Advanced Health Information Exchange Resources: HIT Standards Committee - 8/20

The Health IT Standards Committee met today. The committee is charged with making recommendations to the National Coordinator for Health Information Technology on standards, implementation specifications, and certification criteria for the electronic exchange and use of health information.

Below are Meeting Materials:

Agenda

Update on HIT Policy Committee and its Workgroups

Meaningful Use Grid

Report on Clinical Quality Workgroup

2011 Measure Recommendations

Report on Clinical Operations Workgroup

Recommendations

Report on Privacy and Security Workgroup

Privacy and Security Standards Applicable to ARRA Requirements

Below is the rough draft transcript:

Good Morning everybody and welcome to the fourth meeting of the HIT standards committee. This is a federal advisory committee which means it is being operated in public. Public are on the telephone and the Web listening. Also in the meeting minutes will be available on the ONC Web site within 10 days. There will be an opportunity for the public to make comments in the room as well as dialing in on the phone line. With that let me remind the committee members both here and the room to identify yourself as you begin to speak. That is for the transcription purposes. Let's go around a table and introduce ourselves as if you can set the state your name, organization and any conflict of interest, yes or no according to the agenda. Let me begin with Jodie.

Jodi Daniel ONC.

Liz Johnson health care no conflicts.

John [ INDISCERNIBLE ] no complex.

Km del no complex.

- -

Linda [ INDISCERNIBLE ] federal no conflicts that I would like you to know that I am on the board of Hitsbee as a representative.

John [ INDISCERNIBLE ] Golden living, provider and also Commissioner on CC HIT representing long-term and.

Sharon [ INDISCERNIBLE ] genetic [ INDISCERNIBLE ] no complex.

- -

Dixie Baker Science applications International, no complex.

John [ INDISCERNIBLE ] Harvard Medical School, - - part of a provider organization that sense I am biased towards doctors and nurses.

John [ INDISCERNIBLE ] HC I, board member of [ INDISCERNIBLE ] as well I'm would note that HC I is a provider organization at, collected by is not only providers but also centrally to patients. Thanks all for being here and all the hard work you are doing.

Anne Castro, Blue Cross Blue Shield of North Carolina, and a complex.

- -

Janet Corrigan, National Quality Forum, no conflict, I am also on the board of [ INDISCERNIBLE ]

[ INDISCERNIBLE ] Ferguson, Kaiser Permanente, I am on the board of its B and [ INDISCERNIBLE ]

David Macaula

Judy Murphy, no complex.

Wes [ INDISCERNIBLE ] Gartner no complex, but I would note that I am on the board of HIT.

- -

I believe we have a few of the members on the phone.

[ INDISCERNIBLE ] are you all on the phone.

- - no complex.

Stan off, I am also here, with intermountain Health Care in Salt Lake City University of Utah. I have no conflict, but I am a member of the board of HL7 and also a co-chair of the [ INDISCERNIBLE ] committee.

Any other members on the telephone?

Jim Walker, no complex.

Thank you, and I will turn it over to Dr. [ INDISCERNIBLE ]

Thank you, Judy and thank you so much for being here and being part of the process. It is a wonderful [ INDISCERNIBLE ] of democracy in action. It is it robust process and working through support [ INDISCERNIBLE ] and standards, the aspirations for higher value health care. As part of this process. I use the term that will be highly caffeinated group when we started the as - I am impressed by it not only at every member of the committee, and the public energy and that responsiveness, we so much appreciate. All the input that we have received. Please know that it is a threat to Arly, considered, part of the deliberation. I think we also described the challenge of having three work groups wondering how they would work together. Since our last meeting perhaps more than any before, that has been absolute [ INDISCERNIBLE ] of efforts as we come forward to this meeting, I think we see the quote lessons of activity. As caffeinated as many members of the group may be, I am absolutely convinced that's - That is my co-chair John [ INDISCERNIBLE ]. The fact that he has been in Japan for the last few days, we get correspondence during what is our daytime is testament to that. John has been a part of virtually every single call of each of the workgroup. John I want to recognize and Thank you. Many of you saw the communication that Dr. David Blumenthal said yesterday describing the aspirations of technology not as and and of itself but importantly a piece of improving the value of health care. Value described as relationship between the outputs and the resources, importantly aspects of outcomes such as safety and [ INDISCERNIBLE ] efficiency and I would argue compassion. When I think back to my career and the ability to operate which had electronic records, it there is the difference between asking a patient who might be there to block it biopsy - - what we do today, I see to - - to provide more efficient care. I know those are the attributes that drive David and the entire staff of ONC to - - because it is the kind of care that we with our various relationships to health care not only want to foster, but as consumers and family members it is - - you want to be able to receive top for ourselves [ INDISCERNIBLE ]. Going from the aspirational to the very practical, as people had a chance to review the materials and preparation for this meeting, I think we are at a remarkable point. We recognize the messiness of democracy, but the transparency that is part of the process. We are considering the state of the world and how to get from the world that we have today which has not adequately embraced electronic technology as a predicate to these attributes of health care to one that actually has a degree of detail that is specific enough to allow a road map to and merged with the next decade. When I look at the material and take myself out of the rule, and going back to the provider organization, it is composed of large entities but also interacts with cross section of the country. Small position practices, patients across my America. I know that I can go back and say as you look at the materials that there is beginning to become a definition that allows this aspiration of better care but structures in a way that there are some things that are very clear cat for 2011 maybe polishing in some areas, a little more ambiguity in 2013 and 2015 that there is a clarity. I can go back that it Wes and asked us that is insurmountable and it is not difficult. Change is difficult and the environment is challenging as well. I can go back with a clear conscience and identified that there is a clarity of direction. Anne Castro during the first meeting charged as Wes - how much else is coming down the pike in the next few weeks. I see the - - the big transition. I remember you import this too great [ INDISCERNIBLE ] for each of the years. During this meeting, we will be counted [ INDISCERNIBLE ] and the way that certain questions will resolve the help arrived to the degree of specificity in 2011 in particular. Some of the work that need to be chartered for 2015 and intermediate detail and. In between. We will hear specifically from the quality workgroup and the ability to use technology not as an end to itself, but as a vehicle to drive through better performance and health care. We will hear from clinical operations to help provide those elements of Standards or degree of specificity that help us describe content of data transmission of data. We will learn from the privacy and security workgroup insights and in Dixie's printing and - - was so terrific and offset. Help privacy and security become facilitators. In a number of levels. In the integrity of information in the first prize and facilitators of acceptance ensures that the requisite perception that not only we would have responsibility by virtue of our personal rose or advocacy, rose from the consumer perspective. But simply what we would want and expect as again as consumers as family members, members of community. The me personally applaud and think each of the workgroups for the heroic efforts that had gone on. If what you are hearing is a convergence and that is a message here, that out of the vast sea of materials, there is greater and greater clarity that find applicability across a variety of contexts and the cell with a great deal of responsibility. The old [ INDISCERNIBLE ] is wonderful and there is so many to choose from in Dade that has been one of the things that has been a frustration to many because if we had different standards going from coast to coast, we would not have realized Inter-Continental Rio way. But indeed we are really at the press the purpose of being able to offer an analog, an electronic format that would allow those individuals who seek help health care that is increasingly informed not only when they go to the provider they usually go to, but when basic information in their homes or find themselves in other circumstances. For that, unless a professional and specifically as a prospective patient, I say thank you.

Let me turn to my co-chair John [ INDISCERNIBLE ], I really want to think your in particular for helping foster some is some epiphany moment. Some of these have to do with both with some of the resolution of technical issues but preening as well especially in terms of not trying to over engineer those things which go on within fire wall of a particular entity [ INDISCERNIBLE ] with other entity. Thank you and I will ask you to address some of these, is.

I have been doing this for four years and I think the word convergence is a very appropriate. That is we have leverage the work the Hitsbee, [ INDISCERNIBLE ] implementation rise, writers, comments from the public, and graded a deliverable today that is quite impressive print what you are going to see is more and more clarity and more constraints. When I started four years ago, there were a thousand controversies and a lot of ambiguity. Now the controversies are getting fewer and as you see these percentage, zero, you want to do this, here is exactly the standard used to the degree of specificity. Implementations at an adoption is going to be the ongoing role of this committee. I am certain because of a measure of success should be the number of transactions using the standards that are exchanged there is work to do, change is hard and I have no doubt that this committee will have an incident like life span. We will never be done by will will increasingly cluttered pay and specificity. For example, the chain will talk about for example as you change the content of the message whether it is a clinical summary for each one of these exchanges for meaningful use is typically a document standard and a messaging standard. And actually provides a variety of constraint, but get there is enough that gets us from where we are today to where we want to be in the future and the glide past is clear. For each one of the vocabulary's, Jamie and really all the groups focused on how we take what is today often pretext and structured but get to the transmission of semantic and [ INDISCERNIBLE ] transition of highly constrained structured vocabulary control information and do in a way that is implementable. If we say 2011 is everyone is going to use highly structured vocabulary constraint, and the cost and it's up, it will all be put in play, that will be hard to achieve. But we want to get there by 2013 and we want to be semantic and are up ability in our operability. As you see, - - you made a comment comment between internal and external. The work that has been done with clarity and clinical operations go in the border of enterprise to the border of another enterprise. It is a mood in some way by you do inside the organization. However, security is it different animal. We all agree, if we are going to protect the privacy of the patient, you can't have perfect security between organization and a completely leaky organization itself. In May to actually ask the question with it inside the four walls of the Organization, either a prepared applications with security publisher. Good infrastructure and good practices. You would see in Dixie's area you have gone inside to make recommendations. There also has been careful thought paid it to the maturity of standards. One of the things we recognizes some of the meaningful use criteria are actually quite complicated and use standards that are young. That had not been widely deployed. We have taken all that into account the same well, what is possible and 2011 and what would require additional testing and refinement and polished. The offer some optional - an alternative. Each of the presentation does include vocabulary, content, level of maturity, the glide path that I described to. We also try to make statements about certification criteria and meaningful use. Just so everyone understands, what do those terms mean exactly? Well, a certified EHR will have functional characteristics and we heard from the policy committee and workgroups that ONC will be offering these functional characteristic list and there will be multiple organizations the certify conformance. But in addition to for National characteristics, a EHR that is certified will have to adopt the standards recommended by despotic. E you have to do both. The function and the standards. Meaningful use is the actual extent of the data. You enter codified patient data and image quality and the extent exchange data among the organization using some of them meaningful data that has been specified. You will see in the presentations that we tried to provide that both incites. What are the standards are certification, capabilities that product an enterprise must have. And what are the meaningful use metrics and the exchanges for use? I am quite excited as well by the quality of work that has been done by the is working groups. I look forward to the discussion today and think the members of the public you to will be impressed.

Think you John. But like to acknowledge that we have been joined by Dr. Chopra the chief White House technology officer. I would like to recognize as a PO for the entire process as the vehicle to improving health care. Would you like to offer an introductory comments?

I wanted to say to the Working Group Members. Dixie, I have been enjoying these conference calls that have been convening on the secured and privacy workgroup and it has been high-quality throughout. So kudos to the team for the work that has been done thus far.

Thank you for your support and indeed this is a very hands on individual who thank you for your involvement and knowledge you share. We set an incredible legacy in what he has able to accomplish in the Commonwealth of the Virginia and an inside student the sort of opportunity and indeed even challenges that we will face. Without further ado, let's move to our first order of business. I trust people had the opportunity to review the minutes and asked if there are any amendments, modifications, corrections that anyone would like to offer.

I do want to note that Stephen Finley from [ INDISCERNIBLE ] has joined the table as well. Good morning Steve and his.

Hearing the comments, that's a great the consensus on the minutes. I want to thank Judy sparrow and the ONC staff for really a sensitive capturing of the liberation at the last committee meeting. To give they're much for all the hard work. We will get an update on the Health IT policy committee and its workgroups. Another individual whose I am certain has not slept for the last few months since he has come to Washington Dr. John Glasser. Thank you for your leadership and a we appreciate your helping to be the thread that connects our work in a day-to-day basis with the policy committee and meaningful use workgroup as well.

