This report was produced by the Advisory Council on Employee Welfare and Pension Benefit Plans, which was created by ERISA to provide advice to the Secretary of Labor. The contents of this report do not necessarily represent the position of the Department of Labor.

Executive Summary

This report was produced by the ERISA Advisory Council’s Working Group on Health Information Technology (HIT). The ERISA Advisory Council was created by ERISA to provide advice to the Secretary of Labor. The contents of this report do not represent the position of the Department of Labor (DOL). The 2006 ERISA Advisory Council formed a Working Group (hereinafter referred to as the Working Group on HIT) to study the widespread adoption of interoperable HIT in light of the increasing cost of government-financed and employer-sponsored healthcare, the emergence of consumer-driven health plans and the Department of Health and Human Service’s (HHS) 10-year plan to transform the delivery of healthcare by building a health information infrastructure.

Testimony to the Working Group was provided on August 8, 2006 and September 22, 2006 by 12 speakers, representing plan sponsors, insurers, organizations that represent multi-stakeholders, third party administrators and the federal government. The Working Group also received one written testimony on September 29, 2006 and testimony for November 7, 2006. After careful debate and analysis of the issues and transcripts, the Working Group submits the following recommendations to the Secretary of Labor for consideration:

Recommendation 1: To the extent possible, the DOL should provide guidance as to whom is a fiduciary with respect to Health Information Technology.

Recommendation 2: To the extent that there is fiduciary responsibility with respect to Health Information Technology, the DOL should adopt regulations similar to the ERISA §404(c) regulations.

Recommendation 3: The DOL should organize an advocacy forum similar to the Savers’ Summit for employers (sponsoring large, medium and small health plans), multi-employer organizations, participants and federal and state entities to develop standards and guidelines relating to Health Information Technology in the context of employer welfare plans.

Respectfully submitted,

Lynn Franzoi, Chair
Kathryn Kennedy, Vice Chair
Robert Archer
Charles Clark
Neil Gladstein
Timothy Knopp
Richard Landsberg
Edward Mollahan
Willow Prall
Christopher Rouse
Sherrie Grabot, Ex-Officio
James McCool, Ex-Officio


Part One introduces the scope of the issues identified and questions distributed to potential witnesses. Part Two sets forth commonly defined terms and current requirements under the law and regulations. Part Three provides background information on HIT and the federal government’s HIT initiatives. Part Four summarizes plan sponsors’ issues, providers’ issues, third party administrators’ issues and the federal government’s issues in light of the testimonies provided to the Working Group. Part Five provides the Working Group’s observations and discussions in the context of these varying concerns. It then sets forth specific recommendations for the Secretary. Part Six summarizes the witnesses’ testimonies. Part Seven lists additional information sources.

I. Scope of the Working Group’s Paper and Questions Distributed to Potential Witnesses

The 2006 Working Group on HIT sought to identify what is necessary in order to establish the widespread adoption of interoperable HIT and how the federal government can work with the private sector and industry to accomplish this result. Areas of focus included:

  • Availability of an individual’s complete medical history in electronic form (an electronic health record or “eHR”) in a secure data base for access by physicians, hospitals and the consumer;
  • Availability of clinical information for consumers to assist them in choosing the physicians and hospitals that best meet their clinical needs;
  • Legislation or government support for the development of a more consumer-centric system with an emphasis on quality and efficiency; and
  • Establishment of quality initiatives and measurements of performance and quality.

The following is the list of questions (represented as not exhaustive) distributed to potential witnesses prior to the testimonies in August, September and November 2006:

  1. Define HIT.
  2. What is the best way to achieve uniformity in health information?
  3. What is state of the art web technology?
  4. What lessons of success of IT in other industries should the stakeholders focus on?
  5. What incentives are needed to foster the adoption of HIT? What safeguards should be in place to limit the liability of plan sponsors participating in HIT?
  6. Recognizing the highly fragmented efforts to date in both the private and public sector, what is needed to develop, adopt, and integrate HIT into healthcare?
  7. What are the potential benefits to the consumer? the employer? health plans? the government?
  8. How do we define the vision and components of HIT for employers, health plans, the government and patients (the consumer)?
  9. What are some ways to encourage and enlist providers to adopt HIT – realize its benefits, offset financing costs, etc.?
  10. What mechanisms are needed to insure the security, confidentiality and quality of HIT?
  11. What are the implications of the Health Insurance Portability and Accountability Act of 1996 (HIPAA with respect to HIT?
  12. What role should the federal government have in the development of HIT?
  13. Is there a need for federal leadership and, if so, what should it entail?
  14. Should there be federal mandates?
  15. Does the government have a role in defining a “pay for outcomes” model rather than a “pay for services” model?
  16. In a system where the cost is currently born by the government and employers, how can the DOL engage the consumer, developing awareness and responsibility?
  17. What role would the government have in the development of individual electronic health records (eHR)?
  18. What will the anti-fraud benefits be, if any?

II. Applicable Definitions and Current Requirements under the Law and Regulations

Commonly defined terms:

H&W Plan: A health and welfare (H&W) plan as defined in ERISA §3(1).

Self-insured H&W plan: A H&W plan that retains full obligation for plan benefits.

Fully-insured H&W Plan: A H&W plan whereby health benefits are provided under an insured contract issued by an insurance company

Multi-employer H&W Plan: A H&W plan that is administered by a joint board of trustees representing employers and a collective bargaining agent, pursuant to a collective bargaining agreement.

Fiduciary: A person or entity that satisfies the requirements of ERISA §3(21)(A). Such person or entity may be named by the plan document or may be held to be a fiduciary due to his/her exercise of discretion with respect to the management of the plan or disposition of its assets.

Plan Administrator: The person or entity designated by the terms of the plan or instrument under which the plan is operated. If no such person is designated, then the plan sponsor, and if the plan sponsor cannot be identified, the person designated by the Secretary of Labor under the regulations. A third party administrator (TPA) is a person or entity that the plan administrator or plan sponsor contracts with to adjudicate claims under a plan.

Health Insurer (or Healthcare Provider): An entity that insures the delivery of healthcare benefits for a plan sponsor or a multi-employer plan that is regulated under state insurance laws.

ERISA is the federal law that regulates covered employee benefit plans, including H&W plans. While ERISA does not regulate the substantive content of welfare benefit plans, it does impose fiduciary standards on individuals or entities that have or exercise discretionary authority over the operation and/or administration of the plan. The DOL oversees ERISA’s fiduciary requirements applicable to plan sponsors of H&W plans. To assure uniform regulation of employee benefits plans, ERISA preempts state regulation of employee benefit plans, except in the areas of insurance, banking and securities law.

H&W plans are also regulated by HIPAA. This federal law regulates the use and disclosure of protected health information by covered entities, which includes health plans, healthcare clearinghouses and certain healthcare providers. These privacy rules require “covered entities” to safeguard an individual’s identifiable health information and to limit sharing of such information. The rules apply to all protected health information regarding a participant or beneficiary under a health and welfare plan, regardless of the form in which it exists (e.g., written, oral or electronic). HIPAA is regulated by HHS and the DOL. Unlike ERISA, HIPAA protects state laws that can be more stringent than the federal rules.

III. Background Information

HHS and Legislative Initiatives in the Area of HIT

Employers, physicians, hospitals and healthcare providers are in agreement that widespread adoption of HIT will result in dramatic efficiency savings, increased patient safety and reduced healthcare costs. However, who shoulders the cost and the liability of such adoption and maintenance of HIT remains problematic.

