Health Data Standards - PowerPoint PPT Presentation

About This Presentation
Title:

Health Data Standards

Description:

Title: HIPAA Subject: K2 Author: Robert Mayes Description: Revised by Dave Smith on 4/23/97 Last modified by: Reuben Snipper Created Date: 7/1/1997 12:50:48 PM – PowerPoint PPT presentation

Number of Views:576
Avg rating:3.0/5.0
Slides: 96
Provided by: Robert1503
Learn more at: https://aspe.hhs.gov
Category:

less

Transcript and Presenter's Notes

Title: Health Data Standards


1
  • Health Data Standards
  • and Health Information Privacy
  • The Health Insurance Portability and
    Accountability Act of 1996
  • Title II - Subtitle F
  • Administrative Simplification

2
Purpose of Provisions
  • Improve the efficiency and effectiveness of the
    health care system, by standardizing the
    electronic transmission of certain administrative
    and financial transactions
  • Protect the security and privacy of health
    information

3
Overview of Provisions
  • Secretary of HHS must adopt standards for
    electronic health care transactions, unique
    health identifiers, code sets, security, and
    privacy
  • All health plans, clearinghouses, and those
    providers who choose to conduct these
    transactions electronically are required to
    implement these standards

4
Overview of Provisions
  • Supersedes most contrary provisions of state laws
  • Expands the scope and membership of the National
    Committee on Vital and Health Statistics

5
Overview of Provisions
  • Civil and criminal penalties are prescribed for
    failure to use standards or for wrongful
    disclosure of confidential information
  • Penalties of 100 per violation of standards (up
    to 25,000 total per year per standard)
  • Penalties of 50,000 to 250,000 and 1 to 10
    years in jail for wrongful disclosure of
    individually identifiable health information

6
Transaction Standards
  • Claims or equivalent encounter information
  • Coordination of benefits information
  • Referral certification and authorization
  • Enrollment disenrollment in a health plan
  • Eligibility for a health plan

7
Transaction Standards
  • Health care payment remittance advice
  • Health plan premium payments
  • First report of injury
  • Health claims status
  • Health claims attachments

8
Supporting Standards
  • Unique identifiers (including allowed uses) for
  • Individuals
  • Employers
  • Health Plans
  • Health Care Providers
  • Code sets (including issues of maintenance)

9
Supporting Standards
  • Security (including electronic signatures),
    confidentiality, and privacy
  • Low cost distribution mechanism

10
Implementation Timeline
NCVHS recommends stds. and legislation
for electronic exchange of medical records
HHS adopts transaction stds. (excl. claims)
Plans, clearinghouses and providers adopt stds.
HHS adopts claims stds. HHS reviews/ modifies
first stds.
Small plans adopt stds.
August February February August
February August February 1997
1998 1999 2000 2001
11
Standards Adoption Process
  • In general, any standard adopted shall be a
    standard that has been developed, adopted or
    modified by an ANSI accredited standards setting
    organization (SDO)

12
Standards Adoption Process
  • The Secretary may adopt a different standard if
  • it will significantly reduce administrative costs
    compared to alternatives, and it is promulgated
    in accordance with negotiated rulemaking
    procedures, or
  • No SDO has developed, adopted or modified a
    standard in that area

13
Standards Adoption Process
  • A standard may not be adopted unless the SDO has
    consulted with
  • NUBC
  • NUCC
  • WEDI
  • ADA
  • In adopting standards, the Secretary will rely
    upon the recommendations of the NCVHS and the HHS
    Data Council

14
Implementation Strategy
  • HHS will utilize a three tier approach to
    implementation
  • HHS Data Council will provide senior level policy
    guidance and decision making and will serve as
    the contact point for the NCVHS

15
Implementation Strategy
  • The Data Councils Health Data Standards
    Committee will be responsible for the daily
    operation and management of the standards
    activities
  • Implementation Teams will be responsible for the
    research, analysis, and development of mandated
    national standards

16
Implementation Teams
  • HHS has established six internal
    interdepartmental implementation teams to
    identify and assess potential standards
  • Infrastructure and cross-cutting issues
  • Health insurance claims and encounters
  • Health insurance enrollment and eligibility

17
Implementation Teams
  • Health identifiers for providers, health plans,
    employers and individuals
  • Code sets and classification systems
  • Security and safeguards

18
Team Approach
  • Identify existing candidate standards for each
    area, identify gaps and conflicts, and present
    findings to NCVHS and HHS
  • Develop recommendations for standards to be
    adopted and present to NCVHS HHS
  • Submit draft regulations to the Secretary and to
    OMB for initial review

19
Team Approach
  • Publish proposed rules in Federal Register for
    public comment
  • Analyze comments and prepare and publish Final
    Rules
  • Distribute adopted standards and implementation
    guides

