[House Hearing, 115 Congress]
[From the U.S. Government Publishing Office]
IMPLEMENTING THE 21ST CENTURY CURES ACT: AN UPDATE FROM THE OFFICE OF
THE NATIONAL COORDINATOR
=======================================================================
HEARING
BEFORE THE
SUBCOMMITTEE ON HEALTH
OF THE
COMMITTEE ON ENERGY AND COMMERCE
HOUSE OF REPRESENTATIVES
ONE HUNDRED FIFTEENTH CONGRESS
SECOND SESSION
__________
DECEMBER 11, 2018
__________
Serial No. 115-173
[GRAPHIC NOT AVAILABLE IN TIFF FORMAT]
Printed for the use of the Committee on Energy and Commerce
energycommerce.house.gov
__________
U.S. GOVERNMENT PUBLISHING OFFICE
36-819 PDF WASHINGTON : 2019
--------------------------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Publishing Office,
http://bookstore.gpo.gov. For more information, contact the GPO Customer Contact Center,
U.S. Government Publishing Office. Phone 202-512-1800, or 866-512-1800 (toll-free).
E-mail, [email protected].
COMMITTEE ON ENERGY AND COMMERCE
GREG WALDEN, Oregon
Chairman
JOE BARTON, Texas FRANK PALLONE, Jr., New Jersey
Vice Chairman Ranking Member
FRED UPTON, Michigan BOBBY L. RUSH, Illinois
JOHN SHIMKUS, Illinois ANNA G. ESHOO, California
MICHAEL C. BURGESS, Texas ELIOT L. ENGEL, New York
MARSHA BLACKBURN, Tennessee GENE GREEN, Texas
STEVE SCALISE, Louisiana DIANA DeGETTE, Colorado
ROBERT E. LATTA, Ohio MICHAEL F. DOYLE, Pennsylvania
CATHY McMORRIS RODGERS, Washington JANICE D. SCHAKOWSKY, Illinois
GREGG HARPER, Mississippi G.K. BUTTERFIELD, North Carolina
LEONARD LANCE, New Jersey DORIS O. MATSUI, California
BRETT GUTHRIE, Kentucky KATHY CASTOR, Florida
PETE OLSON, Texas JOHN P. SARBANES, Maryland
DAVID B. McKINLEY, West Virginia JERRY McNERNEY, California
ADAM KINZINGER, Illinois PETER WELCH, Vermont
H. MORGAN GRIFFITH, Virginia BEN RAY LUJAN, New Mexico
GUS M. BILIRAKIS, Florida PAUL TONKO, New York
BILL JOHNSON, Ohio YVETTE D. CLARKE, New York
BILLY LONG, Missouri DAVID LOEBSACK, Iowa
LARRY BUCSHON, Indiana KURT SCHRADER, Oregon
BILL FLORES, Texas JOSEPH P. KENNEDY, III,
SUSAN W. BROOKS, Indiana Massachusetts
MARKWAYNE MULLIN, Oklahoma TONY CARDENAS, California
RICHARD HUDSON, North Carolina RAUL RUIZ, California
KEVIN CRAMER, North Dakota SCOTT H. PETERS, California
TIM WALBERG, Michigan DEBBIE DINGELL, Michigan
MIMI WALTERS, California
RYAN A. COSTELLO, Pennsylvania
EARL L. ``BUDDY'' CARTER, Georgia
JEFF DUNCAN, South Carolina
______
Subcommittee on Health
MICHAEL C. BURGESS, Texas
Chairman
BRETT GUTHRIE, Kentucky GENE GREEN, Texas
Vice Chairman Ranking Member
JOE BARTON, Texas ELIOT L. ENGEL, New York
FRED UPTON, Michigan JANICE D. SCHAKOWSKY, Illinois
JOHN SHIMKUS, Illinois G.K. BUTTERFIELD, North Carolina
MARSHA BLACKBURN, Tennessee DORIS O. MATSUI, California
ROBERT E. LATTA, Ohio KATHY CASTOR, Florida
CATHY McMORRIS RODGERS, Washington JOHN P. SARBANES, Maryland
LEONARD LANCE, New Jersey BEN RAY LUJAN, New Mexico
H. MORGAN GRIFFITH, Virginia KURT SCHRADER, Oregon
GUS M. BILIRAKIS, Florida JOSEPH P. KENNEDY, III,
BILLY LONG, Missouri Massachusetts
LARRY BUCSHON, Indiana TONY CARDENAS, California
SUSAN W. BROOKS, Indiana ANNA G. ESHOO, California
MARKWAYNE MULLIN, Oklahoma DIANA DeGETTE, Colorado
RICHARD HUDSON, North Carolina FRANK PALLONE, Jr., New Jersey (ex
EARL L. ``BUDDY'' CARTER, Georgia officio)
GREG WALDEN, Oregon (ex officio)
(ii)
C O N T E N T S
----------
Page
Hon. Michael C. Burgess, a Representative in Congress from the
State of Texas, opening statement.............................. 1
Prepared statement........................................... 3
Hon. Gene Green, a Representative in Congress from the State of
Texas, opening statement....................................... 4
Prepared statement........................................... 5
Hon. Marsha Blackburn, a Representative in Congress from the
State of Tennessee, opening statement.......................... 6
Hon. Greg Walden, a Representative in Congress from the State of
Oregon, prepared statement..................................... 41
Hon. Frank Pallone, Jr., a Representative in Congress from the
State of New Jersey, prepared statement........................ 41
Witness
Donald Rucker, M.D., National Coordinator for Health Information
Technology, Department of Health and Human Services............ 7
Prepared statement........................................... 9
Submitted Material
Statement of the College of Healthcare Information Management
Executives, December 11, 2018, submitted by Mr. Burgess........ 43
Letter of December 11, 2018, from Clifford Hudis, Chief Executive
Officer, American Society of Clinical Onocology, to Mr. Burgess
and Mr. Green, submitted by Mr. Burgess........................ 48
IMPLEMENTING THE 21ST CENTURY CURES ACT: AN UPDATE FROM THE OFFICE OF
THE NATIONAL COORDINATOR
----------
TUESDAY, DECEMBER 11, 2018
House of Representatives,
Subcommittee on Health,
Committee on Energy and Commerce,
Washington, DC.
The subcommittee met, pursuant to call, at 10:15 a.m., in
room 2322, Rayburn House Office Building, Hon. Michael Burgess
(chairman of the subcommittee) presiding.
Members present: Representatives Burgess, Guthrie, Upton,
Blackburn, Latta, Griffith, Bilirakis, Long, Bucshon, Brooks,
Mullin, Hudson, Carter, Green, Engel, Matsui, Castor, Kennedy,
Cardenas, Eshoo, and DeGette.
Staff present: Adam Buckalew, Professional Staff Member,
Health; Daniel Butler, Legislative Clerk, Health; Adam Fromm,
Director of Outreach and Coalitions; Caleb Graff, Professional
Staff Member, Health; Ed Kim, Policy Coordinator, Health; J.P.
Paluskiewicz, Professional Staff Member, Health; Brannon Rains,
Staff Assistant; Austin Stonebraker, Press Assistant; Tiffany
Guarascio, Minority Deputy Staff Director and Chief Health
Advisor; Samantha Satchell, Minority Senior Policy Analyst; and
C.J. Young, Minority Press Secretary.
OPENING STATEMENT OF HON. MICHAEL C. BURGESS, A REPRESENTATIVE
IN CONGRESS FROM THE STATE OF TEXAS
Mr. Burgess. The subcommittee on Health will come to order,
and I will recognize myself 5 minutes for the purpose of an
opening statement, and I want to thank everyone for joining us
for this important and long-awaited hearing in 2018.
In 2018 we have held two Cures implementation hearings,
including focusing on biomedical research and innovation at the
National Institute of Health and the Food and Drug
Administration and the hearing on the mental health title.
Today's hearing completes the 21st Century Cures trifecta
covering the last remaining title, Health Information
Technology.
Our society, our economy have become increasingly driven by
technology, and healthcare, of course, is no exception.
Electronic health records, patient data, the move to open
application programming interfaces, and other developments have
brought healthcare into the 21st century. Law lagged behind
such advances which led to various pieces of legislation to
address the aforementioned issues including the HITECH Act in
2009 and 21st Century Cures Act in 2016.
Cures built on top of the foundation laid by the HITECH Act
which passed in 2009 and encouraged adoption and the use of
electronic health records through payment incentives and
penalties. For the record, I opposed that. This law also
established the Office of National Coordinator for Health
Information Technology in statute. Previously it had been via
executive order, but the HITECH Act established that in
statute, signifying the importance of health IT in the future
of healthcare data and delivery.
Some argue that HITECH was well intentioned. Stakeholders
have reported concerns during implementation related to the
interoperability and functionality of this technology. While we
have seen widespread adoption of electronic health records,
there does continue to be significant fragmentation of the
healthcare system, making it difficult to ensure continuity of
evidence-based care for patients. The 21st Century Cures Act
has set us on a path toward achieving this nationwide
interoperable healthcare information system, and the idea is to
put the needs of patients and providers first.
The first health IT provision in Cures was aimed at
assisting doctors and hospitals in improving the quality of
care for patients. One goal of this provision was to reduce the
burden on physicians regarding electronic health records. As
the Office of National Coordinator moves forward, it is of
utmost importance that it take into account the impact of
policies on both patients and physicians.
Section 4003 of the Cures act expedites interoperability
and security among electronic health records through a
voluntary model framework and a common agreement among vendors.
The Office of National Coordinator released a draft of this
trusted exchange framework and common agreement in January of
this year. Today, the National Coordinator for Health
Information Technology, Dr. Don Rucker, will explain the common
principles that will guide health information networks,
recognize coordinating entities and others through the exchange
of data.
The Office of National Coordinator also has sunset the old
Policy and Standards committees, to which I say good riddance
because they were quick to chase any issue to spark their
attention. Instead, a new Interoperability Committee has been
set up with clear guidance from Congress to focus on
interoperability, security, and privacy.
Another theme throughout the health IT title of 21st
Century Cures was patient access to data. While electronic
health records are critically important to physicians, it turns
out they are equally important to patients, and it is important
that patients have access. Cures required the Department of
Health and Human Services in coordination with the Office of
Civil Rights to educate providers about lawful patient health
information sharing. The Get It, Check It, Use It program shows
patients how to access, update, and use their health
information appropriately.
The reason this hearing was delayed was, there is a rule
required by Cures that will cover several items, most notably
the rule regarding information blocking as yet to be released.
I believe it is currently awaiting approval by the Office of
Management and the Budget, so Dr. Rucker will be unable to
address the pending rule.
It is important to note that the Cures legislation defined
and prohibited information blocking while, in fact, levying
civil money penalties on those who engage in information
blocking. The Office of National Coordinator rule will define
what does not constitute information blocking, therefore
outlining what is permissible.
I am extremely disappointed that, 2 years after the passage
of Cures, we still do not have the regulations necessary to
implement these provisions. It is hard to explain to people
that Congress provided the tools necessary for doctors and
patients to better coordinate their care through the sharing of
patient data, but nothing has changed.
I will submit the balance of my statement for the record
and recognize Mr. Green of Texas for his opening statement,
please.
[The prepared statement of Mr. Burgess follows:]
Prepared statement of Hon. Michael C. Burgess
Good morning, everyone, and thank you for joining us for
this important and long-awaited hearing. In 2018, we have held
two Cures implementation hearings, including one focusing on
biomedical research and innovation at the National Institutes
of Health and Food and Drug Administration, and one on the
mental health title. Today's hearing completes the 21st Century
Cures trifecta and covers the last remaining title, health
information technology.
