than once a year.
Now let me digress for a moment to discuss the ASCA statute and how we are implementing it. Many healthcare entities believed that coming into compliance by the October 2002 deadline was an insurmountable hurdle. Congress listened and passed a bill. ASCA, the Administrative Simplification Compliance Act, was enacted last December. The ASCA statute is the law that allows for covered entities to apply for a one-year extension to come into compliance with the transactions and the code sets. The delay was necessary to give covered entities more time to successfully implement and test the new electronic transaction and code sets required by HIPAA.
If an entity thinks that they will not be compliant by October 15th, 2002, then they must file for the one-year extension. The requirement to file for an extension was mandated by Congress, and the intention is to give -- to get covered entities to think through the implementation steps for compliance. Also, extensions are not automatic. Entities need to file an extension request.
As required by the law, we developed a model extension form that can be easily used by any covered entity, small or large. The form was developed in conjunction with extensive industry participation, and we published it on March 29th. We have made this form readily available on our website. It's easy to locate. We have been told that it is easy to understand and complete. It has only 26 questions, most of which are yes or no or multiple choice. It takes between 15 and 20 minutes to complete. But using our model form is in fact voluntary. If covered entities choose to forward us their own version of the compliance extension form, that is fine, as long as they complete all required information.
Now back to the standards update process. Adopting industry standards affords us the opportunity for public participation right at the start of the deliberative process. The standards-updating process was established by final rule in a Federal Register notice. Based upon the HIPAA statute, which told us to consult with industry groups, a logical extension of this was for industry to maintain these standards. This is public/private partnership at its best.
Each covered entity is encouraged to submit potential changes needed to meet their business needs through the established public process, a process which is open and consensus-based. The process starts with the designated standards maintenance organizations, referred to as DSMOs. The DSMOs are six organizations who receive, process requests for adopting a new standard or for modifying an adopted standard, three of which are the standard-setting organizations. The department monitors the process by having an ex officio member on the steering committee.
The three standard-setting members of the DSMOs include the Accredited Standards Committee, the National Council for Prescription Drug Programs, Health Level Seven. The remaining three organizations making up the DSMO are the groups designated by the law: National Uniform Billing Committee, National Uniform Claim Committee, and the Dental Content Committee of the ADA.
The DSMOs follow a process of voting and deliberation, which results in a signed memo of understanding on the selected standards. This process, by definition, should provide for balance. Every entity should not only have an entree to one of these groups but in fact is encouraged to participate. A central website was established for one-stop shopping. All DSMOs get to view all of the change requests submitted. They can then determine which ones they would like to weigh in on, depending upon the relevance of their requests to their expertise.
Once the change requests have been discussed by the DSMOs and it has been determined how the covered entity's needs should be met, the change request is forwarded to the appropriate standard-setting organization so that they can include it in the appropriate implementation guide.
Traditionally, the process for public comment follows the notice in the Federal Register. However, for HIPAA, it begins after agreement is reached by the DSMO on the standards, and recommendations are forwarded to the National Committee for Vital and Health Statistics, who then submits their recommendations for final approval to the secretary. Then begins the federal regulation process.
Let me also share with you some observations we have heard on the unique HIPAA process. First, the process is viewed by some as potentially out of touch with real providers, that the "techies" are running the show.
Second is that the nature of the process is open and inclusive. Everyone can play. Our message is that this process is very important, and we need to ensure that all entities make their needs known. Specifically, we are concerned certain entities and their representatives are not participating in these discussions, and we see this as a time to come together and join the dialogue.
Third, the process asks for input up front rather than how we have conventionally invited comments only during the NPRM. As the process matures and participation becomes widespread, we expect that meaningful discussions will be taking place even prior to the federal part of the process.
Fourth, some may say that there have been some bumps in the road in terms of the process working effectively, but it is very new and quite unique, and we are committed to improvements. The process is a brand new one for us, and it has taken time to get things in place.
Fifth, we have heard that from the time the DSMO gets a request for a change to the time we publish the final rule takes too long. And lastly, we have heard that the DSMO and the federal process are duplicative. Because it is such an open process; it is so inclusionary, and if a covered entity disagrees with the standards, they may bring it to the NCVHS.
The positive side to the DSMO process is that it is so extraordinarily open. The other side, though, is that the combination of the processes is lengthy, and if there is a critical need for change, it comes at the expense of bogging down and resulting in slow implementation. Some of the later speakers may suggest modifications to the process that would address these concerns. We recognize there is room for improvement and are open to alterations.
That's the end of my remarks. I don't know if you would like to open it to questions or go on to --
DR. WOOD: Let me quickly ask and see if there are any questions from committee members. Jack?
MR. ROVNER: Thank you, Mr. Chairman. One quick question on the extension statute. What is your understanding for a -- for example, a new provider that gets a number and goes into business after October 16, 2002? Will they have to comply with the standard transactions, since they will have not been around on October 15th, 2002, to apply for the extension?
MS. TRUDEL: I'll take a shot at that answer. We're still discussing that with our general counsel. The guess, off the top of my head going in, is that it's very difficult to require someone to comply with the statute when they weren't in existence prior to the deadline, but -- the effective date, but we will clarify that, and that's one of the issues we have on our list for frequently asked questions.
MR. ROVNER: Just so I can -- so we can expect some sort of guidance well before October 16th?
MS. TRUDEL: Well before October 16th, yes, sir.
MR. ROVNER: Thank you.
MS. ADAIR: And we will publish it on our website of frequently asked questions, since that is how it came in, and we try to keep that up to date and responsive to people's questions.
DR. WOOD: Go ahead, Jack, and then we'll go to Dr. Crosby.
MR. ROVNER: Just one other. Just so I understand the update process, as you understand it, if the code sets are updated, the implementation guides are updated, will HHS have to go through a rule-making to incorporate the updated codes or guides as the standards, or is there another mechanism whereby, because you've incorporated them into the rule, that the updates automatically become effective?
MS. TRUDEL: If you mean clinical code sets, what we adopted was the -- for instance, if you take CPT, we adopted CPT4. The AMA, which is the maintainer of the CPT process, continues to do periodic updates of CPT4, and those are not subject to the regulatory requirements. The only time we would have to regulate is if the AMA proposed to go, or the industry proposed to go, to a CPT5.
DR. WOOD: Dr. Crosby.
DR. CROSBY: Thank you, Mr. Chairman. I spoke yesterday at the WEDI conference about reg reform, and at least half a dozen people came and talked to me in a sidebar after my presentation, very concerned about the implementation timetable and stating that as it stands now, it would be impossible to comply with transaction standards. Could you comment on that and say if you are taking steps to ensure that the timetable can be met?
MS. TRUDEL: I believe what people were probably referring to was the two pending regulations that we call the addenda. These are regulations that tweak the standards, the transaction standards, and were determined by the industry as being necessary for effective implementation. I acknowledge that the publication timetable for those proposed rules has gone a lot longer than we had expected.
And if the reg process follows its normal schedule, we will not be able to have those in effect necessarily by 180 days before -- I mean, we definitely will not have them in effect 180 days before October of 2002, which means that someone who actually wants to implement the regulations in 10/02 and does not want to get an extension would have to implement the original transactions and then back out some of the requirements when the addenda are published and become effective. That is one of the main reasons why we are told that many covered entities are actually requesting extensions.
DR. CROSBY: Thank you.
DR. WOOD: Go ahead.
MS. WALDEN: Thank you, Mr. Chairman. My name is Trish Walden, and I am here representing long-term care. And I know that transaction codes have not been released yet for long-term care. Do you have any idea as to when that is going to happen?
MS. TRUDEL: I'm sorry. Could you clarify the question?
MS. WALDEN: For long-term care transaction codes, do you know when they will be released?
MS. TRUDEL: You mean, clinical code sets for long-term care services?
MS. WALDEN: Yes.
MS. TRUDEL: There I believe is some discussion going on with the NCVHS now about gap-filling for code sets. I would have to refer to them.
DR. WOOD: Bill.
MR. TOBY: I have a question for Ms. Adair. I'm just wondering. You just laid out a lot of responsibilities that CMS has to do, and Congress has laid a lot on your plate. One of the things I worry about, in terms of implementation, is that you've got to get out to the contractors. You've got to test out systems and what have you. It's a lot of work to get, I think, contractors under Medicare ready to take on this responsibility, and there's a lot of work to be done with respect to education of providers and what have you.
I'm just wondering whether or not, with all these responsibilities, in the usual sense is there sufficient funds to get this done? Has Congress really allocated sufficient funds to get all this done? I'm especially worried about Medicare contractors getting out there and testing the systems so that they work.
MS. ADAIR: You are right. This is -- it's an important undertaking for CMS, and it expands our responsibilities from our normal Medicare and Medicaid activities into the total universe of the healthcare industry, people that we don't necessarily have means to get that information out to. And we are working with our partners, the WEDI groups, the many other activities that we are trying to undertake to get the outreach under way.