At the federal level, President Bush signed Executive Order 13335 (EO) on April 27, 2004, announcing a commitment to the promotion of HIT to lower costs, reduce medical error, improve quality of care and provide better information for patients and physicians. In addition, the EO called for widespread adoption of electronic health records (eHRs) within 10 years so that health information will follow patients throughout their care in a seamless and secure matter. The EO directed the Secretary of HHS to establish within the Office of the Secretary the position of National Coordinator for HIT (ONC), with responsibilities for coordinating federal HIT programs with those of relevant executive branch agencies, as well as coordinating with the private sector on its HIT efforts.

The ONC defines HIT as “the application of information processing involving both computer hardware and software that deals with the storage, retrieval, sharing and use of healthcare information, data, and knowledge for communication and decision-making.” A key component to HIT is the eHR, a patient’s medical file stored electronically and maintained by a healthcare provider.

On July 21, 2004, Dr. David Brailer, the National Coordinator, delivered a Framework for Strategic Action (The Framework), which outlined four goals and twelve strategies for national adoption of HIT. The Framework outlined an approach toward nationwide implementation of interoperable eHRs and identified the following four goals: 1) bring eHRs directly into clinical practice; 2) interconnect clinicians so that they can exchange health information using advanced and secure electronic communications; 3) personalize care with consumer-based health records and provide better information for consumers; and 4) improve public health through advanced bio-surveillance methods and streamlined collection of data for quality measurement and research.

One of the key action items in The Framework was the establishment of a HIT Leadership Panel to examine the importance of investing in HIT by the government and the private sector. This panel assembled executives in widely recognized companies that purchase healthcare for their employees. The Lewin Group, a healthcare policy consulting firm, was retained by Dr. Brailer to convene the panel and report its findings.

The HIT Leadership Panel identified three key imperatives for HIT:

  • Promoting widespread adoption of interoperable HIT as a top priority for the U.S. healthcare system;
  • Using the federal government as the nation’s largest healthcare payer as leverage to drive the adoption of HIT; and
  • Encouraging private sector purchasers and healthcare organizations to collaborate with the federal government to drive the adoption of HIT.

In July 2006, the House of Representatives passed The Health Information Technology Promotion Act of 2006 (H.R. 4157) which directed the National Coordinator for HIT to create a plan for implementing a nationwide interoperable health information technology infrastructure. The bill also called for a survey of state health information and confidentiality laws to see whether such laws were slowing the electronic exchange of health information among states, the federal government and the public. At the time this report was written, Congressional negotiations had not resolved differences between the House bill and the Senate bill (S.1418).

In response to the Leadership Panel’s report, the Secretary of HHS has been meeting with major employers throughout the country to engage them in an effort to empower consumers through information. These efforts were further supported by the President’s Executive Order 13410, issued on August 22, 2006, requiring that all federal agencies and those who do healthcare business with the government do the following:

  • Aggregate healthcare quality and price information so that it is available to beneficiaries, enrollees and providers in a readily usable manner;
  • Use interoperable HIT products in order to aggregate and share quality and price data; and
  • Motivate participants to become consumers and advocates of a HIT healthcare system.

HHS awarded a contract to the American National Standards Institute, a non-profit organization that administers and coordinates the U.S. voluntary standardization activities, to convene the Health IT Standards Panel (HITSP). As today’s standards-setting process is fragmented and uncoordinated, the goal of HITSP is to develop and implement a useful set of health IT standards that will support interoperability among healthcare software applications, including eHRs, and be widely accepted. HITSP is finalizing recommendations on HIT standards for three key “use cases” – (1) submission of laboratory test results to an eHR; (2) submission of bio-surveillance data from providers and hospitals to public health agencies; and (3) automated patient registration information and medical history used in personal health records (PHRs).

HHS also awarded a contract to the Certification Commission for HIT (CCHIT) to develop criteria and evaluation processes for certifying eHRs and the infrastructure or network components to ensure interoperability. CCHIT has developed a process to certify eHRs and other systems based on uniform benchmarks for privacy, security and functionality.

HHS has awarded contracts to four consortia of healthcare and HIT organizations to develop prototype architectures for the Nationwide Health Information Network (NHIN). These prototypes are being used to test specialized network functions, security protections and monitoring, and to demonstrate feasibility of scalable models across market settings. The four consortia will create a usable architecture for healthcare information that can support eHRs. To ensure security and privacy, HHS has awarded a contract to RTI International, working with the National Governors Association Center for Best Practices to form the Health Information Security and Privacy Collaboration (HISPC). Through this contract, it is intended that the various business policies and state laws that affect electronic health information exchange be examined and practical solutions for addressing such variations be proposed to ensure privacy and security requirements in federal and state laws and to develop plans to implement identification solutions.

On November 17, 2006, the Business Roundtable and other business and HHS officials will join together in a national summit to discuss the critical role employers will play in supporting the President’s EO on healthcare transparency. The summit will focus on how employers can support efforts to provide patients with greater access to information about the quality and cost of their healthcare options. The National Quality Forum (whose members include employer groups) has proposed hospital “safe practices” standards and the American Health Information Community (AHIC) has proposed HIT interoperability standards. Employers interested in enhancing health care quality and efficiency will be discussing these standards at the summit.


The motivation for HIT comes from the growing increase in healthcare costs in the U.S. In a system where the cost of healthcare is primarily delivered through the employer in the form of benefits, such increasing costs are putting substantial burdens on employers, placing them at a competitive disadvantage in a global economy. In addition, the increased healthcare costs of government programs, such as Medicare and Medicaid, have put substantial pressure on federal and state governments. The results of a study conducted by the Rand Corporation indicate that implementation of a universal HIT system could cost about $8 billion per year, but annual savings in efficiency would be $77 billion.

There are numerous obstacles to universal HIT. Relatively few providers have access to HIT, and for those that do, the ability to share information is extremely limited. While HIT can be maintained through computer systems, healthcare data has not been assembled in a single coherent fashion and it is stored on a vast range of disparate systems. HIPAA’s privacy rules also provide stumbling blocks for the implementation of a widespread interoperable HIT system. However, HIPAA privacy rules are not within the jurisdiction of the DOL and therefore the Working Group makes no recommendations regarding changes to HIPAA’s privacy rules.

The development of a national HIT system would advance the movement towards quality improvement and quality purchasing. By furnishing information on patient practices both for payment and quality measurement purposes, such data (once the individual identifying information is stripped away) will allow healthcare providers to be judged on the quality of care in a quantifiable and documented manner that doesn’t exist in today’s paper-based system. Should a uniform and interoperable HIT system, with health information measurement and reporting capabilities with national industry accreditation standards, evolve within the marketplace, it is not clear to what extent greater transparency in healthcare and quality information will alter the fiduciary functions of plan sponsors.

ERISA’s fiduciary standards require that the plan fiduciary act in the best interests of the plan participants and beneficiaries. However, the courts have created a distinction with respect to specific functions performed by a plan fiduciary. When the plan sponsor acts as a “settlor” (i.e., making decisions as to the establishment, modification or termination of the plan, or the types of benefits to offer under the plan), such functions are not subject to ERISA’s fiduciary standards. Once the plan has been created, the plan sponsor functions as a fiduciary with respect to its discretionary authority to administer and operate the plan. This would certainly be the case if the plan sponsor self-insured the healthcare benefits under its plan. However, this distinction between “settlor” and “fiduciary” functions is not a bright line test. To date, plan sponsors have not been required in their fiduciary capacity to consider quality of care in the selection and/or evaluation of the performance of healthcare benefits and providers offered to participants and beneficiaries. Decisions as to type of coverage, network of providers and choice of insurers have been regarded by plan sponsors as settlor functions.

This is further compounded in the context of H&W plans with the intersection of ERISA’s preemption clause and fiduciary conduct under a plan. While plaintiffs assert that non-ERISA substantive or contractual law applies to the conduct of plan fiduciaries, such non-ERISA law is generally preempted, creating a void that must be filled by federally created common law. This has led to considerable litigation and lack of clarity for plan sponsors.