20
Privacy Goals
  • Provide patient rights
  • Informed consent to release information
  • Access to own health information
  • Ability to correct erroreous entries
  • Establish process for exceptions
  • Research, Law Enforcement, Public Health
  • Limit amount of information and access
  • Establish deterrents and penalties

21
Privacy Timeline
Privacy legislation
If no privacy legislation, HHS privacy
regulations
HHS privacy recommendations
August February February August
February August February 1997
1998 1999 2000 2001
22
Opportunities for Input
  • Participate with standards development
    organizations
  • Provide testimony at NCVHS public hearings
  • Provide written input to NCVHS
  • Provide written input to the Secretary of HHS

23
Opportunities for Input
  • Comment on the Federal Register publications for
    each proposed standard
  • Invite Implementation Teams staff to meetings
    with public and private sector organizations

24
  • National Committee on Vital
  • and Health Statistics

25
New NCVHS Responsibilities
  • Membership increased from 16 to 18 with two
    members appointed by Congress
  • Annual report to Congress on HIPAA implementation
    status
  • Serve as a public forum for all interested
    parties and provide mechanisms for public input
    through hearings and meetings

26
New NCVHS Responsibilities
  • Assistance to Secretary
  • Standards - Secretary to rely on the
    recommendations of NCVHS and publish
    recommendations in Federal Register
  • Privacy Confidentiality - Secretary to consult
    with NCVHS on legislative privacy recommendations

27
New NCVHS Responsibilities
  • Report to Secretary within 4 years with
    recommendations and legislative proposals on
    standards for computerized patient record

28
Current NCVHS Activities
  • Full Committee meetings quarterly
  • Subcommittee on Privacy and Confidentiality
  • Subcommittee on Health Data Needs, Standards and
    Security

29
Sources of Information
  • HHS Data Council Web Site
  • http//aspe.hhs.gov/datacncl/
  • NCVHS Web Site
  • http//aspe.hhs.gov/ncvhs/

30
Cross-Cutting Implementation Issues
31
Charge
  • Purpose
  • Provide overall guidance and coordination to the
    HIPAA EDI standards Implementation Teams
  • Track progress of the HIPAA EDI standards project
  • Serve as the information point for overall HIPAA
    EDI standards implementation information.

32
Charge
  • Responsibilities
  • Develop and maintain master data dictionary and
    data structures list for all standards
  • Develop a timeline for the entire project
  • Provide periodic progress reports on the project
    to HHS and the NCVHS
  • Monitor progress of individual implementation
    teams

33
Charge
  • Responsibilities cont.
  • Provide guidance and coordination on common
    issues (e.g. regulation development)
  • Facilitate communciation among implementation
    teams
  • Serve as communication point between
    implementation teams and HHS Data Council.
  • Assure all implementation teams have common
    understanding of issues

34
Guiding Principles
  • Improve efficiency and effectiveness of system
  • Meet the needs of users
  • Be consistent with other administrative
    simplification standards
  • Have low implementation costs
  • Be supported by a SDO

35
Guiding Principles
  • Have timely adoption procedures
  • Be technologically independent of platforms
  • Be precise unambiguous, but as simple as
    possible
  • Keep data paperwork burdens low
  • Have flexibility to adopt to health system
    changes

36
Barriers
  • Barriers to adopting national uniform standards
  • Conflicting standards e.g., ANSI vs. industry
    vs. government
  • Conflicting implementations e.g., proprietary
    collection of unique or differently defined data
  • Incomplete standards e.g., no implementation
    guide

37
Barriers
  • More barriers
  • Proprietary code sets e.g., professional
    associations make selling code sets
  • Cost of change e.g., cost of changing length of
    ID
  • Privacy e.g., potential use of SSN as unique ID
    raises fear of easier access and linkage of
    confidential information

38
Frequently Asked Questions
  • Is Big Brother forcing this on the industry?
  • Will only providers benefit from HIPAA standards?
  • Is DHHS doing this alone?
  • Will DHHS merely adopt Medicare standards?
  • Will all HIPAA standards be adopted in 18 months?

39
Frequently Asked Questions
  • Will private sector standards be adopted with no
    change?
  • Which HIPAA standards will be adopted first?
  • Will HIPAA standards be tested?