We have asked our regional offices to explode who they normally talk to, and I believe we're improving our stand there, but it is admittedly -- Mr. Toby, it's a lot of work for us. It is an uphill battle, but one that we are working very hard at accomplishing and doing well, and doing well.
We were trying to explore different avenues than we have ever used before, some of which are admittedly pretty cost-effective, such as round tables. We had a round table back in March, I guess, and we plan another one for June. And we were able to reach 100 people that came to our auditorium and 650 connections on the phone. We will plan another one of those in June, as I said. We have been doing video, where we do satellite broadcasts. We send it out.
This is one of those activities that, you know, if we had more, it would always be nice, but, you know, we will do the best that we can with what has been given to us.
DR. WOOD: I'll give the last question to Heidi, and then we'll start on the other aspects. Heidi.
MS. MARGULIS: Thank you, Mr. Chairman. I actually have a question that may or may not relate to this section. Could you give us an idea or state for the record when the remaining rule -- proposed rules will be promulgated, that is, especially the security rules?
MS. ADAIR: I do not have specific time lines, but I can tell you -- that I can share with you. I can tell you, though, that we are -- we have been listening. We are working very hard to get the regulations out. One of the issues to be -- one of the issues on the security was to ensure that we were in sync with the privacy. And we believe we have now ensured that that linkage does in fact occur, and we'll be moving quickly on getting the security regulation through our review processes.
MS. MARGULIS: One point from this side is that it is very difficult for most of us representing the various aspects of the healthcare industry to put multimillion-dollar systems in place for one set of rules that depend upon other sets of rules. It would be good, understanding resources, etcetera, to be able to promulgate rules that relate to each other together, such that those of us who are stakeholders in this process do not waste multimillion-dollar commitments on unnecessary administrative actions that could be best used for benefits and services to consumers.
So I would beg the agency at this moment in time to take a look at the rest of the standards that have not been promulgated and get them out as quickly as possible. Thank you.
DR. WOOD: Dr. Nielsen, if I could beg your forbearance and allow us to hear the other presentations, but we'll let you begin at the end. We're quite fortunate to have with us several people, again, who have come from another meeting of their own, and we appreciate their taking time out of their other meeting to share with us their perspectives on how this is going.
And I am particularly pleased to have this panel begin with Steve Lazarus, who is the Chairman of the Workgroup on Electronic Data Interchange. In just a short time, we obviously can't give him the opportunity to share all of the work that's been done over the last decade, but obviously, we will benefit greatly by the expertise that you bring, as well as your colleagues, some of whom are also on the WEDI board. I want to welcome every one of you this morning, and we're very anxious to hear your particular suggestions. I'll let you begin, Steve, and then we'll follow with the others.
PANELIST STEVEN LAZARUS
MS. LAZARUS: Thank you, Mr. Chairman. And since I am from Denver, on behalf of the people giving testimony here from Colorado, I want to welcome you to our city and our community. I'm very pleased that you took advantage of our meeting going on here to have us participate at this time.
I am the President of Boundary Information Group, a national consulting firm that does a lot of work in business improvement operations, clinical improvement operations, and HIPAA, and so some of my experience relates to helping large numbers of hospitals, medical groups, and health plans implement this process. I'm also Chairman of the Board last year and this year of the Workgroup for Electronic Data Interchange, and most of my remarks today will address issues from a WEDI perspective.
I also want to indicate that everything that Jared said about collaboration with the industry and with WEDI is absolutely true. The CMS organization has been extremely open and reaching out. And since Secretary Sullivan commissioned WEDI in 1991 to start us up, there's been a representative from then HCFA, now CMS, on our Board of Directors, and there's been an ongoing dialogue interaction with CMS on these issues. I just want to say, we appreciate that fully.
The Workgroup for Electronic Data Interchange, which has been mentioned here -- and I won't repeat all of the history that Jared alluded to, but we were actually started by Secretary Louis Sullivan in 1991, the Secretary of Health and Human Services, and commissioned to look at how we could achieve administrative simplification of healthcare, and issued a report in 1992 to him. That resulted in the industry collaborating on that effort.
So we're getting a lot of value out of this vision process. We need to make it real. And in 1993, on a voluntary basis, we issued a second report, which was then turned over to Secretary Shalala, in terms of how we can achieve administrative simplification through the EDI standards and the data content standards, including the identifiers, formats, and to some degree the security inter-operability issues over the transactions.
Part of the motivation for this was to save money, an estimated $43 billion over the first six years of implementation for the industry. And it was envisioned at that time that all of these standards would be done together, not spread out over a long period of time, to achieve those savings. I did serve on the WEDI board starting in 1993, when I was with the Medical Group Management Association, so I have this history.
Jumping ahead to where we are today, WEDI has transitioned from a pointed steering committee from the secretary to a nonprofit trade association with open membership, representing seven different constituencies throughout the industry. And there are over 300 people meeting yesterday, today, and tomorrow one block from here, learning about not only HIPAA implementation but E-commerce and healthcare, and how we can improve our business models.
And one of the important things about that is that it isn't the payers' meeting, or the providers' meeting, or the government's meeting, or the vendors' meeting. We're all meeting together to discuss how we can work together to implement these changes in our industry. We have 213 organizational members, and through our HIPAA implementation process that we started two years ago, called SNIP, the Strategic National Implementation Process, or you can think about it as snipping the red tape to get HIPAA implemented. There are over 15 white papers that have been developed, and they're all available for free to everyone on our website, and there are over 5,000 individuals volunteering to participate, to create and massage those white papers to make them better. And there are 22 regional organizations that have been identified and established, including in Colorado and Utah within this region, to help organizations locally collaborate to implement HIPAA together.
I want to turn now to pages four and five of the letter of testimony that's in your packet and talk specifically about our activities over the last several months, trying to get the department's attention on some of the issues relating to HIPAA implementation.
And specifically, last year, on February 28th, 2001, WEDI sent a letter to Secretary Thompson, indicating the urgency of getting the rest of the regulations published. We also communicated to Secretary Thompson on March 21st, 2002 -- and you have both of these letters in your packet -- the frustration that was growing in the industry over the delay of particularly the two-transaction addenda and NDC code updates to the transaction rules that had not been published, and the confusion and frustration this was causing in the industry.
And quite frankly, we don't understand why we are where we are today on these issues. These two updates went through a common process with the public that Jared described. They are noncontroversial. There are no cost implications, and they've been sitting, having gone through the NC process, Secretary Thompson acknowledging NCVHS, the NDC code recision, last July.
They've been sitting around someplace in the bureaucracy of HHS since then, not moving forward or published in final form, but we understand they are now at OMB. But because of this, whatever happened between June and now, no one can complete and use the new updated transactions, which correct errors, in some cases legally, this October. They must file an extension to do that.
And there's even some doubt, because we're now in the midst of a regulatory process of NPRM -- public comment, final rule, publication, and 180-day notice and there's another 90 days at OMB in that process -- that we can even have these rules approved in time for the October 2003 implementation from a legal perspective, let alone all the programming changes that need to be made to support this transition.
And the danger or risk here is that we could have a significant disruption in the cash flow through 15 percent of our economy, the healthcare industry. And we just don't understand, for these noncontroversial issues, what is taking so long. We have a problem. And we also have, as one of the committee members alluded to -- we need to have the security regulation published so we can incorporate it with privacy and these other technology issues as we're moving along.
So this process is broken, and we need to fix the process to establish -- getting WEDI put back on track and getting the benefits of administrative simplification, that were envisioned more than ten years ago now, to play in our industry and achieve those benefits.
Now, what do we do about this? We're not just here to whine. We want to make some specific recommendations. And the WEDI board, which is meeting again on Thursday of this week, will be considering a report, an early report, from a task group that we formed a month or so ago to look at the recommendation issues. And so what I'm describing to you today is preliminary. It is not final. We'd be happy to share the recommendations approved by the board on Thursday, whatever they may be, and we'll be doing ongoing work in this regard.
But I wanted to share with you what seems to be coming out of this process, but it is not definitive from the board, since we haven't met to discuss the voting yet, and those include having a predictable process. We have a very unpredictable process, which makes it difficult to allocate budget resources and commitments to get this done throughout the industry.
Second, we believe that we should remove the minor maintenance process from the federal regulation process. Jared described the ANSI and the DSMO and other standards development process, which is open public consensus process. We would like to see something like, once we've gone through the DSMO process, of just publishing the 180-day notice for the maintenance issues, and not having to go through an NPRM and final rule process or whatever else can make sense to shorten this time period and move on.
We also believe that we need to have a high-level official in HHS responsible and having the authority to take charge of HIPAA. Under the Clinton administration, this turned out to be Deputy Secretary Thurm. We met with him. You'll see, accompanying the letter to Thompson, there were several meetings with Thurm. The most important outcome of the initial meeting was that he made a commitment to take responsibility within the department to make sure that the resources would be brought to bear to make this happen from an administrative process at the department level.