As our society and our economy become increasingly driven
by technology, healthcare is no exception. Electronic health
records, patient data, the move to open application programming
interfaces (APIs), and other developments have brought
healthcare into the 21st Century. Law lagged behind such
advances, which led to various pieces of legislation to address
the aforementioned issues, including the HITECH Act in 2009 and
21st Century Cures in 2016.
Cures built on top of a foundation laid by the HITECH Act,
which passed in 2009 and encouraged adoption and use of
electronic health records through payment incentives and
eventually penalties. This law also established the Office of
the National Coordinator for Health Information Technology in
statute, signaling the importance of health IT in the future of
healthcare data and delivery. While HITECH was well intended,
stakeholders reported concerns during implementation, mainly
related to interoperability and functionality of the
technology.
While we have seen widespread adoption of electronic health
records, our Nation continues to maintain a fragmented
healthcare system, making it difficult to ensure continuity of
evidence-based care for patients. The 21st Century Cures Act
has set us on the path towards achieving a nationwide
interoperable health information system that puts the needs of
patients and providers first.
The first health IT provision in Cures was aimed at
assisting doctors and hospitals in improving the quality of
care for patients. One goal of this provision was to reduce the
burden on physicians regarding electronic health records. As
the Office of the National Coordinator moves forward, it is of
the utmost importance that it take into account the impact of
policies on both patients and physicians. I was pleased to see
that ONC released a draft report on physician burden reduction
in November that includes recommendations to address the issue.
Section 4003 of Cures expedites interoperability and
security among electronic health records through a voluntary
model framework and common agreement among vendors. ONC
released a draft of this ``Trusted Exchange Framework and
Common Agreement,'' known as the TEFCA, in January of 2018.
Today, the National Coordinator for Health Information
Technology, Dr. Don Rucker, will explain the common principles
that will guide Health Information Networks, Recognized
Coordinating Entities, and others through the exchange of data.
The Office of the National Coordinator has also sunset the
old Policy and Standards committees, which I found were well-
intentioned but too quick to chase any issue that sparked
attention, and stood up the new Interoperability Committee that
has clear guidance from Congress to focus on interoperability,
security, and privacy.
Another theme throughout the health IT title of 21st
Century Cures was patient access to data. While electronic
health records are critically important to physicians, it is
equally important that patients have access to their own data.
Cures required the Department of Health and Human Services, in
coordination with the Office of Civil Rights, to educate
providers about lawful patient health information sharing. The
``Get It. Check It. Use It.'' Program shows patients how to
access, update, and use their health information appropriately.
The reason we delayed holding this hearing is that the rule
required by Cures that will cover several items, most notably,
information blocking has yet to be released. It is currently
awaiting approval by the Office of Management and Budget. While
Dr. Rucker will be unable to address the pending rule, it is
important to note that the Cures legislation defined and
prohibited information blocking, while levying civil monetary
penalties for those who engage in information blocking.
The ONC rule will define what does not constitute
information blocking; therefore outlining what is permissible
activity. I am extremely disappointed that 2 years after the
passage of Cures we still do not have the regulations necessary
to implement these provisions. It is hard to explain to people
that Congress provided the tools necessary for doctors and
patients to better coordinate their care through the sharing of
patient data, and nothing has changed.
While I am disappointed that we still do not have the
proposed rule, I am glad that we have proceeded with this
hearing. Health information technology opens the door to many
possibilities, but we will continue to face challenges moving
forward as Congress works with the Office of the National
Coordinator to navigate the landscape and having an ongoing
dialogue like this is very important. I would like to thank our
witness, Dr. Rucker, for testifying this morning, and I look
forward to the exciting updates you have to provide us.
OPENING STATEMENT OF HON. GENE GREEN, A REPRESENTATIVE IN
CONGRESS FROM THE STATE OF TEXAS
Mr. Green. Thank you, Mr. Chairman, and I would like to
thank you for calling this hearing and the continuation of the
oversight over the Cures Act, which along with the Affordable
Care Act and Cures, is probably the two major pieces of
legislation in my 26 years in Washington. And I would like to
thank Dr. Rucker for testifying today on the Office of National
Coordinator's work to implement the 21st Century Cures Act.
In little over a decade, the Office of the National
Coordinator has helped to drive the rapid adoption of
electronic health records, EHR, in doctors' offices and
hospitals across the country. Today, nearly all hospitals and
three-quarters of the office-based physicians use some form of
certified EHR technology. This uptake has allowed for improved
communication in patient care, but we still have a long way to
go in ensuring neuro that EHRs are as useful as possible to
providers as well as easily accessible and understandable to
consumers.
The Cures Act aimed to build on the progress of the HITECH
Act of 2009, but by focusing on improving interoperability,
patient access to their health records, and reducing provider
burden. For example, the Cures Act tasked ONC with--tasked with
providing examples of what does not constitute information
blocking. This information is a critical part of the law's
implementation and will inform the Office of the Inspector
General's enforcement regarding information blocking. I look
forward to this proposed rules release.
The Cures Act also called for the development of Trusted
Exchange Framework and Common Agreement, TEFCA. This framework
outlines the minimum terms and conditions providers should meet
in order to securely and appropriately exchange information
with each other. Setting clear parameters around exchanging
information is necessary for widespread interoperability. I am
pleased to hear that ONC is undergoing a rigorous public
comment process before finalizing this provision.
In addition to improving interoperability, we need to
increase consumer education so folks understand that they have
a right under HIPAA to obtain access to their records and to
decide who their records should be shared with. I am glad that
ONC has partnered with the Office of Civil Rights to release
new information for consumers on HIPAA's patient right to
access. Increased interoperability and better HITECH in general
has the potential to improve every American's healthcare
experience, so I hope that ONC will continue its implementation
of the law in a timely manner.
And I would like to yield the balance of my time to
Congresswoman DeGette.
[The prepared statement of Mr. Green follows:]
Prepared statement of Hon. Gene Green
Good morning, I'd like to thank Dr. Rucker for testifying
today on the Office of the National Coordinator's work to
implement the 21st Century Cures Act.
In a little over a decade the Office of the National
Coordinator (ONC) has helped to drive the rapid adoption of
electronic health records (EHRs) in doctor's offices and
hospitals across America. Today nearly all hospitals and three
quarters of office-based physicians use some form of certified
EHR technology. This uptake has allowed for improved
communication and patient care.
But we still have a long way to go in ensuring that EHRs
are as useful as possible to providers as well as easily
accessible and understandable to consumers. The Cures Act aimed
to build on the progress of the HITECH Act of 2009 by focusing
on improving interoperability and patient access to their
health records and reducing provider burden.
For example, the Cures Act tasked ONC with providing
examples of what does not constitute information blocking. This
information is a critical piece of the law's implementation and
will inform the Office of the Inspector General's enforcement
regarding information blocking. I look forward to this proposed
rule release.
The Cures Act also called for the development of a Trusted
Exchange Framework and Common Agreement (TEFCA). This framework
outlines the minimum terms and conditions providers should meet
in order to securely and appropriately exchange information
with each other. Setting clear parameters around exchanging
information is necessary for widespread interoperability. I'm
pleased to hear ONC is undergoing a rigorous public comment
process before finalizing this provision.
In addition to improving interoperability we need to
increase consumer education so that folks understand they have
a right under HIPAA to obtain access to their records and to
decide who their records should be shared with. I'm glad that
ONC has partnered with the Office for Civil Rights to release
new information for consumers on HIPAA's patient right to
access.
Increased interoperability and better health IT in general
has the potential to improve every American's healthcare
experience, so I hope that ONC will continue its implementation
of the law in a timely manner. Thank you.
Ms. DeGette. Thank you. Thank you so much to the ranking
member for yielding. And I want to take a moment of personal
privilege to thank Mr. Green for all of his years of service on
this committee and the Congress. Mr. Green has been a stalwart
leader on healthcare policy, not just on Cures, not just on the
ACA, but on the many, many pieces of legislation, and Mr.
Green, I am going to tell you something: You are going to be
missed by every single member of this subcommittee.
The 21st Century Cures Act, as we heard, was signed into
law 2 years ago this week, and it really was a remarkable
bipartisan achievement for the committee. I want to thank you,
Mr. Chairman, for holding this hearing of oversight, and I hope
we will continue to have the same level of robust oversight to
make sure all of the many provisions are implemented.
We took extraordinary steps in that bill in accelerating
the approval of breakthrough therapies and lowering the cost of
bringing these drugs to market through strengthening the
PRECISION MEDICINE initiative. We also increased the health
system's ability to interact through health IT interoperability
measures, and we made a $4.8 billion investment in the NIH
intended to jump-start research into new treatments for
diseases like cancer and Alzheimer's. We also modernized the
clinical trial process, increased the government's ability to
recruit top scientists, and broke down agency and interagency
research silos to accelerate and advance coordination among the
sciences.
I know that Mr. Upton and I and every single member of this
subcommittee are very impressed with the progress that this
bill has achieved, but we know there is much more to be done,
and that is why, Dr. Rucker, I am glad that you are with us
here today to sort of complete this trifecta of hearings on
health IT. I would like to hear from you about what is working
and what we can do to improve.
And again, Mr. Chairman, I thank you for working with us
and especially Mr. Green for all his years of service, and I
yield back.
Mr. Burgess. The Chair thanks the gentlelady. The gentleman
yields back.
Mr. Green. I yield back, Mr. Chairman.
Mr. Burgess. I am not seeing the chairman of the full
committee here, be prepared to yield to the gentlelady from
Tennessee, the Senator-designate from that State, because I
know this is an important issue in Nashville, in your part of
the world.
OPENING STATEMENT OF HON. MARSHA BLACKBURN, A REPRESENTATIVE IN
CONGRESS FROM THE STATE OF TENNESSEE
Mrs. Blackburn. Thank you so much, Mr. Chairman, and thank
you for the good work that you have done in leading this
committee over the past couple of years. We appreciate that,
and we are thrilled with 21st Century Cures being signed into
law.
And as the chairman said, middle Tennessee, which is home
for me, is home to over 400 healthcare companies. And while
many people rightfully think of Nashville as Music City
U.S.A.--and, indeed, it is--it is also the center of much of
the healthcare management and healthcare delivery in this
Nation.
And you see these 400 healthcare companies that are located
there, working not only in hospital management but in insurance
products, home health, hospice, you name it, every single
sector of the healthcare industry. You also have some non-
profits that are working on how you deliver better patient
care. One of those is the Center for Medical Interoperability
which is located right in Nashville and is looking at that
intersection of healthcare technology, healthcare informatics,
predictive diagnoses. And we were so pleased with the Software
Act provisions which Mr. Green and I authored being included in
21st Century Cures and then the follow on implementation of
this through the FDA and the implementation that you at ONC are
overseeing.
So we are watching that very closely because we know of the
impact that that has on care coordination, that it has on post
acute care, that it has on managing and following chronic
conditions, and that it also has on home health. And we know
that this impact is going to be felt, so we thank you, Dr.
Rucker, for being here to give us an update.
Mr. Chairman, I thank you for the leadership that you have
provided, and at this time I would yield to any other member of
the subcommittee seeking time.
No one seeking time?
I yield back, Mr. Chairman. Thank you.
Mr. Burgess. The Chair thanks the gentlelady. The
gentlelady yields back. Not seeing the ranking member of the
full committee here, is there anyone on the minority side who
wishes to claim the time?
If not, that will conclude Member opening statements.
The Chair would like to remind Members that, pursuant to
committee rules, all Members' opening statements will be made
part of the record.
We certainly want to thank our witness for being here
today, taking time to testify before the subcommittee. Our
witness will have the opportunity to give an opening statement
followed by questions from Members, and today we are going to
hear from Dr. Donald Rucker, the National Coordinator for
Health Information Technology for the United States Department
of Health and Human Services.