Thank you, John. It has been energetic and time-consuming. If you don't mind I will take a nap and the next 20 minutes. Somebody else looks at the slides. I would like to give you an update on the discussion of the policy committee which occurred last Friday. The system of this meeting. We had three pot presentations and Bolsa three sets of recommendations and I will go through the recommendations that were fronted by the group. I want to acknowledge that we had three workgroups of is to make it an update at that meeting so the policy committee is of up to speed. You will see the specific in more details. Let me start with the meaningful use workgroup, as you recall in their July meeting they presented the final set of recommendations for the definition of meaningful use for 2011 and preliminary thinking on 2013 and 2015. There were accepted by the policy committee and in the discussion of last week. They tackled two areas. One is to realize that meaningful use and ongoing process. As you may be aware the definition of meaningful use increases and changes over time with a frequency of about every other year so there is an 11 definition the recommended, but also time not to be to look at 13 and to take the preliminary ideas and refine them. Unlike the last couple of months were all of you worked very hard on remarkably short period of time, using processes that I thought were good, but now have the opportunity to take more time. We are looking for definition on 2013 to be ready approximately one year from now. They began to outline, sketches a better term, preliminary approach to taking on 2013. You can see the rough outline that was presented today or last week. Which is to conduct in Q4 information hearing so we expect in late October mauled details will be coming through a table in by a wide variety of organizations and individuals come talk about with 13. There will be the process later on in the fall. Early in the calendar year the will be and updating based on that in print for 2013 and 15. To ensure that those ideas that we have standards or way me - - that we don't come up with a set of meaningful use recommendations for the standard work are still incomplete or understand that if we go out and do that. Through the spring and summer is the continued refinement of that and also may have maybe early industry experience with 2011 since there will be and and PRM from see it as in December - - - will be finalized in the late spring of next year. We may have organizations that might move earlier than that. There will be for the refinements of this and the right thing to do about the process and once of cells process are refined we will be back to you all. These are the first set of recommendations. The second as you are aware, the meaningful use framework was presented as it should be within the context of broader national health-care goals and that the time of the recommendations in July the National partnership was used in the framework, since then there has been awareness and discussion of the help people program which has been led by the government. To bring the two together. Realizing the job of the workgroup was not to set policy, but to take existing policy directions and national goals and fuse those and make sure that that work we do are conducted in light of those over all goals. They will as you see the third bullet the part of the review process and and advice of the industry to focus on some of the measures. One of the critiques and in the work that they be there are certain in the primary positions and various measures were not incorporated. It is appropriate to incorporate them - - and how best to do that and what form and at least recommendations for 2013. The rest of the Bullets we talked about. It can month from now Wes the industry gets more experience in implementing, they will be objectives will be straightforward and meet the particular challenge. Once we get some good industry experience, they're planning to hold discussion and provide guidance to us about alterations of strategies. Those are the two recommendations at of the workgroup and centered on this process that we need to have a repeatable process and I think that we would have to address and his committee after the initial on a regular go forward this is where we review standards et cetera. The two co-chair who did some incredible work. Going to the certification adoption workgroup and the July meeting the percentage some recommendation regarding the certification process. The committee at that time approve the high level recommendations of that but there was concern that not enough time had given enough time. To discuss the recommendation. They were invited back to give a lot more time to dialog and essential to the committee. So they can back with essentially the same recommendations. There has been some refinement between the two meetings. These were approved both and the broad sense. If you have the opportunity to go to the website and pull out of full deck behind each of these are set of - - to remind you, there are five recommendations. When there is a new certification process which has to court attributes. When is the criteria of focus on meaningful use and not more broadly. The second is the certification criteria or higher level. As prescriptive and less granular. They had gone the other hand while in the feature function criteria less is more. When you get to the other areas, inoperability, more is more so be very specific, granular this away are clear about it. As much as we can and as much as appropriate. This in particular is where it is important the work that you have done John has mentioned in his comments, certification - - meeting criteria and supporting standards. The specificity both in the inoperability and privacy and security side, the particular workgroup is what looking forward to - - and regarding them as essential. If you narrow the criteria to judge meaningful use, there are other pieces and that EHR the people will be interested in. If you are an oncologist, the flow sheet capabilities, if you are academic colleges the ability to take pictures and meaningful make use may not address those, there is an anticipation and desire for a market to respond to those to provide advisory services both generally but also for specific products. In terms of what the application can do but also the types of information you would like to have such as its ability such as support on part of the vendor and the vendor potential longevity in this field. So they are contemplating additional services above and beyond the core nucleus for meaningful use purposes print on the prior recommendation this is the second one, that is again talking about specific criteria and being very clear. We do achieve the degree of inoperability, we would like to achieve that we do achieve the degree of quality measures. And also that we can preserve and advance the trust that patients have in the care that is delivered. The first two bullets around that out and then the third is suggestion that we have a test harness. Within this criteria there is a common testing script that can be used across the range of organizations that might be involved in the certification process. There's also a change recommendation and the structure of the process specifically the process of defining the criteria be separated specifically in the detailed the are recommending that the ONC be involved in the definition of the criteria. Which is then made available to a multiple organization who would like to be certified years. This will and ball probably the designation of accrediting organization who accredits certifying bodies that let the market decide whether there are some numbers that might want to pursue this as a a going concern. We will be working and have worked intensively with our colleagues. We are in the early forms of scoping out some of the specifics that might be necessary to put in place surrounding some all the recommendations that the committee put forward. The fourth one is to realize that although the bulk of the industry obtain their software de jay-10s from their vendors, there are other sources. There can be sources byte - - and provide that, but in addition the candy internal development, my organization. Such as Johns, but there are others. Make sure that there is a certification path for those organization and realizing that on them are of organizations, perhaps in the small, no one will get all the meaningful use capabilities from one organization. You will get pieces. An example might be that the exchange portion which is a central piece might be provided by and H. IT, might be provided by an interface agent, a series of modules and to have the certification process that permits the modular composition such as I put together the suite and aggregate they have the criteria to support the standards that have been the pride based on a lot of the recommendations. There's also an understanding of of variety of sources that people have and a variety of mechanisms that they have to bring together the essential set of applications. And then in the fifth one, there was a realization that standing up multiple set the fires and accrediting organization will take some time. If there is a need for a near-term, short-term certification process, not clear how much time, but we ought to be prepared in the 12 or 80 month period. In their there's a couple of recommendations one is the rap leverage certification work. Their specific in their appendix as you will see. They say their recommendation that we leverage - - and the near-term and if one were to do that, when would say there is a need for additional criteria with what has been referred to as meaningful use gap. In other words, - - example being a lot of public health reporting. Also to the degree that there is a near-term process to address open source. To address internal development so there are a number of specific recommendations regarding what the industry should do in the near-term while the processes being stood up. Those are the five they have. A lot of discussion and these recommendations and specific details behind them were accepted by the policy committee. To remind our - hour co-chairs who did a nice job that asset and I will stop. To see if there are any comments and anything I said involves the HIE work-group who had been looking at a range of issues. Both in the exchange and the noun endeavored as we come to discuss at and a lot of these concepts. The only animated graphic that we have, although your seat will start shaking, part of the multi sensation experienced we provide all of you. There will be some [ INDISCERNIBLE ] and the room, too. They laid out this nice piece looking at the importance of exchange for the meaningful use approach. This is also reflected in the [ INDISCERNIBLE ] recommendation. They took the meaningful use criteria and objectives and arrayed of them. And pointing to the 2011, 13 and 15 there is a wide said of meaningful use objectives that were required exchange capabilities. You can see the mapping it can see the - - the importance of the itch I e conversation to our collective agenda. There is a recommendation and one side and recommendations are - I will let you read the print. The requirements should be neutral the technology and architectural approach, how to best architect exchanges across the region and geography of any form or for specific causes of transactions that might be focused on radiology, or pharmacy its cetera. They also realized as part of the modular approach that there will be pieces of that HIE that will be part of the certification process on the part of the provider who is trying to get meaningful use to identify the work with the certification work about how to address those aspects of that. And there is the set of points to make sure we are collectively aligned with the state you might be aware that there will be grants from the state's coming out and the near-term and picture the collective efforts both in the Medicare and Medicaid and all the efforts required to put in exchange for infrastructure in place are well coordinated and aligned. These recommendations were made and accepted. That is the end of the overview. But me stop, John to see if there are any questions.

Thank you very, very much for the thoughtful synthesis. For the huge amount of work going on in parallel. It is notable that there's a number of parallels and concepts coming through particularly in the over arch certification transparency, the concept of fostering innovation, but practicality and secure contact. NO-SPACE teams that they are pervasive and pervasive throughout the discussion. Particularly the concept of modularity in terms of supporting the practicality or things that I know we have discussions about in the process. Let me open for any comments, questions that any members of the committee would like to address. Wes?

John, I have a couple questions. Some of these you may choose to regard as, instead of answering. I would let you decide. I am having difficulty understanding how the certification process achieves objective evaluation of general criteria. I know that the process as I have seen for four show certification has said, let's do a script and the script is not specific as the user interface or technology that it is on. You would put certain data back. By the time you get back to the point where three doctors can agree, on the script is pretty specific. As I understand the direction for certification off - - I have not heard the object to, but I am willing to assume that is part of the [ INDISCERNIBLE ] I am questioning how those - how to achieve those two things at the same time.

This is workgroup recommendation which have to be factored to the rule writing process. I cannot talk about how a federal government will not do it in the rule writing process, but I can reflect conversations which occurred within the policy committee and workgroup. There is - I want to raise and to hire levels and less granular Palau innovation and to be less prescriptive for a whole bunch of good reasons.

I think we understand the virtue of being general.

Creates other issue, how did get test script that is not more general which is a good test of that of the activity. The workgroup did not tackle that. I think there is awareness of solving one and perhaps creating other issues that need to be addressed.

Okay. The corresponding goal of certification components is particularly for the examples that you called up clearly necessary. But I am concerned that we don't portray to the physician community in particular a degree of trust and certification that we can deliver. What I mean is this a with like to have a car that has the power of a Ferrari, stairs like a bicycle and has the bricks of the Volvo. I'm sure I can find a bicycle with a steering system and the Frye engine can be certified to be meaningful and so forth. But I get no assurance when I put those together and get meaningful use out of the contract constructs. I am worried, the knowledgeable physician, hospital, would understand the that I am taking the responsibility for putting this together and achieving meaningful use. The fact that these components are certified helps me decide which components to use, but we cannot - I have not heard a set of goals that if says if you buy is set of components e will as chief meaningful use by virtue of the meaningful components having been certified.

I am worried about the epidemic that is it fair concern which is touched upon. There is not an answer that came up with.

I would note with favor that appears that the time table you have sent that the policy committee had set out calls for about two years from closing the definition of meaningful use criteria to there being enforced. I think that clearly a minimum necessary in terms of the ability of industry the rest to respond. Whether the industry is software vendors or do-it-yourself organizations. I am concerned it is not enough time around achieving our interoperability that the ability to roll out a new standard nationwide takes more than two years. I, and that to a certain extent there [ INDISCERNIBLE ] that has been successful now, are those - that provide that adaptation what is going on locally between what is going on locally and one another or against standards. In fact, I could envision the time when that was not necessary because everybody really did the standards I think by that time we would have put enough criteria and standards that it will not be true. To a certain extent, as I es are the permanent in terms solution for rolling out standards and we should not lose track of that. I think we should certify products as winning meeting standards. We should not limit our definition of meaningful use to always using those standards. If you are using software that could meet the standards and some of the times you are using the standards sometimes we are not the should be enough.

A couple things. The meaningful - - we need to hard to look - - . Do we allow enough time to give the industry, and the benders to respond, the organization's to absorber them in a thoughtful but methodical way. The others, I think what we all have to collectively learned as we move along this path is what is reasonable to expect and realizing that can be variable by region because of exchange capability. That will be reflected in the meaningful measures is to what degree said a packet of Texas versus why the cetera. This is a new phenomena in an extraordinary exchange that is - - will get better and that over time. We will make best judgment at this point knowing how to calibrate the degree of meaningful use and that becomes an important consideration because while the provider might be willing to surround the infrastructure is not quite there. We have to ensure that we don't inadvertently penalize people because of that. That will be an ongoing conversation here, but in the meaningful use about the right way to recommend to CMS and the federal government of large the measure is an approach to assessing.

I have one last comment. I appreciate your tolerance. I have been quite - AI felt that the material as far as I brought four his experience bringing live report into your city is a very instructive about the other issues, the nonstandard issues that are required I see that when you talk to both the labs and [ INDISCERNIBLE ] and the vendor there, the zero how a side of the story which has to be considered there is a requirement to pay vendors for laptop would deliver results. Each physician EMR. The crates and economic constraint and when a lab can afford to do that, there is an ability for the lab to say no, we will not do it, we're not obligated. As we look at the incentive money and the penalties later has a stake as well as a carrot we have to be mindful that we don't necessarily have a carrot and stick over all the players counting on the meaningful use and to a certain this extent we think CMS could strengthen our stick by saying to the other part is that they pay that are not EHR vendors that there still is required to use and that would be helpful.

I agree, Wes. There's a bunch of different options realizing that the high-tech is directed to the provider, but others for the provider to do all of the stuff we want them to do need to be playing the game, too. And we see what other [ INDISCERNIBLE ] we have to address that. There is a recognition that we have to do bilateral and multiple cases effort to make this straightforward and efficient as and quick as based set of achievements adds we'd like it to be.

Thank you, John like others, I think we are all deeply impressed by the care fullness and thoughtfulness that has gone into these proposals and recommendations. I remain unclear as we have discussed previously about the boundary between certification and meaningful use. I understand particularly in some of the revised concepts that you have brought forward how when let's say market metaphorically software and - shore up on the shipping dock, it will have mechanism to assert that it is certified. I still see a boundary between what has become certified and designated as meaningful use. I am manifestly unclear as to how the recommendations will unfold the close that gap in a specific installation.

Reflecting workgroup and thinking that the certification intend is to purchasing providers, this software is capable. It has the feature function to make it capable of exchanging or documenting allergies et cetera. So it is capable. There may be other capabilities that go beyond meaningfully is and maybe other services that provide that, but this is capable. You say, I bought it and found it at the shipping dock and I know it is capable and I have to do other things if I want to qualify for meaningful use. I have training to occur and bunch of stuff I might have conversation with other local providers about how it Exchange and mechanism. There is a phenomenal amount of significant employment patient work that has got to occur before capable turns into the actions on the part of the physicians and other care providers that lead to meaningful use. And some is with the phenomenon that we face today when one of the provider organization purchase a system and has certain goals in mind is the fact that they bought it from [ INDISCERNIBLE ] and David Macaulay, they still have work to do to turn it into the patient cyclicals. There is work to be done and part of the over all ONC strategy is to make sure to the extension center those that don't have internal staff to turn to, they don't have a John Glasser via as " ETC has access to the resources necessary to take capable and put it into the reality " Exchange and riyal to Kaul reporting document of care. We will have to do that and in particular in this But - - there is an awareness that the organization that needed the most are the smaller physician practice, critical access hospitals and because they don't have the talent on board, they cannot afford the talent and cannot find the talent. But also the bulk of the carrot. There is a capability assertion that is capable. We have to be careful and that the certification is described by the workgroup. Does not mean it is the most usable, it is capable writing a prescription that might be one of those bizarre approach is not an assessment per say of usability. That will have to come through advisory and other things. It could be more quantitative pass fail. On disability. There is a certification to determine capability and and a fair amount of implementation work on an ongoing basis to achieve meaningful use page-per-minute we are painfully aware of the implementation. My question was unclear. I meant, how can we understand the the termination that a specific say it may Clinic installing the era [ INDISCERNIBLE ] system in Jacksonville, Florida has met the meaningful use after going through it all the implementation and worked characterize.

We will see a recommendation on the meaningful use workgroup and some of the recommendations and this is with the right discussion with Karen and hundred determine realizing that in 2011, it may be a good chunk of adaptation that I attest that I am engaged in meaningful use further definition and I know that CMS might audit that at a station and I want to make sure I don't a - - in fraudulent activity. Are we doing in the years ahead is moving it to a much more electronic such as the product reports. For example the percent of prescription written. That becomes an easier thing to warrant and expect. Similarly as we revolve overtime the quality measures the quality become submersible to the federal government. There is an evolution of approaches to asserting and verifying that your meaningful use and an active discussion within the Fed government how best to do that.

Briefly with my own experience, in performance contracts, sometimes for example across of Massachusetts say it, demonstrate - - that is a certification criteria. Otherwise, we say we don't pay you unless I% of encounters include reconciliation actually being done. What we do is an announced random audits, we review was the medication changed or and medication prescribed and did that get reflected. And then we attest best based on random audits. We are at 19.3% at the moment. That is messy, but that is work for us. Comments?

Thank you, John, thank you Vermont's. Many thanks for all the work represented behind the presentation. The point again of the technology is of course improving health care. And a clinical quality workgroup progress report. I want to thank all the members of the committee not only for the work occurred in each of the session, but all the work that occurred between. And everyone many in this room who provided input to the deliberation this workgroup as well as others. And introduce Floyd Eisenberg and Janet Corrigan for the report of the progress of the clinical quality workgroup. I think Chriss questions is a segue because there are many issues that come forward appreciate the clarity that surround the number of the metrics in terms of standards, but there are some areas where for their work need to be established or were the representation of completion of the metric itself is not an immediately derivative of the use of the performance of the action that completes that metric. I will turn to Janet and Floyd and thank you very much.

Thank you, John. I would like to thank all the members of the clinical quality workgroup who have had numerous, up conference calls this week to pull this together and I want to abolish Floyds contribution in particular. I think it was Gen who said in the offset in many ways the success of our work has a lot to do with leveraging the work of other groups. And Fords with - - The go-between numerous into related efforts that we needed to build on in a very substantial way. There are three handouts that we are going to reference during the session first you should have the slides that I will be going through the Powerpoint slide second you have a grid which is entitled quality and operations work group selected measures and then you have a second grade which is entitled joint working groups of meaningful use measure grid data elements mapped to high tech data types. It is important to recognize here that you will see that we have been working very closely with Jamies work-group the clinical operations work group and trying - and coordinating our work and you will find that throughout this presentation. The clinical quality workgroup, the process was first to identify inappropriate standardize performance measures that correspond to the HIT policy committee it 2011 measures. Second to review those performance measures and develop guidance for measure retooling because once again we had standardize performance measures that they were not developed for use of electronic pH are or other H IT technology. Third is the identified the data types and elements that might might be captured in EHR and EHR connection - dashed to a great extent and then to hand off that to the clinical operations group and I think probably handoff is not the right term. We had our - - very much has been a joint effort.