40
Issues
  • Conformance testing
  • Who does it
  • Who pays for it
  • Who monitors the testers
  • Data dictionary/Implementation guides
  • Who maintains them
  • Who pays for them

41
Issues
  • Timely updates to Final Rule
  • How do we keep standards up with developments
  • How do we draw the lines between employers,
    plans, and providers
  • Timing
  • Is 2 years enough time
  • Is February, 2000 the safest time to comply

42
Issues
  • Are the teeth big enough
  • Some have indicated it would be cheaper to pay
    the fines initially
  • If Medicare/Medicaid implements it, is that
    enough to move industry

43
Current Activities
  • Master data dictionary
  • over 4700 elements included to date
  • Draft boilerplate regulation language
  • Cross-cutting implementation issues

44
  • Claims and Encounters Implementation Team

45
Charter
  • Adopt formats and data content for
  • Health insurance claims, encounters, COB
  • Remittance advice
  • Claim status inquiry

46
Charter
  • Facilitate identical implementations through
  • Implementation guides
  • With precise instructions on data content

47
Process
  • Created information structure
  • Solicited formal advice
  • National Uniform Billing Committee
  • National Uniform Claim Committee
  • Workgroup for Electronic Data Interchange
  • American Dental Association

48
Principles
  • Data Content Management
  • Structural Stability
  • Reliability
  • Documentation

49
Principles
  • Data Content Management
  • Data update timeliness
  • Implementation guide update

50
Principles
  • Structural Stability
  • 3 years
  • One structure
  • Annual data updates

51
Principles
  • Reliability
  • Testing part of the process
  • Results made public
  • For claims, encounter, COB - pilot production
    required

52
Principles
  • Documentation
  • Complete and unambiguous
  • Implementation guide
  • Data dictionary
  • Data conditions

53
Principles
  • Each transparent to the other, i.e., common/like
    data will be found in the same location
  • Claim
  • Encounter
  • Coordination of Benefits

54
Recommendations
  • Retail Pharmacy Claim - NCPDP v. 3.2
  • Remittance Advice - X12.835 v. 3070
  • Claims Status - X12.277 v. 3070
  • Dental Claims - X12.837 v. 3070
  • Physician/Supplier Claims - X12.837 v. 3070
  • Institutional Claims - X12.837 v. 3070

55
Data Content
  • Working with base sets
  • Working with organizations
  • Superset concept

56
Issues
  • Divided opinions
  • Institutional and physician/supplier
    claims/encounters/coordination of benefits

57
Unique Health Identifiers Implementation Team
58
Charge
  • Recommend Standard Unique Health Identifiers
    (including allowed uses)
  • Individual
  • Employer
  • Health plan
  • Health Care Provider

59
Individual Identifier
  • Current Activities
  • Analysis of proposals in ANSI/HISB inventory
  • Use of criteria from American Society for Testing
    and Materials Standard Guide for Properties of a
    Universal Health Care Identifier
  • Evaluation of SSN by SSA
  • Evaluation of Postal Service as Trusted Authority

60
Individual Identifier
  • Current Thinking--Eliminate consideration of
  • Unenhanced, unverified SSN
  • Biometric identifier proposals
  • Identifier based on existing medical record
    number plus practitioner prefix

61
Individual Identifier
  • Current Thinking--Continue consideration as
    identifiers
  • Enhanced SSN, as proposed by the Computer-based
    Patient Record Institute
  • Identifier based on personal immutable properties
  • Universal Health Care Identifier (UHID), as
    described in ASTM Guide

62
Individual Identifier
  • Current Thinking--Continue consideration as
    supporting technologies
  • Directory service, or master patient index
  • Public/private key encryption

63
Individual Identifier
  • Issues
  • Risks, limitations of SSN as a health identifier
  • Insufficient documentation of infrastructure for
    other proposals
  • Adequacy of current technology to support
    national master patient index (MPI) or
    public/private encryption
  • Acceptance by public of a national MPI or
    national health identifier

64
Individual Identifier
  • Issues
  • Method to positively link individual to his/her
    identifier
  • Method to prevent issuance of duplicate
    identifiers
  • Medical record linkage vs right to anonymous care
  • Costly infrastructure investment likely
  • Controversy with any recommendation

65
Employer Identifier
  • Current Activities
  • Coordination with Enrollment/Disenrollment, First
    Report of Injury, Premium Payment transactions
  • Current Thinking
  • Recommendation of Employer Identification Number
    (EIN)

66
Employer Identifier
  • Issues
  • EIN is not unique to the employer--Is this a
    problem for health transactions?
  • Some sole proprietors do not have an EIN--Would
    they be required to obtain an EIN for health
    transactions?
  • Would health transaction uses of EIN require
    legislative or regulatory change?