Dr. Rucker, we appreciate you being here with us. It has
been a long time coming, and you are now recognized for 5
minutes to summarize your opening statement, please.
STATEMENT OF DONALD RUCKER, M.D., NATIONAL COORDINATOR FOR
HEALTH INFORMATION TECHNOLOGY, DEPARTMENT OF HEALTH AND HUMAN
SERVICES
Dr. Rucker. Chairman Burgess, Ranking Member Green,
distinguished members of the subcommittee, thank you for the
opportunity to testify.
Since its start in 2004, ONC has worked to improve the
quality, safety, and efficiency of healthcare. While hospitals
and physicians have made great progress adopting electronic
medical records, additional work is needed to increase the
value of these records.
Clinicians often spend hours a day at the computer. The
Cures Act asks HHS to address clinician burden related to
electronic records. In November, ONC and CMS released a draft
strategy to reduce administrative burdens. We have worked with
CMS to address burnout, changing documentation requirements,
and simplifying reporting.
The Cures Act directs the secretary to adopt policies to
increase the trusted exchange of electronic health information.
ONC has developed a proposed rule to support this exchange of
clinical data. As requested, the rule will implement the Cures
Act prohibition of information blocking by defining allowable
exceptions. We want patients to get their medical records on
their smartphones. We want consumers to get--to shop for care
on their smartphones.
To do this, the Cures Act calls for EHR developers to
publish application programming interfaces, APIs, that permit
secure access without special effort. We expect an app
marketplace will evolve with products for both illness and
health. Recently Apple introduced their health record app using
the RESTful JSON and fire technical interface standards. Now
over 100 health systems provide patients their data here. ONC
has been instrumental in advancing the healthcare part of these
standards.
Some of our stakeholders have shared security concerns with
the requirement to publish APIs. We take cybersecurity threats
seriously. It is important to note that in general, APIs are
not usually where security vulnerabilities
reside. The OAuth standard used to authorize exchange
through open APIs, and these are secure open APIs, provides
robust security. Security breaches often reflect password
issues or servers with unpatched operating systems.
Secretary Azar has identified value-based care as a
priority. The ability to analyze health outcomes for an entire
group of patients rather than just one individual patient is
essential to identifying providers with the best value. Today
payers and employers have little information on provider
performance. Often, payers are forced to negotiate contracts
with hospital systems based on network consolidation rather
than value. ONC is working with the HL7 standards group and
ensures to build APIs that truly measure care. ONC is also
working to increase connectivity among health information
networks.
There are about 100 regional national networks which
exchange health information. While these organizations have
made significant progress, connectivity across networks has
been limited due to variations in technical and data use
agreements. The Cures Act directs ONC to, quote, ``develop or
support a trusted exchange framework including a common
agreement among health information networks nationally,'' end
quote.
In January ONC released the first draft of the Trusted
Exchange Framework. We will release an updated draft for
further public comment. The Trust Exchange Framework can also
support community information exchange. There is limited
interoperability for patients with mental health or addiction
illnesses. These patients move between emergency rooms,
shelters, group homes, and treatment centers with little
awareness of how often and how ineffectively these expensive
services are being used. Regional health information exchanges
are ideally positioned to link these patients and services.
In summary, ONC has made great progress implementing the
provisions of the 21st Century Cures Act. We believe the
proposed rule for open, secure APIs with the Trusted Exchange
Framework allow patients to get their medical care on their
smartphone and to control the care they receive. We will
continue to keep Congress informed.
Mr. Chairman, Ranking Member, members of the subcommittee,
thank you for the opportunity to testify. I look forward to
questions.
[The prepared statement of Dr. Rucker follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
Mr. Burgess. Well, thank you, Dr. Rucker, for your
testimony, and we will move to the question portion of the
hearing. And I would like to yield my time first to the
gentlelady from Tennessee again for her questions.
Mrs. Blackburn. Thank you, Mr. Chairman, and I do thank you
and your team for the work that you all are doing. And you
know, in this town where they say there is no bipartisanship, I
think that we would all say 21st Century Cures and working
together, getting that across the finish line so President
Obama could sign it, was one of the stellar accomplishments of
our work here.
You touched on privacy, and that is what I want to discuss
with you because so many of the mHealth apps contain the most
sensitive of information about us. And every day, as I am out
working in my community or going to the grocery store or going
to church, or you know, even a basketball game with my
grandsons, somebody who is working in health technology will
tell me about something that they are working on that is going
to improve patient care in some way, shape, or form.
But we have had the Browser Act which would require
individuals to opt in, to share their sensitive information,
and then they would have the option of opting out for non-
sensitive information. So as you look at the utilization of the
mHealth apps and the plethora of these that are now in the
marketplace on both the non-sensitive and the sensitive
information, talk to me a little bit about how you see HIPAA
evolving, how you see privacy policy evolving as it affects our
healthcare data.
Dr. Rucker. All right. So----
Mrs. Blackburn. I know it is a lot to unpack in that.
Dr. Rucker. Yes, yes, yes. Obviously, I think first and
foremost, we have to protect privacy, right, so we have to
think about, you know, what the software approaches are that
protect privacy, and there are folks who do a very good job at
that. If you look at, for example, the banking industry, the
brokerage firm, there are some people who really have nailed
the privacy stack.
Right now, if you look at the mHealth world right now, I
think there is actually a fairly stark divide between the apps
that have access to clinical information and then the apps that
don't, right. So you know, classically, the FitBit type of app.
I think part of--in my understanding of Cures, part of it is to
actually allow some merger of these things so that patients
clinical information can ensure their broader health choices
and not have this divide.
As soon as we get to clinical information, we have to work
with HIPAA. HIPAA, I think, is a very powerful, very
straightforward rule that I think sets a very nice bound on
privacy. There is absolutely nothing in ONC's activities that
requires changing HIPAA, and so we follow HIPAA. We think it is
actually a very solid rule to protect privacy. So there is a
combination of technology on the security side.
Clearly, the tools to really fully inform patients and to
really get rich consent, I think some of this is honestly still
a work in progress. I mean, we can look at specific things, but
I don't think we have fully solved the full communication of
how patients share information. That may be broadly true, you
know, throughout the app economy. We believe what we are doing
in the world will empower patients with fairly precise ability
to control their information.
Mrs. Blackburn. Thank you. I yield back.
Mr. Burgess. The gentlelady yields back. The Chair thanks
the gentlelady.
The Chair now recognizes the gentleman from Texas. Mr.
Green, 5 minutes for your questions, please.
Mr. Green. Thank you, Mr. Chairman.
Again, Dr. Rucker, thank you for being here. In the 21st
Century Cures, we made a number of changes from the HITECH Act
to address clinician burden and encourage communication between
providers. What progress has been made to date with these
changes to the 21st Century Cures Act?
Dr. Rucker. Yes. There are a number of things, Congressman,
that have happened already. So one of the provisions in 4001 is
to actually start by identifying what those burdens are. So we
have released recently a draft report out for public comment on
a 70-page report listing what we think the main burdens are on
physicians and other providers.
These burdens come in a couple different areas, you know. I
think the top level, documentation, some of the things around
quality reporting, some of the things around just overall
usability which, in and of itself, is a very complicated issue.
Things like prior authorization come into that. In terms of
what has been done, pleased to say working--and this report was
done jointly with CMS.
So working with CMS, we have had the first reconsideration
of documentation requirements since the 1995 CPT things, trying
to reduce reentry of data on, you know, parts of the history
that aren't changing, so reducing reentry of data and
flattening some of the economic incentives in the CPT coding
system to do all of the boilerplate text that infiltrates all
of the notes in America when you actually--and I have been a
clinician for 30 years. I actually have to find out something
about a patient and wade through this template, generate a
text. There is more to be done there, but I think literally,
the first effort at fixing this since 1995.
CMS, and we have been part of that, has also simplified a
number of the requirements around what was formerly meaningful
use, clearing up things there and focusing on promoting
interoperability to have a much more constrained set of
reporting requirements. So those are some of the things that we
have done directly out of the Cures Act.
Mr. Green. Information blocking is a topic ONC's been
examining since even before we passed the Cures Act. In fact,
in April of 2015, ONC released a report on information blocking
in the healthcare sector. In this report, ONC describes
information blocking as when persons or entities knowingly and
unreasonably interfere with the exchange or use of electronic
health information. That definition alone without additional
context creates a great deal of uncertainty about the specific
practices that are considered information blocking.
That is why Congress asked the ONC to draft a proposed rule
providing more detail on what may or may not constitute
information blocking. Unfortunately, this rule has still not
been released, and I know your ability to discuss the content
of the rule is limited. But Dr. Rucker, can you share with us
some of the research and analysis that went into the
development of the rule.
Dr. Rucker. Yes. So what information to share is obviously
one of the most complicated issues when you think about the
vast amount of clinical information that floats in the care of
a sick patient. In the care of, you know, all patients, there
is just--we are looking at things like images. We are looking
at lab tests. We are looking at notes. We are looking at
consults. I mean, that is just scratching the surface, you
know. Dozens and dozens and dozens of types of information, you
know.
Now we are looking at some of the prescription--you know,
opiate descriptions, so lots and lots of information. It is a
large world in terms of who potentially has information, who
could share it.
So our analysis has been focused, A, to understand the
breadth of that from a legal--right, from a rule-making
perspective to make sure we get try to the first time as
opposed to sort of putting to stuff out that is a little bit--
you know, that needs a lot more further work.
The areas that I think you can anticipate, you know, that
have come up in this research are things like, first of all,
just being in harmony with existing State laws, right. There
are a lot of privacy laws, and so we have to think about that.
We have to think about security issues. We were just asked a
question about privacy and security. We have to think about
cases where patients have deep mental illness where there may
be some information issues.
Frankly, we have to think about what can be charged, you
know. We, you know, have heard where either the information is
blocked simply by charges to share that information that appear
not to be related to any observable software development cost.
So those, Congressman, are the types of considerations that
we have to consider in putting out the exceptions that we are
asked to put out the exceptions as you have pointed out.
Mr. Green. Thank you, Mr. Chairman. I have some other
questions I will submit. I know I ran out of time.
Mr. Burgess. The gentlemen yields back. The Chair thanks
the gentleman.
The Chair recognizes the gentleman from Kentucky, vice
chairman of the subcommittee, Mr. Guthrie, 5 minutes for
questions.
Mr. Guthrie. Thank you very much, and I do want to echo, I
am going to miss Mr. Green. He has been a good person to work
with as vice chairman of this committee, and I am going to miss
you and the chairmanship for, I guess, a lot of reasons, but
you have done a great, great job, Mr. Chairman. We really
appreciate your work as well.
I have similar concerns that my friend, the future Senator
from--the next Senator from Tennessee, I guess I should say
now, she is not future, she is the next--about privacy. One of
the things that I am working with my friend, Ms. Matsui from
California, we have worked to reintroduce a bill related to
developing Federal policy on blockchain technology, just trying
to figure that out. So if you look at hardware and software,
regulatory reform, and completely new technologies like
blockchain, just so much is changing is what I am getting at.
Where do you see the future of healthcare information going,
and what can we do to best protect Americans' most sensitive
information?
Dr. Rucker. I think when you look at the protection of
information, I think there are actually three areas to unpack
here from, if you will, a somewhat technical point of view.
One is the authentication, so when you log on, are you
actually the person you say you are as opposed to somebody in--
you know, some rogue agent. So that is authentication.
The second is authorization, right. Now that you have
logged on, are you allowed to actually get this information
from the point of view of the provider.
And third is from the point of the view of the patient
consent, right, and so these all actually have--especially
authentication, have some very, very interesting technologies
out there.