Where we can add at this point is that we essentially have a recommend is that of 30 Performance measures from the policy committee. We now have identified and QF and endorsement measures, 23 of those. 18 of them can be retooled to be produced and automatically from PHR or in EHR. Five - - at the station in the foreseeable future. Does not address the privacy and [ INDISCERNIBLE ] measure she will be speaking later on in the day. There are seven measures that were on the original policy committees grid for which we do not have sterilize Performance measures at this time. There are things like a public health surveillance data, percent of patients with access, basically a little more than a handful that we do not have a viable method of addressing right now. I am going to provide you with a bit of an overview of some of the key issues and that relates in particular to measure retooling or phasing measures in over the two or three years and Floyd will provide you with detailed information on the actual measures that, the two text data elements that correspond to them. Our group can thinks it is important to consider staging measures that can reflect the evolving H. IT capacity. I provided a few examples. We have batting mass index which is one of the policy committee House that we identify measures for paying the ticket would be reasonable in 2011 to have a measure that is essentially looking for what the as the condition of BMI. By 2013 to up the ante a bit and looking for the capability to actually have a BMI percentile plus demonstrating that you give counseling if this was a prepared for that particular patient. That would be more complicated facing an over 2011, 2013. Without mummification you see a similar process in 2011 looking for pulpit meds for a small, but for 2013 the measure will become more complex and will be looking for a pulpit message was provided for stage of the advancement. On the readmission of readmission in 2011 and recommended looking for capability to couple it readmission of once the facility, but by 2013 to be able to talk late readmission to more than one facility, small group of facilities. By 2015 looking for calculating - - within the community. There are two particular aspects that are important for calculating many of the performance measures. One of them have to do with the ability to capture a diagnosis or problems listed on the problem list and the other has to do with how we record exclusions that are often a part of the denominator or performance measure. We focused a good deal of attention on the two areas. When it comes to the diagnoses and the problem Wes, really the recommendation of the working world that we rely on the National Library of Medicine Snowmed CT course subset for a problem list. We recognize that there is going to be an ongoing development and maintenance of the Snowmed CT. We hope that there will be efforts under way very soon if not already to take a close look at whether or not we have the full set of problems listed for. We think it is fine for 2011 but certainly we need to do some checking. And then to have mechanism in place that it evolves over time as we get more and more measures, performance measures that will require an extensive list of potential problems. As we look to retooling this measures in the next few years, we think it would be wise to have alternative versions of measures. And to provide the option to providers to use either version for 2011, we recommend that these measures be developed to use bullet ICD nine and the second version of the measure that uses Snowmed CT. Recognizing that most providers will not be at the point of Snowmed by 2011 and that many will be in the ICD nine. But those that are have advanced capability and can move to Snowmed, we don't want to ask them to go back and used the two ICD nine and then go back to Snowmed. So having to versions probably in excess. In 2013 you see that one version of measures for ICD 10, another 14 Snowmed CT, but by 2015 we expect that everybody would be on board with the Snowmed at that point. Note also recognize that many providers will probably have internal cause they're using and they would want to map hopefully with expertise of those in Snowmed City map their internal codes over to Snowmed. Also recommended that the EHR certification criteria for 2011 require that the problem list be available within that the software. We also provided some guidance for retooling measures that has to do with exclusion. And here, once again, they faced an approach in 2011 the assumption is exclusions would need to be by at the station, and there is now a CPT to code that indicates provider can indicate whether there was a medical reason, personal or system for excluding a patient from the denominator that would probably be the approach for 2011, but in 2013 all exclusion hopefully will come from the EHR elements. We also think it is important and the Minister of retooling process as these measures say new e specifications were developed, we want to encourage the measures the words to focus on exclusions that are related to counter indications and to eliminate lead is sometimes called the small dust in the measure world where there are very long list of exclusions to try to capture every single that may not have inappropriate in the measure. We do not need " that level of precision pay and also it is important to point out that the threshold for obtaining an ascertaining meaningful use will influence their decision about the need for those types of occlusions a however those structural are upset. The standard we know were the trash to will be set I think it will be it will help in terms of measure retooling and as well as other decisions for 2011, 2013. Another area that will be particularly challenging that our workgroup wanted to point to is as important is that as we move forward one to have patience centered measures. And the performance measure world, measures have developed in the ground up sort of organically as we said it and oftentimes specific to particular sites or patient populations whether hospital or nursing homes, home health, and specific measures for children versus adults. Sometimes it is appropriate to have differences across measures, but in a lot of cases it is unnecessary and adds to the noise of the system and not meaningful and harder for providers to act on it and harder for consumers and other to interpret the information when it is eventually publicly reported. Another important thing is to take revenge of the opportunity to harmonize measures and to also encourage harmonization of measures, and data types, data elements across all settings and to harmonize the denominator's whenever possible of these measures for different age groups as well. You will see in the grid provided to you that sometimes there are two performance measures or three in some cases that apply to the policy committee's measure concept obesity is a good example one for children and one for adults. We think the measure retooling process is possible to harmonize and to fewer numbers. D1 to take a minute to also point out that we have been aware of John, there is a member of the working group in this area and we have been aware that the long-term care is not the specific focus of our work for 2011 at this point the long-term care community with John's leadership and guidance have been organizing itself to make sure that it can track with us and do as much as possible in terms of applying the measure is that are eventually selected to the long-term care area. I would like to take a minute, John, I would like to make a couple comments, he had been working on the measure grid and working with the once a purpose for the long-term care facilities as well.

Thank you, and Janet and Floyd and the rest of the members of the committee. I represent what we call up long-term and acute care services which is home care skilled nursing facilities, long-term hospitals, and patient, hospice and other things where people really go from hospital and the doctor's office and to post acute care. As you know we are not part of meaningful use, but as Janet said, we are taking all the quality measures and working alongside that because we have the minimum data set and also VOE oasis on home care which is out, and assessment information's that. We do a number of these things electronically already. We took the matrix and went through it and we being members of the different long-term post acute associations, and found that there is about 13 of them which we can do and retooling as Floyd always said, and the S3 which comes out next year and oasis C comes out next year, we will be able to do some of those. I want to ensure everybody that the providers and the vendors even though we do not get incentives and not members of meaningful use that we are working right along to be able to here everything this committee is doing and Office of the national coordinator. So we can be ready whenever we are made to part of the meeting.

Thank you, John. We think that is critical because the measure need to be patient center. In management is been management mother you are in the community and nursing-home and you are getting home help. We used - - the last thing I want to point to before I handed over to Floyd is one of the key areas where we really do see a gap in measures and standards has to do with patient engagement. Our committee strongly encourages the work begin now to start to develop the measures and patient engagement and standards so we can be ready for 2013. We will need measure whether patients understands the treatment measures and quite a bit of work it and comfort care measures and methods of capturing in a standardized way do not resuscitate, do not and obeyed orders. Right now we don't have a lot in that particular area. The last point I want to make is a lot of things we can to realize in the Working Group is there's a lot of moving parts, there is the measures the words who developed the measures and [ INDISCERNIBLE ] who does endorsement of the measures, there is the work of [ INDISCERNIBLE ] to continue rebuild the data types and data elements standardize list, there's all the handoff that have to do that the standard in the EHR and PHR world. Moving forward, 2011, everybody is going to run as fast as they can and will not have as much time and wish they had to get ready for the requirements. If we begin now and layout and explicit timetable it would be extremely helpful for 2013 and 2015 and I know the efforts are heading in that direction. Our sense is that it will be important to have careful messaging around this so that everybody involved in the extensive enterprise understands that it will be rough riding for 2013. It will be rough riding for 2011, not 100% month for 2013. By 2015 we will have all our ducks in line and have a process that will be well laid out moving forward and that would be important to let everybody know. That may turn this to Floyd will talk a bit about the grid in more detail of the data types.

Thank you to the committee. There are no specific slides that you have to Chris. When this law other large and the reason was the request for specific information on each of the measures that we are referring to, there is not time to go through each of those measures and the full committee called the workgroup bid. What I wanted to highlight was the four-page grid. One thing I will comment, the committee working on the certification placed in a certified a kind of find that I chose to make this a four page. It is small. I apologize. Just to give you an overview of what this represents is the high-tech, expert panel, which has completed its report on July 31st, the editing formatting will be finished very shortly and the fully published on our side. Did identified four measurements, and data are represented and standard categories and you will see that in the left-hand column. Communication, condition diagnoses, problem, device, diagnostics study a medication. There are data types related to those. We will see on the grid is only those data types that are present in the measure that were reviewed for the meaningful use. There are some data types that if you have the Excel's spreadsheet you will see some it rose are hidden because the data types were not used in this measure. They exist in the model and the information model but not - you will not get them in the printout. Communication to patient an example is communication to ProWriter. Between providers. Patient to provider, ProWriter to patient and provider to provider. In this case we have communication provider to patient. That is all you see. On the screen. But I did is explain the data type. For those who are into terminology, what that means is we pre coordinated our statement to say in the case of medication, medications administered, ordered, medication prescribed, they are separate data types so it makes it clear exactly what we are looking for. Dae tap definition is listed on the third column. The object is to explain what you are looking at when you are looking at data types and definitions. Much of the definition came from the HL7 EHR functional model. Not know the derived by the high tech. In some cases these things were not in the functional model. You will see a column that list the data elements. Each of the elements is present in at least one of the measures that were selected. If you look at the larger grid for each measure, the elements required are listed there. Many are duplicates. So an active diagnosis my to be present in more than one measure. To simplify, we put the active diagnoses as altogether. Into this one grade. Having done that, we then and work with the operations work group to look at what standards are there to represent these elements so that they could be used to transmit the information and report on quality. So what you will find and I should highlight is there is actually six areas where there was no recommendation. But only six out of the total which actually is pretty good. That is communication to the patient for smoking advice for counseling. That may still require at the station. Somebody has to indicate that in some way, but there's no specific standard for that. Three other others relate to one measure and they were anti from Arctic related. When the device was supplied three that it was declined or refuse. The other social related to the same measure that the patients on a clinical trial, but specific to Venus Trumbo embolism. Four of these and there were no standards applied to one measure. The sixth one was limited to provider of reference. Medical reason for not doing something. Something that likely requires attestation as you saw on the slides from Janna. But basically if we would eliminate the one measure, there will only two areas that have no standards. We will see is you go through this is I can take it through some of them prominent I don't know if you want to go through the entire grid, but if we take condition diagnosis or problem, there's a number of diagnosis, the standard selected was ICD nine or Snowmed CT for 2011, ICD 10 or Snowmed CT for 2013. And then Snowmed for 2015 although I do not have that on the grand. Past history diagnoses is still the same diagnosis. We expect the measure storage during the retooling to indicate where within the record it is found and how that is to be represented. So that is dependent on the measure stored retooling process. We are giving you the the terminology and the location as we can. Again the intolerance to devise, there was no specific recommendation. Diagnosis static, again the study was performed with the Snowmed in the near term CPT four and ICD nine. ICD 10 in 200013. And Snowmed for 2015. You will see a little further down in counter, which is now on page 2, there were some HL7 message based ways of identifying the encounter. And encounters are outpatient encounter, hospital admission discharge, the time of each in order to calculate admission to long-term care, some of the is discharge from long-term care or that admission to were actually exclusions when I look at the measures specifically. Because a specific this charge is excluded the patient from advice to be given at this charge. As a look at his, you might ask for these come from when you look at the individual measure, it becomes a little clearer that these are related to inclusion or exclusion print second go further through this and I think it is rather detail. It is easier to ask a question and discuss.

Just to highlight a couple aspects, the first, leadership, QF and High Tep retooling the measures is Rick remarkable. It has taken measures by the best evidence but now with EHR in mind and now they're making them EHR center. That is truly critical piece of work and they still have work to do with all the quality - , but they have great momentum to do so. The convergence that has happened between this group and Jamie's group closing the gaps has been an amazing body of work over the last 30 days. Remember the last presentation that we had which said here's 24 pages of all detailed measures, we now have a four-page grid with six lines that are blank, three of which are on one measure. This is amazing. This is actually doable. This is not as you said giving our organization 24 pages of well, the standards have not yet matured, good luck. Is a very clear, but grid of diagnosis and medication, nouns and verbs and specific standards. I know one area of controversy, Snowmed, IC9 and ICD 10. In our organization we have a propriety of problem with vocabulary called BI98 the. Uses 15,000 common free text problems to create an invented vocabulary. We know this is not sustainable and the way Floyd and Senate are going to map to be I 98 and set gives - - specific to one destitution. It took us literally weeks of simply mapping are 15,000 legacy proprietary codes to the [ INDISCERNIBLE ] data set. We have 85% of all our proprietary cause mapped and consistent color of the cabin area. It wasn't a big deal so that was doable. We all know that ICD nine was invented for billing. Not invented for clinical observation and probably mission to the committee before that there is an answer to this interesting [ INDISCERNIBLE ] in the Boston Globe for I was called and carpet producing ICD nine to describe the problems when I is in fact ICD nine was a rule out not an observation. Or ICD nine was not granular enough. The lesson we learned, a whole series of articles, a lot on my blog about it. You cannot ultimately use IC9 as a mechanism of some terms and conditions reporting. You need to move to Snowmed and we need to do it in a thoughtful way. It will take years. It will not be easy, but it is doable. The notion that they had provided measures that are sensitive to the ICD nine transition but also in 2015 required the Snowmed CT for accurate clinical symptoms and conditions is a very reasonable course of action at least from one providers viewpoint. I also recognize that there is a need in work want to go from clinical observation made in Snowmed to a bill. When the download the vocabulary from the national vocabulary includes mapping from Snowmed to ICD 10. We definitely will have the glide past to get as into a translation of doctors observations to a coders recording of a rational building diagnosis. I certainly applaud the door that has been done I think a four-page grid is a work of art. And the gaps that we have remaining are very minor.

Thank you. I wanted to retrieve one point that John made well. I must say that I became convinced as we move for the process that a good deal of this is doable for 2011 as well. It is nice to see as it took shape because not only were we able to work our way through the data elements eventually to the standards, but the performance measures that have been selected here are also ones that are much her have been in the field in use at nearly all of them for some time. These are areas of performance being measured by many providers and address critical path aspects of performance that have been well tested at and what we have to do is to retool for the EHR, but at least we're starting with measures of performance that are mature and in use out in the field.

On that point, is there a way of knowing formally or informally by survey what is at the market penetration of being able to produce some of these? I have been given the comment you made many do internally and so forth. The we have a strong man for is its 10%, 50%? How we go about think about what the current Met market penetration is for the ability of some of these?