There is no such person with that responsibility identified today. Most recent communication with Secretary Thompson on March 21 resulted in a meeting we had on May 2nd, and the department officials we met with acknowledged there was no individual at the department level that has responsibility for HIPAA. There are individuals working on parts of HIPAA. We need focus and accountability, and we have no such mechanism today. It's missing.
Next, we think we should convene a joint WEDI government task force to review options to improve this process and work together with the government. We need representing or being able to bring together the industry constituents and figure out how to do this together. We don't necessarily have all the answers. I'm sure CMS doesn't have all the answers. We can work together to figure out what needs to be done and work together to do that, and we need to start that process soon.
And then finally, WEDI believes that it's well-positioned through its SNIP organizations to deliver the message in collaboration with CMS. And we've had a number of discussions with Jared and Karen about this issue, and we believe we're making progress along those lines. And we want to continue to have the extensive volunteer participation, those 5,000 people that are working on these white papers and education programs, to continue to do that and deliver it better with additional funding in collaboration with CMS, with the regional offices, and local programs. And this 22 number of established regional organizations, we anticipate that that will grow. So that the vision is that, hopefully, everywhere in the country very soon, or nearly everywhere, we will have a local organization where the providers and payers are collaborating together with their local vendors and clearinghouses and government agencies to implement HIPAA together. Thank you, Mr. Chairman.
DR. WOOD: Thank you, Steve. Next, Christine Jensen, who's a senior analyst in information systems at Denver Health. PANELIST CHRISTINE JENSEN
MS. JENSEN: Mr. Chairman, members of the committee, thank you for letting me speak today. I'll start over. Mr. Chairman, members of the committee, thank you for letting me speak today. My name's Christine Jensen. I'm a senior analyst in information services at Denver Health and, more importantly, Denver Health's HIPAA project manager.
Denver Health is the public hospital system here in Denver, acute care clinics, multiple services. I don't know if you've received a copy of my testimony, but it describes Denver Health services, some of the important volumes of patient services we provide, and some of the more interesting facts.
It's a public hospital. We have a different payer mix, certainly, than private not-for-profit or for-profit hospitals. We sometimes joke that our largest payer is self-pay, which to us means no pay. It's very difficult to send a bill to an address that's the third box under the 25th Avenue viaduct. However, we do conduct a lot of transactions with principally Colorado Medicaid, Medicare, some commercial insurance, and so on.
So the electronic transaction standards are very important to us. And as I have discussed them with staff at Denver Health, they really get kind of excited about some of the opportunities. So we see administrative simplification, the transaction and code set standards, as really a very good thing and an opportunity for us to streamline operations.
We have in our HIPAA planning two basic tenets, one of them more important in terms of privacy and security, that nothing we will do with HIPAA will impact our providers' ability to give care. If we do something that prevents them from getting access to patient information when they need it, where they need it, and what they need, then we have not done a good job of implementing HIPAA.
A component of that tenet that is more important to the transaction standards is we must take reasonable approaches and be cost-effective in what we do. Again, we're a public hospital, and we need to continue the mission of serving the underserved populations in Denver County.
I'd like to address about five or six basic issues. One of them, and you'll hear this probably over and over again, is the plea about the rule-making process, to speed this up, to coordinate the rule process. Specific to the transaction standards, we also have identifiers -- employer identifier, provider identifier, and health plan identifier.
When you look at the implementation guides, there's place holders for these identifiers in the standards, but the final rules and in some cases the proposed rule has not yet been published, which means that October 16th this year, October 16th next year, doesn't make any difference. We're not going to have these rules in place, which means that I implement transactions absent these identifiers.
We do our testing. We do our system remediation. We do process remediation. We begin to use the transactions as they will be defined, and hopefully that will be with the addenda that are published and the removal of the MNDC codes. But then we'll get the identifier codes, and we'll do, albeit perhaps on a more limited basis, more system remediation and more testing to ensure that those function. So that process and the fragmentation of that process has not helped the efficiency of the healthcare industry in that perspective.
With regard to the security rule -- and thank you for speaking to that. Actually, the security rule is embedded in the privacy rule. There is a section that says one will take the appropriate administrative, technical, and physical measures necessary to protect the privacy of health information. That is the security rule.
So we will implement what we think is going to come down the pike in terms of the security rule and then potentially have to, you know, take some additional steps, go down a slightly different path, whatever. Again, doesn't help our efficiency. It uses up our resources that could be better used in other manners. So please, HHS, try to coordinate this rule process. Please get all three of those identifiers out on the same day, so we will have to deal with them once and not three separate times.
As I said, we're very excited about the transaction standards, the code set standards, and what those will mean for us in terms of simplification, but as exciting as that is, there are some loopholes. HIPAA applies to covered entities, which is health plans, healthcare providers that conduct transactions electronically, and clearinghouses.
But excluded from health plans is one important pair in the healthcare industry, and that's auto insurers. Anyone who comes in after an auto accident, typically, that insurer is a primary payer. Auto insurers are not a covered entity under HIPAA, so they can continue to say: Here's the format we want. Here's the codes we want. We want it on paper. We don't want it electronically, that sort of thing, and we can't say no.
With other health plans, be it a Blue Cross, Medicaid, Medicare, HMOs, those kinds of plans are all covered and will accept the standard tranactions. So again, we have a little bit of fragmentation. It's close to standard but not quite there.
So I would really urge HHS at some point to look at extending the rules to other kinds of payers -- auto insurers, homeowners that may pay claims for an accident in the home, Workers' Comp carriers.
Coordination of benefits. In healthcare, we have individuals who come to us with primary insurance, secondary insurance. And certainly, the transaction standards will allow us to better conduct those transactions electronically. We will send what's an 837 transaction, a claim, to a primary payer. They can send the 835 back to us with all of the payment information, the codes they use to adjudicate the claim. We can then put those right into our system and create a second 837 to the secondary carrier, or tertiary carrier if there is one.
HIPAA doesn't require that payers conduct what's called provider-payer-payer coordination of benefits. They can do that if there's trading partner agreements, but it's not required. So what will happen is what I just described. We send a claim to a payer. A payer sends payment back to us. We create a second claim. It goes up to the second payer, and so on.
It would provide much more efficiency, ultimately, in the healthcare industry if payer-to-payer coordination of benefits was required. I believe Medicare does that with their secondary payers, but most other companies do not.
HIPAA allows health plans to decide whether they're going to offer realtime or batch transactions. Realtime is, obviously, we send a transaction to them. They respond real -- they take it and respond. We can also send transactions in batch. And batch makes a lot of sense for things like claims, for them sending payment to a provider. But there are times where a batch transaction doesn't make sense, and that's principally in the eligibility transaction.
When we have a patient arrive on our doorstep, we want to know if they have the insurance that they've presented a card for. Again, we're a public hospital, so we have kind of a unique situation in our population -- having insurance cards that don't belong to them, sharing them among, you know, families in the apartments, that sort of thing. So we really want to be able to check eligibility realtime. But if the payers that we're dealing with say no, we're going to do a batch, and you'll get a response in 24 or 48 hours, it doesn't do us much good.
There are processes we can use. For example, with our appointment system, we can create a report and generate a batch transaction, say, 24 or 48 hours prior to the individual arriving. But again, we have a lot of same-day appointments, and certainly, with our urgent and emergent care, we want to know the status of their health insurance.
Another component of the rule is direct data entry, and direct data entry means that providers -- that payers, excuse me, can offer providers the option of going to a website, to a terminal they may have placed in the office to conduct a transaction, put in some patient demographic information, and find out about eligibility. That's certainly a benefit in many cases.
They also have to offer the electronic version of that transaction, and I certainly don't want to see that eliminated. We feel that the electronic versions can much more benefit, in the long run, our systems. We send off a transaction electronically, not going to a separate terminal, to a website, writing things down. For example, with our authorization right now, of course, that's done by phone and fax. If we can do it integrated into our systems, we will use our front-end systems, generate an authorization request, a 278 transaction, send it off to the payer. They will respond with a 278 response, and we can have their authorization number populate our systems immediately.
It's a little bit more efficient. The biggest thing it doesn't do is we don't have data entry, either on their side or our side. So please don't eliminate or give them the option to just use direct data entry. The EDI component is very important.
Lastly, trading partner agreements. Trading partner agreements are agreements that health plans and providers can enter into. There are places in the implementation guide where there may be situational data elements. A health plan may need a data element to best identify a member to adjudicate a claim. So they can come to providers and say: We need you to include this. This is the situational data element. And certainly, that can be backed up by the use of the implementation guide. They can also define the sizes of batches, the use of acknowledgement transactions not defined in the rule itself.