I believe that the advance in technology is going to make
some of these things materially easier in healthcare. Let me
give you an example. It turns out today that pretty much you
can authenticate anybody from their ownership of their cell
phone, right. And even if some rogue agent gets your cell phone
account number and tries to switch it out, there is so much
information in just how you have configured your apps, where
you use the cell phone, how you use it, how you, you know,
swipe on it, that there are a number of companies out there
that can authenticate to a very high degree. I am told a lot of
the financial services industry uses that, so I think the
broader technologies on security are getting much better.
One of the things that we are very focused on at ONC is
making sure for the critical security privacy things that we
don't cook up healthcare-specific things that, you know, will
then make healthcare more vulnerable because they are more
outdated, they haven't kept up with the most modern technology.
So as you hear us talk over time, we are very conscious to try
to have the best security tools that are out there and not
inadvertently do any type of policies that prevent that from
happening. Hopefully that gives you a bit of a flavor of how we
unpack that.
Mr.Guthrie. Thanks. Thank you. And also, in your testimony
you mentioned that payers and providers who negotiate contracts
based on quality, and I couldn't agree more. Can you please
explain ONC's role in collaborating with payers and providers
on developing standards? The question is how do you determine
the quality? That is where we----
Dr. Rucker. Yes. And so this was a bit of a surprise to me
which, from just my clinical experience as an ER doc, right now
when you talk with a lot of the large payers, they actually
have--they get the claims data very rapidly, right, so that is
all electronic and pretty much instantaneous. It is actually
very hard for them to get clinical data.
So typically, if they want to get clinical data, they can
either in the network contracts negotiate that there are, you
know, queries, so database downloads, very narrowly defined,
predefined, or they can go out and download the entire record
at a cost, I am told by some of the largest payers in the U.S.
of between $4 and $6 per chart, right.
So at $4 to $6 per chart, you can't actually be downloading
everybody's, you know, record. That is prohibitive from a cost
point of view.
In working with some of the research folks we have worked
with and the payers, pretty much simultaneously, it turns out
that the new FHIR standards that we are implementing, that the
whole healthcare ecosystem is very excited about and is
implementing can be extended to get a population of patients,
get that data.
This is critical for things like the learning health
system. It is critical if we are going to have payers figure
out what they are getting from providers. So it is really
having the ability to use all the big data things we are
talking about from a computational point of view is what that
is about. We work very tightly with them. We have a whole
standards group that works on that. Steve Posnick who is it
right here leads all of that work, I am pleased to say.
Mr. Guthrie. OK. Thank you. I appreciate your answers, and
my time's expired, and I yield back.
Mr. Burgess. The gentleman yields back. The Chair thanks
the gentleman. The Chair recognizes the gentlelady from
California, Ms. Matsui, for 5 minutes of questions, please.
Ms. Matsui. Thank you, Mr. Chairman, and thank you, Dr.
Rucker, for being here. This is a hearing that I have been
looking forward to. Several of us are working on the telehealth
working group, and we really believe that this attention has to
be paid on particularly in telehealth because we know not only
is information sharing important but also the security aspects
of it, and we also know that we want the patient to be able to
access a lot of this information and the providers.
You know, the healthcare providers face an onslaught of
cybersecurity threats. I think a June 2017 healthcare
cybersecurity task force report went so far to identify
healthcare's cybersecurity as a key public health concern that
needs immediate and aggressive attention. Now, with that in
mind, I am really concerned that as data moves more freely and
becomes interoperable which we want, there may be more
opportunity for bad actors to compromise this data. While open
APIs may be common to a tech space, standards aren't in place
for healthcare.
And I am particularly interested in this because
healthcare--the information provided in healthcare is very,
very personal to an individual, and in particular, as we also
talk about mental health too because there is still a stigma
attached to some of that information.
So Dr. Rucker, what is ONC doing to enhance the
cybersecurity readiness of healthcare providers as we encourage
more data to be shared across the healthcare ecosystem?
Dr. Rucker. Yes. So, I think there are a couple of things.
I think, first of all, as a background, we are very mindful.
The biggest cybersecurity risk generally is just system
complexity, right. When you just look at it, it is the built
footprint. It is the number of passwords. That is the biggest
risk. So we are, A, just mindful. Are we, you know, increasing
system complexity, you know, in quirky kind of ways.
The open API, honestly, in some ways is a bit misnamed. It
should really be a very secure API. It is like--you know, it is
the difference between a door that is open and a door on a bank
vault, but there is a lot of protection on that. We are really
talking more the door on the bank vault. The term, the O of 2
standard. So there is a very tight sort of three-way standard
that authenticates patients to make sure that it is them and
that they are getting the data and that it is being transmitted
securely. So those are the policies that we encourage in our
rulemaking. You will see those high technology standards to
actually provide all of that security on access and transport.
So that is--I mean, that is the technical answer. I think
the broader answer is we just have to be very mindful of this.
The mental health issues are huge, all of these issues, and of
course, it is forever, right, when something gets out. It
doesn't--there is no way to retract it, right.
Ms. Matsui. Right.
Dr. Rucker. It is literally forever. I think there will be
over time an evolution of how patients think about their data.
There is clearly an education task on what apps patients would
allow to access their data that I think is out there. So there
are a bunch of components. Again, there may be some interesting
new technologies to allow that.
Ms. Matsui. OK. Then what is ONC doing to ensure that
consumers understand their rights? Specifically, when a
person's data is transferred from a health system to an app of
their choosing using an API that the data is no longer
protected by HIPAA. I know HIPAA came up before, but----
Dr. Rucker. Yes.
Ms. Matsui. It is really sort of the standard that we have,
and we have had discussion before, particularly in the mental
health arena.
Dr. Rucker. Uh-huh.
Ms. Matsui. And it becomes a little bit more complicated
because individuals themselves may not be able themselves to
understand what this really means. So I am curious because
there are many, many layers to some of these API's that even if
people give some consent, they really don't understand.
Dr. Rucker. Yes. Well, this is evolving, but in the initial
go-around, we are trying to make it a very conscious process
where patients actually have to get authenticated by going back
to the portal, right. The challenge here, the first challenge
is how do you authenticate. So we are making it a very
conscious process. This is not one of these things where you
just sort of click, you know. We have all clicked through
consents, right.
Ms. Matsui. Right.
Dr. Rucker. There is nobody here who hasn't clicked through
who knows how many consents with GPR and all of that, you know.
It is every day, right, you know, click through consents. We
are making this a very conscious process so people understand.
Actually, the authentication--let's say there is an app that
they want to use. They have to go back to the provider and
authenticate to get that transfer, so it is really a three-way
party thing. So we think it is a very conscious thing as a
start, so nobody's just accidentally clicking through the way
we do on much of the rest of our lives.
Ms. Matsui. OK.
Dr. Rucker. I think that is a big part of it to start. And
then, you know, we are working with our community on what--you
know, what that information is. We have done various things
with the Office of Civil Rights, with SAMHSA in terms of mental
health to sort of propagate an understanding on that.
Ms. Matsui. So you are basically saying it is a work in
progress as of this moment right now.
Dr. Rucker. Part--I would say the long-term public use of
their datas is definitely----
Ms. Matsui. Right.
Dr. Rucker [continuing]. To be determined. We are putting
it out. The rules we are putting out are to allow it securely,
but, you know, how that--you know, what the public take on that
is, you know, it is----
Ms. Matsui. Right. Well, I see I have gone way over, so
thank you very much. I yield back.
Dr. Rucker. Thank you.
Mr. Burgess. The gentlelady yields back. The Chair thanks
the gentlelady.
Before I recognize the gentleman from Ohio, I do want to
point out that it was a visit to the gentleman's district 5 or
6 years ago when I spoke to your medical staff section when
many of these problems with interoperability were really
brought home to me in a way that had not previously been
disclosed, and the intensity of that the exchange that morning
is one of the things that I have carried with me over these
years which actually has led up to the language in the Cures
bill, the previous interoperability bill that I had done.
And now I am pleased to recognize the gentleman from Ohio.
Five minutes for questions, please.
Mr. Latta. Well, thank you very much, Mr. Chairman, and I
want to thank you not only for coming out that time, but you
have come out to the district twice to speak with folks in the
healthcare community. And it is by having that personal touch,
you might say, is where you get this what is going on with the
professionals out there and the other individuals in the
healthcare industry are facing, so I appreciate that.
If I could also take a quick point of personal privilege to
thank the Ranking Member, the gentleman from Texas, for all
your years here on--service on the committee and also on all
the different pieces of legislation that we have worked on
together. I just want to thank you very much for your tenure
and best wishes in the future. So thank you very much.
Mr. Burgess. The gentleman yields.
Mr. Green. I appreciate the working relationship. My most
fun was when we worked across the aisle, both our leaderships
worried about it, so thank you.
Mr. Latta. But it always turned out.
But thank you very much, Dr. Rucker, for being with us
today, and you know, you have been hearing quite a bit of the
questioning, especially when we were talking about
cybersecurity because, in fact, the majority staff just put
this out last week which is our cybersecurity strategy report
that came out on December 7. And we have done a lot of work on
this committee on cybersecurity, but I would like to go back
just--if I could, just because there have been a lot of
questions on the cyber side.
You were talking about some of the problems that you looked
at with cybersecurity in health is because the subcommittee I
chair on digital commerce, we had a hearing that involved a lot
of people that had been breached, and it was because the
question about something hadn't been patched.
But you talked about something, you just mentioned about
somebody having been unpatched but by some providers. How do
you look in the future that, you know, you through your group
with ONC and HHS can make sure that these things get patched
because that is one of the problems we have out there, you
know. Can there be a cure real quick, but if this isn't done,
isn't followed, then we have a massive breach out there.
So how do you--you know, because it is, you know, you talk
about the voluntary, or you could be talking about maybe more
of a forced approach, but how you are going to encourage these
things to be patched.
Dr. Rucker. I think, you know, part of it is just I think
people have more and more awareness of this. I think--you know,
so I think there is that out there. There is actually a--you
know, we have specific provisions on the Medicare side and
payments with promoting interoperability that folks have to do
a security assessment.
So we are actually asking providers or requiring--you know,
asking is, I think, a nominal term when there are Federal
incentives and disincentives involved. But we are actually in
that program asking providers to do a security analysis, just
to sort of a self-awareness to be aware of these things.
I think there is an evolution that more and more of those
things are moving into the cloud and to distributed computing
where you don't have to maintain all of that on your own--you
know, on your own just IT shops.
So I think security is a large part. I mean, there are
other cost drivers. I think security is a large part of what's
driving that. I think there are also increasing encryption
technologies so that, if you do actually get at some of this
information, that it is less damaging.
So I think there is a conjunction of trends that are coming
together, but there is clearly--and the vendors, of course, do
a huge amount of work here, right, in putting this out for
their customers. So it is that combination of things. It is not
perfect by, you know, any means.
Mr. Latta. Well, do you see the ONC, then--just to follow
up real quick on that. Do you see that the ONC would be--if
there is some kind of a breach out there or there is something
out there that can be patched that you would be putting
information out there to say that look, you have got to really
get out there to make sure that this is being taken care of
because, you know, this is an imminent threat with all these
records out there.
Because again, a lot of folks out there are very, very
concerned, of course, that what happens to those records once--
you know, as the practitioners are putting it in the computer,
all of a sudden it is out there then.
Dr. Rucker. Yes. Actually, a lot of that happens at the
level of HHS, right. So, HHS has a cybersecurity process, a
strategic operations center that is geared to do that. We are
starting to work with a number of countries globally with their
governments, their healthcare, you know, ministries and the
folks there on information technology to think about how we get
even more global rapid notification of these threats.
So those are some of the things out there. But right now
that is largely the initial response, right, because these
things sometimes have to be, you know, pretty much
instantaneous. It is coming through the cybersecurity work at
HHS and the command center there just because of the scope. ONC
has--you know, obviously we are not--we don't have a big
operational footprint as a small staff agency to do that, so we
rely on that broader set of HHS tools.