The Department of Labor’s Role

The issue of universal HIT is a concern for plan sponsors of H&W plans for two important reasons: cost and liability. The additional costs of such systems will initially drive up the costs of H&W plans even though future efficiencies, transparency in costs and the use of quality measurements will eventually reduce costs. Sponsors of such plans will have to absorb or pass along those initial costs, or decide to reduce or eliminate coverage. In addition, if a national HIT were in place, not only for the federal government but for all other employers, the issues of quality of care would become more transparent, readily documented and immediately available. This could have long-term implications for employers that provide healthcare benefits to their employees because these plans are governed by ERISA. This raises questions and issues. To what extent will ERISA’s fiduciary standards require employers to consider quality when selecting a healthcare plan, a provider network, a prescription drug program, etc.? Will employers have a fiduciary obligation to evaluate the plans, the networks, the formularies and the providers? What will be the DOL’s role in providing guidance to employers as to the significance of healthcare quality and the employer’s role?

Given the President’s most recent Executive Order, the DOL could certainly use this occasion to issue guidance to employers as to the role employers should play in gathering or encouraging the gathering of data, the development of eHRs and the determination of quality in the selection and evaluation of the performance of healthcare plans, healthcare providers and healthcare networks. In support of HHS’ efforts, the DOL could also encourage employers to participate in the dialogue involving HIT, through a national summit, so that their voices are heard early in the process and considered.

IV. Concerns of Plan Sponsors, Providers, Plan Participants, TPAs and the Government

Plan Sponsors: Plan sponsors of H&W plans voiced significant concern regarding the initial cost of moving over to a universal HIT, as well as the potential fiduciary liability for a “fee for performance” that could fall upon healthcare plan sponsors and insured healthcare providers. In this regard, the DOL could be instrumental in developing a “pay for performance” model of reimbursement. One plan sponsor encouraged employers to be more vocal with vendors and TPAs regarding the use of electronic health technology as the current “fee for service” model was not sustainable over time.

Privacy and security of electronic health information beyond the limits of HIPAA were also a concern for plan sponsors, as a 50-state delivery of privacy limitations would cause problems for employers that cross inter-state lines. Advocates for single-employer healthcare plan sponsors also noted that TPAs, healthcare insurers and HMOs, should be named as covered entities under HIPAA’s system.

Consultants for multi-employer H&W plans cautioned that the technology for these types of plans was out-dated or non-existent. Data from these group health systems is not linked with other systems. Thus, adoption of HIT should first focus on large national funds and on large TPAs.

As federal and state regulation sometimes has unintended consequences, one plan sponsor encouraged the DOL to review its regulatory structure to ensure that ERISA plans would not be unduly burdened with the adoption of HIT or the sharing of electronic data.

Plan Sponsors that were also Providers: While the federal government is providing a vital role as an early funder and policy driver behind universal widespread adoption of HIT, the federal adoption of open standards for healthcare diagnoses, treatment and other core elements are still needed. The current “pay for service” model should shift to a “pay for performance” model which is based on outcomes and improved quality of care.

One witness urged that the end-users of HIT, rather than the sellers of technology, be engaged in the adoption of HIT standards. Similar to the adoption of bar codes used by retailers, plan sponsors and providers should first identify the business problem that they are attempting to solve and then engage in a collaborative effort with the users of the technology.

Participants: While the Working Group did not hear testimony directly from the participants of H&W plans, it did hear comments from plan sponsors who are providers and multi-shareholder speakers who voiced the concerns that they had heard from participants. In order for participants of H&W plans to be advocates of and utilize eHRs, they must be assured of the privacy, security and accuracy of the information contained in the eHR. Participants have expressed concern that transfer of personal health information be secured among authorized users and with patient control. The electronic record should control access, track who has accessed the information and limit who can modify the record. Participants should be able to know what information exists about them, the purpose of its use, who can access and use the information and where it resides. Use of eHR should be purpose specific and personal data should not be disclosed, made available or otherwise used for purposes other than specified. To assure this, accountability and oversight must be in place to implement these practices.

Providers: One provider identified four critical building blocks in the development of HIT and eHRs: uniform HIT standards; consumer engagement; widespread provider adoption; and assurances to consumers, physicians and other stakeholders of the privacy, security and accuracy of the electronic health information. The privacy rules of HIPAA must be expanded so that everyone who handles personal health information is covered by the federal rules.

An association of health care providers that insure or provide administrative services for ERISA group health plans recommended that the DOL encourage the adoption and use of HIT by group health plans. Such adoption and use should be aligned with the on-going public and private HIT initiatives promoted by ONC, AHIC, HITSP and CCHIT. They testified that the HIPAA privacy and security rules were adequate and thus the DOL need not expand current privacy protections for group health plans. They also believed that ERISA fiduciary rules were adequate to protect the privacy concerns of participants.

TPAs: A TPA provided written testimony, recommending that the DOL encourage the adoption and use of health IT by group health plans consistent with the direction taken by HHS. As HIPAA’s privacy and security rules and other state and federal privacy requirements were deemed to provide sufficient safeguards for health information collected, used or disclosed by group health plans, the DOL need not impose additional privacy protections or restrictions on the ability of group health plans to use HIT for payment and healthcare operations. This TPA did not believe that ERISA’s fiduciary requirements should be extended to a TPA providing health IT information in a personal health record to participants and beneficiaries as such function is ministerial and not fiduciary in nature.

Multi-stakeholders: Three individuals testified on behalf of multi-stakeholders – groups of private, public and non-for-profit employers, providers and TPAs. One identified three barriers to the development of HIT: the misalignment of incentives and the lack of a sustainable business model; the lack of interoperable systems; and the lack of data standards. In this regard, the DOL could play a pivotal role in explaining to healthcare consumers how their healthcare information would be handled and accessed within an interoperable electronic healthcare infrastructure.

Another testifier advocated that the DOL become vocal in endorsing a uniform, national process for developing HIT policy and technical standards. The third testifier was critical of an approach which focused on a national network through common data and application standards. Instead, a personal health network approach – which would be internet-based and allowed patients to directly control access to their private data – was recommended.

Federal Government: The director of programs and coordination in NOC of HHS provided the Working Group with the background information regarding the federal government’s initiatives in the area of HIT.

V. Working Group’s Observations and Discussions

The widespread adoption of HIT would be welcomed by plan sponsors of H&W plans, healthcare providers, physicians and hospitals as it is expected to result in dramatic efficiency savings, increased patient safety and reduced healthcare costs. However, plan sponsors, TPAs and healthcare providers are concerned about the costs and the liability associated with the universal maintenance of HIT. The federal government through its initiatives with ONC within HHS has identified four important goals for the implementation of interoperable eHRs and three key imperatives for the universal adoption of HIT. Due to the President’s most recent EO directive, all federal agencies, including the DOL, are required to motivate participants to become involved consumers and advocates of a HIT healthcare system.

A national HIT system could advance quality improvement and quality purchasing, both in the furnishing of information on patient health and the review of healthcare providers for their services. Such greater transparency in healthcare and quality information will transform how plan fiduciaries act when considering what is in the best interests of plan participants and beneficiaries. Presently, the choices to provide benefits, the level of benefits and the modification of termination of benefits are regarded by plan sponsors as a settlor function, not a fiduciary function. As greater information is provided through a national and interoperable HIT system, the fiduciary’s capacity to consider the quality of care in the selection and/or evaluation of the performance of healthcare providers, networks, formularies and plans offered to participants and beneficiaries will change. Due to the DOL’s regulatory authority over the fiduciary requirements applicable to H&W plans, it has the power to delineate how quality of care is to be considered by a plan fiduciary.