However, and this is based on somewhat limited experience in contacting the health plans with which we deal, they're saying: Trading partner agreements, oh, yeah, we're not thinking about that yet. And one of the reasons they're not thinking about it is because of the extension. They've kind of put that on a back burner. My fear is that, come the 14th of April, 2003, we're going to start testing -- I'm going to have a health plan come to me in September of 2003 and say: Oh, now we want to include a trading partner agreement, and we need to have these particular elements included. That month that they could come to me doesn't give me very much time to do adequate testing.
So I would -- it may not be the purview of this committee, but I would really plead that the information has to go out to the health plans, that they need to get working on trading partner agreements so we can be efficient and effective in our testing and really have systems that work well come October of 2003. Thank you very much.
DR. WOOD: Thank you. Carolyn Bruce, who's the Executive Director of the Western Healthcare Alliance.
PANELIST CAROLYN BRUCE
MS. BRUCE: Good morning and thank you, Mr. Chairman and members of the committee. My name is Carolyn Bruce, and I'm Executive Director of the Western Healthcare Alliance here in Colorado. We are 501(c)(3) and have 28 rural health facilities involved across the state in our organization. We were formed in 1990 through a grant process, and it's really been a model for collaboration in the state of Colorado.
We don't own or operate any of the facilities, and that's kind of critical to our discussion today, because one of our main objectives and missions is to reduce the operating costs and increase efficiency for our members, but we don't have the ability to mandate any action in any one of our facilities. So HIPAA, for example, has been a great opportunity for us to collaborate and bring the group together for education and implementation.
So we started actually early in 2001 as a group. I've got 28 bosses, all CEOs of these facilities, across the state. And they said: Carolyn, what are we going to do about these regulations? I'll just refer to them today as HIPAA, but obviously it's administrative simplification. They said: Carolyn, what are we going to do about HIPAA? Can we work together? Are there consultants we can use?
Fifty-four percent of our members have a negative net margin, so as you can see, it's very critical that they work together in the very best way they can to reduce costs, even of consulting and implementing these types of regulations. But they identified four general concerns and then have also helped identify four solutions to those issues and concerns, and that's what I'd like to go over with you today.
This has been mentioned I think a little bit before, but there's been a real lack of awareness in our state with regard to HIPAA. In other words, we're working with a lot of payers and providers, pharmacies, long-term care facilities, etcetera, and we hear a lot of basic questions still being asked, such as who must comply with HIPAA; what are the requirements; how do we comply; who's going to help us. So we're still facing a lot of confusion.
They have felt also that there has been a lack of direct communication from one main government entity. They work with CMS. They work with the Office of Civil Rights. We work with HHS as well. But they are still asking questions with regard to who do we go to for direct information; where do we find the exact rules. Keeping in mind, in rural Colorado, just even only six months ago we got some of our facilities on the Internet. So, you know, technology is not as advanced in our rural areas as in some of our urban ones.
But this lack of direct communication has made it very difficult for hospital staff members to get buy-in from their physician groups, from their senior administrators, or from their trustees, and without that buy-in, the resources often are not allocated.
Well, that brings us to a third issue, resources. In rural hospitals, as I mentioned, where 54 percent of our members have a negative net margin, 44 percent statewide of hospitals with beds under 50 have a negative net margin. That's the reality. They don't have a lot of human resources. They obviously don't have capital resources.
And what this has meant for them, although they see the opportunity in administrative simplification -- what this has meant is they need a long lead time to implement.
They coordinate. For example, one rural employee, rural hospital employee, said: I am the hospital risk manager, the compliance officer, the human resource director, physician staff coordinator, and now I'm the HIPAA privacy officer. She said: I'm trying to do a good job, but I worry that we don't have enough time to address all of the issues. That's very common out in the field.
One CEO told me: We believe in enhancing the privacy and security of patient health records, but I worry that we lack the technology infrastructure to comply. Where will we get the capital to improve these systems? I need a new x-ray. I need nurses. Where am I going to come up with the dollars?
And realistically speaking, HIPAA compliance does require modernization of rural health information systems, in other words, more capital. So that's a major concern for our rurals.
The last issue that we wanted to identify today is a lack of awareness with regard to the whole HIPAA or administrative simplification process with our partners in community health, because covered entities, as you well know, include counties, their health departments, long-term care, pharmacies. And our hospitals, our rural hospitals, work with them to provide primary care in their community.
I think the one comment I got really demonstrates the confusion and lack of awareness that we're working with. A Colorado county commissioner called me and said: Carolyn, we got your information about HIPAA, but we don't think we need HIPAA, because -- we don't think we need this HIPAA. Our employees already have health insurance.
It's like, okay, back up the train. But you know, it's just critical in these rural areas. Once again, I hate to keep hammering it, but when you have no capital, when you have no margin, it is critical for you to work with your partners in community health. It's the only way these folks get things done.
But at any rate, as Steve said, we're not here to whine exclusively. We have a few solutions that we'd like you to consider, and this has been mentioned before. It would be extremely helpful if we had a lead person in a lead agency for HIPAA implementation. And obviously, it makes sense at the HHS level. We would love a direct communication from them.
The reason this is important -- and it may not be, you know, applied exclusively to rurals, but the reason this is important is if you have a letter from HHS or from CMS, for example, and you can take that to your administrator, and you say: See, we aren't going to get paid after October unless we start working on it, there again, it takes a long lead time in rurals. And this would allow them to work towards implementation.
And you've heard me say it 40 times. We need money. So we would make a recommendation that perhaps, through a rural health grant process or either a federal subsidy, that we assist rurals in the implementation of these provisions.
With regard to the communication and awareness issues, I was asked to tell you a little bit about what we consider to be a best practice for communication and education, and that is our compliance model. We started working with the hospitals, as I said, in early 2001. We invited a lot of experts over the summer of last year, and by September we issued an RFP to consultants nationwide. And we asked them: Would you work with us in this network model, provide us education and consultation in a group setting?
Well, I have to tell you. We were turned down flat by most everyone, because it is much better to have individual consulting engagements with hospitals. But we did find a legal firm. We did find a legal firm in Denver, Colorado, Foley & Lardner, who actually designed and is now teaching a 13-month program. Talk about long lead-in time.
Month by month, we are tackling provisions of HIPAA. We've gotten more than 160 people participating on a monthly basis. They're devoting one to one and a half days a month. Provision by provision. So that's kind of how we address the issues. We're sharing the costs. We're collaborating with Colorado Hospital Association and with the SNIP organization as well. So collaboration is definitely the name of the game in Colorado for implementation.
And lastly, and you've heard this several times, we need the final rules as soon as possible, because as you can see, in our particular situation, when we pay for consulting month by month, every time a rule is changed, there's more uncertainty. There is rework. Our consultants are back, you know, rewriting the policies, the forms, and the procedures. So it adds costs and there again leads to more delay.
One last thing with regard to communication. I did discover a best practice here in Colorado, and that would be with Spencer Ericson's six-state-region CMS office. We learned that CMS in this region has actually compiled a list of every provider who has ever submitted a claim electronically or by paper. They will be communicating directly soon.
They also have had kind of the town meetings with payers and providers, and they're working with networks like Western Healthcare Alliance. And so we really applaud their efforts and hope that that type of approach would be taken nationwide. Thank you very much.
DR. WOOD: Thank you. Dr. Virgilio Licona. PANELIST VIRGILIO LICONA, M.D.
DR. LICONA: Thank you very much, Dr. Wood. I am Virgilio Licona and am here today to represent the united 3,500 members of the American Academy of Family Physicians and share with you just a couple of thoughts, if I may, in terms of how some of this is going to be impacting family physicians. And I think you can extrapolate to primary care physicians from that also.
I am here not as an expert on HIPAA by any means. I am just a family doctor. I am the immediate past President of the Colorado Academy of Family Physicians and am a staff physician at Plan de Salud del Valle, which is a migrant and community health center in Fort Lupton, Colorado, about 35 miles northeast of here.
And so within that context, what I would like to do is just share a couple of ideas, if I may, in terms of some of the impact that the rules, as they are promulgated currently, will impact family physicians, and then share a couple of messages in terms of recommendations that the American Academy of Family Physicians would like this group to please consider.
I don't think I'll go into background, because you've heard that extensively thus far, but I would like to emphasize that the AAFP does believe there are many parts to the changes that are occurring that are very positive. I guess one of the important ones, Ms. Jensen has just sort of taken away, and that is our impression, at least for the majority of the billing that we do, we will be able now to have a standardized approach to what is occurring, irregardless of the payer.
Now, that is not true of the auto insurance industry and some others. So we would wholeheartedly really support the recommendation that she's already made. So there's some real positive things to this, and I think there is support within the family physician movement for it.
However, there are some significant risks that are associated with this industry-wide re-engineering and the computerized business processes, and I'd like to hit just a couple of those. And as is in my written testimony, put simply, HIPAA/EDI requires that -- a significant upgrading or replacement of every physician's office practice management software and accounting system.