Mr. Latta. Thank you. Mr. Chairman, my time has expired,
and I yield back.
Mr. Burgess. The Chair thanks the gentleman. The gentleman
yields back.
The Chair now recognizes the gentlelady from Colorado, Ms.
DeGette. Five minutes for questions, please.
Ms. DeGette. Thank you, Mr. Chairman.
Dr. Rucker, when Mr. Upton and I worked on the 21st Century
Cures Act along with this whole committee, one of our concerns
was really improving interoperability of health data systems
because all these wonderful advances that we achieve won't be
very useful unless we do that. And we also felt at the time
that one of the least fleshed-out areas of the bill, shall I
say, was the interoperability and some of the health data. And
we had hoped that we would be able to, frankly, be farther
along now than we are in these areas.
So I kind of want--I know you've been answering a lot of
really specific questions that Members have, but I would like
it if you can take it back out a little bit and talk for a
moment about what the biggest impediments in general to greater
interoperability are at the moment and maybe talk a little bit
as we move into the 116th Congress about what Congress could
do, if anything, to help ONC further the goals set out by Cures
because again, I think that my colleagues on both sides of the
aisle will agree. Even though the leadership is changing, we
still have a strong commitment to implementing this fully.
Dr. Rucker. Yes. So, obviously, I wish I could tell you
that the rule had been passed through clearance and so we could
talk about the exact specifics of that rather than talking
about it with a certain amount of generality, but there are
some fairly specific things I can talk about that are part of--
they are part of interoperability.
Why there is not interoperability is a very complex,
multilayered thing, and it, frankly, starts with the raw
complexity of human biology, right. Unlike a financial
transaction where there is, you know, a dollar sum and a
destination and maybe a few other pieces of data to describe
that, the human biology, just think about the thousands of lab
tests, all the different modalities of imaging, all the
different narrative. It is immensely complicated, and most of
that is not standardized. It is not really structured data, so
there is an innate complexity there.
Then you get into the business things. Then you get into
just the technology. It is worth noting, and I am dating myself
here, but the first couple years I was involved in building the
first Windows EMR, right. So, you know, advice to anybody,
don't build a software product with Windows 2.1. It will crash
during your demo for sure.
But even, you know, years later, with Windows 95 was the
first time there was even a TCP/IP internet stack that you
could even communicate. Before that--and you all are too young,
but for anybody who's, you know, listening, on the internet, we
had to do those, like, RS232 ports and serial wires, right. You
know, there was no Bluetooth. There was no WiFi. So I am
intimately familiar with that.
I look at these things, I think, in a good and ready
framework to take it to the top level.
In Cures there are two powerful components. One is the API
which means how do you connect to individual providers'
records, right. So what is that end point where you connect to
the record.
The other is the Trust Exchange Framework. What is the
sharing network? Some cases make a lot more sense connecting to
the record. Other cases make a lot more sense sharing. There
may be hybrid approaches. So, for example, Apple has a hybrid
approach. So what Apple does is they have single point
connections, and they--well, let me be clear. They broker,
actually, a connection between the patient and the provider
providing security. Apple does not get that data.
Ms. DeGette. So I hate to interrupt you, Dr. Rucker,
because what you just described right here in 4 minutes of my 5
minutes of time is exactly what Mr. Upton and I identified, why
it was impossible for us to be much more robust.
What can Congress do going forward to not just identify the
problem that you so much better than I can articulate it, but
what can we do? Are there legislative barriers to trying to
overcome these burdens and to move forward?
Dr. Rucker. I feel pretty confident that what has already
been passed, when we have the rollout will be, I think, very
effective increasing interoperability.
Ms. DeGette. All right. OK. Great. Thank you. I love
hearing that.
One last thing. When can we expect the regulation to be
released?
Dr. Rucker. I do not have a specific date for you.
Ms. DeGette. Well, that is OK. Like, a timeframe is good.
Dr. Rucker. So it is currently in clearance with OMB, so I
think that tells you that all of the text has been written. All
of that has been done. All of the analysis that I think
Congressman Green was asking about.
Ms. DeGette. So soon, you think?
Dr. Rucker. I am optimistic that it will be soon, but these
are folks that are not under my control, so I don't honestly--
--
Ms. DeGette. Thank you.
Thank you, Mr. Chairman.
Mr. Burgess. The Chair thanks the gentlelady. The
gentlelady yields generally. The Chair now recognizes the
gentlemen from Virginia, Mr. Griffith. Five minutes for
questions, please.
Mr. Griffith. Thank you very much, Mr. Chairman.
First, I would be very remiss if I didn't say thank you to
Mr. Green for all of the work that he has done. He has been
willing to discuss ideas. We worked together on a couple
things, and some of them were big. Our pharmacy--compounding
pharmacy bill was a big deal, and I appreciate all that and
appreciate your help on that. Likewise, I look forward to
finding out what those rules are when they come out as Ms.
DeGette was just asking you.
And Mr. Chairman, I think this is an important hearing, but
a lot of the questions have already been asked. Some will
additionally be asked, and I will be looking forward listening
to the answers to those. At this time, however I would yield my
time to Dr. Bucshon.
Mr. Bucshon. Thank you very much for yielding. ONC's
recently released draft Clinician Burden Report acknowledges
how information overload and electronic health records is
contributing to physician burnout. I was a physician before I
was in Congress. How does the ONC plan to address these
challenges faced by clinicians? Would open application program
interfaces help address some of the challenges by making
electronic health records easier to use in a clinical setting?
And let me just be brief about my own experience Spears. I
support EMRs. We put one in our medical practice in 2005. I
wouldn't want to go back to paper charts. It is a major
advance, but we have challenges as we have heard here today.
One of the big ones I am concerned about is the physician
burden, and so if you were to address how that the ONC plans to
address the physician challenges, I would appreciate that.
Dr. Rucker. Yes. To get to the very specific part, we do
believe that having better, more robust application programming
interfaces will make it easier to get data on patients, so when
you get a referral patient for your practice or send somebody
to another provider that that will be materially easier. We
have made a lot of progress there, but the progress has been
patchy.
In terms of the burden, there are a number of areas that we
are working on. I mentioned documentation which is, I think,
one of the biggest areas. We are doing a number of things on
usability, working with the vendors there on that. We are
actively engaged in ongoing discussions with CMS on are there
other things we can simplify in the CMS stack which, as you
know, includes quality measures of a vast type of varieties.
CMS is working on clinical quality language to try to make
that whole process less burdensome. An area that we are working
on internally and with CMS and outside stakeholders is on prior
authorization which is another big thing that has been
extremely problematic for everybody. And the thought there is
can we use interchange standards so this is not having your
office waiting on the phone with a payer, you know, for--who
knows, for some cryptic, ill-defined set of information that
you don't know ahead of time to decide whether something is
authorized. This is bad for patients. It is bad for providers.
So those are some of the areas. We are happy to get into
much more detail.
Mr. Bucshon. Sure.
Dr. Rucker. You know, in these 5-minute slots----
Mr. Bucshon. Yes. It is a complicated problem.
Dr. Rucker. We can't even again to go into nuance.
Mr. Bucshon. Can I express one concern about code
consolidation, you know, and simplification as it has been
promoted. The physician community, as you probably know, has
concerns about code consolidation even though going from one to
three codes, for example, something like that as the billing--
different billing levels. There is a specific concern that very
complicated patients that currently bill level 5 now would be a
level 3 but that the reimbursement wouldn't be consistent with
a level 5. So we would have physicians specifically that see
very complicated patients are very concerned about, and I know
you are aware of that situation.
I have personally voiced that concern to Administrator
Verma. I think they understand that, but it is very laudable
what they are doing. They, as you know, have a Patients before
Paperwork program that goes through a lot of these things.
So you know, the challenges that we have today are
obviously security and, really, and interoperability. The only
way I see that you totally secure a patient's medical record is
you never put it on a computer, but we are not obviously going
to do that. Are you talking about educating, you know, broader
educating people to utilize the computers including staff and
physicians on proper password management? I mean, basic
fundamentals, right? And if you look at cybersecurity, the
first thing is--the first step is the user and their password
stuff.
So what are you all doing to try to-- you know, there are
obviously big things we can do on cybersecurity. What are you
doing to fundamentally educate people that access the system on
how they protect their information?
Dr. Rucker. Right. So, you know, to mention briefly,
obviously we have that as part of the promoting
interoperability program with Medicare just so that, you know,
folks at least have one exposure to doing that. We have done
work with the Office of Civil Rights on educating patients on
that.
Mr. Bucshon. So my time has expired. I am fine with a
written response to that.
Dr. Rucker. We would be happy to provide you with a written
response.
Mr. Bucshon. Send that to the committee.
Dr. Rucker. We would be happy to provide you with a written
response on that.
Mr. Bucshon. Thank you. I yield back.
Mr. Burgess. Does the gentleman from Virginia from yield
back? The gentleman yields back.
The Chair thanks the gentleman. The Chair recognizes the
gentlelady from California, Ms. Eshoo. Five minutes for
questions, please.
Ms. Eshoo. Thank you, Mr. Chairman, not only for having
this hearing today but for your service as chairman of the
subcommittee. We all salute you for the work that has been
done, and even though Gene Green is not here, I want to
acknowledge his work with you. I think that you have been an
excellent pair of leaders of the subcommittee, and Gene and I
were classmates. We came in the same year, so thank you to both
of you.
Dr. Rucker, welcome. I can't help but think that I am
listening to someone whose job I created because I did the
legislation to establish the Office of National Coordinator of
Health Information Technology. That was signed into law as part
of the American Recovery and Reinvestment Act, what, 9 years
ago, in 2009.
Now, the legislation also addressed, as you know,
electronic health record interoperability, and I think that you
have heard from just about every Member that has questioned,
made comments, that we are still having issues with it. We
don't have a seamless system of interoperability in our
country. It seems to--you have talked about many things that
you would like to look at or that you are looking at, but it
seems to me that you are testifying today in a state of limbo
because the rules have not been written, so it is--I think--it
is a little awkward, I think, but nonetheless, we can still ask
you whatever questions we want, right?
I would like to--you mentioned in your testimony, in your
written testimony Apple's, health records app. Now, I have seen
the app, obviously, firsthand. I think it is a very exciting
concept, and I think it is important for patients to be able to
access their health data, but that requires health systems to
make their data available. And it also, going back to an issue
that is been raised by just about every single Member, it
introduces the need for additional privacy and data security.
So I just want to ask you a direct question. How are you as
the director going to address this?
Dr. Rucker. So----
Ms. Eshoo. Not how you think you might or what some several
ideas are. Do you have a specific----
Dr. Rucker. Yes.
Ms. Eshoo [continuing]. Answer to a specific question?
Thank you.
Dr. Rucker. Yes. So the upcoming Cures will specifically
address the security requirements for what you are referring to
which is the application programming interface that providers
need to provide. That will be--it is going to be part of the
certification process for electronic health records that API
exists, and we are designing it in a way to use industry
standard API technology to maximize security. So those are very
specific things with very specific technology.
We have--to the earlier part, just by--I have probably had
150 stakeholder meetings and been out on the speaking circuit.
So we have actually already made a fair amount of progress in
getting people to understand the concept of open APIs. Some of
the large vendors have opened up their APIs in response to the
Cures Act.
We are seeing a lot more network sharing which I believe,
when you look at the temporal sequence of events, is based on
the upcoming Cures Act rulemaking. So even as we speak, the
Cures Act has had a significant impact on what----
Ms. Eshoo. If you were going to grade interoperability when
it comes to electronic health records in our country, what
grade would you give it?