There is a handful of these that are measures that are voluntarily reported to CMS for those we have some information to gauge adoption of the measures. Beyond that we do not have a systematic way of knowing the extent to which measures have been used. One way we can address many of these are measures that have been developed by the PC PII, BMA and and CQA. Both of those majors the words have to do the lion's share of the retooling work as well. As Mr. Stewart, the have some information, I would not say [ INDISCERNIBLE ] as a survey the measures have been out there and tested in enough and most of them have been tested that they are no longer measures that we view as being in the palatine phase , but the extent of adoption we do not have good information on.

Thank you.

I have two comments. Fairly detailed, but about the 24-page that we have not reviewed. The first is there's a number of measures in which it says no card measures and not applicable which regard to the data types. The question I have for those is there is nothing in the recommendation column. I think one of the things we talked about is when those things occurred, some at the station or mechanism of addressing those, meaningful use criteria, would be included and I know that things like percentage of patients with access to personal health electronically K may be for something that's something that's an excess, baby the information should come from the committee in terms of how we expect in 2011 to take a look at that particular meaningful use. I would encourage it to complete that out so we have recommendations for all of them and if it is an at the station or develop a standard or the like, we need to start planning ahead for 200013 or 15 if that is the case. The other comment, fairly detailed, item 23 were it talks about all cost and readmission index. One of the recommendation and all boldest consider deletion put in one of the things I think is important is that particular report of 30 day readmission rate is are really important quality indicator I think we need to think seriously about how we might push from 2011 to with 2013 and 15. We have had discussions whether 2011 should be our own facility, 2013 might be local exchange, 15 might be everyone. I would ask that we either - I know at the end of this to approve some of these things that we do not consider that one for deletion, but spend time to think of that how we might get people to the meaningful exchange of information around readmission rates.

Can I respond to both comments. First, respond to the second 1 X first. That was inadvertent. I should have deleted consider deletion. In our discussion based on Kennett's side, the intent was 2011 your own facility, to include that, and tune that's how. That was an oversight. As far as the other, we did talk about adding into the recommendation and should have attestation for 2011 could certainly work, but our intent was to look at utilization measured so the quote report out from the it EHR that this has happened. How many times say med reconciliation record, how many times -

Patient taxes specific education -

Think you print that kind of information could be utilization measure and we look forward to creating those measures out of the system. For the future.

So if you can amend it to indicate that and the recommendation column.

There is some work to be done in trying to figure out how to specify those measures. I think I is a decision for the group indeed. But have to require some effort to think for how best to do that. [ Please stand by while captioners are transitioning. ]

And if so, can CMS received--

ET and boost anything with it?

Well, there would be able to report but we can't speak to CMS capability. I'm afraid the can't speak to that.

I'm sorry, I didn't hear you.

The question was whether or not we are recommending that providers be given the option of reporting many of these measures it with ICD 94 with SNOWMED and the question she posed was this CMS have the capability of receiving that information especially in the case of measures through SNOWMED.

We'd like to comment on that. Karen, thank you for volunteering.

It seemed the logical choice. But.

We can't accept SNOWMED today, but we recognize that in addition to providers and products having to change over time and evolve in terms of what will be done in terms of meaningful use, how it will be reported, we expect that we are going to have to evolve over time as well. I think it's a partner in process that tends to move down the road.

This is 2011. And I know CMS pretty much overwhelmed right now with ICD ten conversion, it seems to me for 2011 sending SNOWMED, Connecticut there is going to bounce back probably.

Okay, first of all, the ICD can I think is on the list for 2013. It will be implemented until 2013. I think what we are quite to have to do is to decide the measure may provide some ability to do one or the other but we will have to figure out how we're going to catch the ball. And if we can't actually except measures and a certain way, we may have to look at intermediaries, we may have to look at during at the station for a. Of time. I think some of that is still under discussion.

This is one of the things this committee this fiscal the ecosystem problem. Which is you have to look above the sender and receiver and the stability. And I think our issue here for example, you wish to report by a surveillance immunization and public health data, however, as a meaningful use criteria and only if there is somebody to receive it. So I think your comments are quite right about intermediaries, at the station, and an evolutionary path, but would seem at least for my provider perspective resemble to begin collecting the data in Kota five for men as soon as you can.

I'm sorry, go ahead.

I wanted to make it clear, this is a key reason why I sent on this committee. We have to be prepared for the recommendations that come forward as we make the liberations' internally and regulatory processes understanding how are responsible offline is important. This is one of my keep me up at night issues and I'm well aware of the issue.

[Indiscernible] has to be sensitive to the issues of implementation and adoption. And so Jamie and [Indiscernible] discussed this whole issue as we think through that going from standards to their actual transmission how do we get testimony, how do we hear from government and private folks, what are the barriers to doing this and had we adjust for them? I think the important issue over our next year work.

Mark.

Without speculating but CMS by Jews are not to do, they've been very flexible and innovative in the Register reports in process separate from the billing and claim submission process or of the estimate is much more flexibility to implement and adopt new terminology I would be surprised if ever able to accommodate some dead even in that timeframe.

That's an important point. I would of tell on John's point about the ecosystem and I'd be remiss if I didn't command John's leadership in terms of really the [Indiscernible] of long-term care environments to Oasis C and and the estate to really emulate some of those and we are forgetting in addition to the CMS I fully imagine that interchange with commercial papers and a broader environment that is increasingly ready or adapting as [Indiscernible] identified ways in which there are circuits but with an intention and directionality because I think Jamie wants to jump in, as a kid before I go to the next estimate a month to agree with Mark. As a preview of coming attractions, when I do give a work group report, we see we are recommending the CMS it's your right [Indiscernible] should be used for this measure reported for 2011.

And this point, but it will go to Wes and Steve.

First off, I want to say that this is the illustration of the point that Jonathan and John made at the start of the meeting about the progress of refinement and clarification that has gone. It's an amazing collaboration. Anything I say that sounds the slightest bit critical is dismal dust to a certain extent. Parts of the trouble I had in grasping--

If you could move closer to the mike.

Parts of the trouble now having given the complement of Mike now -- [Laughter]

The thing I had difficulty grasping as a participant on the operations side was what we have accomplished and what we have yet to accomplish. I think what we have accomplished is demonstrating this possible to compete these things. We have a vocabulary for expressing them there for we can count them. What we have yet to take up and therefore there's no harm in not having done it is this method of how Willie transmitted it and how it will be used, and if I could add if there's any way the the police pulpit of the federal government [Indiscernible] that we can push for not only the measures, but the mechanism of submission being used beyond CMS for its required for meaningful use but used for submission to other payers. I think we can achieve tremendous -- I think there already is a recognition by the Paris if they need to use the same measures. They need to also used as a means of transmission.

Comments?

What I can comment and this is work that's been going on in [Indiscernible] the specific to this committee directly but inequality use case resolution that we've been working on we recognize there are two missing pieces. What is the measure itself. And a standard for the measure there's actually were going on as far as making that a standard and its envelop in HL7 right now. The other was the export and sending the results out. And there are action is a draft standard that has been validated and approved that's going through it's been now to track the quality reporting document Architecture. Which does still need some testing and in use but it has been used in a number of places including and New your Public Health Department. So that is there but we're also looking that there needs to be a message based way to send this out and not just to document based way. And that's going on in it [Indiscernible] but I think that's still work in process.

To that point, you'll hear and Jamie's presentation that he's got a very realistic view of this, the Ku RCA is a standard that is [Indiscernible] its a implemented in New York Public Health but it's extraordinarily early to require. So he said HL7, 2.31 if it's an immunization, HL7 2.51 for some of these other measures, all a very durable, very well understood standards, but we have our I to getting to some of these other immerse summary document formats.

I think there's a resonance around the point that there are two challenges up, one is the [Indiscernible], we used a position where it feels like a term of talking about [Indiscernible]. We have the opportunity to move patient care and we have a [Indiscernible] of the measures and a consensus day and [Indiscernible] and transmission then it makes that much easier across environments to accelerate the adoption. I think that's an important point to acknowledge. [Indiscernible] Mark were you going to jump in?

Janet and Floyd, the seven measures that you identified with there isn't an end to F some conditions or illnesses or whatever that you haven't the not NQF measures. Does anyone else have endorsed measures for those for example in P2 or I or and insurers are physician groups or anybody in the system have the measures for those seven? The question is what are you proposing for those seven that they just simply be dropped? I may have missed that and I apologize if I did. That it would simply not be part of 2011 or 2013?

It's a great question. And let me tell you what the 7 R. It's% orders entered by physicians and CBOT, % met for all orders entered through CLE so those are clearly related. % of [Indiscernible] those are clearly related. Reportable last somewhere is transmitted electronically for public health purposes, and then provide electronic syndrome X [Indiscernible] did it to public health, the less your public health measures. We didn't let hours scan of the performance measures to NQF endorsed measures only if we knew of something else out there that might be appropriate or better if we would have brought it into the process. We just don't know. There may well be some measures of this nature that probably are in institutions that have come up with something to be able to take a look at these. I think at this point, it's a matter of is there a desire to move forward and to develop measures in this area it would be perhaps the next piece of work to assemble a small group and take a close look at how we could develop measures in this timeframe, if that's possible.

Would that be done at NQF? What's the proposal for the process there is the policy committee or if ONC would want to move forward with those seven?

I would comment to that and based on my response to the earlier is that the recommendation now as we discussed on the committee would be attestation for those. Most of those elements to be handled by attestation and that we would look to certainly look to those as utilization measures directly from electronic systems. And call for those measures. We indoors but the developer but we could do a call for those to make them directly out of electronic systems rather than attestation for the future.

But there still is a piece of work to be done even if they're going to be done by at the station in 2011 to define Data Station mechanism. Does not entirely straightforward. I think that would be the next step with those particular measures to a.

Okay, I think we are like the ready to call to question. Thank you for a traffic core. I think this presentation empresses three signal events, first I cannot stay it better than Wes to the degree of clarity and identification of a road map of the time of the convergence across the work of the quality community and the Instamatic community, it's just exceptional. It's clear that this also additional work for the signal event for the completion of is typical of the second aspect and I think it really impressed by what John offered, these activities moved the environment even beyond what was specified in legislation. A wanted to accept your letter into the record deliberations, it your intent to really move measures across environments not specifically covered plate and the legislation that comes uplifted by all table is critically important. The second signal event in the third three heard from John that this will take work to move and adopt and this event is that not it will let to core to adopt a poet of their affection for my colleagues that it was a [Indiscernible] that the world doesn't have to mat [Indiscernible] to the rest of the world. [Laughter] thank you for a great test case in that example because I think that's a reality that all of us will phase. And we ready to accept recommendations of the clinical quality work group?

Any objections?

Terrific, then we have consensus to cut soaring mark. And.

Not an objection but I think there's some with the acknowledgment there's some clean up things in terms of some of the terminologies and some of the rose that survived. The careful editing.

[Indiscernible] that we discussed a.

With that, also the recognition that I job is been anointed at this point but it's a mission of this material to the Office of National coordinator and validation with that environment as well and the opportunity for public comment.

Judy?

Just one of the think and I would like to see as flush out the other seven. I think that's a big part of the approval as well with the thought that we are moving ahead and looking at the seven we don't have criteria for.

Three. With that amendment, do we have agreement? Those two amendments, traffic without objection, thank you for your terrific work and its clear that consensus your not off the hook there is much more work ahead both in the immediate and in the out years. Terrific work, thank you damage.

I was little taken aback and John's opening comments that this committee was going to go on forever, isn't that what you said? [Laughter]

It's a journey.

But everything will get more and more granulated.

As long as we think of it that way.

It never ends. [Laughter]

Thank you very much for that terrific work. With that, we have designed today's agenda to be cushioned for discussion. I know last time some people might have felt that we were time pressured. We will take it the amount of time it takes to get the things and I think we built an additional time. Let's move ahead before I take a break to the chemical operations work group or I think we will say equally heroic and effective efforts that will turn to Jamie Ferguson and John Hummel got to bring this debate on the clinical operations progress. And again, want to add think you both for trivet leadership of the members of the worker before just broke efforts and especially members of the broader community public 12 provided such a rich resource based of information counterbids open and transparent process of deliberations. And the ability to move us forward with clarity.

Jamie, John?

John I know you've just got back from Japan, I guess if you want to stay there or join me appear, either with a.

I will come and join you.

Thank you. Just as an overview, I'm going to go through the recommendations that we've made at a relatively high level. I will talk about some principles we've discussed and some improvements we made in the documentation. I'll also talk about our discussions that relate to public comments that we've received some of which you've received in your packets here today. But in general, with one exception that I will go through, our recommendations were accepted last time and we have not changed them. So we've improved our documentation but I'm not going to go through them in the same level of detail that we've just gone through the rows of the [Indiscernible] recommendations because they haven't changed them except for the 1 I will talk about.

It's important to note as it go through all this material is just as with the quality material, the remarkable convergence on a near 100% set. When David Blumenthal ask the question for meaningful used for clinical operations, what percentage of meaningful use criteria have now standards attached? The answer is basically 100%. Very very close.

That's not to say that these are all the perfect standards of do we would want in a perfect world and there's certainly some maintenance of that's going to be required in terms of vocabulary and some evolution of some of the standards. But we do have recommendations for everything from meaningful use 42011.

So you can see and the first slide it's just a listing of our work with membership. In summary, we have clarified are descriptions and updated our documentation. We received comments in our last committee meeting here and also from public comments that our recommendations were frankly hard to understand. And so we think we've improved and clarified the documentation quite a bit. There is a new summary chart attached to the we've reviewed in detail in the work group. And we hope that that will be more useful and more understandable. We have recommended some additional standards for quality measured submission, and we've also broken out the public health reporting of reportable labs. Of the that was embedded in our previous recommendation.

In the grid is very similar to the four page good that was used in quality and that is rather than giving the exhaustive detail, it summarizes and diplomats, allergies, notes, reports, these sorts of things and the content as low as the vocabulary standards associated with each of those broad categories.

It does not cover transmission, that is covered in Dixie's area, so you will see that Dixie will provide rest, a secure transmission all those of things this is content and vocabulary.

I've got a couple of slides in here that address the key themes that we found in public comments as low as some of the discussions we heard in the committee meetings. So we've had a number of discussions in the work group, some of them on the specific issues that relate here. We heard some comments that the recommendations that we have didn't consider innovation enough and didn't more flexible enough to allow alt innovations. But in fact, the innovations that were mentioned in the comments generally were proprietary software solutions or they would require key changes in the current legal framework for medical records such as making personal health records when, legal local records. So that would be a substantial change that we really felt was out of scope and the fact that we can change the standards in the future did process that we have we thought was adequate to address those concerns.

Obviously, we embrace the personal health record and provide standards and ceramic a charity it charity PHR as identical standards but the notion that CMS, the hospital and doctor will no longer keep a record at their organization is probably something that would require just a bit of regulation tweaking and therefore, embrace innovation and adopt PHR as a guest require revision of all your regulation not at this time.