Now, I would like you just to please focus on what we just heard about the hospitals in rural Colorado and where margins are. And if you could, for just a moment, think about what's occurred over the course of the last 10 to 15 years in primary care offices, the number of back office personnel that have had to be added in order to be able just to maintain the paperwork. So on the one hand, we're seeing some streamlining. However, on the other hand, we see great expense that's going to be occurring as a result of this also.
Replacing a practice management software system is a difficult process and is only to be undertaken as a method of last resort in most circumstances, and claims-processing usually is heavily impacted, with the resulting cash flow problem for the physician.
And I would want to emphasize this. This is not a self-serving comment, however. I am not in private practice. I have, throughout my career, been a salaried physician, but that's not what the majority of the physicians in the AAFP are, and I would have you consider the impact on my colleagues. In addition, if the practice management software systems are interfaced to a variety of departmental and clinical systems, these must also be changed to accommodate a new system.
Now, in the community health center system in Colorado, we're on our third phase now of trying to get a unified computerized system that all of us can theoretically use. I remember the first time in the '80s and about the mid-'90s, and now we're on our third round. We've not been very successful at this. The programs that are out there are not really able to deliver what is promised. And this is an ongoing, very expensive venture at any level that you have undertaken.
So these things being said, the up-front conversion costs and risks of disruption of services and claims-processing created by HIPAA/EDI for the family physician's office could have a significant impact on patient access.
And I'd like to just digress for a moment and talk about the role of the family physician in healthcare delivery in the United States, so that you understand what we're talking about in terms of impact. Patients made over 200 million office visits to family physicians in the year 2000, over 200 million, 79 million more than for any other specialty in the practice of medicine. I would hope that's an astounding figure to you, because it just emphasizes the fact that one out of every four office visits in America is to a family physician.
Family physicians care for 25 percent of all of the female patients in the country and for about 20 percent of all of the children in the country. We are, without a doubt, an incredibly important part of the delivery system, and I want to focus not on that but the impact that that delivery system will suffer because of the implementation and some of the things that you've already heard about, misunderstanding. And I've practiced in rural Colorado, so it's not that we're resistant to learning or not educable, but this is some big-time stuff that we're having to deal with. In addition, family physicians are a vital part of the safety net, which is the area in which I work.
Both the cost of HIPAA/EDI and potential disruption to office management systems will create variance to patient access and to timely medical care. And that will be just on the very fact that trying to incorporate all of this is going to really take time away from patient care and patient focus in order to get this done.
So where this part is critically important -- we want to move forward. Where that can be streamlined, however, we think it's important. So I have a couple of recommendations to make in just a second.
Unfortunately, early indications are that the software market that physician practices will rely upon are in turmoil and that the transition will not go as smoothly as anticipated. The comments that have been made already thus far I think truly speak to that.
The practice management system vendor market is currently made up of many small proprietary companies, each of which has a fractional share of the market. And at last estimate, somewhere around 400 is what we're talking about. A few big firms, whose systems are both more complex and more expensive, will cater to the larger group practices. Vendor approaches to meeting the HIPAA/EDI regulatory compliance requirements of their customers have been difficult to understand or research about, and they may limit the customer's practice business options.
And clearly, the vendor that we deal with is assuring us that they are and will be HIPAA-compliant. I have no idea how they're doing that. I have no idea how they're making those assurances, but we hear that. We heard it as recently as the day before yesterday from them, and that if they're not, that they can become, whatever that means.
Further, for the average family physician trying to understand his or her responsibilities under the compliance deadline, this lack of information makes it impossible to research or to compare possible software packages. And this is an important issue, because I'm talking about thousands and thousands of physicians there that are covered entities that have to comply, but having the lack of consistency that's necessary.
So here are some of the ways that we feel that this is really of concern for us. No. 1, the cost of becoming compliant is unknown, but the estimates are somewhere between 5,000 and $20,000 per physician. That $30 billion or 42 billion is not what we're looking at. We're looking at the costs that are before us right now.
The cost is likely to be much greater, probably, to small providers, relative to their revenues, than it will be for large providers, clearinghouses, and for health plans. The obvious -- because vendors and office-based practice management software are themselves not covered entities, not covered, and therefore have no mandate to become compliant with HIPAA, they are free of the urgency that attends to medical practices and their statutory obligation to comply.
Secondly, trading partners, as was addressed earlier, that support the administrative exchanges of family physicians are a very diverse group, ranging from Medicare to large health insurance companies and health plans, self-insured third-party payers, repricing firms, and even some employers with direct contracting relationships with providers.
The information technology currently in place in these organizations varies widely, and there's reason to believe, or at least a concern that we have, that some of these smaller entities will not have the capital budgets or the expertise to upgrade to HIPAA compliance. The result could well be an interruption in the breakdown of, rather than streamlining, the administrative data exchanges and claims-processing.
DR. WOOD: Dr. Licona.
DR. LICONA: Yes.
DR. WOOD: Could I have you skip ahead to your recommendations because of the time, unfortunately.
DR. LICONA: Yes. I have two recommendations. Thank you very much: One, that HIPAA requirements should extend to all parties most directly involved in making medical practices capable of full compliance, including vendors. And that would be the message I would leave as No. 1, of practice management software; and secondly, that payers and health plans should be limited to the amount of variation and configuration requirements. Family physicians need to know that there will be a single-payer, if you will, implementation of the standards and not several versions.
And physicians' offices can already anticipate a great deal of payment delays and interruption to normal delivery to those 200 million visits that we saw in the year 2000 because of this.
So I would ask you as a group to strongly consider the issue of vendors being covered entities, and also that there be a limit on the configuration requirements that can be put forward. Thank you very much.
DR. WOOD: Thank you very much. Last, actually, also from the WEDI board and the Senior President of Anthem Blue Cross/Blue Shield, Mr. Robert Heird.
MR. HEIRD: Mr. Chairman, I think I understand the direction here to pick up the pace.
DR. WOOD: We'd like to have some time for the committee members to actually engage all of you in some discussion, because we're anxious to take advantage of your expertise.
PANELIST ROBERT HEIRD
MR. HEIRD: So I'll do my best to help the committee be successful in that regard. I am with Anthem Blue Cross/Blue Shield, as was just stated. Anthem's one of the nation's leading providers of healthcare benefits, life insurance products. We provide dental and vision products as well as pharmacy benefit management in eight states. We, as a Blue plan, touch almost eight million American lives. In addition to all of that, we're also a part of WEDI, and as was pointed out, I'm delighted to be a member of its board.
I'm testifying today on behalf of the Blue Cross and Blue Shield Association. The association represents 43 independent Blue Cross and Blue Shield plans that provide coverage to approximately 84 million Americans, or one in every four of us. We appreciate the opportunity, as the association, to be here today and to share our observations about the business challenges facing the industry in implementing the administrative simplification provisions of HIPAA.
And we are encouraged by, in fact, that formation of this group and your diligent work to try to find ways to reform the regulatory process. And I think I heard unanimity among all of the speakers this morning about that need.
Congress did pass the HIPAA statute in 1996, and to date, six years after the passage, we've only had two of the initial set of rules published -- transaction and codes, and privacy. As was pointed out earlier, we're still waiting for rules on security and all of the identifiers, as well as additional transactions that are appending claim attachments, which actually represents a whole category of additional transactions, as well as the first report of injury.
And due to that very complicated set of regulations, which are set to simplify the process, because of the industry's difficulty in complying, as was pointed out also, we are engaged now in an extension process that's up to each individual covered entity to decide whether or not it should apply.
We support the notion of administrative simplification. We were a part of WEDI on day one. We, as an industry, recognize that the need for proprietary transactions, to collect and share information, has long since passed, and the need for proprietary code structures has long since passed. And so we're all in agreement, perhaps radical agreement, that the standardization process is appropriate. The question is the timing, the pace, and the consistency with which those regulations and implementation guides are generated.
We struggled with planning, as releases have been spaced out over time, and I'd like to talk a little bit about what those rules are. Moving quickly to our first recommendation, we'd like to recommend that HHS convene a multidisciplinary industry group to advise the department on the adoption of future standards and codes and consider credible cost benefit analysis before standards are adopted.
These administrative simplification requirements of HIPAA set in motion a continuous, in fact limitless, number of federal mandates governing electronic transmission of health information. The standards are being developed by a whole set of very talented individuals, who clearly understand the health insurance technical and information needs but not necessarily the larger impact on the business processes which those information systems touch.
While the law requires any standard adopted to meet the objective of improving the administration of the health system and reducing administrative costs, the standards development process does not incorporate a critical assessment of the true industry needs of evaluation of alternative solutions and a credible cost versus benefit analysis. While the legislation was well intended over time, the implementation process, in our view, has lost sight of the law's intended purpose and has become so complex that it needs to be reevaluated.