The DOL’s ability to distinguish between settlor and fiduciary functions in the context of the delivery of H&W and the choice of healthcare providers would be most helpful to plan sponsors and plan fiduciaries. If this distinction changes over time due to evolution of the HIT system and the access and utilization of a personal eHR, such functions that were once settlor in nature could become fiduciary in nature. Plan sponsors would welcome a set of “best practices” that would set forth how a fiduciary acts in the best interests of the participants, how quality of care is to be considered in the delivery of benefits and choice of healthcare providers, and how personal health information is to be stored, accessed and shared in both a prudent fashion and through an approach that takes the best interests of the participants into account.

In the context of retirement plans that provide for individual accounts and permit individual direction of investment of the assets of those accounts, ERISA §404(c) provides a statutory exception to the fiduciary rules. In such context, the plan fiduciary is not considered a fiduciary with respect to the individual’s choices of plan investments and thus is not liable under the fiduciary rules for any loss, or by reason of any breach, which results from the participant’s exercise of control. The statutory exception requires certain safeguards be met to ensure that the individual truly has the power to exercise control and, in fact, exercises such control. This exception permits the plan fiduciary to afford participants the ability to determine the investment of their plan assets without the plan fiduciary being liable for a loss, or for a breach, to such investment.

The Working Group believes a similar approach, through the issuance of guidance or legislative relief, would be helpful for plan sponsors of H&W plans in the HIT and eHR context. If the DOL were to set forth specific parameters which plan sponsors could follow in order to act in a prudent fashion and in the best interests of the participants in making H&W decisions, plan sponsors would have the guidelines of how to act and when followed, protection from threat of fiduciary liability. Thus, plan sponsors would then be more inclined to participate in the dialogue involving HIT and eHRs.

This approach would also reduce the potential for litigation which is problematic in the breach of fiduciary context due to ERISA’s remedies and its preemption clause. As ERISA’s preemption clause supplants state law, breach of ERISA’s fiduciary duties is limited to the remedies under ERISA or other federal laws. Such remedies might not be sufficient within the context of a universal HIT and personal eHR information, thus leading to a void that may be filled by federally created common law. Such lack of clarity is of great concern to plan sponsors.

Due to voluntary nature of ERISA’s employee benefits plans, plan sponsors weigh heavily the cost and potential for liability in offering and continuing to offer H&W benefits to employees and the various means of providing healthcare. The DOL can be instrumental in this regard by providing clear guidance as the issues of HIT and eHR unfold.

The Working Group also heard considerable testimony that the federal government was encouraging the various stakeholders – employers, healthcare providers, TPAs, health insurers and physicians – to dialogue and to create universal solutions for a universal HIT healthcare system. The Secretary of HHS began its dialogue with large employers and employers who were already healthcare providers or systems providers. It is beginning to expand its outreach by joining with the Business Roundtable and other business associations to discuss with employers the critical role they play in HHS’ initiatives.

In the retirement savings arena, the DOL assessed its efforts to reach employers and employees in order to help them understand the importance of savings for a secure retirement. Events such as the Savers’ Summits brought together various constituencies to discuss strategies to accomplish this goal. A similar type of event, hosted by the DOL, in the HIT context could begin bringing different constituencies together to discuss the potential road blocks in adopting a universal HIT system and providing for eHRs for participants and possible solutions to such road blocks.

VI. Summaries of the Speakers and Written Testimony

August 2006

Summary of Edward McCulloch

Edward (Ned) McCulloch leads IBM’s public policy efforts on HIT, believing that better use of information technology will result in healthcare quality and contained costs, while still protecting the privacy of patients and the security of their health data. IBM is collaborating with other employers, agencies and providers to launch a global infrastructure. IBM supports public policies that drive the adoption of open standards, commit initial prototype funding and make early policy choices that set the stage for the growth of health information exchange and create incentives in Medicaid and Medicare to reward quality of care.

In driving open standards, a health information exchange requires interoperability, i.e., the ability for disparate health information systems to talk to each other and share data in a safe and secure manner. Open standards must be those that are freely available to all and created by an open decision-making process. Better standards will facilitate the easier exchange of health information, thereby lower costs and improving patient safety and clinical quality and enhancing privacy.

What is still missing? Federal adoption of open standards for healthcare diagnoses, treatments and other core elements of medicine is still needed. The Senate and House passed HIT legislation that included provisions to move the federal government towards national standards. HHS Secretary Leavitt indicated the importance of electronic reporting and suggested it be included in the forthcoming Executive Order.

The government’s role as an early funder and policy driver is vital. HHS has awarded contracts to four companies, including IBM, to develop a Nationwide Health Information Network (NHIN) architectural prototype – the goal is to devise a smarter, more connected information infrastructure for healthcare with the following abilities: to enable secure electronic exchange of healthcare information; to test the use of standards and interoperability; and to demonstrate how various healthcare marketplaces can be part of this communications network. NHIN would also empower healthcare consumers to access their personal health records (PHRs) using the same network that allows them to share their medical records with healthcare providers. IBM’s architectural prototype for the NHIN system would not be a single repository of everyone’s medical records, but rather an index that points to information stored at the originating provider site.

Privacy and security are key requirements for the personal health record. HIPAA privacy rules provide the bedrock for patient privacy in the U.S. and has established a baseline for privacy and security requirements for electronic health information. Many states have gone further than HIPAA to ensure patient privacy.

Physicians and other healthcare providers will bear the direct costs of implementing eHRs, as well as the indirect cost to transform their established workflow processes to take advantages of the new technology. A “pay for performance” model should be used to incent the doctors and medical community to adopt HIT. The shift will reward outcomes and improved quality of care instead of the current model of fee for service. To make this shift, financial incentives should be non-punitive, should prioritize improvements, should be considerate of the critical role of primary care physicians and should be sufficient to offset physicians’ investment in HIT.

Summary of Alissa Fox

Alissa Fox is Vice President of Legislative and Regulatory Policy for the Blue Cross/Blue Shield Association. Alissa is responsible for developing the Association's policy positions. She also counsels Blue Cross and Blue Shield plans on a wide range of policy issues, with specific expertise in Medicare and MediGap, managed care, and insurance-related topics.

Fox testified that Blue plans envision a HIT system that links payers, providers and consumers nationwide so that a patient's health information is available at the point of care, to insure that the best possible care is given. The heart of the vision is an eHR in every physician's office that is linked to other providers and payers.

The witness went on to say that the vision the Blues have is that the eHR would also include key clinical decisions making the best practices and care available to providers when they're actually treating a patient. An eHR could alert a doctor that a diabetes patient he's treating has not had a recent eye exam, for example. That's a critical standard of care. If a physician were about to prescribe a drug, there would be software that would pop up and say that drug could have adverse consequences, because it is a problem with another drug that patient is taking. Electronic health records would also link to payer administrative data, so it would allow providers and consumers to know immediately whether a deductible has been met and what co-payment for medical services is required.

In order to reach this vision, Fox suggested that four building blocks are critical; uniform HIT standards, consumer engagement, widespread provider adoption, and assurances to consumers, physicians and other stakeholders of the privacy, security and of the accuracy of the electronic health information.

Alissa Fox stated that uniform IT standards are absolutely critical. Standards are needed for the exchange of clinical and administrative information across all healthcare participants. Fox believes that all stakeholders need to be involved in this process. There needs to be public and private collaboration. Fox stated before a standard is adopted, it needs to be pilot tested and that credible cost benefit analysis of any standard is critical before they're adopted.

Fox identified consumer engagement as another building block. Consumers are seeking information to help them take charge of their own healthcare. HIT can make it dramatically faster and easier for consumers to access critical health information.

Fox recognized that widespread provider adoption is needed to achieve a nationwide HIT system. Providers must see both the clinical value and the business case for adopting HIT.