And we would also note that if the policy change were made, we believe that the standards that were met mending could to facilitate that. So we don't see any conflict there. Also heard comments to the fact that some specific standards are not recommended it in fact, we had a work group discussions on a number of alternative standards that are currently in use including the [Indiscernible] and let reporting and some vocabulary standards such as the most popular proprietary communication standards for vocabulary that are currently used and we felt that migrating to the standards that have already been adopted are recognized by the Department by the Secretary [Indiscernible] and Alton Prematics and other open processes that have taken place with provide the best path towards standardization and achieving the objectives that we have under the recovery Act and meaningful use.

There is also the recognition as no discuss that there's a path. That gets us to what we will call the single track with the Intercontinental road and therefore in the short term to 2011 there are exceptions that are made to say yes, there are absolutely implementations and there should be value recognized and therefore it should be allowed for 2011. But by 2013 let's get to one standard format transmission from labs and other providers said to be able to receive.

Those are some of the key considerations behind a recommendation to allow a variation for 2011 but to migrate to the standards by 2013. And in general, we are supporting and recommending a path very similar and analogous to what CMS did in the final role for ICD ten which is to set a definitive standard far enough in the future that people can actually achieve it by the date in the role.

And with said this before but to emphasize what we are covering in this presentation is from the border of an organization to another organization, we aren't suggesting that within your for walls, if you have a proprietary our existence as you wish to continue to use, that's okay.

We heard a number of comments and received a number of emails and letters that basically supported our recommendations. We didn't discuss that in particular.

To give you an example, a [Indiscernible] we haven't used the first day debate vocabulary for medications and herself built systems. It's unlikely we are going to rebuild all of our internally developed software to use are X number that thing said, are Exxon provides a mapping that at the border can take the first did bank code and produce and our export concept identifier which we would then transmit into what ever we would for meaningful news organization to organization data exchange.

We also heard another theme was that it essentially the market should decide standards or that things that have already been implemented should be what reselect. So we found it that there's a wide variety of implementations that currently exist in many different things and we do believe we have to get to standardization because we've allowed time with a 2013 recommendation for the legacy implementations and the current HIT in place for those and letters to get value from those as they migrate towards the standards for 2013. And then we also heard on the other side of the coin, that it basically weren't fast enough or restrict enough in terms of allowing these variations that we are recommending for 2011, we did hear that some comments that we should not allow the kinds of variations that we are recommending for 2011 but we recognize and we had discussions in the work group that many IT projects take longer than two years and that's to for a variety of reasons. Some of the think we discussed for cost effectiveness so you may be able to pile on resources to potentially get get a project done in a very exhilarated time from, but that's not cost-effective and that can also be very disruptive to operations. SAA allowing the longer time frame takes care of those considerations and we felt this was a realistic. We also heard comments that we should have recommended more of the HITSP standards but we recommended standards that meet all of the requirements we believe for the 2011 meaningful use measures.

An example of a 2011 allowable transition scanning of paper documents to create an image to the creation of a PDF. An emergency physician I did tell if I receive a PDF with some added data around it, there'd be a whole lot better than I have today. And so to say that we are going to get to complete structured a vocabulary control of occupation in 2011 [Indiscernible] that realistic so allowed on the glide path the use of an image with Medicaid and allow the use of a PDF and get us to a 2013 where a structured documentation is required.

Weedit as John mentioned before we did want to talk about the concept that we are recommending standards for interoperability between enterprises. This is not intended to mandate how you capture and store and manage information within an entity or within an enterprise. But that it does apply and should apply the recommendations should apply to the external representation of information and the exchange of information between entities. So we believe that they're in many different methods that could potentially be used to achieve this interoperability to achieve standards compliance of that could include native data capture and the recommended standards and systems that only use the recommended standards but it could also include mapping, could include external services, could include and provide for the ability to continue to use internally generated coating systems and information management systems so long as you can also then generates and create and represent your information in the recommended standards and using the recommended exchange standards with other enterprises for interoperability purposes.

Along the way, we wanted to make architecture of neutrality in so there are different models for health information exchange. Said the model that's used in Indiana cermet in the models used in Massachusetts have subtle differences. So don't dictate architecture. If you want repository's cannot be there logo are essential, that's okay. If you want to push versus Paul, if not publish and subscribe to come of those should be supported. I think what you'll see is we got to specificity of the standards that should be used, but left it such that implementations can still have a very delicate that are appropriate to each community.

Do you want to take a short. Back to the to our key recommendations and so these are not all of the recommendations but these are the key items. There is an attachment which is our new chart the with the approved documentation that has a more complete list.

We got the font larger this with. A bigger piece of paper.

Not much bigger though. Sulphur content exchange with one exception, our recommendations for the content exchange standards, as opposed to the cabin standards have not changed but we think the new documentation will be more understandable for structured electronic documents, we are recommending HL7, California, the relevancy a profile as including committee of care document as specified by HITSP for most clinical message ID we are recommending HL7 version 2.5.1. Again as specified by HITSP with the exception that immunization queries and vaccination updates use HL7 version 2.3.1 in HITSP specifications. So we are agreed with those recommendations.

There is some that balance commit up ungenerous so we make it 28251 recommendation. 231 is where we are right now.

Nine time for the current cycle of work is essentially. So then for prescriptions we are recommending and see the PC chip for ambulatory at ages seven to .5.1 then hospitals and this is completely consistent with the current rules. For eligibility benefits and referrals, there's actually a title on here that I will point out. We are recommending right now the use of the X 12 hit the transaction standards, the 5 feet one is not script. [Audio cutting in and out] we are also recommending as per the specification of the HITSP the use of the [Indiscernible] core and phase to standards for the next 12 transactions for eligibility. Now the new one is the one at the bottom of the page and so this is the only change to our recommendations and this is therefore, the only item that we're actually recommending and requesting approval on from the committee. That's the use of as we said before, be it P2 are registered specification for quality measure reporting. Currently there are approximately 70 registry's across the U.S. The support this specification for reporting of quality measures to CMS and we think it's practical and reasonable and can be implemented for this purpose by 2011. As we recommend. It's the one recommendation that was not in our presentation last time, it's been added.

In terms of the primary vocabulary's specifications that we are recommending, this is not the complete list, but these are the primary standards we agreed to recommend, the complete list is attached and the handout for clinical problems and procedures in. We are recommending and migration to SNOWMED CT allowing of course the ICD nine currently ICD ten and in conjunction with the role but as Floyd mentioned by 2015, I recommended statement of direction would be to migrate to SNOWMED CT. For drugs and communication elegies if we are recommending RX Norm realizing for 2011 NBC and First Data Bank, potentially others may be used cermet so they should be allowed but we want to migrate to RX normal. I do want to point out when we get to some of the quality measures we are recommending that both for the problems and procedures as well as for drugs and communication allergies, there are just a few problems that are specifically required for quality measure reported. There's just a few drugs that are specifically required for quality measure calculation. So we are recommending that those few items should be either Mac or be able to be represented in the recommended coding system for calculation of the measures. So that means that you may use a proprietary drug coding or problem coding scheme or text fragments or what ever you use internally, that's fine, but for purposes of quality reporting, you should be able to represent your problems in either SNOWMED CT or ICD nine and for purposes of those few drugs that are used in a quality measure report in you should be able to represent those in RX Norm. That would be for 2011. That's the only specific use of those that we recommend requiring for 2011 and exclusive to the quality measure reporting. Than for other allergies, more generally, the unique ingredient identifier for laboratory test [Indiscernible], units of measure, the uniform units of measure, and again, the same title is on the with NCPDP script be mentioned instead of the NCPDP quality standard for the.

These are consistent with [Indiscernible] mentioned previously and federal medication terminologies standard so if you get any to the FDA and other federal entities, they have said RX Norm, you and II, the do you want to make any comment on in [Indiscernible] and the gap there?

We've noted and you'll see there's a Notes column on the right-hand side of our detailed charts and we noted that the implementation and [Indiscernible] of have to be determined in the future.

[Participant's audio is faint/unclear] Press the then an ingredient a medication or a substance, NDFRT is what federal mitigations then it at selected and that's one of those early standards that has not been mapped to my knowledge to RX Norm and you and II direct it. Its still Burt to be done. And other key concept we mentioned but I really wanted to point it out here, very specifically, is we are recommending the standards for 2013 implementation. We believe that that should give meaningful users enough time to get to the ramifications. But we recognize that there has to be 2011 implementation and so we believe we've allowed for a degree of alternatives and the use of legacy and proprietary coding systems for example, and unstructured documents that will allow a migration path to the standards while still being reasonable and not placing an undue burden on any of the mentor. So there are some of the standards that we are recommending for 2011 that we would recommend should not allow for 2013 include pretext, PDF and images of documents, migrating bent to structured documents by 2013. We are recommending the allowable use of alternative HL7 version two lot messages below existing applications for 2011 but migrating to version 2.5.1 by 2013. We are recommending the use of legacy, local and proprietary code system should be allowed with the exception that I noted previously that for the specific list of drugs that's mentioned in the quality measures that should be amenable to RX Norm and for the specific list of problems that required it should be laughable to SNOWMED or ICD nine because.

It's an important point because we cannot persuade Floyd and Janet to map to every proprietary vocabulary that exist in the country. And heads what we said was for quality measures that there are just a few data elements to report RX Norm, 910 org SNOWMED as we vindicated and that seems reasonable to give flexibility to organizations and their glidepath to use a vocabulary is they have already been limited. The well at the border, not internally, have to translate to these few the Cavaliers won the point of the measures.

We are recommending allowance for the use of these alternatives and existing legacy systems for 2011, it doesn't make sense for college reported in the can't calculate the measures directly.

There are a few next steps on looking for a at what's next. We do have to have a certification criteria that supports the standards that are needed for meaningful use information exchange. We have not discussed certification criteria in detail in the work group. So I'm not making any to take their recommendations other than to say there should be is a vacation criteria that would enable the use of the standards for that purpose.

Globally, what I consider at the beginning of the meeting that is in addition to the functionality of the product plus the standards that are recommended by these workers. Therefore, in some sense, this becomes the certification criteria for the standards that should be big to products. There are a couple of standards that we wish we could have recommended but they weren't ready and perhaps for 2013 for an update process these can be brought into play Floyd mentioned the QRDA for quality measures emissions and if CMS added that today the key R.I. specifications it could fit into our recommendations in a measured way. Also CDC has a specification called GIPSE for public health did exchange but I noted that the version of one a draft data dictionary for GIPSE was just published last month so this is not, we don't believe this is ready for recommendation but it is something to look forward to so as an alternative for report gloves for 2011, we are recommending that the HL7 version to respect as recommended by HITSP is what should be used as a mat some detail on this one [Indiscernible] about innovation in the way that public how the data is reported, traditionally if you look at the work we did in HITSP on such things as by a surveillance, we used to identify or identified patient level records rather than how many patients can't your emergency department with its one and one like Systems seven. GIPSE allows that kind of very summarized senator, it doesn't have patient level rose are patient level observation or individual lab results. There seems to be a trend is what we are hearing toward reporting less data that's how they summarized at the institution so GIPSE and very likely, very important standard, should be adopted the right now, it's one of those categories three to four kinds of things to talk about. Just came out the three weeks ago and therefore probably preliminary to recommend.

In terms of maintenance processes, we talked last time about the need for maintenance processes both in terms of a vocabulary and the other standards. We recognize that as the measures are retooled for quality purposes and as the measures come into play, there will be updates that will be required to the vocabulary subsets that are specified. So there should be a process for that. Also for the content Exchange for example, updates to the PQRI for industries this addition will be needed for the new measures. So we will need maintenance processes for these things.

And that we look forward to working on the next batch of recommendations.

And adjust to describe this large sheet of paper, with the hope is much clearer in this presentation format is we've broken it down into the broad categories of data exchange. Show do with the content exchange about the document and messaging, show do the vocabulary associated with each category of data exchange. And this point about architecture natality, very important. You can use what ever Web technologies you wish. You can use [Indiscernible] you charge to PHR, [Indiscernible] Press poll, published this right, all of those are consistent with this kind of category of standards. Any of the comments you'd like to make?

No, I think that's it.

We look forward to your comments and your input. We tried to be very sensitive to a broad array of been put in creating this matrix program incorporating public comments and I have to say that I am the chair of HITSP so in some ways I'm conflicted and it Jamie was right in a that this was a very balanced approach. HITSP the standards were considered but many of the standards and cement and implementation Guide. We were criticized both for including to much and included too little which hopefully means with got it just right. I look forward to your questions and comments.

Thank you to the traffic core behind this. The table is fabulous to a special for those who were smart enough to print publicize pitched but it's a road map. The ability to reduce the complexity in the world to minimize the complexity and implementation to really have a focus and usability of elements and suites of standards on the implications associated with that to facilitate our ability to realize what's intended their content Exchange and the Cavaliers with architectural neutrality is an incredible accomplishment. We have a number of people who want to comment as questions, Mark is first and Dave. Steve as the from last and? And Jody and Stan will. We will go in that order.

I guess I have a question and a comment. The first is related to the standard come I'm having trouble wrapping my head around the ecosystem thinking. About this and so the example of a chain of urgent care centers that deliver information to us in a structured format, this extended, not one of the ones we've identified through this work. I think the implication of what to make sure I'm not missing something here is I'm probably going to keep receiving those structured data from those urgent care centers in this format because frankly, didn't have any particular motivation to change. And its a doing the job. One of the challenges with this and I don't have any magic answers of course is that we are able to attack and you have the stars somewhere, a narrow space and then over time, hopefully we will see consolidation. That's consistent with how your seen the evolution?

Certainly we recognize that standardization goes up from [Indiscernible] as much [Indiscernible] and convergence as you can imagine overtime. I've said and HITSP, ideal harmonization is one. It can go from 22 to any short term, that's great. I think what we try to do is provide a road map that allows a variation and variability but tries to get as to that single rail, that single day of track as much as possible by 2013. We recognize to the that they're going to be intimate years there are good.

Baines, translation, that a lot of [Indiscernible] may exist within institutions. But what you hope is that eventually we get to as little variation as possible over the wire. And the entire map in and translation of the time where we can.

You're almost ready to run for office. Another couple years of practice and you have it down.

I want to say that in terms of the scope aspect of your question, part of your question was what about those and points either sources or targets of information that aren't covered by this provision in the recovery Act and we didn't really discuss those and that scope issue in the worker.

The major takeaway is there's a large chunk of the health care because system that we are not attacking or addressing are leveraging and that's okay, but I think it's important to recognize. The other brief comment that I wanted to make is there's this talk about the GIPSE in standard may be too strong a word for word is and the process, but just too high for people as an example might think why it's a high choice [Indiscernible] just for example its model as you said to disenrolled of aggregative reported. So for this did in Europe that means a 1.5 million rows of data reported every day because this thing is designed. So I think the pragmatic practical application and assimilate the PQRI reporting as this report is another standpoint [Indiscernible], which today made it work, that gives me a lot more confidence than something that people and companies have set down and created but not yet tried to implement in reality. I know GIPSE is a been given quickly toward an attempt at a reality but some of these pragmatic issues I think us are going to serve as. I applaud the wisdom of the group and taking their time on some of those.

Let's turn the table below of a. You ask the question, not every component of the ecosystem is covered by high-tech. But in your experience, and the committee, would you expect a certain sort of snowballing effect of what you started others to play. A hug you envision coming into frigid?