Many of us, as Jared Adair pointed out this morning, have considered HIPAA administrative simplification essentially an IT requirement. And we note the transactions, and we think about those as claims transactions, but in fact they're all interrelated. And as we, as Anthem, took these regulations apart, we noted the ripple effect of these transactions throughout every aspect of our organization.
A claims transaction impacts member service systems, impacts provider service systems, impacts underwriting, impacts sales proposal systems. And so these aren't eight transactions. They are in fact the entire operation, the entire back room of a health plan, the entire back room of a provider. And so it's much more complex than eight, nine, ten transactions, and so that's why it's so important, from our point of view, that we consider the cost benefit analysis of these changes and not just simply whether, technologically, it's possible technologically. It makes good sense for us.
We believe that this kind of work group, tearing apart the rule and regulation from the sense of the cost benefit analysis, and the impact on the business, and whether value is being added to the healthcare system through these changes, is critically important.
An example of something that's pending now before the Committee for Vital Health Statistics is the proposal migration from ICD-9 to ICD-10, procedure and diagnostic codes. And while the committee has held hearings on the issue and has heard testimony from many very competent, qualified coding experts, it has not evaluated the impact of the migration of ICD-10 on all aspects of the industry.
Converting to ICD-10 would be a monumental undertaking. The entire industry, whether you're a payer, or a provider, or a clearinghouse, or a vendor, whether you collect data, you pay for data, you analyze the data, would make extensive changes to their systems.
These codes are the underpinning of the operations of all of those entities that look to deliver and finance healthcare. We've recommended to the NCVHS that the committee thoroughly evaluate the impact of such migration and assess the alternative options. And while they appear to support Blue Cross and Blue Shield Association's recommendation, they may indeed commission a study to evaluate industry impact. This team should be implemented before any standard is adopted and additional costs are incurred. We certainly have heard a lot about the cost of implementation this morning. We believe that such a multidisciplinary team is essential to the development of good rules in the future.
Second, we'd like to see a -- postpone mandating additional standards and modifications to the additional transaction and code set rules until these initial rules are successfully implemented. The exception to that would be the appending modifications and addenda to the transaction and code set rules.
We are not yet finished implementing the first set of rules, and already there's conversation under way to consider changes to the rules and another round of implementation. We would argue, in fact, that let's get this initial set of rules implemented. Let the dust settle. Let's understand what the other continuing issues are that will evolve as we do testing internally, testing with trading partners, and actually operate under this system for a period of time before we move forward with a whole new set of rules and, in fact, we end up in HIPAA version two.
In fact, the standards development organizations have a whole series of other changes that are pending. The X12N group has an inventory of up to eight updates or new implementation guides that are in process. HL7 has six additional attachments that are under consideration, and HHS has six claim attachments that are pending before them currently. We have yet to implement the first round, and already we have this next wave coming. So getting all the rules out fast isn't necessarily a good idea from our point of view, because there's a huge inventory of work coming out.
So many of these new standards and additions are important. In fact, Blue Cross and Blue Shield Association and our member plans are a part of these work groups to try to set out the right standards. We just question whether the timing and the cost benefit analysis for every change that's being considered in fact has been well thought through.
Third and finally, the HHS approval process must be streamlined to ensure that modifications to final rules are issued in a timely fashion. The administrative simplification established these standards for a very fast-changing and consolidating industry. At the same time, that technology is evolving and changing just as rapidly.
Less modification to final rules can be adopted in a timely manner. They are effectively obsolete before they are enacted, and the implementation process becomes even more costly. Delays by HHS in publishing these needed modifications to the final rules create an unpredictable environment for business and therefore have driven up implementation costs, in fact could create an emotional blockage for some organizations moving forward because of the uncertainty of those final rules.
The industry is committing significant resources now towards expensive and time-consuming changes to implement the initial set of administrative simplification rules. These changes are becoming more costly and more complex, and we still have a lot of work to do. It's imperative that HHS release these regulations, the addenda, and modifications as soon as possible.
In summary, Blue Cross/Blue Shield Association believes that the HIPAA administrative simplification process needs to be reevaluated to be more efficient to meet the goals of administrative simplification, cost savings, and reduce the complexity, and at the same time to meet the industry needs for value.
At present, there is no end date in sight as to when all of the HIPAA mandates will be final and for other changes so the health industry information structure/infrastructure can proceed according to market needs. We believe that the establishment of a multidisciplinary team to evaluate the impact, the needs, and costs of additional standards, coupled with a temporary hold on new standards beyond the addenda and the modifications, and streamlining the rule adoption process are necessary and will truly simplify the administrative simplification. Thank you for, again, the opportunity for us to provide comments, and we look forward to the committee's conclusions.
DR. WOOD: Thank you, Mr. Heird.
From the perspective of managing time here for the committee, we do have some technical advice experts who will be on the line with us as we go through our subcommittee reports. So we have to stay relatively well on time. That leaves us very little time for discussion here. Mr. Tom Hefty is on the phone and I'm sure will have some interest.
And while Dr. Nielsen is leading off with her question, I'll have Tom think of his, and I'll recognize him next. We have about ten minutes that we can use for this. So Nancy.
DR. NIELSEN: I have three quick ones, probably asking our CMS colleagues to answer most of these. Is this on? Is this on here?
DR. WOOD: Go ahead, Nancy.
DR. NIELSEN: All right. You heard a lot. This was not my original question, but you've heard a lot today, and we heard it in the Pittsburgh hearing as well, about covered entities and non-covered entities. And while it is -- while physicians clearly feel that they've been, at least with the privacy -- the privacy ranks, that we are being made, as covered entities, to sort of become the statutory extension to the non-covered entities, because we bear the burden of all of it, we too would like everybody who's involved in this whole mess to be a covered entity.
But my basic question is: Doesn't that take a Congressional action? I mean, that is not within the purview of CMS, I don't think. That's my first question. Clarify how one -- how the definition of covered entity might be extended, as you've heard today.
My second sort of question is more a comment. You've heard some -- a number of people today say: Let's do this fast. Let's get this stuff out fast. But of course, inherent in all of that is do it right, and then ultimately it's do it once, so that everybody knows what they're complying with.
And along those lines is what was my original question, is: Going to the transaction standards, wouldn't it be a lot simpler, instead of asking hundreds of thousands of providers to file for an extension, for CMS to delay implementation?
MS. ADAIR: Can we take it in reverse order? Do you mind? Your last question had to do with the ASCA legislation and why we're requiring people to put in a form to ask for it. The Congressional mandate was very clear, that we had to have people file for the extension. It was not -- they actually did consider two pieces of -- at least two pieces of legislation, and one did have, as you propose, just to 61 automatically extend the date.
They chose not to pass that piece of legislation -- or proposal. They went to the one that required people to send us an extension and required us to come up with a model extension plan and to be forthcoming, actually require that it have certain pieces of information -- what was the budget; what was your implementation strategy; whether or not you were going to use a vendor. So it was very specific as to what we were to do there.
DR. NIELSEN: So Congress did it?
MS. ADAIR: Yes. And now I'm going back, not following order specifically, but you asked about the covered entity. And to follow up on that, we believe that we would need additional Congressional action to include some of the parties that you heard referred to today, which was, for example, auto insurers and things along those lines. And I'm going to let Karen do the middle one, mostly because I lost it in my mind. I'm sure she kept track. So sorry.
MS. TRUDEL: The middle one was do it fast but do it right and do it once. And we are also, of course, hearing the fast part, and we're running just as fast as we can. Do it right -- I would say that part of the reason that we are not finished at this point is that we have gone so far out of our way to make sure that we talked to all the possible constituencies. 62
One of the things that I have never heard, in all my discussions and the conferences that I've attended, was that "you people are not listening to us." So I take that as a compliment, and it's sort of the flip side of the coin.
Do it once, that would be really nice, but I don't think that's ever going to happen, because standards are an evolving process. And if we do it once and we stop, and we don't go back and continually reevaluate people's needs and the environment changes, then the standards will become stale and useless.
DR. WOOD: I'm going to ask Mr. Hefty if he's there by telephone and would have a comment or question. Tom? Not there. Okay. Let me ask Michele first, then Tony, and then I'll go to Heidi, assuming I have time. I have about five minutes.
MS. EVINK: As a hospital pharmacist, I've been particularly interested in, first, the change to the implementation of J codes, and a wider area with OPPS, and then the possibility of NDC, and then the not possibility of NDC, and the continued possibility of NDC. And I'd kind of like you to speak to how standardization of drug product can operate outside of the previously recognized standardized codes, the NDC codes. And I understand that there's problems with it, but I would like you to speak to it.
MS. TRUDEL: Okay. I'll do my best, mindful of the 63 fact that I could talk to you about that for half an hour, and Dr. Wood's not going to like that. There were a number of discussions --
DR. WOOD: I learned the light trick, by the way.