The witness stated consumers, physicians and other stakeholders must be assured of the privacy, security and accuracy of the electronic health information. Strong uniform protections must be in place covering all entities that provide or manage personal health information, not just those that are covered under HIPAA today. Today it's really the employers, insurers and providers that are covered HIPAA entities, but the vendors, for example, are not covered by HIPAA today. They must follow the HIPAA privacy and security rules, so you need to make sure that everybody who is handling the personal health information is covered by federal rules. That's not the case today.

Summary of Ticia Gerber

Ticia Gerber, who is the Vice President for Public Policy and International Programs for the eHealth Initiative, presented testimony to the Advisory Council regarding HIT, including Health Information Exchanges. The eHealth Initiative is an independent, not-for-profit multi-stakeholder consortium, whose mission is to drive improvement in the quality, safety and efficiency of healthcare through information and information technology.

Ms. Gerber testified that healthcare in the United States is highly fragmented, largely paper-based and does not include accessing comprehensive patient information at the point of care. She expressed the view that Health Information Technology can play a critical role in creating a more efficient and effective healthcare system.

She stated that despite evidence of improvements that can be achieved through the use of information technology, adoption rates continue to be quite low. She indicated that more than 90 percent of the estimated 30 billion healthcare transactions each year are conducted by phone, fax or mail. According to Ms. Gerber, those who have been the slowest adopters generally possess limited access to capital and a lack of ongoing financial incentives to support their adoption.

A significant part of Ms. Gerber’s testimony was focused on Health Information Exchanges (“HIEs”) in the United States. She defined the term “Health Information Exchange” as the “mobilization of healthcare information electronically across organizations and disparate information systems within a region or a community.”

According to Ms. Gerber, HIEs are designed to support interoperability and facilitate access to and retrieval of clinical data privately and securely to provide better patient-centered care. The eHealth Initiative’s Foundation, with funding support from the HHS, supports multi-stakeholder HIE collaboration through a Gulf Coast Health Information Project and also a program called “Connecting Communities.” These programs provide seed funding and technical assistance to HIE efforts and produce informative research and practical tools that aid and inform the field.

A survey conducted by the eHealth Initiative indicated a dramatic increase in the level of interest in and activities of HIEs. According to Ms. Gerber, perceived provider inefficiencies, healthcare quality issues and rising healthcare costs are key drivers moving states, regions and communities toward HIEs. Some of the common challenges cited by HIE initiatives that were surveyed included the need for increased funding, a realignment of incentives, and standards and interoperability in mobilizing information electronically through the healthcare system.

She also testified that research compiled by a new eHealth Initiative report on legislative activity reveals that HIT planning is on the rise, with 28 states initiating or in the process of HIT planning and implementation. She also indicated that the federal government through both Congress and the Administration, has introduced a myriad of policies and initiatives designed to address the barriers that impede improving healthcare through HIT and HIE.

She also spoke on the barriers that HIT has encountered. She cited three such barriers. The first barrier that she discussed was the misalignment of incentives and the lack of a sustainable business model. She testified that practicing clinicians, hospitals, and other healthcare providers often cite the lack of up-front funding and business models to support ongoing usage as key barriers to HIT adoption. With respect to misalignment, she indicated that research indicates that there is a misalignment between those who pay for the implementation and ongoing usage of information technology and those who benefit from its usage.

The second barrier that she discussed was a lack of interoperable systems and data standards. She stated that the federal government should continue to play a strong role in the development and adoption of standards within its own programs and should provide incentives to the private sector to promote the usage of such standards. She testified that the federal money that is there to fund these efforts is simply not enough and that it is going to take the public and private sector working together and maybe a special fund.

The third barrier that she discussed was organizational change. She indicated that a number of incentives have emerged, primarily in the private sector, to address organizational change issues and to facilitate the migration towards an interoperable electronic healthcare system. She stated that private sector organizations will and should continue to assist healthcare stakeholders as they migrate toward an electronic healthcare system. She also indicated that the federal government can play a critical role by leveraging the work being done and collaborations in this area.

She also discussed privacy, confidentiality and security issues. She indicated that these issues continue to be a challenge at the state and local level. According to Ms. Gerber, 76 percent of the state leaders recently surveyed cited addressing privacy and confidentiality as a very or moderately difficult challenge in the context of HIT and HIE. She stated that for HIT and HIE implementation to proceed to achieve better healthcare, the issues of privacy, security and identity must be properly dealt with on a technical and policy level and through targeted communications to healthcare consumers explaining, in easy to understand language, how their healthcare information would be handled and accessed within an interoperable electronic healthcare infrastructure.

When asked whether she saw a role for the Department of Labor in getting communications out to the general public, she indicated that she thinks that there may be a role in four to six months. She indicated that, at this point, a lot of work on proper messaging hasn’t been done.

Summary of Jonathan Hare

Jonathan Hare is the CEO and Chairman of Resilient. He is a member of the Markle Foundation Personal Health Technology Council. Mr. Hare is also a founding member of the Just Do It Working Group, a public/private partnership trying to launch a patient-centric personal health network using existing infrastructures, applications and business practices and is capable of self-funded growth without government subsidies.

Mr. Hare described how he spent much of the last year trying to understand what is wrong with HIT and how can we fix it. Based on his discussions with people from all aspects of the healthcare system, he concluded that an alternative approach could provide a faster and easier path to achieving the President's HIT agenda.

The current government and private initiatives were described as being directed towards important and appropriate long-term goals and that they have laid a useful foundation for future progress. Mr. Hare praised their efforts, especially the development of data standards, building awareness of the problem and creating organizations trying to solve the problem.

The problem Mr. Hare sees is that these efforts rely upon a brute force application-centric approach that is organized around healthcare institutions and existing healthcare information systems rather than a network-centric approach organized around patients and patient data.

He criticized the current approach for trying to create a national network through common data and application standards. Mr. Hare described how most systems integration efforts fail and noted that failure rates are higher the bigger and more complex a project is. He noted that the same approach that's been adopted by the National Health Information Network (NHIN) prototypes was tried on a much smaller scale during the internet bubble. Mr. Hare described how although hundreds of billions were spent to create “business to business exchanges,” that it proved impossible to get the technology integrated and to get people to use it.

Mr. Hare explained how users adopt applications that give them convenient access to information, resist applications that require them to do data entry for somebody else. His concern is that the current application-first approach to electronic health data will require widespread adoption of new infrastructure, applications, standards and practices across a healthcare system before those electronic health record systems could offer significant productivity benefits. Mr. Hare also argued that the vast majority of the cost, risk and disruption associated with this approach will be concentrated on healthcare providers, especially early adopters, whereas the economic benefits will be mostly long-term, highly uncertain, and captured primarily by the payers. He estimated that the NHIN will cost between $250 and $374 billion dollars before participants stop losing money.

Mr. Hare also testified that the current approach will not protect patient privacy. He argued that absent a system-wide mechanism to document patient consent, providers will fall back on paper consent forms and bureaucracy. Unless this privacy problem can be addressed at the network level, Mr. Hare said that patient information will not flow efficiently, which is the whole point of NHIN.

In his view, there are two possible paths to move forward. The first is to try to overcome the obstacles of the current architectural approach with massive government subsidies or a sweeping federal mandate. The second is to find a dramatically easier implementation approach that avoids the misaligned incentives and minimizes the systems integration challenges. Since huge subsidies are not likely and mandates usually fail, Mr. Hare recommended the second path. He advocated a “personal health network” that takes a different approach to the same problem.

He called it a personal health network because it is focused around patients, their data and their doctors. It would be an internet-based personal privacy service that allows patients to directly control access to their private data across different applications and systems no matter where they are located. This service would be able to authenticate any doctor, patient or healthcare professional, learn their relationships, remember the rights that the patient has directly or indirectly branded to them and allow the patient to retain control of data as it flows between different applications and systems. It allows covered entities and providers to verifiably attest to existing written patient consents that they have on file, instead requiring the patients to directly provide electronic consent.