Dr. Rucker. It is highly patchy which is the problem. There
are A students, and there are F students.
Ms. Eshoo. Patchy is not----
Dr. Rucker. Right. So I guess maybe it averages out to a C
minus, but it's an average. It's an average.
Ms. Eshoo. And when was the last time you had any
communication from OMB? Are they the ones that are--who is
writing the rule?
Dr. Rucker. ONC is writing the rule.
Ms. Eshoo. ONC?
Dr. Rucker. ONC is writing the rule.
Ms. Eshoo. I see.
Is there anything that you think is missing from the
legislation that you need relative to implementation?
Dr. Rucker. I have to be honest. I was surprised at how
thorough it was when I actually read it and took the position,
and I obviously hadn't read it in great detail before. I was
amazed at how thoughtful it was and how well put together it
was.
And, you know, I was extremely pleased coming into the
National Coordinator, and I want to thank, frankly, my
predecessors because I know there was a lot of technical work
and a lot of technical support with my predecessors under the
Obama administration working with Congress to support Congress
in the bipartisan way in putting that together.
So I think I was pleased, and I think we have accomplished
something in a you know, bipartisanship trajectory.
Ms. Eshoo. Thank you. Merry Christmas.
Dr. Rucker. Thank you.
Mr. Burgess. The Chair thanks the gentlelady. The
gentlelady yields back. The Chair recognizes the gentleman from
Missouri, Mr. Billy Long. Five minutes for your questions,
please.
Mr. Long. Thank you, Mr. Chairman, and there is Gene Green
back. I just want to echo what everyone has said about my buddy
Gene. We are going to miss you and Helen, and thank you for all
your years of service to Congress, to the committee, to the
folks in Texas. You are going to be a big loss for us.
Dr. Rucker, when Obamacare first went into effect, I
happened to have an appointment with my doctor shortly after
that. And I went in, and I thought I was going to have to give
him--prescribe him blood pressure medication for the amount of
paperwork that he--he said you sit there, you sit there, and I
have to enter all this in the computer. I have to--you know,
and he was so upset about the burdensome paperwork. Shortly
thereafter, he decided to take early retirement. He just said I
am out of here. He wasn't at retirement age, but he just had
all the fun he could stand.
And when I talk to physicians, they mention how overly
burdensome their paperwork requirements are and how too much of
their time is spent on data entry instead of seeing patients.
He calculated he lost 1 day a week of seeing patients because
of the amount of paperwork he had to do. So instead of seeing
patients 5 days a week, in essence, he was seeing them 4 days a
week.
In November, ONC and CMS released a draft strategy on
reducing regulatory administrative burdens. What do you think
the main driver of this burden is, and what would----
Dr. Rucker. In working with CMS on that report, I think in
deciphering out just some of the times, you know, the time
component, a lot of people have told us it is over a day a
week. It is over 20 percent. You know, when you go to 3 or 4
hours a day, I think 20 percent would be on the low side.
I think, to me, the biggest area to start with is
documentation. So because we are gating fee-for-service through
the CPT billing codes, they have sort of--they have a bit of
what, you know, in a Pavlovian psychology thing could call an
reverse of stimulus. If you want to get paid more, you have to
deal with more of this burden. I think that has caused huge
dissatisfaction.
I have worked with thousands of doctors, you know, in the
ER. It is sort after communal pit. You hear what everybody
says. I know in talking with thousands of people, they hate
this. It is very hard for us to teach this to the residents.
They look at us, like, are you out of your mind? Literally. So
that is a big issue.
Prior authorization. We hear that is a little bit more
specific to the types of practices. It is a big issue. We have
heard quality, some of the quality measure reporting, very
expensive and time consuming, and frankly, we are getting an
early signal, and we are doing a lot of work at ONC to try to
make sure that the prescription drug monitoring programs don't
become an additional burden, you know. They are required pretty
much in every State, and often that means you have to get out
of your computer, logon to another computer, get out again,
document it. That is a lot of time on a go-around, right, about
a because you know how long it takes to logon to a computer
even if you can memorized all niece passwords.
So we are, you know, doing some work to sort out, and I
know a number of people are working on integrating PDNP into
the record so that we are not adding additional burden
inadvertently as we try to solve the opiate crisis.
Mr. Long. So are there health IT system usability problems?
Dr. Rucker. Yes.
Mr. Long. What are some of the key recommendations from the
strategy, and how can we reduce the overall burdens on
clinicians?
Dr. Rucker. So key recommendations from the strategy. We
discussed documentation. We discussed prior auth. Those are
things on usability. The Electronic Health Records Association,
the vendor association, is working on standardizing some
things, even small things like what is the order of results? Is
it the most recent result first? Is it the first result first?
Even some simple things like that.
The APIs in terms of getting the programming interfaces to
get data from other providers is going to be a big thing. The
quality group at CMS with whom we work with quite intensively
have a number of programs they are working on to make quality
measures more responsive, more real, and simpler. We have
worked a lot with CMS in just the rules around, you know, what
used to be the Electronic Health Records Incentive Program,
what is now promoting interoperability.
Seema Verma has been very aggressive in pushing everybody
she can get her hands on, and that includes me, in terms of
making things easier and working with CMS to do that, so a
number of things are in progress.
Mr. Long. So you are working with stakeholders in
developing these strategies----
Dr. Rucker. We have had meetings with about 150
stakeholders, and many of the meetings have been on burden.
Mr. Long. OK. Mr. Chairman, I don't have any time to yield
back, but if I did, I would.
Mr. Burgess. The Chair appreciates your willingness.
The Chair now recognizes the gentleman from New York, Mr.
Engel. Five minutes for questions, please.
Mr. Engel. Thank you, Mr. Chairman, and I too want to
express my chagrin at Gene Green not going to be here any more,
but I know he is going to be doing some great things and with
some time, spare time, with his wife and--with Helen, and I
just want to tell everybody how much we are going--we always
sat next to each other. We are going to miss you.
Mr. Green. I haven't got him to talk like a Texan during
all of that.
Mr. Engel. I would attempt to do it, but I would just
laugh--make a fool of myself.
Thank you, Dr. Rucker, for being here today.
As you know, in May, the GAO issued a report on the
challenges patients and providers face when it comes to access
to medical records. And I am particularly concerned about this
finding in the GAO's report, and I quote it.
Patients' challenges include incurring what they believe to
be high fees when requesting medical records, for example, when
facing severe medical issues that have generated a high number
of medical records. Additionally, not all patients are aware
that they have a right to challenge providers who deny them
access to their Medicare--medical records.
So, Dr. Rucker, let me ask you. Is ONC doing anything to
help mitigate the costs that patients face as a result of this?
Dr. Rucker. Yes. By law, the electronic access to records
is something that should not be charged for. As the open
application, the application programming interfaces under Cures
are designed, and our rulemaking will implement that patients
can direct their smartphones at the providers' end point,you
know, the URL, if you will, and download their records and do
it in a way that is convenient to patients. They can aggregate
records from other providers. We believe there will be apps to
do that.
Apple already has one. There are smaller companies that
have these apps out there now. We believe this line of business
will grow. It will add value in all kinds of ways, but I think
the key practically is charts, you know, the printouts of these
charts.
Now, if you get a, quote, printout from one of these
electronically generated charts, it is hundreds of pages of
stuff that is impossible to read for a physician, let alone a
patient. When you are on the inbound side of this in referrals,
it basically jams up the laser printer fax machine.
At Ohio State where I work, I am told by some of their
staff they would get 90 calls a day where inbound faxes were so
large that they jammed up the nursing units' fax server which
are, you know, the laser printers on the unit. Smartphones are
powerful computers and I think are exactly what we need to get
patients their records and to do it in a way that patients can
control their care and, frankly, shop for their care.
Mr. Engel. Well, doctors who can't read it know how the
rest of us feel when we try to read doctors' signatures or
doctors' notes.
What about patient education? Is anything being done to
ensure that patients know that they have a right to access
their medical records?
Dr. Rucker. We have worked with the Office of Civil Rights
on an ongoing basis, I think over a number of years, to
describe for patients how to get their information. Now, some
of this is consumer marketing. We don't have a budget for
consumer marketing, but to the extent that we are able, we are
encouraging that, and we believe that with the open APIs, there
is going to be a lot more public awareness of the availability
of this because right now, that is--you know, these simple
things aren't available, so it is hard for people to learn
about them because what they learn about is so complex.
Mr. Engel. Thank you very much.
Thank you, Mr. Chairman.
Mr. Guthrie. Thank you. The gentleman yields back. The
Chair now recognizes Mr. Bilirakis for 5 minutes for questions.
Mr. Bilirakis. Thank you so much.
Dr. Rucker, HITECH made available over $35 billion to
modernize HIT infrastructure centered on the meaningful use of
certified EHRs. These incentive funds were designed to assist
eligible providers to purchase, implement, and maintain her
systems as well as meet criteria to advance reporting on
quality indicators. While the implementation of the HITECH was
far from perfect, it was the launching pad for the
implementation of her ecosystem we have here today. Yet certain
provider types such as behavioral health providers were not
eligible for this incentive funding to build out electronic
health platforms.
Meanwhile, today as a result of the opioid crisis and
increasing suicide rates in the U.S., we are increasingly aware
of the importance that behavioral health plays in whole
personal--person care, healthcare. Given that behavioral health
was carved out of HITECH and serves as a critical linkage to
integrated care, what, if any, plans exist to cross this
bridge?
Dr. Rucker. Well, I think first--there is, first of all, a
start with the Center for Medicare and Medicaid innovation in
the support act, the recent opioid act to, you know, look
specifically at the question of behavioral health records.
I think one of the big opportunities we have is to use
these regional health information exchanges to share even the
simplest of data on patients with behavioral health and
substance use issues. The data I am talking about because as an
ER doc, you see these people. They float in and out of the
system. They float from group homes, shelters, all kinds of
situations.
In some parts of the country, health information is simple
ADT. ADT is admit, discharge, transfer. So all it says is where
was this person? Where are they located? That simple
information often helps to coordinate some of this care, so
there may be a very low-hanging fruit here that is worth
looking at, and we are looking at how to expand that to get at
the behavioral health issues.
Part of the challenge is a lot of these folks, as you
pointed out, don't have software, per se, right. So, but to the
extent they do have software and any ability, this is sort of
the simplest common denominator that we think--we have some
anecdotal experience that's going to be very powerful for
helping these folks. I have taken care a lot of these folks
over many, many, many years, so I am pretty excited about
trying to do something in this role.
Mr. Bilirakis. Thank you. All right. Next question. What is
ONC doing to enable physical therapy and other non-physician
her vendors to satisfy certified her technology requirements?
Dr. Rucker. Yes. So for the broader healthcare ecosystem,
the biggest thing we do, you know, in areas where we are not,
per se, certifying, you know, for the non-certified part of
that world is a lot of work on standards, right. So people can
share information, have lower costs of getting information,
providing information, entering information. We do a lot of
standards work. We actually summarize it with an
interoperability standards advisory which is a constantly
updated database of the best standards in healthcare. We have
used resources to encourage some of these standards.
We do a lot of work with a number of the standards
organizations, most specifically HL7, and we have also
supported some of the deeper technical things needed to advance
standards to make, you know, the communication across the
healthcare board more efficient.
Mr. Bilirakis. OK. I guess I have a couple more. You know
what? Let me just go ahead and submit them for the record, Mr.
Chairman, in the interest of time. Thank you.
Mr. Burgess. The chairman yields back. The Chair thanks the
gentleman.
The Chair recognizes the gentlelady from Indiana. Mrs.
Brooks, 5 minutes for your questions, please.
Mrs. Brooks. Thank you, Mr. Chairman. Thank you, Dr.
Rucker, for being here.