It's more like John described [Indiscernible] earlier. That we're going to see various kinds of adapters intermediaries and so want to go almost forever. As much as we have with claims. Your many years out in the in the transactions but yet we're still heavily reliant on the transaction clearing houses and things to bring that level of normalization. I think we are going to continue to see that. Too, but it also implies that the information action is communicated from among points which [Indiscernible] optimism.

Thank you.

Dave.

Yes, first I commend you on the first pulled out pen up a. It's a great achievement. I have to questions, one is picky and one is a broad. The Q1 I will do first. And that's the recommendation for in 2011 for NCPDP ten-point Tex, that's pretty far beyond where shares Scripps is to it. Every one that current certified is 8.6 source it .1, was that a conscious decision to move to ten-point facts which is structured big?

As we discussed and Yorker, I don't say that we spent a lot of time and the plan because we did but we did discuss and agreed to recommend moving to ten.

I will register that at least one vendor is quite concerned with the application of moving to ten whether isn't even as certification process that you can use to validate it yet. I don't think it's planned until even well into next year. Unless share scrip has spent their process to update its and offline discussion. The broader question is about this notion of moving documents to the CD a format. And I understand the need to have a structured Data, I think to refer to as cared coronation, was it wouldn't crop is one of the kind of documents are required by the 2013 timetable to be moved to a CDA format and which of the hundreds of different ways that you could interpret CDA are you implying? Is it just the top level Heather?

We are focusing on implementation of the 2011 measures. The primary measures there are four care coordination and patient and family engagement which have to do with the transmission and Exchange of a summary records and giving patients and counter summaries and things of that nature. There's just a few, only a thing for of those measures that are covered by this recommendation. So what we are recommending is that for 2013, when documents are used for those purposes, they should be the specified CCD org CDA the template as been recommended by HITSP current. For 2011 if you have the ability to take a pretext for PDF or an image of a document and a step eight CDA Heather on it, that should be good enough for 2011.

That helps a lot. It's really those documents that are focused on this particular--

Is just for the few measures were that is a requirement for 2011 meaningful use.

Thank you, that helps a lot.

Jody next.

Thank you. And wanted to go back to a point made on your last slide about certification criteria. Must support the standards. Of is hoping you can elaborate on that and if you have any ideas on what that might look like and how we can make sure that we connect the Standard said vacation into the syndication criterium appropriately. Clearly the statute does talk about certified products I think that's consistent with the center said, I just wanted as somebody who has to figure out what that how that works in English and I wanted your insights as to how that we might think about doing that.

In discussion with John on this point, his comment was certification is this twofold functional aspect of the product which ONC will list the criteria and the standards that we all recommend of which sure they are. And these are basically reflecting the meaningful use data exchanges as specified in the policy committee definition of a meaningful use. I guess broadly one sentence would be the certification criteria should be the capability of the products to support the data exchanges as required by meaningful years using the standards on this page.

Just to clarify, this is only for their talking about the standards, these are for Exchange of the data, not for years Mrs. Selig within an organization?

For extent of the data and external representation of the information.

Okay, time epistemic the quality data reporting and clinical care coordination.

So I would include action in the external representation would be providing the information to patients and for patient and family engagement and not just the clinical exchange component.

Kevin and bliss and then was we will come back over this with.

Just a couple of comments and the question because more of a process question. I think it's important to reiterate one of the public comments that are in here about the need to make sure that Iraq this process with its policy committee, the standards committee and the work we are doing both and the subgroups that we not lose track of the need for innovation. And it's something I think all of us in this room to very seriously of the finding that balance between standards allowing exchange of information and somehow restricting market place innovation by IT solution groups and vendors and other things. That is not the intent of the work we are doing within this committee or the policy committee or anywhere else and I think it was a well crafted answer to the question about making sure we are focused on the exchange of information, not necessarily focused on the actual work flow of these applications. That is something that I get emails about and comments about on a regular basis of concerns that we are somehow going to dictate how things will be built and restrict innovation and that is not the purpose of this group. In the second item is was pointed out earlier, that while a product may in fact be compliant with these technologies for the exchange of information, it is also okay to have third-party products that the vendor chooses to use of third-party products to be able to map to an exchange that information. Before we get enough for not agree to be able to implement this company can't implement that standards, there are other options to be complying with that while the company may choose to move toward native compliance, if you will within the application. Those are just my to reporting, as.

That's absolutely correct John's institution have self build systems and we have elected to leverage our community data exchange as the mechanism of creating standards for interoperability between what positions rather than building it native Systems we talk to come and give a and it is a translation into the standards and that's completely fine. And the talk about certification any sense its certifying herself built systems plus the Healthcare Information Exchange as the unifier into a common format. I look at what your company does and you will be a model and in fact it does standards based a prescription. Therefore, self build modular or say a comprehensive and EHR are all completely supported by the standards on this page.

But we may choose as you indicated it use a third priority product to translate into our into RX Norm versus living in the same time for about and may choose to go to RX Norm a native as will. The process question and I may have missed this in our initiation to the committee, but we're getting very specific on versions. Of the standards. In some cases, all the way down to the third abysmal level. And our experience is when we did that within federal legislation around NCPDP and the requirements around that were troubling. Because as the standards continue to evolve in that case federal legislation had to be amended, there was a little caveat in there that said so long as the standard is backward compatible, you can implement later versions more recent versions of that so long as is backward compatible. I think it's something we should address so that there's clarity amongst the public as well what if a by 2011 the version is now 2.7 but this calls for 2.5.1, what is the rule in place for that?

I think there's probably three answers to this is that certainly this notion about backward compatibility is a way out. I think John Angelie has talked about this a difference in regulation between what you make in the regulation and we put in as guidance. If there are things that are going to change or not quite sure about that we put them in the guidance section. The of the recognition there needs to be maintenance on all of us and this is not by any means a static document which you'll see is a yearly or by an L.A. there will be a adjustments made as versions will.

That's what I was quick to say in response is that I think I would take your comments as a vote for making the maintenance process and perhaps one of our top your knees is not our top priority for the next phase of work.

Any insights from you all as far as where things would be more appropriate to put in guys versus regulation because you think there's going to be changed over time and not something that's quite a static is helpful to us.

Great train of discussion. It really gets [Indiscernible] having about innovation and specific to say without is straight and need for maintenance. I think the early discussion is well above the immortality of this committee. And that will need to go on whether I'm here or wherever it's inescapable. Greg points. Let's go to Lisa.

I had a couple questions and the summit from a testing point of view. Is not all about testing as people tell me. As we have standards and make it as a vacation there is that in between piece but testing to get the certification. I might have missed the point. This spreadsheet is a summary of the previous spread sheet, is that correct?

It's a summary of.

Okay.

With the addition of PQRI registered a.

And the spreadsheet, where it says specified by HITSP if you went to the other spreadsheet you would see--

At that level of capability.

We to think about this is exactly analogous to the quality groups, this is the one page as compared to the extensive list of the individual capabilities by number.

From a testing point of view, you can't just tested. That's great. And then the other suggestion and as you keep quite and deliberate, if you can get a little more clarity down the road on allowable alternatives. Again from a testing perspective, it to what the testing process to dictate requirements. That would be back. So we can't have too much ambiguity that the testing process can't handle know what in the world is allowable alt. Do have it by example and a slide pickup made you have it somewhere else. As a go forward a little more clarity on that would be helpful as well.

The free text PDF and Image with CDA header.

[Participant's audio is faint/unclear]

That's exactly true for the unstructured documents. But it the same time, essentially we are saying if you have a legacy HL7 version lot to a petition from that's fine. Re-addressing please migrate to reason to .5.1 and 2013. But I don't know how you make thousands of different variations HL7 version of messaging unit detestable.

I think that's the point. They will be.

That may be a case for at the station may be required instead of a specific test subject.

Thank you.

Appreciate that. Let's go to Wes.

And want to ask a question about something you said earlier that was [Indiscernible] tie back to this. You said that after a couple of weeks your able to map 85 % of the 98 to the NL am and I'm going to refer the there's an implication that there for the was it still mat representation of those?

The NLM has produced a subset of SNOWMED that's called Best practice problem was called a NLM Corporate it contains about 7,000 terms and I think a [Indiscernible] of 67 sites but I think you contributed to that, Mark. I know Kaiser has done work with NLM in the past. He was specifically the SNOWMED CT NLM core subjects.

For problems.

You got this other 15%. Some of those you may find mappings with more work. But will you stop using that 15%? Will be stop using the data that has those 50% that you built up over the years but how will you still with that?

Its a retrospective and prospective question. So our plan is to map all of the retrospective previous 20 years of codes that we can to SNOWMED CT and Blair recanted map the 15 % will be submitted as a free text. I will be honest, we have doctors who may have typed [Indiscernible] allergy. It as a relief map to anything but that's what the doctor put in. Prospectively, we are changing the user interface to only allow entry of the SNOWMED CT NLM for subset as the problem was. We would just be limited to those 7,000 terms.

So I assume BI 98 was [Indiscernible] but you got through by compiling a lot of free text and there may be misspellings to constitute a.

We did an analysis to create a table and yes there are misspellings and [Indiscernible] and things like that.

This doesn't work out as an example of what I was trying to get to then, but the problem of the relationship between what you said the crew - cut across the boundary and we should internally is most difficult around coding systems and the degree of granular the in the coding systems and so forth. To a certain extent, I think we need to understand what we are implying about what you do internally when we set up a specific coding system. If you've been coding problems and ICD nine, you are not going to be able to send them in SNOWMED.

So we have the transition.

So we have this interesting issue if you are using a less granular coding scheme going to a more granular coding scheme, seven and up with things like rep NBC cuts cannot sure which packet size was dispensed. You could imagine a rep SNOWMED code or something of that nature where you're going from less granular to more granular.

I think we've gotten rep [Indiscernible].

That's all I had to say about that. I have a hope--

Before you go on I think Chris wanted it to jump in on this thing.

Mayo was one of the people that contributed to the core as well. Aware ahead as a share for [Indiscernible] 11, you have to understand that ICD will not primarily a building code, you did say that this morning, not exactly true. It's actually a public health code. But that being said, it's still a categorization for a classification. And its this whole distinction between classified data members as granular detailed and explicit instant data. Frankly, the SNOWMED core codes still persist at the level of a category. Or at the level of a classification rubric. They are not yet as [Indiscernible] has published them, the level of irregularities and clinically detailed the grammatical sentence construction that SNOWMED aspires to. That I think people are expecting it to be. It's important to recognize that as the critical operations work group which I participated have specified is in fact for the purposes of clinical problems still a category classification player and we are only incrementally getting into nirvana which would be the detailed specific composed, grammatical sentence about in SNOWMED about what's actually going on with a patient.

Thank you. Did you want to respond?

Of course you are quite right about the international classification of diseases was back secretive four % amid the statement that has been typically used and an administrative system as a mechanism.

Thanks for letting us to complete that pot. Appreciate it.

Just to add a touch of irony, the I see the ninth clinical modification within a billing code. I have a hope that before I die we will get to the point if two systems are certified to interrupt it, they will enter operate. I understand there are very good reasons why that is not our target right now. But I think we need to be clear to the world that that is not our target. That when we say we have alt cutting measures alternative formats, then we either say it's an alternative but everybody must do it, or we say there are cases where to certified Systems want it to operate but is also true for security but the point of what I'm saying is that I think it's also true for a paradigm and by that come in this case I mean that long list of alternatives you gave, it was published and push of or whatever. Something like that. [Laughter]] I think what HITSP has done with the team's, the way it's been in here of getting back to elemental parts of the paradigms' that are important standardizing them is a major step forward. I just don't want us to represent that we've [Indiscernible] interoperability problem because but I think a couple things are typical of the policy committee has emphasized the need to get much more granular about what interoperability means. It is a yes, you will order and you will receive a lap transaction. You'll do ePrescribing, you will submit by a surveillance and public health data. And so I think that there will be clarity from the policy committee and the [Indiscernible] working group of what you need to do to be interoperable and therefore will understand what is required and not required in 2011 and 2013. And based on the 8 IE working group transmission, these standards will get us to the ability to do those of exchange, etc. I think your point is a very key because some people have said, I thought is certified System how come it as an exchange every data element for every purpose with every other system. The answer is a certification was done in the past, that was never intended. Now this grant be much more clarity and much more focused on interoperability and specific transactions.

If I could just add to it rather than disagree. What we will have done is reduce the cost and the risk of becoming interoperable by narrowing the field of differences. It would be very nice if we can get to the point where we take advantage of that. That somehow the cost to the overall system of implementing interoperability interface goes down. When we started out HL7 20 years ago with thought that everybody would be standard and therefore interface with the fate and that didn't work out real well. But we did in fact narrow various disagreements on interfaces. So I'd like to see us get to the point -- I guess I'm much less concerned about cost because it's a onetime cost but the risk of setting up and interoperable interface is reduced.

One quick follow on and then will go to Dixie.

What I would like to mention is as people start planning the changes that they need to have in their organizations to support the changes that were put in front of people. It doesn't have to have -- It doesn't help when there's an out. That's going to become I don't have to do it this year because it's not in the roles that I have to do it, so if we can keep an emphasis, if you're going to keep local codes, keep alternatives, it's really just two more years ago and you don't really have time but people aren't going to the the way, they're going to read them and say I see nothing in here that tells me I have to actually do anything until so I can get that off my budget year. I just want the fact that it's built and that you can do alternatives is something that keeps it from happening. Thanks.

I think that's a key part of our consideration and I think that we are really recommending definitive the republish now and the final rules should including definitive standards for 2013 use. And I wonder can come if I can put you on the spot to talk a little bit about your deliberations on ICD ten where you set a world that was far enough in the future for people to implemented because that was behind a lot of our thinking.

I think that was exactly the point. That we were trying to cut a balance between something that was doable and when we first went out and said its 2011, the overwhelming response was we cannot do that. And then the next question was what is a reasonable time line without providing too much time? And yet, setting a specific date so that people did say there was a target and that a had to be met. I think that is that kind of balance.

David, on this point?

Equipped state and, I clicked collaboration on was a spark, I think that the focus on standardizing the content of the data elements and vocabulary's used to fill those messages is the right place to start. And I also think in general it's a good idea to try to maintain what you're calling technical and architectural neutrality. But at some point, interoperability at the plug and play level requires stepping up a level and specifying the next set of interconnection requirements. If you bought a fire where disk drive and brought it home and try to plug it in to a PC that doesn't have a fire where poor even though the disk file formats are completely compatible, you don't get any communication. Either everybody has to have a fire and U.S. be and has the U.S. The one and USPTO, etc. or as to suggest six or let the market picked. And not say which of those should happen, but at some point will have to step up one level everyone to achieve was his dream of interoperability many actual interoperability.

I would agree completely and that is something we discussed is that an endless list of alternatives is not useful in getting to that goal. But in fact, we believe that what we are recommending in conjunction with what you'll hear from Dixie from her work group, gives a limited list of alternatives that still allow for architectural alternatives that can meet all the different policy objectives. In other words it's not anything goes, but if you want to have pushed versus Paul, or central repository versus Local repositories in each entity, all of those different kinds of variations can be accommodated but it's not an endless list.