He said that patients could be alerted when anybody claims to have their consent to have access to their private data. And an audit service will record who accessed what information on whose authority and when. Mr. Hare sees the personal health network as a data-first model that focuses on recycling, reconnecting and reprocessing existing sources of patient data into a personal health database controlled by the patient. He argued that it would enable a variety of useful services that providers and patients will use and payers will be happy to pay for on behalf of their members.

Mr. Hare described how the initial focus should be on nationally aggregated data that is already stored electronically, principally claims-based data. He stated that it is possible to derive a much more complete and useful personal health record from these sources of electronic data than is currently available in any single existing patient chart.

Once people start using the personal health network to access data and provide services, Mr. Hare predicted that more patient data will enter the network and this creates a positive feedback loop. Mr. Hare described how the personal health network relies only upon infrastructure and habits that are already in use: fax, phone, e-mail and the web. It does not require adoption of new technology before early adopters can benefit from joining the network. He sees it as a free and open market that would invite open competition, and would reward economies of scale, innovative business models and the first movers who establish the valuable service. Mr. Hare argued that the personal health network is backwards compatible with the existing healthcare system, can achieve critical mass one patient at a time and would become self-funding through operational efficiencies.

Mr. Hare advocated that employers can use their leverage to create a market demand by telling insurers what they want. He sees insurers as the ones we need to work with to solve this problem since they are rational actors who want to drive their costs down and provide better service, if they can.

He described a pilot project that the Just Do It group is working on for the San Francisco Homeless Healthcare Initiative. The goal is to take the 350 healthcare facilities that take care of the homeless and allow them to access healthcare data. Mr. Hare described how it would allow the creation of a continuity of care record system, which includes prescription drugs, history, lab tests, etc.

Advice Mr. Hare thinks the Council should give the DOL includes making sure large employers and payers are brought into a much more active role in fixing the healthcare system, that the government can create a market for these information services, that advice letters are need to create a safe harbor related to electronic privacy issues and that legislation is need to give patients more explicit rights over their data.

September 2006

Summary of Mr. Mark Grushkin

Mr. Grushkin specializes in employee benefit law, representing large, small and mid-sized companies, non-profit organizations and single employer plans and trusts. He opened his remarks by providing background on ERISA and HIPAA, specifically their impact on employers. He stated that both laws impose fiduciary responsibility and liability on plan sponsors. As a result, plan sponsors spend much time and money to meet their fiduciary compliance obligations.

Mr. Grushkin expressed his concern with respect to the impact HIT could have on employers. The burden and expense of the compliance obligations under ERISA and HIPAA have been significant. The HIPAA Security Rule that was drafted in conjunction with the HIPAA Privacy Rule applies to PHI that is created, maintained or transmitted electronically, to ensure the confidentiality, integrity and availability of electronic PHI (ePHI). Mr. Grushkin expressed concern over the increased liability exposure employers could face if more ePHI is available, especially if employers are required to play a role in the development of personal health records. Greater use of HIT without guidance and protection for employers, especially self-insured plan sponsors, could have a negative impact on employers and possibly the offering of health plans.

He cited the need to amend HIPAA and/or ERISA to afford employers more protection – possibly a safe harbor that is akin to safeguards available for legal process. He stressed the need to have the DOL address the practical realities of HIT.

Mr. Grushkin stated that he believes that the health data exists and that the concept of HIT and PHR’s is a good one. However, it is important that the realities of the additional burden this could create for employers are recognized. The DOL should do whatever needs to be done through regulations and guidance to ensure that employers are not faced with additional fiduciary liability. In gathering this data, the focus should be on the third party administrators, major health insurers and HMOs, not employers. Currently, those entities are not covered entities for HIPAA. They are business associates. For the self-insured employer, if something goes wrong, the employer is not indemnified. There is the potential for legal liability for the employer. He recommended that TPAs should be deemed to be fiduciaries for purposes of ERISA.

With the implementation of PHRs and HIT, his closing statement emphasized that plan sponsors, especially self-insured plan sponsors, will face increased liability exposure under ERISA and HIPAA, unless the appropriate safeguards are instituted.

Summary of Mark Decker

Mark Decker is Corporate Director of Worklife Services for St. John Health. He is also a member of the Society for Human Resource Management (SHRM) and he serves on SHRM’s Labor Relations Special Expertise Panel. He testified that SHRM believes that the development of individual eHR and HIT will play a key role in the transformation of the healthcare system. His testimony focused on the need for HIT, the importance of privacy and security of health information, the employer’s role in HIT and the role of the federal government in the adoption of interoperable HIT.

The witness indicated that SHRM recommends that the federal government establish interoperable standards that are flexible for current users of HIT to adapt to the national HIT standards. It is important that both the public and private sector work together in establishing those standards. He went on to say that SHRM believes that the adoption of electronic healthcare standards will make it easier for employers to identify high quality/low cost providers, develop metrics to confirm the information, identify regional areas of duplicative service and allow for more informed consumer in a much more efficient manner.

Decker stated that SHRM suggests that the HIT eHR could provide more safeguards than a hardcopy/paper medical record. The electronic record can control access, track who has accessed the information and limit who can modify the record. According to Decker, SHRM also recommends the federal government serve as the policy and funding driver for a national, interoperable HIT system.

Summary of Melissa Goldstein

Melissa Goldstein testified about the work of Connecting for Health, a public-private collaborative created in 2002 that is made up of more than 100 organizations representing private, public and not-for-profit groups. Ms. Goldstein described how they have worked on defining the technical and policy challenges that stand in the way of an interconnected healthcare system.

She described how they recently published a “Common Framework,” consisting of seventeen documents that recommend methodologies and policies that they believe will support their organizations goals. Ms. Goldstein gave highlights of some of the principles and features of the Common Framework documents, including:

  • The network should provide the ability to transfer personal health information securely among authorized users and with patient control. An organization that holds and supplies personal health data must have confidence that the other network participants will handle that data appropriately.
  • To create a trustworthy information environment, policy concerns cannot be deferred until after technological decisions have been made and deployed.
  • Connecting for Health advocates development of a decentralized and federated architecture – a “network of networks” – in which patient information remains in the hands of the care providers.
  • Consumers are wary of making their sensitive personal information accessible over the internet and want patient consent and patient control. Failure to employ a process that produces transparent, trustworthy solutions could jeopardize consumers’ willingness to use the network.
  • There is a need for a universal framework for portability of information. Connecting for Health proposes the use of nine widely-accepted fair information principles, based upon those used in Europe and codified in U.S. law and practice. These include:
    • Openness and transparency about developments, practices and policies with respect to personal data. Individuals should be able to know what information exists about them, the purpose of its use, who can access and use it and where it resides.
    • Purpose specification and minimization so that the reason for use of the data is specified at the time of collection, and the subsequent use should be limited to those purposes or others that are specified on each occasion of change of purpose.
    • Use and collection limitation so that personal health information is only collected for specified purposes, is obtained by lawful and fair means and, where possible, with the knowledge or consent of the data subject. Personal data should not be disclosed, made available or otherwise used for purposes other than those specified.
    • Individual participation and control so that people are able to: find out from each entity that controls personal health data if that entity has data relating to them; they access personal data relating to them within a reasonable time and at an affordable cost; receive their data in a form that is readily understandable; know why a request is denied and are able to challenge such denial; challenge data relating to them and have it rectified, completed or amended.
    • Accountability and oversight so that entities in control of personal health data implement these information practices.

Policy objectives can best be achieved by leveraging technical designs that build upon existing infrastructure, separate end-user applications from the Network, maintain decentralized data stores, engage users in federated relationships and are flexible to unpredictable future technologies and innovations.

