Wednesday, December 31, 2014

[UPDATED] Unique Patient Identifiers and Congressional Appropriations

Unfortunately, I have discovered that the prohibition is still in effect. 


The language is slightly different than I am used to searching for but is included in the legislation HERE and copied below:
Sec. 510. None of the funds made available in this Act may be used to promulgate or adopt any final standard under section 1173(b) of the Social Security Act providing for, or providing for the assignment of, a unique health identifier for an individual (except in an individual's capacity as an employer or a health care provider), until legislation is enacted specifically approving the standard.
In March 2013 I submitted a petition to the White House suggesting that the President should ask Congress to no longer prohibit HHS from establishing standards for a unique patient identifier. Sadly, it did not get the required number of signatories (and could have been just ignored in any event) and is now removed from the WhiteHouse site, but the issue now suddenly seems to have been resolved, at least for the time being. 


In 1993 under President Clinton's health plan, the government would have issued "health security cards" to all Americans certifying their right to medical care, and the plans for a unique patient identifier were put in place. While the health reform did not make it into law at that time in 1996 Congress passed the Health Insurance Portability and Accountability Act of 1996 (HIPAA) [Public Law 104-191].  HIPAA included administrative simplification provisions that required HHS to “adopt national standards for electronic health care transactions” and “a standard unique health identifier for each individual, employer, health plan, and health care provider for use in the health care system” [PL 104-191]. HHS has since adopted unique identifiers for employers, health care providers, and is now in the process of adopting a unique health plan identifier, but has not adopted a standard unique identifier for individuals. 

On October 21, 1998, the 105th Congress passed Public Law 105-277 (an omnibus appropriations act for fiscal year 1999) that prohibited HHS from spending any funds to “promulgate or adopt any final standard…providing for, or providing for the assignment of, a unique health identifier for an individual…until legislation is enacted specifically approving the standard [Title V, Section 516 of PL 105-277].” 

For the past 15 years, despite calls from experts at RAND Corporation and the Healthcare Information and Management Systems Society (HIMSS), identifying the potential administrative cost savings and safety benefits associated with a unique patient identifier, Congress has maintained this prohibition. It appears there is no such prohibition in the Continuing Resolution Omnibus Appropriations Bill recently signed into law. (hat tip to Carl Bergman at EHRSelector)

While a unique patient identifier is no silver bullet it seems prudent for Congress to permit HHS to pursue its implementation, especially if such an identifier could increase administrative efficiencies and prevent medical errors due to incorrectly linked medical records. 

10 comments:

  1. It's an interesting development - but removing language that expressly prohibits funding - isn't the same as funding. Still - worth watching closely in 2015 to see if it's real progress (or just the appearance of progress). Great catch!

    ReplyDelete
    Replies
    1. Yes, the funding specific to this is not included; however, HHS has statutory authority from HIPAA to develop these standards, so without the prohibition some discretionary funding could be applied. I expect that this debate will continue into whatever legislation comes out in March regarding SGR. This year there could be further discussion of MIPS again in Senate Finance as it had bipartisan support in 2014 (see http://www.ahier.net/2014/02/the-doc-fix-is-in.html)

      Delete
    2. Definitely worth watching - closely - especially around SGR-time. Isn't that deadline April 1? (accidental, coincidental or intentional?).

      Delete
    3. Yep, April 1, 2015 (see https://www.congress.gov/bill/113th-congress/house-bill/4302/text)

      Delete
  2. I have never understood the fixation with a government issued identifier for people. Each of us has many identifiers that uniquely identify us. For most of us, our cellphone number works just fine as a unique identifier. Why not use the identifiers that already exist? Because, in DC's eyes, the solution to every problem requires yet another agency with rules and bureaucrats to enforce them.

    ReplyDelete
    Replies
    1. Many people share a phone or don't have one, especially children, elderly, and homeless. Also, people change their number - or have multiple numbers. Need one number per person, never changes, and is not published or publically available (to prevent identity theft and protect medical privacy).

      Delete
  3. Brian is correct. When I searched I used the same words that had been in since 1998, which mentioned HIPAA and a national ID. As you can see the new language does not. I did not use the health ID language. I have amended my post to show the difference. Thanks to Brian for pointing this out.

    ReplyDelete
  4. The unique human identifier problem is not a healthcare issue and the analogies in the post are misleading. Employers and health plans are not people (except in the eyes of the SCOTUS in some cases) and the licensed provider analogy is unhelpful since we don't need a license to be a patient. The SSN as a government issued unique person ID number has been tried and the privacy problems it created are now well understood.

    The government initiative around person ID is NSTIC and IDESG. Healthcare is the principal vertical use-case for this work. I urge all of you who really care about a solution to the person ID problem to join the IDESG Healthcare Workgroup and help solve this in a cybersecure and privacy-preserving way.

    ReplyDelete
  5. Hi Brian,
    As I understand it, the VUHID, a secure, 12-digit, single patient ID solution that integrates with existing proprietary algorithm-based EHR, PHR and HIE platform EMPI systems and maximizes patient identity integrity has already been developed by the private sector and has been proven to be more accurate than any existing EMPI algorithm. (http://gpii.info)

    However, according to Section 501 of the 1,603-page, December 2014 CRomnibus law, no Congressional appropriations can be made available to develop a single patient ID standard "UNTIL [federal] legislation is enacted specifically approving the standard."

    My question is why are federal appropriations necessary if such a vital interoperability standard is developed by the private sector? One way to accomplish this might be to use the S&I Framework’s established “Community Led Initiatives” that “leverage the S&I Framework platform with minimal or no ONC funded contractor support.”(http://wiki.siframework.org/file/view/SI_Framework_Newsletter_October_2014.pdf/528515702/SI_Framework_Newsletter_October_2014.pdf)

    If doing this does prove feasible, why wouldn't the IDESG Healthcare WG and the 11 private-sector Sponsors of the joint Argonaut Project, who are seeking "to accelerate nationwide health information sharing based on an Internet-based open architecture", at least consider leveraging the proposed VUHID patient ID standard to accomplish their goals?

    ReplyDelete