I think was made an important point and that is what we've done thus far is to take the interface cost from 10,000 to 1,000 but not to zero. And therefore, you are absolutely right, if you're going to get us to near zero, you have to beat so prescriptive that it would probably end up dictating architecture. And we may get there eventually, but that certainly not an area with done to date.

The persistence of clearing house type entities is not necessarily a bad thing but in the long run, that's fiction in the system that it would be nice to eliminate. It's cost that we could take out.

I agree.

Dixie Baker.

This may be a policy committee question. As your talking about the CIA, it occurred to me that another clinical exchange that is certainly a meaningful is [Indiscernible] attachments. I was wondering whether your work group intends to recommend that these standards be applied to an update to the above standard for clams attachments as well.

We did not discuss that in the work group. Again, I don't know if you want to comment on this status of the work towards the final for claim attachment, I know you had a [Indiscernible] some time ago for that. And these kind of recommendations can play into that. I don't -- I believe and HITSP previously there was an analysis that was done in conjunction with CMS to look at the standards that were recommended in the [Indiscernible] versus the HITSP standards that are specified in the HITSP at interoperability is petitions and found no conflicts.

Just eight quick comments [Indiscernible]. If we wanted to cut a bunch of friction and gain real money, of interoperability in real quickly, we did away with claims attachments or we make them go electronically. Of the debate about whether HIPAA claims were cost effective or not, that's based partly on a flight the summit plans are already being sent electronically. Queue We have a green felt to save a bunch of money.

Also avoid a duty within a provider organization as well. I have to provide, I have to send in a quality measure and for that I use SNOWMED, but this is a current detachment so for this 1/2 years when. Is seen as we need to bring these into alignment.

I think as we consider the action item for this, I think I would like to par's this discussion out a bit but take that as thread of recommendation [Indiscernible] for discussion within HH as. There's inconsistency there.

Doug and [Indiscernible].

Thank you. I've been trying to get in to the composition a bit. So I'm going to going back to the common that Judy made about certification. Because one of the recommendations that you described is that really what you're talking about is standards that are outside of a particular entity and an organization does internally is outside the purview of what the standards that you recommending. The question I have goes back to the summary that John gave about certification process and the inclusion of certification of components so that the EHR can be purchased from multiple sources. That would suggest that part of this would probably go within the organization as well a project only if there's going to be certification of components. Said the question I have is a did you consider that in making some of your recommendations that in some circumstances it is it going to be just between the entity but action between components within an entity and whether or not the recommendation about pretext and things like that, going back to was his plan to cut its possibly you could be certified because you're exchanging free text, but in fact there's no integration testing that's occurring within those organizations. And as a result, you end up with something that is less than the sum of its parts.

We did have a part of that discussion and I'm going to use an example that's not exactly what we discussed but I think it illustrates exactly what we discussed and that is we decided that our scope for these interoperability standards that we are recommending for meaningful use should not apply to interfaces between all the different systems running in the basement of a hospital. But that they should apply between hospitals and so I think what you're talking about is what we would call the Internal opera ability among the different system components within an enterprise or within an entity and we discussed that as being out of scope. But I recognize that the component nature of this certification recommendations could bring that potentially into scope for component certification where it certainly there's no reason why those internal components cannot also use these standards.

Here's an example, suppose the 5 I phone apps for meaningful years. Ones and ePrescribing have, and others in clinical quality act, it would [Indiscernible] the case based on this that as those I phone absent quality measures they would have to use the Ex-Im [Indiscernible] but we didn't actually say, that call the measure requires medication and a mission that has to be gotten from the ePrescribing at running of the iPod how are those to going to talk to each other. That is less to the implementation of the application writers before it was not something we specify.

Thank you.

I just wanted to ask a question whether it's the future committees of direction or it will be other entities that will need to do some of the mappings for the next phase from 11 to 30. We talked a lot about how there will be ICD 9210 but there will be a delight stab at it CT for those problems and the problem was. And four other kinds of procedures where SNOWMED CT will be needed. I think what care and alluded to is a lot of organizations are looking at I do the HIPAA tent transaction and I've got to have a ICD ten and 13 and SNOWMED CT is also and a. Delight ahead and implement an ICD can that SNOWMED CT mapping at the same time to do is spend some time during that. And I was curious whether we would say is that something an action that this committee might look at or where would it point to to say that we would probably be looking for good solutions or recommendations for organizations on how to proceed?

I was glad to say my own view is that that is something that this committee should consider. And we may want to do that in conjunction with the adoption work group of the policy committee. And really work together on recommendations.

Okay.

I was glad to say the same thing. As I look at the next phase as we focus on implementation and adoption reply to when about Paris and it could be that ONC would commission a work of the NLM to reduce barriers and implementation.

I'm sure that's a question that the vendors are thinking up as well. They can say I have my own proprietary the giraffe, do we spend time during our own kind of mapping up to the information Highway standards word to relook that there will be other solutions coming. Great.

Just a terrific and robust discussion go out there aren't things [Indiscernible] perhaps the overriding when I've heard is this issue of inherent interoperability products for says [Indiscernible] between entities. In your term one looks as the desire to advance the health care function in trouble between entities will is the issue. I think you'll make a point that there is the more granular level of interoperability that occurs when products evolve, but there's something between here and there and that's the issue of how fast one is able to move. The concern that if there's too much generality there's would go room may not end up at that place. On the other hand, there's the issue of the ability to actually implement and change Systems from all perspectives bid vendors or providers, conditions and the patient use of systems that are envisioned as well. There's that near-term hard term the economy that is a dichotomy of generality and specificity which is in discussion around as well. And complicated by the recognition that Kevin pointed that standards to avoid -- Evolve and we need to make sure there's not only the process for updating and refreshing but backward compatibility and knocking down the wrong form, those things that are expected appropriately to involve. And a Jodi's comments about how to effect [Indiscernible] guidance rather than regulation. And the final thing about implementation this is all great in theory, but the reality is that there's a lot of lifting to do in the process. Those of the general things that I picked up. And terrific, when I think of this I think of my own experience with the organization what I'm really grateful for is that this constitutes very much of a road map with [Indiscernible] generality in the near term the of the functional interoperability between entities is doable. And I've got some pretty good queues of where I need to go, where I need to invest and what I need to work on and what some of the challenges will be as early brought that to live and an excellent interchange on the issue of mapping the it SNOWMED.

Group. This is really an incredible contribution, it provides clarity, directionality and it is close to perfection as it can be but it's ultimately in part because the standards are not complete and others for their work to do. That is a conundrum it that I don't think we will resolve ultimately any--

Because it will be an evolution. But that said, just absolutely fabulous work. Is there something do we are ready to embrace as a group?

Heads nodding yes. I will take that as a motion for consensus of adoption with the commentary provided also offered as contacts to the [Indiscernible] National coordinator.

I wanted to point out that we are requested the committee's approval of the one new item into particular that we are recommending now for the first time today which is the adoption of the CMS PQRI reduced rate [Indiscernible] for a 2011.

Are there any objections?

Terrific. Just great work and I think everyone has earned a biological break. It is now exactly 12 noon. By recognizing that the ladies room and measure is at the far end of the hall and there is a bandwidth challenge, let's take half an hour and reconveyed precisely at 12:30 p.m.

[HIT Standards Committee Meeting is on break until 12:30 p.m. EDT.]

Everybody, I think we are about ready to start. If you can take your seat, please.

Okay. Good afternoon, and thank you for coming back. Pretty close to the appointed time. That is great discussion this morning on as we move to this afternoon the discussion I have equal confidence that will be robust and informative and productive as this morning was. Dixie Baker is coming back to the room. Dixie Baker and Steve Findlay has the workgroup and tremendous public input as well. Equally terrific work. This exercise I have never got closer to the idea that privacy and security issues are not something that you have to do but are really tools and instruments to facilitate what you are trying to do. Dixie, for that item appreciative. In terms of transmitting information and protecting information and in all the ways that are expected appropriate and facilitate the ultimate objectives. John, anything you would like to offer us?

We have said that security and privacy are foundational to all other work that we do and so the work that Dixie and Steve are going to report on includes authorization, authentication, auditing, secure transmission all those things that enable the organizational exchange with clear audit trails not only for protecting privacy and confidentiality but also ensuring that information is not modified along the way. Elements of data integrity. All of this is necessary within an organization as well as between organizations to ensure privacy and insure that data good integrity. Other groups, this is a journey so what you would hear from Dixie effectively 100% of the specified privacy and security requirements not Standards - - associated with 2011 but there will be additional requirements and 2013 and 15 more granular patient consent that, there will be work that needs to be done. The great news is David Blumenthal will be able to remote Report 100% for 2011. This committee's job is not done paythank you.

I totally agree that I think privacy and security is an absolute - like table stakes. Essential enablers for everything that we are doing here. Unless we make sure that the doctor has access to the information they need to make critical and solid decisions about individuals Health and unless the data is available to them and the services is available, they will not trust any of the rest of the work that we are doing. Unless we assure consumers that their privacy is being protected, they will not trust the doctors with it the information either and so on our work will be moot. This is really important that we attend to. I want to first acknowledge the people that are on the of working group and also the people who help us like John [ INDISCERNIBLE ] who is with Hitsbee, Jodi Daniel with the Office of National coordinator and I really appreciate the work and time and effort and really some solid thinking that has gone into what we will be presenting today. To give you a revamped, revisit the road map that we are going through, we started out by mapping what I call the [ INDISCERNIBLE ]. And the American recovery and the reinvestment Act a numerates that eight priorities areas that should be attended to by the Policy Committee in the Standards Committee so we look at those eight priorities and four of the eight have to do with privacy and security capabilities and services that were required printed using the recess our Foundation, we identify the privacy and security services required to certify products and recommended Standards last month. The next step is to recommend the privacy and security measures for an and enabling an enterprise. These are measures that an end to present themselves not the product vendor must address in order to demonstrate that that certified product is being used meaningfully. Today we are going to present an update to the standards that we presented to you last month. We identified that - these are minor changes. The handout that is in your materials for today's meeting includes the updated list of Standards and unfortunately I did not think to make it a fold out. [ LAUGHTER ]. The clinical operations work group one of us on that one. You can refer to that and get all the details and in the presentation I will show you the primary changes. This is our some of the standards that are listed in your handout. I want to use this as a background to show you the kind of changes that we made. We added a time line, out last month at the committee meeting, we used the four level of readiness that were defined by the clinical operations Committee early on. We mapped all of the Standards to one of those four ratings for the readiness for use. And their adoption within the community. This month, we identified whether it we recommend them for 2011, 2013 or 15. Secondly, last month, we have a column left that says it references and cross references and we identified Hitsbee or HIE as a source reference and expanded those to make sure that people can more easily see where the source of the Standards reside. Third, last month we recommended I use of common criteria to prescribe levels of assurance for security services and thinking a further a bit about it and comments from the committee, we concluded that what we really wanted to do was to recommend to the policy committees, certification workgroup that they not only attend to the security functionality but also tend to the level of assurance that is evaluated as part of the certification process. There were two duplicates that we eliminated this time. It's be created a number of task forces that translated the Hitsbee constructs and the something called capabilities. In looking at the ARRA 8 requirement for consumer services we identified three Hitsbee capabilities that what - useful in providing as consumer services. One of them is the Hitsbee capability 143 it to manage consumer preference and consent and the other two aren't the communicate structured documents with this capability when 19 and communicate and structured document which is capability 120. We believe both in and if you look at the capabilities they define various capabilities. We prescribe specifically the portable media and system to system apology of those capabilities pro for biting the consumer and electronic copy of their medical records. We added web services security. Secure hash algorithm for integrity protection and used by SSL. And the SDR cross Enterprise document repository. We corrected one categorization for that and pay - as categorized as authentication really a non repudiation standard and then two of them that we change the retinas level. One was Security assertion markup language or [ INDISCERNIBLE ] which is really a 2012 capability. But we decided to change it from 2011 to 2013 because it really is has not been adopted by 20% or more of the enterprises out there today. Finally that IT personnel White pages which is basically an album that directory because it is just a directory we change this ordinance level to 20,000 pertain to 2013. I also want to mention one more point. What added, this is important. We added a note for the use of [ INDISCERNIBLE ] and [ INDISCERNIBLE ] as well as soap. Soap is used for messaging to access services from a decline application and that was prescribed by their Hitsbee standard. Some of the Standards do it knowledge rest, but because it rest is being used more frequently more and more frequently, really gaining a foothold on service oriented architectures, we want to allow both rest and soap.

The architecture is that the Amazon, the go-go, Microsoft have proposed for data exchange EHR to PHR are absolutely one to support and encourage. Innovation is K and you would see in Dixie's recommendation absolutely - - for data transmission. The vocabulary, the Jamie outlined were just fine over a rest transmission mechanism.