MS. TRUDEL: There were a number of discussions in the context of the proposed rule as to whether J codes or NDC were the appropriate way to go for drug codes. The national drug codes are extremely granular. They talk about not only the drug itself but the package size and who manufactures it. The J codes, on the other end of the spectrum, are extremely kind of rolled up. And we adopted the NDC, and what we got back in terms of industry input was you really picked -- you backed the wrong horse. This is not right.
There are some other initiatives under way to develop other drug-coding systems that would possibly meet somewhere in the middle, where you would be talking about codes that relate to similar -- help me out if you're a pharmacist.
MS. EVINK: Like a class code?
MS. TRUDEL: Yeah. That may at some point in the future be the right way to go. What we were concerned about was we had two viable options right now, and the one that we selected did not seem to be the right thing to do for parts of the healthcare industry, with the exception of the retail pharmacy.
MR. FAY: Thank you, Mr. Chairman. I just wanted to 64 add on to Michele's comment. I'm not really looking for a response, but two major issues with not using the NDC code: The first issue is if we do end up with a Medicare drug benefit, and let's say it's a Part B type of benefit, it may prove difficult to build those through a J code type of scenario, because they are general classes. It would probably need some more of a refined way to designate the drugs, like NDC.
And then the second issue is with the LEDI recommendation to go to some sort of a physician order entry or a computerized or an entry system for drugs. Most of those order entry systems, if I understand correctly, are driven off of NDC codes, because they are very specific as to the type of drug. So you have a situation where there will be a disconnect in the LEDI interface between payers and so forth, having J codes at that level and NDC codes at the clinical level.
MS. TRUDEL: We recognize that there may be changes in the future that would cause us to rethink this position, but in this initial HIPAA One implementation, the NDC appears to us to not be the right thing to do right at the moment.
DR. WOOD: Heidi.
MS. MARGULIS: This is mostly for the person from CMS, but I believe Mr. Heird, on behalf of the plans and his association, could comment as well. And that is that these 65 standards and these rules are being promulgated at the same time that insurers are implementing the ARISA (phonetic) claims and appeals rules, and at the same time implementing state prompt pay payment of claims laws, all three of which have many conflicts, none of which -- any of the three entities -- are asserting any sort of preemption, causing insurers to dedicate unnecessary administrative resources, again, taking away from benefits and services from consumers that which they need to implement to ensure compliance with all three of those sets of rules and regulations.
So the net-net of this would be to ask you to consider what else is going on within administrative agencies that impacts the rule upon which you are working, as well as to consider your colleagues at the state level in terms of related laws and regs that they too have enacted and are implementing. Thank you, Mr. Chairman.
DR. WOOD: Do you have any comment for that, Mr. Heird?
MR. HEIRD: Point well made. We recognize that we have not just a new regulator for the industry, Health and Human Services, but rather the federal government and all of its branches, and the integration of rules. It was critically important just simply at the federal level, what's required on an explanation of benefits, as stated by the Department of Labor, versus what privacy might allow through HIPAA. And 66 reconciling all of those things will be done plan by plan by plan and in court by court by court.
And it certainly would be interesting and more effective if, when the rules came out, which probably slows things down, if it were all integrated. And the simplification that we're creating through HIPAA in part is being taken away now because of the regulatory morass between all of the individual states, a company like ours that's in eight states, and like yours that's in multiple states. And trying to reconcile all those rules and regulations in a common system, in a common structure, in common contracts, is nightmarish. And so that's a very good point.
MR. TOBY: Mr. Chairman, if you have time, I have one question.
DR. WOOD: Unfortunately, Mr. Toby, we're at a point where I need to keep us on track, because we do have, again, people joining us by phone, and we need to conclude this panel. I apologize for having to preempt the discussion. We can take about anywhere from a two to five-minute break to let the staff get set up for the discussion of rules and procedures that we need to adopt. I want to thank all of the panel members for their contributions this morning, and I want you to know that it's been extremely helpful to us in thinking about how we want to move forward. So thanks very much.
So we have about a two to five-minute break here 67 while the staff gets set, and then we'll start in on our committee business.
(A recess was taken from 10:45 a.m. to 10:55 a.m.)
COMMITTEE BUSINESS
DR. WOOD: We have a large amount of business to go through, and this is the first full meeting that we have had since Washington. And in order that we may handle our affairs in an official fashion, there are a set of rules that will require our adoption.
These were sent to you in the form of a draft memo for guidelines for the Advisory Committee. You should have had an opportunity to review them in terms of the process, particularly in terms of the definition of a forum and how we will proceed. I don't want to go through that in detail. I think they're relatively straightforward.
I want to emphasize that the process that we will use today is to recognize the tremendous work that has been done by each of you individually in the form of your subcommittee. The subcommittees actually have been at work on several major issues, and the process that we want to use today is to have the subcommittees present their reports. The subcommittee chairs will give us a set of recommendations that the subcommittees have reviewed and which they consider to have a strong enough consensus for unanimity of opinion at the subcommittee level that these would be recommendations that 68 the entire committee would accept.
Those will be placed on a consent agenda, and then we will ask each of you to look at those issues that are on the consent agenda. And I will ask if there would be any member of the committee who would have a concern about what is on that consent agenda. And that concern could be simply, "I'm not quite sure what it means. I need more information," a clarifying question, or it could be, "I would like a bit more discussion about why this recommendation might be in play before I make a final decision," to frankly a strong objection.
If there is any member of the committee that has a concern about any item that is on a consent agenda, we will move that to the period of additional discussion. And after we have then finished going through the consent agenda, the remaining items that are left on the consent agenda would be moved by the chair of the subcommittee for adoption, with a second by another member of the committee, and then we would vote on that group of recommendations in a block to move forward.
As we go forward, I'll have to make sure that we keep track of items then that are held for discussion, and we'll have some later time. If we can't get through everything in the time frame, we'll have later time tomorrow to do that. Mr. Martin. 69
MR. MARTIN: Mr. Chairman, I interpret that to mean, then, that we would hold our questions, no matter how simple they may be or that they seem to us, until they are in the discussion agenda and simply remove them, no matter how simple our concern with them?
DR. WOOD: Well, actually, I think in general, yes. I think what we can do is as the subcommittees present their list of questions, if you think it is just a very simple question and, with a clarification, could allow something to remain on the consent agenda as opposed to going into discussion, we'll try to accommodate that.
Are there any other questions about the process that we intend to follow? Is there a motion for adoption of our definitions of forum and process?
MR. FAY: So moved.
DR. WOOD: Is there a second?
MS. MARGULIS: Second.
DR. WOOD: Are there any other questions or items of discussion? All of those members in favor of the adoption of our rules, please signify by saying aye. (Several say aye.) Are there any members opposed? The rules are adopted. Mr. Fay has the distinction of being the first subcommittee chair to present, so yours is the floor, Mr. Fay. REPORT OF THE DATA AND INFORMATION SUBCOMMITTEE
MR. FAY: Thank you, Mr. Chairman. And I will talk 70 fast, which is pretty hard to do if you happen to be from Nashville, Tennessee. But I would like to go ahead and just read for the record the one-page executive summary which is contained in this report, which everybody should have a copy of, the first report of the Data and Information Subcommittee, on page four.
Dear Chairman Wood and Members of the Secretary's Advisory Committee on Regulatory Reform --
DR. WOOD: We have the information we can insert. Do you have all of that? Okay.
MR. FAY: The D & I Subcommittee has been charged by the full committee to review the various ways in which HHS acquires data from providers, physicians, beneficiaries, and suppliers, and how that data is used for the payment and oversight functions of HHS. The subcommittee applied a simple and common sense test to evaluate HHS's data acquisition activities. This test asked the following questions: Who acquires the data? Who uses the data? Who has access to the data? How is the data used? Why is the data used? If the data is needed, how can it be streamlined? If the data is not needed, can it be eliminated?
The subcommittee listened to testimony at four different hearings, reviewed extensive written comments from individuals and institutions, and brought their individual lifetime experiences to the process of answering these 71 questions. What the subcommittee has found is most of HHS's data acquisition activities are justified and necessary, but the amount of data routinely collected by HHS is often extensive, fragmented, duplicative, and, in most cases, costly to produce.
Although the short tenure of the subcommittee's work precludes a complete and comprehensive solution to these issues, the subcommittee has reached a consensus on three issues, which would provide a good basis for the modernization of data acquisition efforts.
Recommendation No. 1: Data acquisition mechanisms should be reviewed, modernized, centralized in a single repository and converted to a full electronic format. E-filing of data collection instruments should be maximized to the fullest extent possible, and the use of electronic signatures should be permitted. Particular examples of this include the OASIS and MDS instruments, which will be discussed in the consent agenda, and the introduction of E-filing for provider enrollment applications.
Recommendation No. 2: The Medicare cost report should be simplified and converted to a fully electronic document. E-filing of cost reports should be undertaken to speed access to timely data for various interested parties. Ultimately, the cost report should utilize generally accepted accounting principles for providers who no longer receive cost 72 reimbursement. For providers who continue to receive cost reimbursement, the cost report audit process should be improved so that audits are completed within one year, and appeals are resolved -- first round appeals are resolved within six months.