I also want to add my thanks to Ranking Member Green. As
fellow Texans, you two gentlemen have led this subcommittee so
admirably. We have gotten so much done, and we are really going
to miss you.
With that, Dr. Rucker, I want to elaborate a bit more on
the use of smartphone-based apps and obviously your desire to
continue to advance that. Are there any additional regulatory
changes that would be helpful in further accelerating or
incentivizing health record applications?
Dr. Rucker. I think we are in a very good position with the
Cures Act language on that. I think when the rule comes out,
and you know, there is obviously public comment and that whole
annealing process on the rule. I believe we are going to be in
a very good position to have accomplished that, so I am very
confident.
Predicting the future, obviously, you know, hard to
impossible, but I feel very confident that the language that
Congress has put in that and that will--implementing will do a
lot there. I think modern technology is very helpful. Having
the API stack that the rest of the smartphone economy uses in
starting to move healthcare into that is going to be very
powerful, and you know, so that allows healthcare to write off
the development of all of the rest of the app economy, right.
Historically, part of the challenge of interoperability is
we have done it all ourselves with one-off healthcare
protocols. You know, if you go to any other computer person and
you show them, those guys are like, what, right? I mean, there
is just befuddlement. We are trying to move healthcare, you
know, with the Fast Healthcare Interoperability resources, the
so-called FHIR, into the modern economy stack. We are mindful
of the work that is been done, the sharing that is going on. We
want to, you know, support and acknowledge that, but over time,
and certainly for the smartphone part of it, we believe that is
the way to go.
Mrs. Brooks. So I am hopeful that the new rule that is
coming out will address maybe barriers to the app development,
but how about with respect to utilization? How about with
respect to getting average citizens to begin using it? What
comments do you have about what we could do to either
incentivise or to encourage its use?
Dr. Rucker. To me, the absolute as somebody who has built
computer software, the only thing that counts is how easy is it
to use? How many clicks, how much reading, how much thinking do
you have to do? Ease of use is everything in consumer apps.
Everything we do in our rulemaking is geared to encouraging
ease of use.
Now, as all the other questions have pointed out, you have
to balance that against security and privacy, so there is an
inherent tension there, but with what we think is an
appropriate balance, that is our focus.
Mrs. Brooks. But these types of apps that are being
developed and that are in development and with the rulemaking,
they are approved by your organization, correct?
Dr. Rucker. No.
Mrs. Brooks. OK. Should there be some additional approval
process on the app development necessary to, you know----
Dr. Rucker. Right. So, these apps are not approved by us or
by the FDA, you know, in the current go-around. I think we want
to be very, very careful that we don't have further burden on
innovation. This is a fast-moving part of the economy. I know
working with the White House, we are trying to get investment
in this, highlight the investment opportunities.
The Office of American Innovation has been heavily involved
in that outreach, so I think we are trying to encourage people
to enter the space. I think regulating it, a priority. I don't
believe is going to be a public--I don't think that is going to
get a public value because I think it is actually very hard to
regulate the privacy and security breaches that are coming
because a lot of that is the law of unintended consequence.
Mrs. Brooks. I recently saw a study that Johns Hopkins did
concluding that more than 250,000 people in the U.S. die every
year due to medical errors, and then also, we obviously know
about all of these duplicative tests that can often happen. Do
you believe that that access to mobile health records will
actually help reduce this number?
Dr. Rucker. I think it will because I think it allows
further clarification, I think better APIs. Part--by no means
the only reason for medical errors, but clearly a part of it is
just the complexity of what we have out there, any technology
that makes it simpler.
Patients are probably the best check on what is going on
for their care, right? They are presumably the most interested
in it, so having them be able to say ``No, I am not on that
med,'' or you know, ``Why did you put this diagnosis down?'' I
think that transparency is essential.
I think the Cures Act provides a vast amount of
transparency to patients in healthcare, so I think that is very
powerful. The more eyes you have on a problem, I think the
better it can be.
Mrs. Brooks. Thank you. I yield back.
Mr. Burgess. The Chair thanks the gentlelady. The
gentlelady yields back.
The Chair recognizes the gentleman from Oklahoma, 5 minutes
for your questions, please.
Mr. Mullin. Thank you, Mr. Chairman, and I also want to
thank my colleague from Texas, Mr. Green.
Mr. Green. Tough for an Okie to do that.
Mr. Mullin. It is. It is. But football season is over, and
we won, so that matters.
Mr. Green. Somehow I thought that might come up.
Mr. Mullin. Anyway, Mr. Green and I, we have worked
together probably more than any other person on the other side
of the aisle, and he is going to be missed. He is one of the
rarer ones around here that sees it from a perspective, not
from a party perspective but from his perspective, so I really
enjoy working with him.
Mr. Mullin. You know what, let's talk--we have talked a lot
about privacy, and I have a bill out right now, H.R. 6082,
which has to do with redlining part 2, and helps with, in my
opinion, the provider getting the information they need.
My colleague from Indiana just brought up that there is
obviously a need for doctors to get more adequate information
about the patient. Do you feel right now with 42 CFR, part 2,
with them being realigned outside of HIPAA, do you think that
hinders the provider from getting the adequate information on
the individual?
Dr. Rucker. Well, as you know, it is very controversial. We
have had a number of people lobby, you know, come to us on both
sides of that coin. I am going to defer to my colleagues at
SAMHSA and the deputy secretary. I know the deputy secretary's
reading a regulatory sprint for coordinated care, looking
specifically at those--the issues around 42 CFR, part 2. So I
am going to--because they are the primary agency, I think we
are going to defer to them on that.
Mr. Mullin. Well, I read in your agency's draft clinician
burden report published last month that the healthcare
providers struggle to navigate health IT privacy regulation
governed by 42 CFR, part 2. Is that correct?
Dr. Rucker. Yes.
Mr. Mullin. So what exactly do they struggle with, then?
Dr. Rucker. Well, we have heard as the struggles are around
knowing--I think one of the big struggles--there are some
others, but one of the big one is knowing who is actually
covered, so that the technical language is that providers who
provide a specialized class of substance abuse treatment are
covered.
But if you are part of a larger entity, right, so if you
are a big, you know, delivery system who is covered, right, is
that psychiatry, is it just that practice, those boundaries are
very hard to navigate for folks, you know, that boundary and
that description generates and so people default to just
saying, it might all be covered. You know, nobody wants to risk
it and so----
Mr. Mullin. So does part 2 strengthen the patient's care or
worsen it, then?
Dr. Rucker. I think that, you know, again, I am going to
defer to SAMHSA. They, I think, will have some data on that. I
want to be----
Mr. Mullin. Well, we already know that there has been
accidental deaths because of part 2 not aligned with HIPAA. We
are talking about the patient, and we also talked about privacy
too.
Dr. Rucker. Yes.
Mr. Mullin. But through HIPAA, individuals with heart
disease or HIV, do you think they are adequately covered
through privacy, through HIPAA?
Dr. Rucker. I think HIPAA does a great job with privacy.
Mr. Mullin. So, in your opinion, then, is it right that we
separate individuals with mental illness or disorders, or abuse
disorders, separate from anybody else's care?
Dr. Rucker. Well, I think there is an overall goal to get
those things integrated, to have, you know, what sort of folks
call wholistic care, you know. The specifics I am going to
defer to the, you know, specific agency that handles that, but
I think there is an overall desire to have integrated care. I
think that is just good patient care. All of these things blend
together.
Mr. Mullin. One last question, then. How difficult is it
for a provider to access part 2, and what risk comes along with
that?
Dr. Rucker. Well, I think the--the difficulty is not in the
access. It is in--it is--you know, the difficulty is the
availability.
Mr. Mullin. Well, they can't just access it. They got to
get the patient's--they got to get the patient's permissions,
right?
Dr. Rucker. Yes. Yes.
Mr. Mullin. So they had to get HIPAA permission----
Dr. Rucker. Yes.
Mr. Mullin. So they have to go one step further, and they
have to ask for that, right?
Dr. Rucker. Yes. That is my understanding.
Mr. Mullin. So if the provider has no reason to ask,
doesn't that create a problem right there?
Dr. Rucker. Potentially, it does.
Mr. Mullin. Now, what if the patient shows up in the
emergency room is unconscious. How many providers automatically
access part 2?
Dr. Rucker. I do not know the answer to that. I can see if
there is information on that. I do not have information on
that. As a practical matter in the emergency department, if
they are unconscious, we try to treat them immediately----
Mr. Mullin. Well, I know, but----
Dr. Rucker [continuing]. And part of that will be giving
the Narcan. Part of that will be an assumption from any patient
far more--we will assume, in many cases that there is an opioid
and a standard part of that treatment is to administer Narcan,
or some, you know, some version of that on the possibility that
that might be the cause. I mean, we administer things like
glucose on the thought that maybe the person's hypoglycemic as
well.
Mr. Mullin. So do you think it would improve the patient's
care if we could align part 2 and HIPAA?
Dr. Rucker. I think alignment there, I think that would be
helpful.
Mr. Mullin. Thank you.
I yield back. Thank you, Mr. Chairman.
Mr. Burgess. The gentleman yields back. The answer to the
gentleman's question is yes.
Mr. Mullin. Both sides of the aisle.
Mr. Burgess. Chair recognizes the gentleman from Georgia,
Mr. Carter, for 5 minutes for questioning.
Mr. Carter. Thank you. And thank you for being here.
I just want to begin by adding my voice to those who have
already talked about the proposed rule on information blocking
and just that, you know, it is obviously very critical, we all
understand that, but I just wanted to see if you could give me
an update. I understand it is out of your hands right now and
it is with OMB, is exactly where they are at with it. Do you
have any idea when we could look forward to seeing that?
Dr. Rucker. I wish I could give you specifics. I think they
are looking at it. I think we would, you know, we would have to
defer to them to--to things. I believe we are close on that. I
am not aware of any, you know, insurmountable difficulties or
challenges. But I think there is a large checks and balances
process here that, you know, is part of--is part of the way
things work, our democracy. And I just--as somebody who is in,
you know, in a staff agency, I just have to be mindful of that,
you know.
Believe me, I share your frustration. I share your
frustration. I wish I could tell you exactly what is in it,
tell you it was all done, but I,--you know, unfortunately, I
can't.
Mr. Carter. Do you have idea what is in it? I mean, have
you----
Dr. Rucker. I have read it multiple times. I have a very
precise idea of what is in it. We have had vast number of
discussions with Liz Anthony, who heads our rule-making group.
Intimately familiar with the details. Many of the details are
quite challenging to put together and, you know, to reflect on
the complexity of the American healthcare system. So, yes, I am
very familiar with what is in it.
Mr. Carter. But I am hoping you are optimistic that it is
going to help.
Dr. Rucker. I am extremely optimistic.
Mr. Carter. OK, good, I am glad to hear that.
I wanted to ask about health provider documentation and the
documentation burden. We are all aware of that. In fact, you
mentioned in your testimony the ability to address clinical
burden, and how burnout especially, has been impacting
healthcare professionals. Can you describe some of the efforts
that have been made to--to relieve some of the administrative
burden?
Dr. Rucker. Yes. So in the--in the burden report, that we
have jointly done with CMS, there are a couple of areas that we
are working on. We have discussed simplification of
documentation. So one of the specific things, for example, is,
you already have a past medical history that hasn't changed, or
a family medical history that hasn't changed. You do not need
to re-enter it again, would be a very specific thing.
If you have, for example, a resident or a medical student
who spends a lot of energy getting a history, you do not have
to redocument all of that so that you then have to read it and
wade through that much more text on it, some very specific
things.