Right. From a complexity part of the you is less complex than a stock transaction. The reason it is not listed as a standard is it uses traditional http and you are I so there is no standard for rest is a new use of the historic really Web technology. I wanted to comment also that addition of Hitsbee capability address consumer needs were really motivated by some conversation valuable conversations that we had with some of the C's H ITT teams. I want to of knowledge their help on that. Okay. The majority of the content I am going to be presenting really focuses now that we have certified product and I as an enterprise has purchased as product how do I demonstrate to CMS that I am using the product meaningfully and I deserve their reimbursement? First of all, I want to get some pity for new and giving you some challenges that we were faced in addressing this. The only real objective that the Policy Committee identified was hit a compliant. All applicants will be required by law to be hit by compliant anyway. What more can we add. Your HIPAA compliant, they're going to get reimbursement. Except for the ARRA provision, those are currently not included in here, but they need to be addressed and ultimately there will be part of the HIPAA compliance as well. So we thought, maybe we will select a subset of the standard and implementation boxes contained in the security and privacy rules and we will require those to recertify in order to get the reimbursement we were pointed out - by doing that we were suggesting that some of the HIPAA requirements and more important than other ones or that we return to subset here, and we don't want to communicate either of those messages we cannot relate prescribe no loss so we can come up with new things it entirely or new regulations. But fundamentally we recognize that meaningful use of the HR technology unquestionably brings in the privacy and security risk to the provider and to the consumers and that effectively addressing these risks is critical to the ultimate objective of furthering the adoption and proliferation of and operable EHR and HIE. These are meaningful use objectives and policy measures that were handed to us by the Policy Committee so this is what we had to work with. The single objective of compliance with HIPAA policies and estate loss. The give us three policy measures for compliance, rose, conduct an update a security risk assessment and implement the script is printed risk assessment is one of the HIPAA requirements so they said you must update that security risk assessment and they also said that they recommend and that CMS - - payments for any entity until any confirmed hip-hop privacy and security violations has been resolved. What we recommending to today are recommendations that include three types of measures. First, there measures that represent a value that EHR adoption brings to an organization in the enterprise of HIPAA compliant to. An example is auditing capability. There are required by law to audit accesses. It is easy if you have an automated EHR than if you are writing it down on a log book. Those are one of the types of measures. Secondly, measures that represent changes and - - as a result of having adopted EHR. EHR bring to an organization new risks and sell we want to recommend some countermeasures to those new risks that did not have before they required EHR. Also this includes configuring how to configure the EHR the security privacy of the EHR product itself. You recall mentioning last month that there are certain capabilities that a product may be certified to provide, but the product vendor cannot guarantee that an enterprise uses them. Like encryption. Like auditing. You have a product that will do that but up to the enterprise to configure it so that it does encryption and does auditing of auction. Thirdly the measures that can objectively be assessed by HHS. The first Policy Manager is full compliance with HIPAA rules. To the writer, recommendations the recommended measures to be demonstrated to show to an able and and the press to show that they do in fact are fully compliant with HIPAA privacy and security. First is the update their privacy and security policies to specifically address the use of certified EHR product in the operational environment. We wanted to include in the four bullets in their from the ARRA provisions. When is notification of individuals whose PHI may have been breached. Secondly, limiting disclosures to the minimum necessary or limited data sets. Third is providing an accounting of all disclosures and finally enabling consumers to request and receive electronic copies of their EHR. The second manager for Piper compliance would be to configure the EHR system and the supporting IT infrastructure and in compliance with the HIPAA security rules and guidelines including ARRA . We recognize that implementation line between a product and and per structure around it is certainly them and getting dimmer by the day particularly in the era of service oriented architecture. We wanted to include as a demonstration measure both the IT supporting IT infrastructure as well as the EHR product itself. Second Policy measure here is the conduct or update security risk assessment and implement security update as necessary. At the demonstration measure is pretty much the same except that we added where they say at date a security risk assessment, we added a privacy risk assessment as well. And implement a policy procedures and system configuration that are necessary to use the certified EHR product meaningfully. These measures are on this page as well as the slide as well as the next one. You will notice that a number of these are the types of capabilities types of measures that they would not have to do if they did not have an EHR. Termination of system access of terminated work members. Until they acquire and a chronic health record, they really don't have to worry about terminating access to the system. The establishment and periodic review of access is to assure that access is granted to those with permission and access not granted to those who do not have permission. The minimum necessary kind of implementation in this system. The protection against the detection and reporting of malicious software. Monitoring of the audit trail of system activities. The audit trail is there, when all that and now we want you to turn the auditing on and what you to periodically review what is in that audit trail. If passwords are it used authentication, they need password management capability. This is continuing in the risk management area. Screen locking in session termination after preestablished periods of inactivity. Secure hash function to protect the integrity of all PHR it transmission if you talk to a physician, they will tell you that the integrity of data is absolutely essential not only that the data integrity be protected, but that they feel comfortable that the integrity of the data has been protected. That is really important to provision of quality care and safe care. Some of our most extensive discussions had to do with encryption. I have to tell you, I think [ INDISCERNIBLE ] at all page I always be encrypted whether inside or outside the urbanization particularly in the state of wireless. If you think about HIPAA and Standards, wireless, 1996, it was hardly even heard of when HIPAA was enacted. When the HIPAA rules came into being, no health organizations have used wireless let alone cellular phone with a camera built-in. The days have changed. But we finally agreed upon for the meaningful use measures for 2011 are the encryption of all page I transmission internal or external to an organization where the possibility of there going over unsecured wireless are cellular network cannot be ruled are apt. Week phrase it this why to force them to think through what is possible can I absolutely rule out given the assumption that it is going to close here biller cellular or wireless, can I will that out. Can I say? It can just happen. Decryption of all pitch I transmission the leave it facility and travel in part over shared networks. And finally the encryption of all DHI that stored on portable devices and removable Media Esperant USB, flash drive, were also unheard of when the HIPAA rule was enacted that would be covered in this requirement.

So important. We spend a lot of time evade debating. The easiest to sit thing to say is every transaction any where in the enterprise must be encrypted. I review with, security thing team, think about 146 application's I have not running at the IDM sea. Some of these are current servers, some are wacky protocols, - - with shot a ES, with a lot of this, zero. But we have a requirement in our organization that all of wireless be WPA Enterprise authentication and therefore if you open up a laptop as a clinician he must authenticate with your credentials and it is encrypted. We are not going to require double encryption print the fact that you have an it research and capable to protect the client server transactions there are a unencrypted is fine and reasonable. If it have a situation where you absolutely would not have wireless and any way shape or form other cellular or why fight, because it is to servers part in a Data Center with a piece of fiber between the two of them, that is probably sufficient to. This notion of encryption at data at best is also quite controversial. You said that every the enter based in every enterprise must have encryption at rest and that is also very challenging to require in the short-term. Who knows maybe long-term we will get there. This I am copying and patient identified data to a USB drive that I can leave in a bus, it is reasonable to say that it it will leave the in the enterprise that it should be encrypted so that privacy will be protected. Massachusetts now has a law that requires all removable media to be in corrupted as of August 1, 2009.

Okay. Thank you. The encryption at rest absolutely we had a lot of discussion about of data atrest. The next slide has can conduct an update policy measure was the conduct or update security rest assessment and implementation. The same as the last one that these are two additional measures that we added. One it is HIPAA Security rule requires that an organization has a contingency plan which includes data backup plan, this is a disaster recovery, emergency mode, testing revision. And application of data criticality analysis. These are all in the HIPAA rules. What we are requiring is the contingency plan B updated. This addresses the whole world the Security place and continuity of service and guarantees availability of data and critical system services when they are needed. The next - wrong button been the next one is to identify and document data and capabilities that are minimally required in order to ensure the continuity of critical data services and publish Service level agreements consistent to these priorities. This stretches applications and data criticality analysis. At the risk of being critical of the HIPAA secure the rule, it requires a that enterprises perform an application to.edu criticality analysis. Requires that you end-of-file what data are critical and what services are critical to you but does not require it to us to do anything about it. We said that he must establish the service level agreement that are consistent with those priorities. If your system goes down or you cannot get to the data that you need, what are the data that you absolutely required in order to continue to provide services to your patients? The next Policy measure is to recommend that CMS would hold meaningful use payment for any entity until any confirmed HIPAA privacy and - has been resolved. This to we had a lot of discussion about. It is not clear the national coordinators office help me a lot in this area of talking to the Office of Civil Rights about what they really could provide to us. It is not - it is pretty clear that they're not going to this calls all the information about any investigation as they have under way. But we recommend is to the extent possible, we obtain confirmation from the Office of Civil Rights of any confirmed HIPAA privacy Security have been resolved. In addition that we obtain an affirmation from the entity that any confirmed HIPAA violations have been resolved. This is the quality workgroup calls attestation and we're going to make them ask them to test that they of of violations that may have existed have been resolved. Did you have anything more to add?

Consumers are up care about and focus about that entire security framework that we developed here. I think we recognize that the consent management piece of this is what the [ INDISCERNIBLE ] of the matter for patients and consumers that are now at two into all these details. We had some discussions with folks with management issues and some people and consumer groups and others suggesting we try to move up to 2011 on some of that. We can to the conclusion that that is unrealistic and that the measures on consent management are not ready for prime time in 2011. They are in development so we have to kick that down that can down the road as it where for a while and head for to 2013 on that. This is unfortunate because there will be some focus on that. Consent management is critically important consumer control over the part of that record that they can get access to and move to the next place. One to the other and have other people seek et cetera et cetera. So very important. We are pleased to hear that the privacy that the Policy Committee is going to be having some testimony on privacy and security and in general and with some attention to consent management next month. I think that promises to be a forum for presentation of some ideas here that will advance their work and their direction to us.

Good. We are asking for the committee's approval of both the changes to the certification criteria that is presented today. And the Standards and also these meaningful use measures that I've percentage.

Many thanks for the informative and four process their thoughtful in terms of pragmatic and implementation. You are the only person who have already - only taught me as standing on the right. [ LAUGHTER ]

Several miscellaneous questions. One, I hear from my colleague and I have not looked at it that CMS released a pointed CRNI toolkit this week and it would be used as a criterion for evaluation citric and former - - if it was actually fact and not at a misinterpretation then I would hope that there is a URL that can all around in the email I can I get on-line so I cannot give the specifics. I can send and email. I have a question about risk. It is something like this you have pointed to a number of truly independent specifications for various kinds of certifications and a few that seemed to be based on soap and Web services. If in fact we are saying all risk is good as Web services the we have those corresponding Security specifications as standards for rest or are they left to the upper rear of Amazon.com or Microsoft?

No, we still require P.L. s, still over to us and rest is used in service oriented architecture.

That is not a standard. You specify - TFS is an encryption standard. Doesn't by itself.

Authentication and encryption and integrity protection over web connection is it the case that all of the things that we required by naming standards for SOAP are also covered by saying to GLS four - I don't know the answer I am not trying to [ INDISCERNIBLE ]

Run that by me again.

That is that we know because the WRs framework and the SOAP include quite a lot of standardized Security constructs and the REST although it does provide and and the grit integrity protection and certificate exchange over to TLS over Proprinter Tash, may not have the same level of standardized pools therefore we looked at implementation of Amazon and go they might have their own API on top of TRS for some aspect of to trigger a management.

That is right. Because so pierces W. as security for security. There is no analogous security for REST.

And we saying that it is okay to use west? I am not trying to oppose REST, I am trying to understand what we're saying that it is okay to use REST and let the dominant player in the transaction define how to do the security.

As long as the Security measures for meaningful use are met, yes. And translating it into the meaningful use arena.

I have difficulty understanding how - - spin, but it cannot bypass security by using REST. You you still have to meet the security requirement.

But we don't care that every large size company that uses REST has different approach and that people who want to work with all those companies will have to use that idiosyncratic approach of those companies?

Can you do a bit of clarifying within some of these discussions I would agree with Wes that it is inadequate to simply say West can be used in place of SOAP and REST and SOAP are not in the same level of granularity PEGA order to use REST approach for interchange, additional specs and standards will be needed compared to where we are today.

But he is asking whether - we have not specified as additional Standards.

So you could use saddles the past trust, but if you are using a restful approach where do you put the Sam will ticket. Someone has to specify that and it has to be expected. REST is an architectural approach, so it is an actual protocol. And they are not the same level of granularity. I think we try to do in the committee is to say we recognize there is a broad transition in much of what is happening on the Internet to with the REST for architectural approach and that is not precluded by endorsement of the existing SOAP based Standards, but additional work Hitsbee or someone will be necessary to create a restful approach that could fully replace what was covered by the SOAP the fine particles today.

Several of the Hitsbee contract to do allow for REST approach.

Not across the board.

Not across system. All I am saying this first of all, especially with Lisette.

Would you separate them Cosmos, but whoever sits by May and said separated by me I don't understand it must be something about all of them. [ LAUGHTER ] at the level that we have them listed here, these are pretty bored Hitsbee specifications in order to get to in any kind of way of determining compliance. You probably have to be granular and how you use the his bid. This is a process of refinement.

Example, [ INDISCERNIBLE ] it is a complete end to end the architecture specification that includes REST and includes these components. The is a SOAP only. As you see a -- spay transmission work, there's probably 10 constructs and combination of comprehensive suite So and REST support that would enable you to have a suite of functions supporting various architectures. I wrote a blot on this which I can circulate to the committee to give you some more explanation of all the possibilities. My biggest concern - the problem I always have about Standards is we get more inoperability from an 800-pound gorilla than a monkey fight. The only way we have to have risen about governance is to have a monkey fight. I did not want us to be unknowingly saying that 100-pound gorilla will get [ INDISCERNIBLE ] to Policy and everything else that we want, we want to say you can do this with Microsoft than Amazon following the Standards, that is fine print a want that to be explicit not something that is extracted from one of the details of a footnote on page 7. The big question I have - and looking at - I have a comment. Looking at all the things as that of security, year for examples on the slides are well chosen. The important stuff. Have you discussed it at how this will be evaluated for determining meaningful use compliance in small practices?

Absolutely. We thought about small practices of the, but throughput.

Can you help me understand how you think it will work?

Where do you think it will not work? Where do you think it would not work was REXX.

Did you go in to each practice and say, an inspector goal in and say show us your policy for dealing with terminated employees?

I will - I do not if you will go into a large hospital and have them show you what DC the mechanism for determining something complies that - - just validate the - - for security for employee termination. How would that be determined?

This is not this committee's job. It is a policies Committee to stop on the certification side of things. But I suspect, I cannot InVision CMS going up to every hospital or provider organization and saying show as your Policy and termination practices, I think it will be through attestation. There will be over time there will be forms that will evolve and available on the Web just like there are today. Forms for the HIPAA compliance available on the Web. When I small single physician practice - - the go on the Web and download a template and that is the way they do their street policy. I think that would be the same as what will happen here. There will be standard attesting that that is what they have done.

CMS, Karen? How do you InVision, the St. CMS will have any measure meaningful use, go out to make sure that - [ LAUGHTER ]

All right. Answer that, Karen. [ LAUGHTER ]

There are a number of different ways in the statute that meaningful use can be demonstrated and attestation is one of them. And there is other reporting mechanism to are available as well.

Practical note, physician and working in a provider organization, a lot of things and not necessarily things that are actively sought. Some things, come up when there is a problem, others beaming status, hospitals, a joint Commission, other entities for physician offices. Seems this is something that will revolt. It is the practicality questions about the reality adoption and implementation in order for the pragmatics will look like. Later these are questions that we will address in more detail.

The real answer to the act is that the only - - the only real measure for meaningful use and privacy and security is HIPAA compliant and that is the work of the Office of Civil Rights to of course HIPAA compliance. That is what it all comes down to. How the OCR is going to enforce HIPAA compliance.

And how the regulations specify that will be issued on this specified our compliance.

ARRA compliance.

I appreciate that as clarifying discussion. That was - - that specifically enumerated. Mark, the did you have another point or was that your point? Mark?

I am going to cover [ INDISCERNIBLE ] I have my little tally sheet, there are 14 times where we said architectural neutral this morning. One of the Johns. And the XD are arguably is not architectural neutral approach. And you have the mandalas and how to reconcile that. [ INDISCERNIBLE ] is on our list as well. How do we reconcile those two recommended policies. Architectural neutral net work promoting particular architecture?

I could make a comment on that. What we said was P.L. as was bilateral ticket exchange and it could be entity to entity, EHR to PHR, HIE two [ INDISCERNIBLE ] committee to committee. X the RRB is the transfer mechanism with certificate not XPS which implies the Beckman registry and other things. X CA is crossed minute exchange. Either of these are fine.

Either or put.

Right to.

Again, the comment that Wes made about publisher Parrish, we try to say the we want to venture the data integrity of stuff as it goes over to wired from the supplies and how ever you want to architect that topology should be able to so we want to list the collection of standards that will then able to push, pull, publish subscribe ETC. Your implementation, either or.

That is why we went to the technical standards level of this by Hispanic that key take away for me, when I look at the grid, my first instinct instinct, all the things in 2011 I must do. The answer is no. You must do and as clear and the grid the subset that you have to do, but one from [ INDISCERNIBLE ] column A and then one from column B.

That is a really good full point. SAML and exact more is another example. We should try to make that clear.

Advanced Health Information Exchange Resources

Pages

Thursday, August 20, 2009

HIT Standards Committee - 8/20 - Transcript and Mtg Materials