Recommendation No. 3: The connectivity of data should serve as the broad framework for the re-design and coordination of HHS's data acquisition efforts. For example, MDS and OASIS serve a similar purpose, but their use is applicable only in a particular site of service. Such instruments should be re-designed in such a manner that information from one source could populate the data fields of another source.
Further, HHS should begin working with various industry groups to find acceptable ways to store, access, and distribute data that has been collected, to establish rules for the joint ownership of data by HHS and the producer of the data, and to ensure that such data is mutually available, thus eliminating the need for manual backup copies of the data.
The subcommittee wishes to express its appreciation for the opportunity to serve on the committee and is deeply appreciative of the work of Chairman Wood, HHS staff, and the members of the committee for all of their hard work on this very important matter.
Moving on to the consent agenda, everybody should 73 have a copy of that. There are eight items that have been moved to the discussion agenda. Four of those are related to MDS, so we could probably discuss those as a block. One of those is related to OASIS. One of those is related to Medicare balance reporting. One of those is related to the ability of Medicaid agencies to continue to use forums which CMS has in effect decommissioned, and one of those is related to the use of generally accepted accounting principles for Medicare cost reports. Those are the issues in the consent agenda that have been moved to the discussion agenda.
DR. WOOD: Are there any other items on the consent agenda that any member of the committee would like to move to discussion? Dr. Olsen.
DR. OLSEN: Yes, Mr. Chairman. I'm assuming I have the right numbers, which may not be correct. I'd like to have us consider A, which is in the MDS-26, and also, under OASIS, 3 and 5. I believe that's B.
MR. FAY: So noted.
DR. WOOD: Others?
MR. FAY: Hearing no others, I would like to make a motion that the remaining items -- I'm sorry. Jack.
MR. ROVNER: On the MDS consent agenda, on item 7, the second or the third sentence talks about keep a downloadable, up-to-date manual, etcetera. Would the subcommittee be willing to -- what I'd like to see is whether 74 you recommend a date certain to be specified when these updates would be done, so the industry would know when CMS is going to issue a new update, and have that as part of the recommendation. So I don't know if that's something we could either chalk up to a clarification or whether we can move it into the discussion area.
DR. WOOD: If that would be the case, I think we should move that to discussion, because it might have application for other aspects of what we're doing. In general, it might be something that would be generalize-able to several things we might consider.
MR. ROVNER: Then I would ask that it be moved to the discussion for that purpose. And then on No. 21, under the MDS, I simply -- if you could explain what the subcommittee means by using the HIPAA mandate as the basis to standardize terminology. I just need a clarification of what is intended.
MR. FAY: I believe the sense of the subcommittee was that, given the major restructuring that is going to take place because of HIPAA, the transactions codes as well as the privacy rule and security rule, that this is a good time to look at standardizing the data elements and terminology, both within the MDS and among the other data acquisition instruments.
MR. ROVNER: That's fine. Thank you.
DR. WOOD: Are there any other items? All right. 75 With that, then, let's take advantage of the time to consider the items we now have on the discussion agenda. If you consider under I, data acquisition mechanisms --
DR. OLSEN: Point of order. Should we vote on the consent?
DR. WOOD: Yes. That's a good question. I appreciate being reminded. Seeing no other issues for discussion, Mr. Fay, would you care to move that we adopt the remaining items that are on the consent agenda?
MR. FAY: Mr. Chairman, I move we adopt the remaining items on the consent agenda.
MS. RYAN: Second.
DR. WOOD: All of those members of the committee in favor of the remaining items on the consent agenda, aye. (Several say aye.) All those opposed, nay. The remaining items are adopted. Now let us consider those on the discussion agenda, and the first item is A-1. Tony, do you want to comment about why that's on the discussion agenda? You can just start through the MDS ones.
MR. FAY: This item deals with the timing of the MDS assessment and whether it is done in accordance with the strictly prescribed timetables. If it is not done within strictly prescribed timetables, there is a severe penalty that is applied. In other words, the payment rate is reduced to the lowest RUG payment rate, which is about $90 a day for most 76 providers, and that would be over the period of that assessment. So it could be up to, let's say, a nine-day period if it's between the 14-day and the five-day assessment that you have this payment reduced. And that reduction, if you consider some of the higher-weighted RUGs, are in the 400-dollar-a-day category. That's almost a 75 percent reduction. We feel that's extremely severe.
And there are, you know, operational difficulties. For example, if all of these assessments need to be done on a given day, but just because of the timing, because of the date of intake of the residents and so forth, that it could create a burden to try to do all of those. You wouldn't have time to care for the patients. You'd be doing these assessments.
And what we are looking at -- and there are several recommendations that really approaches from a different angle, is either eliminate the policy of paying the lowest default rate, or creating a more flexible timetable so that it would recognize some of the operational issues faced in long-term care facilities, or create a different resident assessment cycle. The resident assessment cycle, one, is moved. And I'm not sure it's on here, but that's the thought process.
DR. WOOD: We have -- before we go into any detail, I want to remind the committee that we have on the telephone, in our virtual cyber-connection here, some experts from CMS, some who have been here, and we're pleased that they're at least 77 with us by telephone, even though we can't see them in person. But Jennifer Belanger (phonetic), Tom Hoyer, Liz Richter, Frank Sokelik (phonetic), and Mary Beth Hance (phonetic) are on the line as our experts. And so if there are any other questions that members of the committee have of the CMS staff, they're going to be our technical resource for today.
MR. FAY: Mr. Chairman, just as point of note, we're probably talking about issue A-1 and issue A-24 both as a similar issue, because they both involve the timing of the MDS assessment.
DR. WOOD: So look at those, committee members. Leslie, do you want to make any other comments about your technical advice staff we've got in the wing?
MS. NORWALK: I think that's sufficient. I'm sure they will provide the technical advice that's required. Generally, I'd like to say that, certainly with regard to the MDS and OASIS comments, I thought that they were very helpful and hope that we can -- we certainly look forward to getting the final recommendations and expect that we'll be able to make some progress in both of those areas.
DR. OLSEN: Maybe this is a technical question for the technical people. The way this is worded, this default goes: If the MDS is not submitted in a timely manner. I have come to learn that it may be wrong, that rather than when it's submitted, the penalty, it's when it's done. And to me, 78 that's the important thing. And as a matter of fact, one of your recommendations later expresses the importance of the timeliness for the data to be useful. So I wonder if it's really correct that the word "submitted" is here, whether the actual report is done.
And then the second thing, I have no way of knowing if the penalty is too onerous or not, but it seems to me there needs to be some kind of financial or some incentive to do it.
DR. WOOD: Erik, would you like us to address that to the technical staff?
DR. OLSEN: I guess it's "submitted" versus when the report is done.
MS. NORWALK: Perhaps, Tom Hoyer, if you're on the phone, you can explain this particular rule, and how it's set up, and what the penalties are, etcetera.
MR. HOYER: Thanks, Leslie. I am here, and I think the member put his finger on it. The penalty isn't for submitting it late. You can submit it almost anytime at all. You just have to do it on time. And the default rate applies when there's a period for which you haven't done it.
There is a subsidiary issue, which is: Sometimes you haven't done it because of a clerical error or some actual -- some human mistake involved in getting it done as opposed to not doing it, and I think that was raised at the meeting wherein this was discussed. 79
We recognize that that's something we ought to fix, and in our next rule-making, which is where we have to do it, we expect to permit facilities to correct mistakes like that. But I don't think -- we were thinking about allowing -- I mean, there's no way to do an assessment that you didn't do later. Timing does matter. But it is accurate that you can send it in anytime. You just have to do it on time.
DR. WOOD: Erik, does that answer your question?
DR. OLSEN: Yes, it does.
DR. WOOD: Okay. Thanks, Mr. Hoyer. Judith Ryan.
MS. RYAN: Would the revision likely be -- is if the MDS is not completed on a timely basis?
MR. FAY: That would seem to cover it.
DR. WOOD: Any other comments about that? Erik.
DR. OLSEN: Obviously, that corrects the statement, but it wouldn't correct my opposition to it, because then it would say we eliminate the management incentive when it isn't completed on time. So I will be opposed to it, but it does correct the statement.
DR. WOOD: So do we have it reworded? Did you write it in, Tony?
MR. FAY: I don't think so.
DR. WOOD: We're going to try to do this on the fly, but each subcommittee chair will need to keep track of those changes. 80
MR. FAY: I would change non-completion to non --
DR. WOOD: Would you restate it.
MR. FAY: Yeah. Change the second line, "where the MDS is not submitted," change that to "not completed." I would emphasize there's an alternative recommendation here, which is basically to go back to CMS and say, you know, let's see if we can't develop a more flexible timetable, and that may eliminate some