CMS-10749_CMS Responses to Public Comments

CMS-10749_CMS Responses to Public Comments.docx

National Plan and Provider Enumeration System (NPPES) Supplemental Data Collection (CMS-10749)

CMS-10749_CMS Responses to Public Comments

OMB: 0938-1427

Document [docx]
Download: docx | pdf

CMS Responses to Public Comments Received for CMS-10749: National Plan and Provider Enumeration System (NPPES) Supplemental Data Collection



Comment:


The bulk of this regulation is in the exhibits and the exhibits are buried on the CMS website. You are excluding regulatory commentators who cannot effectively understand the questions being asked because they cannot navigate the CMS website well enough to find the screenshots.

Please fix this process, for this and all other regulations like this. If the public needs to read exhibits, then they should be included as downloads on the regulation.gov site or as URLs to other government sites.


Response:


One commenter stated the process for navigating the CMS website in order to find the information necessary to meaningfully comment on regulations is unduly burdensome. While this is a notice of collection of supplemental data, rather than a regulation, the intent is clear. CMS values the feedback, and will review the process to determine if there may be an easier way for the public to review regulations and their exhibits.

Comment:


My name is Linda (Rippee) Privatte. I support HIPAA reform. My brother, James Mark Rippee had an accident in 1987. He had a TBI, loss of 1/3 of frontal lobe & both eyes. He sustained many more injuries. Years later he developed SMI. His injuries required 55-60 surgeries. Homeless 13 yrs. due to his SMI and no medical care. Conservatorship has been sought unsuccessfully & he suffers with Anosognosia. Recently he walked into traffic twice in 4 months & was hit by cars. He was hospitalized for 30 days after he was hit by the first car. The 1st time hit by car he had a head, face, & eye socket injury. Due to his SMI refused to go to the ER. He was left on the sidewalk with a head injury. 2 weeks later I found him in need of surgery for a brain abscess. He doesn't comprehend his injuries yet he alone decides his treatments or lack of without the capacity to make his own decisions. The original accident left him with open eye sockets needing medication 3 times a day, seizures, chronic brain infections, 24 brain surgeries, his face, head, jaw and leg have metal plates, wires, and a metal rod from his knee to ankle. Neither accident was he 51/50'd. His family was kept from helping with his medical decisions due to HIPAA. He was hospitalized for 258 days after walking into traffic again and being hit by a car the second time this year. Recent accidents have led to more TBI's, internal injuries, head bleed, infections, broken bones, & surgeries, he crushed the leg with the metal rod and it was removed. More metal put in leg, and his shoulder was detached. He has been in Psychosis the entire time hospitalized and has been given Anti-Psychotic meds, just to be controlled, but is considered to have capacity to make his own medical decisions? He could not tell you why he was in the hospital, what his injuries were, or what the consequences of his decisions could be. He refused life saving blood transfusion, cat scans, x-rays, physical therapy that led to improper healing process, started bearing weight on the leg 2 months too early. The hospital released him back to the streets not on meds. He is 100% Blind with open eye sockets, TBI's, Frontal Lobe loss, Physical disabilities, SMI, Anosognosia & will have lack of mobility that is permanent, due to new injuries. No Conservatorship has been successful. I do support changes to HIPAA that would allow more priority to the SMI person right to treatment along with allowing more involvement from the families on decisions Medical and Psychological decisions for people with Serious Mental Illness. I made a mistake on my comment. Conservatorship has never been successful.

Response:


One commenter stated more family involvement is beneficial to the overall health plan of a patient. The Office of Civil Rights (OCR) dictates the ability or lack thereof to release medical records under HIPPA. OCR works closely with both doctors and patients to ensure that every patient knows their rights and privacies concerning personal health information and medical treatment options. These comments are not directly or indirectly related to this information collection release.


Comment:


See attachment below:

Response:


One commenter stated CMS cannot effectively model healthcare resources available to local communities in the languages that the communities need, which creates unequal healthcare among all patients. Allowing race, ethnicity, and information about languages spoken by the provider permits all patients to benefit from the information.


CMS values the feedback, and will review the process to determine if there may be an easier way for the public to view and use these data elements.

Response:


One commenter stated CMS is already collecting information without having first obtained the appropriate OMB PRA approvals, and improperly committed to providers that this information would be retained privately. In addition, CMS had already deployed changes to the system.


CMS acknowledges this violation of the Paperwork Reduction Act of 1995 (PRA) and is currently working to remediate the issue by creating a new PRA package and thereby come into compliance with the PRA. In addition, this comment solicitation and summary, in CMS’ view, clearly articulated the changes to be made to the data collection and system.


Response:


One commenter asks have there been other new fields added to NPPES.


CMS has not added new fields to NPPES without the proper submission guidelines outlined by the Office of Management and Budget (OMB). This process includes a 60-day public comment period and a 30-day public comment period.




Response:


One commenter asks if CMS conducted a public discussion regarding the gathering of office hour information and why CMS added green locks to this information.


The green lock indicated the particular field will not be publicly disseminated. NPPES was established and is administered under the authority of HIPAA, specifically § 1173(b) of the Act. The 2004 NPI final rule clearly states that the NPPES collects information from health care providers for only two purposes: (1) to enable the NPPES to uniquely identify a health care provider (which ensures that the NPPES isn’t giving the same provider two different NPIs or giving two different providers the same NPI); and (2) to be able to communicate with the health care provider. The data is not disseminated, as it is inconsistent with the NPPES data collection framework and therefore impermissible.