Ms. Goldstein provided more details on these highlights. For example, she testified that we should not expect technology developers and manufacturers to come up with the answers to these policy questions, that stakeholders are indeed eager to work collaboratively in an effort to resolve them, that policy and technology experts must work together in a continuous process of system refinement and evolution and that the rapid expansion of the network depends on applications that serve consumers and providers.

She also explained how Connecting for Health joined twelve other major health and technology organizations in January of 2005 in submitting a Collaborative Response to a Request for Information from the Office of the National Coordinator for Health Information Technology. The joint response proposed a “Standards and Policy Entity” (SPE), that would be a public-private collaboration to identify and specify the implementation rules, technical standards, and information policies. They predict that without such guidance and commonality, the network will not be reliable or consistent.

Ms. Goldstein feels that the DOL should advocate for the development of a uniform, national process for developing policy and technical standards that address public needs and assure interoperability.

The Council and Ms. Goldstein discussed some of her points in more detail. She emphasized that it is important to build upon what is already out there instead of starting from scratch. The key is figuring out how existing technology systems can talk to each other in a secure manner.

Ms. Goldstein also stated that although the government will have to subsidize the development of information technology, the government cannot pay for everything. She believes that the government is going to have to play some role, especially helping small doctors’ offices, small rural clinics, community clinics and other small entities. Ms. Goldstein also described how providers have to view this as an investment in their future.

Summary of James Sokol and Eileen Flick

James Sokol, a Senior Vice President, and Eileen Flick, a Vice President and Benefits Consultant, both from The Segal Company, covered a number of different areas during their joint presentation on September 22, 2006:

  • With respect to multiemployer health plans, the fund office technology is much different than in the single employer health plan model. A large number of the fund offices and administrators use dated technology that is mainframe or mini-computer based. Technology departments are small or non-existent. Legacy programming languages such as Cobol and RPG are common. Systems hold minimum data necessary to provide current level of functionality. Hence, participant health data is not available online. Centralization of documentation is problematic and privacy must be maintained by the trust fund.
    Due to the budgets and staffing of the fund offices, providing more data to members would increase their support burden, with what is perceived to be no return on investment. Outsourcing is generally not considered because of the perceived loss of control. Also data from group health systems is not linked with other systems.
    Thus, they recommended that the adoption of HIT focus on large national funds that are more technologically advanced and on large third party administrators. Providing turnkey solutions that allow fund office systems to integrate with the payer and provider systems would be helpful, as would subsidizing fund office technology improvements.
  • In adopting an interoperable HIT, there should be national standards for transparency on cost and quality of care. Medical information should be made available to consumers in readable and non-clinical format. Payers should be required to report data that allows for uniform measurement of quality providers and high performing hospitals. A national quality scorecard of healthcare providers for use by consumer would be helpful as it could measure outcomes and result in efficiencies.
  • When asked what incentives the physicians had in embracing HIT, Jim and Eileen noted that physicians would embrace the systems if it resulted in fairer payments to the physicians.

Summary of David Merritt

David Merritt, Project Director for the Center for Health Transformation, The Gingrich Group, appeared before the Working Group on September 26th. The overall purpose of Mr. Merritt’s group is to build an intelligent health system, but it will not be possible without the rapid adoption by health providers of HIT. There have been great strides on the clinical side, but a step backward on the administrative side. About one-third of hospitals use HIT and about 15% of the doctors use HIT. Mr. Merritt has not seen a single example where HIT did not save lives and money. For example, a doctor did a full-practice conversion to eHRs, and after an initial set-back, administration costs went down and care went up. Providers have no current incentive to implement HIT because they are paid the same as those who don’t.

Governments are pushing for HIT and more private sector companies are looking at setting up a PHR system for employees that includes both information and education. There are several bills on the Hill related to HIT. The President recently issued an Executive Order on HIT. Secretary Levitt (HHS) recently signed a Rule on HIT. However, regulations can be a barrier and have unintended consequences. While designed to prevent corrupt relationships, they can prevent collaboration between and among doctors, so please be careful. Many states are pushing HIT. Mr. Merritt cited about fourteen of them. They are all looking to help their bottom lines through HIT. President Bush’s Executive Order calls for plans, providers and carriers to adopt an approach to nation-wide HIT.

Mr. Merritt had four recommendations for DOL:

  • Support the President’s Executive Order by requiring DOL healthcare providers, plans and insurance companies implementing or changing HIT systems to meet recognized interoperability standards;
  • Support the President’s Executive Order by implementing programs at DOL to measure the quality of services provided by healthcare providers;
  • Leverage the Secretary’s role as head of a large employer to implement an Electronic Health Record for all Department employees; and
  • Don’t block plans from adopting HIT with rules that hinder the sharing of electronic data.

HIT can/will modernize healthcare system and enhance the lives of our citizens. In response to Sherrie Grabot’s question as to who is driving the rules and regulations, Mr. Merritt said that a Standards Panel funded by HHS and a Board set up by HHS have been established. They have established 24 technical standards. There are approximately 100 individuals on the panel, representing many organizations.

In response to Kathryn Kennedy’s question as to why employers would buy in, Mr. Merritt said because employees are picking up the (healthcare) tab. The objective is better healthcare at a lower cost. Mr. Merritt cited a Chicago-Sun-Times article he co-authored and several studies and approaches to measuring the quality of healthcare.

In response to Lynn’s question regarding the employer’s fiduciary liability, Mr. Merritt stated that small employers could contract to have this done. He pointed out that there is currently no information on the level of care. Standardizing the data will certainly help in developing standards of care information.

In response to Sherrie’s question as to whether outcome-based data would drive manipulation, Mr. Merritt acknowledged there are ways to manipulate the data. He cited a Utah case with lower costs and better outcomes, but it may reflect demographics of the area, not the level of care. Physicians are still talking about the concept. They don’t want to be ranked. But we are not at the level in the process yet. He recommended we leave the assessment to the experts.

In response to Neal’s question of how to get providers to implement HIT, Mr. Merritt said it is not a case of the vendors and tech companies forcing them, but rather the system is to blame. The doctors are not incented to adopt HIT. It must be consumer driven. If this is done, physicians coming out of medical schools today will demand HIT wherever they practice.

Summary of Carolyn Walton

Carolyn Walton testified on behalf of Wal-Mart Stores, Inc., the nation’s largest retailer and the largest private employer in the United States. Her employer endorses and supports the Bush administration’s initiatives to promote price and quality transparency, to drive health information technology standards and to provide options that promote quality and efficiency. She analogized the administration’s initiatives to drive HIT standards to the evolution of standards developed in the retail industry in adopting bar codes. Bar codes were developed for automating the checkout process – to improve efficiencies at the point of sale, by capturing sales data, maintaining inventory, forecasting future sales and driving the replenishment process. Wal-Mart started with a specific business problem to solve and then enlisted technology to solve the problem.

Ms. Walton recommended to the Council that a similar approach be adopted with respect to HIT – identify the business problem that is attempting to be solved and engage the end-users, rather than the technology companies, in the adoption of standards. She advocated collaboration of the various stakeholders – educating and reaching out to them as to the value of engagement. The drivers of this global HIT initiative should not be the sellers of technology, but instead the buyers of technology and the deliverers of healthcare.

She concluded her remarks with five observations:

  • Start by identifying a compelling business problem to be solve that ultimately affects the consumer. Do not start with the technology;
  • Start small but keep the overall roadmap in view;
  • Drive speed of adoption with a multi-industry standards organization that is led by end-users rather than technology companies;
  • Collaborate with public agencies, employers, private entities, non-governmental organizations, major suppliers, professional associations and consumer advocates; and
  • Educate and reach out to key stakeholders to demonstrate the value.