67
Health Plan Identifier
  • Current Activities--PAYERID to be proposed
  • 9-position numeric, including 1 check digit
  • No intelligence in number
  • Can enumerate 100 million health plans and
    employers that offer funded and unfunded health
    benefits

68
Health Plan Identifier
  • PAYERID System Features
  • Registry of business information about the entity
  • Electronic phone book containing names of
    entities and their PAYERIDs
  • Data base of information needed to route health
    care transactions electronically
  • Issue--High-level vs detailed enumeration

69
Provider Identifier
  • Current Activities--National Provider Identifier
    (NPI) to be proposed
  • 8-position alphanumeric, including 1 check digit
  • No intelligence in number
  • Can enumerate 20 billion providers

70
Provider Identifier
  • System Features
  • Data validation (SSN, address,etc.)
  • Search/match for duplicate providers
  • Query/report generation--national data base

71
Provider Identifier
  • Issues
  • Enumeration options
  • Provider practice addresses and location codes
  • DHHS OIG Sanction Data

72
  • Enrollment and Eligibility Implementation Team

73
Charge
  • Standards and implementation guides for the
    following transactions
  • Enrollment
  • Eligibility
  • First Report of Injury
  • Health Plan Premium Payments
  • Referral Certification and Authorization

7
74
Recommendations
  • Enrollment - X12.834
  • 1st Report of Injury - X12.148
  • Premium Billing and Payment - X12.811/820
  • Health Care Services Review - X12.278
  • Eligibility - X12.270/271

75
Enrollment
  • Current Implementation Guide Covers Forms of
    Benefits
  • Narrower scope for a health care-specific guide
  • Policy Are standards imposed by OMB Directive
    15 applicable to HIPAA?
  • Are performance measurement and outcome research
    needs covered by HIPAA?

17
76
1st Report of Injury
  • No Current Implementation Guide
  • Not health care-specific transaction guide
    outside HHS purview
  • DoL - OSHA, BLS, OWCP
  • Policy Expand to allow physician first report?
  • May have to engage private sector workers comp
    community

17
77
Premium Billing Payment
  • Used in Industry as ANSI finance function
  • No Implementation Guide
  • HIPAA Use Not Very Complicated

18
78
Health Care Services Review
  • Multiple Implementation Guides Possible
  • Limited, If Any, Actual Use
  • Pilot Project Underway
  • May be a late deliverable for 2/98

19
79
Eligibility
  • Mapping Government data element Requirements
  • All necessary components in place to produce the
    regulation
  • Not doing interactive Eligibility Transactions

19
80
Data Dictionary
  • Includes
  • Listing of names, definitions, transactions and
    locations
  • Organized by individual transactions
  • Does NOT include
  • Code values
  • Implementation instructions

7
81
Coding and Classification Implementation Team
82
Charge
  • Codes and classification
  • Diseases, injuries, impairments, other health
    problems
  • Causes of these conditions
  • Actions taken to prevent, diagnose, treat or
    manage these conditions
  • including substances, equipment, and supplies used

83
Charge
  • Responsibilities
  • Select standards for codes/classifications for
    administrative transactions and ensure
    appropriate mechanisms for distribution and
    maintenance
  • Recommend set of health vocabularies for full
    electronic health records and ensure appropriate
    mechanisms for distribution and maintenance
  • Map vocabularies to administrative
    codes/classifications

84
Recommendations - 2000
  • Diseases, injuries, impairments, etc.
  • ICD-9-CM
  • Procedures
  • ICD-9-CM
  • CPT
  • CDT
  • HCPCS (encompasses CPT and CDT)

85
Recommendations - 2000
  • Drugs
  • For most administrative transactions
  • HCPCS
  • For pharmacy transactions
  • NDC
  • Devices
  • HCPCS

86
Issues
  • Use of official implementation guidelines
  • Likelihood of changes in some standards for 2001
    and beyond
  • e.g., move to ICD-10-CM
  • Need to have ability to accept codes and
    identifiers gt 5 characters in 2001 and beyond

87
Issues
  • Openess of update process for privately owned and
    maintained systems
  • Cost and use restrictions for privately owned and
    maintained systems
  • Availability of electronic formats suitable for
    full range of users

88
Security Standards Implementation Team
89
Charge
  • Security of Healthcare Systems/Transactions
  • Electronic Signatures

90
Objectives
  • Establish a Healthcare Data/Systems Security
    Framework
  • e.g., NRC Report
  • Identify Requirements Baseline
  • Technology Neutral -- if possible

91
Scope of Work
  • Defined Transactions Only, however ...
  • Key Considerations (in act)
  • tech cap of rec systems
  • costs
  • training, personnel issues
  • value of audit trails
  • needs and capabilities of small hc providers and
    rural hc providers
  • Security, not Privacy

92
Definitions
  • Privacy vs.Confidentiality vs Security
  • Security
  • Confidentiality
  • Integrity
  • Availability

93
Definitions
  • Security Mechanisms
  • Identification
  • Authentication
  • Authorization
  • Access Controls
  • Audit/Accountabilty

94
Requirements Analysis
  • Underlying Requirements
  • Interoperability
  • System Model / Matrix
  • Baseline Security Requirements
  • Potentially Conflicting Requirements
  • Other Groups Work (e.g., Privacy, Transaction
    Sets, etc.)

95
Issues
  • Level of detail/specificity of published
    standards
  • Determining needs/constraints of Small players
Write a Comment
User Comments (0)
About PowerShow.com