We talked about the prior authorization and work on the
technology that might make that a lot simpler. And the
promoting interoperability, there is--working with CMS, we have
simplified a lot of the provisions around that, tried to sync
up between outpatients and inpatients, so these aren't two
diametrically opposed things that read differently. If you
cross the threshold of the hospital door, I mean, quality and
interoperability shouldn't change because you walked one foot
into the door--you know, through the door.
Mr. Carter. What kind of feedback have you gotten? Has it
been positive?
Dr. Rucker. I think we have gotten positive feedback on a
number of things on the documentation as Congressman Bucshon
mentioned. There were concerns and maybe not a full
understanding of how complexity would be paid for, right? You
know, how the sickest patients, how the economics of payment
for that would work out. There are a number of provisions in
there on that.
And I think folks also didn't frankly calculate the amount
of money spent on billing to, you know, work these codes
through the process. I mean, the--the health--the overhead
practices, I think, are spending between 5 and 10 percent,
maybe more, of their revenue on billing through these complex
coding systems. Much of that is a dead loss to the economy and
to the American public.
Mr. Carter. Absolutely. I am glad you recognize that
because that is one of the most frequent concerns that is
voiced to me is just how much--how much it is taking,
financially, for them to adhere to this. So I am glad to hear
you say that.
I am running out of time here, so--but I did want to ask
you very quickly about the her reporting program. And I know an
RFI was issued for that and released, but there were budgetary
concerns. Has that been handled? Are you----
Dr. Rucker. Well, working within the budget we have, we
have contracted out with somebody to start the process of
putting, you know, the, you know, that construct together and
sorting out what information can be asked to do her reporting,
you know, with a goal of giving providers more information on
their electronic health record, potential purchases.
Mr. Carter. Any other hurdles, any other barriers that you
have run into in order to implement this?
Dr. Rucker. I think we are early enough on, that, you know,
we probably haven't hit the hurdles. The budget is such that we
will--you know, it is not going to be a comprehensive server,
the entire United States, just within the constraints of the
budget. But I am confident we are going to get some valuable
information that will help folks.
Mr. Carter. Good. OK. Well, thank you very much.
And thank you for your indulgence, Mr. Chairman. I yield
back.
Mr. Burgess. The Chair thanks the gentleman. The gentleman
yields back. I will now yield myself the balance of the time
for questions.
Just testing you. I will miss you, too.
Mr. Green. Not as much as they will, though.
Mr. Burgess. How can I miss you if you won't go away?
Dr. Rucker, in preparation for that--and I do thank you for
being here--in preparation for this hearing, we had a long time
to kind of consider because we have waited for this rule and we
kind of ran out of years, so we had to get the hearing in ahead
of the rule.
But in preparing for this reading in the Annals of Internal
Medicine from November 12, 2018, an article by Atul Gawande,
``Why Doctors Hate Their Computers.'' Let me first stress that
I rarely agree with Dr. Gawande on everything. But he does
write a paragraph here that I just really thought summed up
what our hearing is about today.
He says: Something's gone terribly wrong. Doctors are among
the most technology-avid people in society. Computerization has
simplified tasks in many industries. Yet somehow we have
reached a point where people in the medical profession
actively, viscerally, volubly, hate their computers, end quote.
True statement, yes or no?
Dr. Rucker. Yes.
Mr. Burgess. Yes, it is. And, you know, we hear that--I
heard that when I was in Mr. Latta's district, heard it from
both doctors and people in the hospital, the medical staff
section, about your office and the Center for Medicare and
Medicaid Services talks about sharing the goals of reducing
physician burden. So can you give us an idea how you are
working with CMS along those lines, to reduce physician burden?
Dr. Rucker. Yes. I mean, I think the root of that problem--
and I agree with what was in that article--is that these EMRs
have really, first and foremost, grown up as billing systems,
right? There has been no automation.
Mr. Burgess. Bingo.
Dr. Rucker. Right.
Mr. Burgess. What he called the tyranny of the ancillaries.
Dr. Rucker. Yes. So I mean, it is striking to me as
somebody who went into this field. I start--the computer
science degree coming straight out of residency. I wanted to
automate stuff so I didn't have to do scut, which is that, you
know, slang word for nonvalue add work that seems to be the
bane of residency training. That was my goal.
I mean, I worked in an era when the entire hospital's
microbiology results were randomly reported out
nonalphabetized. You had to read through every single culture
result in the entire hospital to find out if your patient had a
urine culture done. So that was the world.
As we have discussed, what we are doing with CMS is trying
to be systematic about addressing these things. And so you have
seen a couple things. I mean, one I want to highlight is the--
the meaningful use program, I think, trying to be a steward of
the 30--$35 billion, you know, wanted to have a lot of controls
on, is this a full and complete electronic health record. I
think we have done that. And now we are really focusing not on
that, but on just sort of the interfaces and the burden. I
think there is still work to be done in documentation. Some of
that is related to fee for service. Some of that, in alternate
payment mechanisms, would go away.
I think there is a lot of work to be done in prior
authorization, that--so I think there are a number of areas.
Mr. Burgess. May I ask you a question about that? You did
bring up prior authorization and one of the banes of my
existence when I practiced was dialing 1-800-California to get
permission to do something that I knew was clinically
indicated. So it seems like that should just follow then from
the data in the electronic record. So if--if an asthma drug is
indicated, or a surgical procedure, or an imaging procedure, it
should just follow then from the data that is already there,
correct?
Dr. Rucker. Yes. The hope is that these APIs will, in fact,
be efficient enough in exposing that information, that these
transactions can be greatly simplified, the delivery of the
information can be bigged bidirectional so that that whole loop
of being on the phone is minimized or goes away, and that may
even be a paradigm----
Mr. Burgess. I prefer it goes away. And only then
interacting with the doctor if there is some question as to
whether the documentation is complete enough or fulfills all of
the requirements.
Dr. Rucker. Yes.
Mr. Burgess. That seems like that would be a laudable goal.
I have got other questions, and like others I will submit
them for the record. I do appreciate your time. I understand we
do have a hard stop. So I will yield back the balance of my
time.
And seeing no others Members wishing to ask questions, I do
want to thank Dr. Rucker for making time to be here today.
Again it has been a long time coming. We have wanted you here
on several occasions, but we got you now.
So I would like to submit documents from the following for
the record: College of Healthcare Information Management
Executives and the American Society for Clinical Oncology.
[The information appears at the conclusion of the hearing.]
Mr. Burgess. Pursuant to committee rules, I remind Members
they have 10 business days to submit additional questions for
the record, and I ask the witness to submit his response within
10 days of receipt of the questions.
And then I will just add my voice to the others on the
committee, it has been a privilege working with you, Mr. Green.
Mr. Green. Most of the time.
Mr. Burgess. Most of the time. We actually have done some
very good work these past 2 years, and it has been a very
active session of Congress on the Health Subcommittee. I am not
going anywhere, so no one will have to miss me, but we will
miss you and wish you success in your future endeavors.
With that, Dr. Rucker, again, thank you, and the
subcommittee is adjourned.
[Whereupon, at 11:59 a.m., the subcommittee was adjourned.]
[Material submitted for inclusion in the record follows:]
Prepared statement of Hon. Greg Walden
With this hearing, this subcommittee will cap off a
complete review of the major provisions contained within the
bipartisan 21st Century Cures Act of 2016. So far, we have
heard from the National Institutes of Health, the Food and Drug
Administration, and the Substance Abuse and Mental Health
Services Administration. Today, we will hear from the Office of
the National Coordinator for Health Information Technology.
In so many parts of our lives technology has allowed us to
move data seamlessly and better connect to ease burdens.
However, with the transition in the health sector to electronic
medical records we have not seen the same results. We hear of
limitations in technology functionality, provider burden in
documentation, a lack of a robust market to tackle add on
technologies, and the lack of the ability to easily share
information.
The fundamental value proposition of Electronic Health
Record systems is the continuity of evidence-based care,
however, patient health data continue to be fragmented and
difficult to access for healthcare providers and patients
themselves.
The functionality of EHR systems lags behind the
technological capabilities presently available, and until we
close that gap I do not see how we can truly recognize the
potential of clinical registries, payment reform, or health
information exchanges.
For these reasons, the 21st Century Cures legislation
realized that bedside coordinated care is going to matter the
most in delivering new technologies and therapies to patients.
Today, we will get an update on the law's implementation.
I know ONC has been able to implement some parts of the
law, such as the new Interoperability Committee and the recent
draft report on physician burden.
However, some of the pillars of the law remain
unimplemented because the needed regulations have not been
released. While this update is important despite the lack of
regulations, I sincerely hope to see tangible progress soon
because every day we wait is another day patients and providers
are not able to benefit from some of the most important
provisions of the law.
It is my hope that Dr. Rucker you can walk the committee
through what you believe the 21st Century Cures
Interoperability title can accomplish and how we can unleash
the technology revolution that we have enjoyed in so many other
sectors of our economy into the healthcare space. There is so
much innovation waiting to be unleashed and so many ideas that
will lower costs and increase quality. We just need to knock
down the artificial walls that stubbornly prevent us from
seeing the return on innovation that I think we all know awaits
us.
I look forward to your testimony.
Prepared statement of Hon. Frank Pallone, Jr.
Good morning, I want to thank Dr. Rucker for joining us
today to discuss the Office of the National Coordinator's
(ONCs) progress in implementing the 21st Century Cures Act.
Since the passage of the HITECH Act of 2009, we've seen an
impressive increase in the adoption of electronic health
records (EHRs). Today about 96 percent of hospitals and three
quarters of office-based physicians use health information
technology (HIT) that has been certified by ONC. That
represents about a ninefold increase in hospitals with basic
EHR technology since 2008, prior to the HITECH Act.
While this is impressive progress, there are still some
hospitals and physician offices, particularly small or rural
providers, who are still operating with volumes of paper files
and outdated fax machines. This is simply unacceptable with all
of the technology available today, and we must continue to find
ways to incentivize and help these providers to adopt EHRs.
While we've made significant progress in upgrading the way
patient data is managed, more work is needed in order to make
EHRs more useful and accessible to patients and providers.
Interoperability, or the ability to securely exchange
electronic health information, remains a challenge today, but
the Cures Act has helped put us on the path toward addressing
it.
I'm pleased to see that ONC has made substantial progress
in implementing Cures Act provisions by releasing a draft
Trusted Exchange Framework and Common Agreement (TEFCA) and
partnering with the Office for Civil Rights to create new
resources to help people better understand their right to
access their health records. Clear rules of the road for
exchange and informed consumers are necessary for ensuring
secure and appropriate transfers of patient data.
I'm also encouraged to hear that ONC plans to release an
updated draft of TEFCA for public comment. Given the progress
the private sector has made in this area, it's important that
we glean any lessons that they learned from their efforts. We
should ensure that ONC's work compliments those efforts as much
as possible.
The Cures Act also provided the Office of the Inspector
General (OIG) with the tools necessary to investigate and
penalize those who are information blocking. However, before
the OIG can begin their work ONC must first identify cases that
do not constitute information blocking. I had hoped that a
proposed rule on information blocking and certification
requirements would have been released by now. However, I'm
encouraged by ONC's statements that the rule is in the final
stages of development. I look forward to the release of this
important proposed rule.
Finally, I want to take a moment to thank my friend and
colleague Congressman Gene Green for his many years of service
on the Energy and Commerce Committee and particularly for his
leadership of the Health Subcommittee these past 4 years.
During his tenure as ranking member, Congressman Green has
helped lead this committee to major legislative achievements
like the Cures Act and has been a tireless advocate for the
Affordable Care Act. Gene is a thoughtful legislator and a good
friend. He always sought consensus, often found it, and never
stopped trying no matter how hard it could be. I'm incredibly
thankful for his leadership, and he will be dearly missed on
the committee next year. I wish him nothing but the best as he
retires from the House and this committee.
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
[all]