Summary of Kelly Cronin

Kelly Cronin, Director of Programs and Coordination, Office of the National Coordinator for Health Information Technology, U.S. Department of Health and Human Services, appeared before the Working Group on September 22, 2006. She presented written testimony and answered questions posed by members of the Working Group. In her written testimony, she discussed Executive Order 13335 directing the Secretary of the HHS to establish the position of National Coordinator for Health Information Technology, with responsibilities for coordinating federal health information technology programs with those of relevant executive branches, as well as coordinating with the private sector on their health information technology efforts.

She discussed a publication entitled, “Strategic Framework: The Decade of Health Information Technology: Delivering Consumer-centric and Information-rich Healthcare,” that was published at the HHH’s Health IT Summit in July of 2004. The publication outlined an approach toward nationwide implementation of interoperable electronic health records and identified four major goals. The goals were: 1) to inform clinical practice by accelerating the use of eHRs; 2) interconnect clinicians so that they can exchange health information using advanced and secure electronic communication; 3) personalize care with consumer-based health records and better information for consumers; and 4) improve public health through advanced bio-surveillance methods and streamlined collection of data for quality measure and research.

In her written testimony, Ms. Cronin stated that HIT can save lives, improve care and reduce costs in our health system. She indicated that the Institute of Medicine estimated five years ago that as many as 44,000 to 98,000 deaths occur each year as a result of medical errors. She indicated that studies have shown that adverse drug events have been reduced by as much as 70% to 80% by targeted programs, with a significant portion of the improvement stemming from the use of HIT. She also mentioned a recent study that showed that clinical information is frequently missing at the point of care, and that the missing information can be harmful to patients. This study also showed that clinical information was less likely to be missing in practices that had full electronic records systems.

She advised that there are mixed signals about the potential of HIT to reduce costs. Some researchers have estimated that the potential savings from the implementation of HIT and corresponding changes in care processes could range from 7.5% of healthcare costs to 30%. She also discussed the HIT Leadership Panel that was convened for the purpose of understanding how IT has transformed other industries and how, based upon their experiences, it can transform the healthcare industry. The Leadership Panel was comprised of nine CEOs from companies that purchase large quantities of healthcare services for their employees and dependents. The Leadership Panel concluded that investment in interoperable health IT is urgent and vital to the broader U.S. economy due to rising healthcare demands and business interests. According to Ms. Cronin, the Leadership Panel identified as a key imperative that the Federal government should act as leader, catalyst and convener of the nation’s health information technology effort. The Panel also recognized that widespread HIT adoption may not succeed without a buy-in from the public as healthcare consumer.

She discussed Executive Order 13410 which is intended to promote quality and efficient delivery of healthcare through the use of HIT, transparency regarding healthcare quality and price and better incentives for program beneficiaries, enrollees and providers in federally administered or sponsored healthcare programs.

According to Ms. Cronin, HHS published a Request for Information in November of 2004 that solicited public input about whether and how a National Health Information Network (NHIN) could be developed. Some themes that emerged from the responses of stakeholders included that a NHIN should be a decentralized architecture built using the Internet linked by uniform communications and a software framework of open standards of policies; that a NHIN should provide sufficient safeguards to protect the privacy of personal health information; and that incentives may be needed to accelerate the adoption of a NHIN. Some key challenges to developing and adopting a NHIN were the need for additional and better refined standards; addressing privacy concerns; paying for the development, operation and access to a NHIN; accurately verifying patient’s identity; and addressing discordant state laws regarding health information exchange.

She also advised that the HHS has funded major initiatives from standards harmonization to State Information Exchange Initiatives. The HHS awarded a contract to the American National Standards Institute to convene the Health IT Standards Panel (“HITSP”). HITSP brings together U.S. standards development organizations and other stakeholders to develop, prototype and evaluate a process to harmonize industry-wide standards development. She indicated that the standards setting process today is fragmented and lacks coordination.

She also discussed contracts that the HHS has awarded, including a contract to the Certification Commission for Health Information Technology to develop criteria and evaluation processes for certifying eHRS and the infrastructure or network components to ensure interoperability.

Ms. Cronin indicated that there has been a significant increase in state level Health Information Exchange (HIE) activity. During the past several years, she indicated that more than 100 HIEs have been established. She advised that a report was recently released that revealed the important role states have in creating an environment for the collaboration, coordination and sharing of critical clinical and administrative data among key stakeholders.

She also indicated that it would probably be worthwhile to explore more about how HHS and the DOL can work together in employer outreach. She indicated that there is interest in trying to reach out to the appropriate people in the DOL to make sure that they collaborate on the transparency initiative.

When asked about the HIPAA”, she indicated that she thinks that most people look at HIPAA as a sort of baseline law that from a security and privacy perspective creates some needed protections. She advised that there is another set of considerations when moving into an electronic world where clinical data will be moving, not just administrative data. She testified that we need to be thinking more broadly about what the needs are and the legal requirements in that new context.

She also indicated that for health plans in particular it can be quite burdensome to advance rapidly and that there is now some consideration going on around what is a reasonable timeline to implement a whole new coding system. This system would be above and beyond any standards implementation that would be necessary for HIPAA.

When asked about selecting providers and quality and performance, she indicated that there are a lot of efforts underway to standardize the development and adoption of quality measures. She indicated there is an effort to figure out how to actually capture data, aggregate that data and analyze that data in a fair and consistent manner, using the right statistical procedures, in a way that can produce reliable evidence-based measures that fairly represent the true performance of providers.

September 29, 2006 and November 7, 2006

Summary of Written Testimony from AHIP

AHIP is a national trade association representing nearly 1,300 member companies that provide health, long-term care, dental, vision, disability and supplemental coverage to more than 200 million Americans, either directly or through administrative services for ERISA covered group health plans. AHIP has been involved in the advancement of the adoption of health IT and supports private and public initiatives to promote an interconnected and interoperable healthcare system. AHIP recommends that the DOL encourage the adoption and use of health IT by group health plans consistent with the direction taken by HHS.

AHIP asserts that HIPAA privacy and security rules, and other state and federal privacy requirements, provide sufficient safeguards for health information that is collected, used or disclosed by group health plan. Hence, the DOL does not need to duplicate current privacy protections or further restrict the ability of group health plans to use HIT for payment and healthcare operations.

AHIP does not believe that ERISA fiduciary responsibility should be extended to a TPA in the context of a group health plan providing HIT information in a personal health record to plan beneficiaries and participants. Such function should be regarded as ministerial and not fiduciary duty under the context of ERISA. It would also result in additional litigation that is counterproductive in the eyes of AHIP. Hence, AHIP recommends that the Advisory Council not add additional requirements on TPAs with respect to the adoption of HIT solutions.

VII. Additional Information Sources

Meeting of August 10, 2006

  1. Agenda
  2. Official Transcript
  3. Statement by Ned McCulloch, IBM
  4. Statement by Alissa Fox, Blue Cross & Blue Shield Association
  5. Statement by Ticia Gerber, eHealth Initiative
  6. Statement by Jonathan Hare, Resilient

Meeting of September 22, 2006

  1. Statement by Mark Decker, St. John Health, on behalf of SHRM
  2. Statement by Melissa Goldstein, Markle Foundation
  3. Statement by Mark Grushkin, Greenberg Taurig
  4. Statement by Carolyn Walton, Wal-Mart Stores
  5. Statement by James Sokol and Eileen Flick, SEGAL
  6. Statement by David Merritt, Center for Health Transformation
  7. Statement by Kelly Cronin, HHS

Additional Submissions

  1. Written submission by America’s Health Insurance Plans (AHIP)
  2. A joint position statement from the American Health Information Management Association (AHIMA) and the American Medical Information Association (AMIA)