Response:


One commenter stated the HIPAA mandated the Secretary consider “other uses” of electronic provider directory systems (e.g., adopting standards and data elements for electronic health information exchanges


This comment is outside the scope of the intended purpose of this data collection.


Response:


One commenter raised several questions regarding the Privacy Act System of Records Notice (SORN) for NPPES and the availability of NPPES data through Freedom of Information Act (FOIA) requests, which are not relevant to the necessity, burden, or utility of this information collection.


Response:


One commenter states NPPES data is not properly tested or validated. This proposal does not address the process for [allowing?] Health Information Exchange (HIE) [access to the NPPES?] data. In addition, the commenter asserted that CMS is failing to verify the endpoint data submitted by providers.


HIE data is outside of the scope of this solicitation, however, CMS already has a large role in encouraging HIE through existing Medicare and Medicaid programs and initiatives, as well as new programs authorized under the Patient Protection and Affordable Care Act (PPACA).


Response:

One commenter states the screenshots are blurry and hard to read.


CMS values the feedback and will review the screenshots to determine an easier way for the public to review and read.


Response:


One commenter states there is an historical obligation for the NPPES database to gather and disseminate email addresses.


This is out of the scope of this data collection but CMS will take this suggestion under advisement.



Response:


One commenter states HHS-derived EHR standards continue to mandate that healthcare providers make Personal Health Records (PHR) systems available to patients.


Since 2006, the Centers for Medicare & Medicaid Services (CMS) has been engaged in a number of pilot projects to encourage Medicare beneficiaries to take advantage of Personal Health Records (PHRs). These tools, usually available through the internet, can help people track their health care services and better communicate with their providers. The type of Personal Health Records CMS has been testing are populated with health information from Medicare claims data. In the future, these records may be able to get information from a provider's electronic health record system, and some providers may begin to allow patients to see the information directly from those electronic records.

In general, a Personal Health Record (PHR) is controlled by the individual, and can be shared with others, including caregivers, family members and providers. This is different from a provider's electronic health record, which is controlled by the provider just as paper medical records are today. Ideally, a Personal Health Record will have a fairly complete summary of an individual's health and medical history based on data from many sources, including information entered by the individual (allergies, over the counter medications, family history, etc.).


Today, Personal Health Records are available from a number of sources: through many health plans for their members, through providers for their patients, and through independent vendors who are given permission by the individual to receive and store information from health plans, providers, pharmacies, labs, etc.


Response:


One commenter asks if Integrating Healthcare Enterprise (IHE) user endpoints will be made available in this modification of the website.


Integrating the Healthcare Enterprise (IHE) is an international initiative to promote the use of standards to achieve interoperability among health information technology (HIT) systems and effective use of electronic health records (EHRs). IHE provides a forum for care providers, HIT 230 experts and other stakeholders in several clinical and operational domains to reach consensus on standards-based solutions to critical interoperability issues. The primary output of IHE is system implementation guides, called IHE Profiles. IHE publishes each profile through a well-defined process of public review and trial implementation and gathers profiles that have reached final text status into an IHE Technical Framework, such as the IHE IT Infrastructure Technical Framework Volume 2b. However, this is not in the scope of this data collection solicitation.

Response:


One commenter states the specific requirements of the OMB on gathering racial data require that individuals who are multi-racial be allowed to assert this by choosing more than one race. The current racial interface is an exclusive radio button, rather than a series of checkboxes, which would be the correct HTML5 accessible way to collect this information.


This comment is outside the scope of the intended purpose of this data collection.





Response:


One commenter asks why is there no disability information is gathered on providers?


The Americans with Disabilities Act (ADA) prohibits discrimination on the basis of disability in employment, State and local government, public accommodations, commercial facilities, transportation, and telecommunications. It is a breach of the Fair Work Discrimination Act 2009 to ask any questions about personal attributes – for example disability, race, sex, or age – that do not relate to the role or position description. Medicare providers are not required to self-report their disability to CMS.


Comment:

Thank you for all
Best Regards


Response:


CMS appreciates the gratitude expressed by this commenter.


Comment:


We support the addition of the supplemental measures to the NPPES but strongly oppose prohibiting public access to the measures. In particular, availability of data on provider race, ethnicity, and languages spoken is sorely needed in a central, authoritative dataset that only NPPES can provide.

Multiple “green locks”, which make commitments to not disseminate data publicly available, have been inappropriately added to the NPPES data collection system, and have not been properly set out for public review and comment. Although the bulk of NPPES data is FOIA available, and the design of the NPPES website promises healthcare providers that their information will be “private” even though its FOIA availability makes that impossible. The new types of demographic data recently added to the NPPES system would play a vital role across many parts of the health system, but such data is being withheld from public dissemination/FOIA release using the “green locks”.

All stakeholders in the health system need provider identification and demographic data to be comprehensive and authoritative. For insurance issuers, constructing networks that serve the needs of the diverse populations of their members requires strong data on the providers’ demographics. Similarly, for provider organizations to ensure diversity and cultural competency within their own workforce they need centralized, authoritative demographic information. And for regulators and public agencies, effective allocation of resources similarly requires tracking the demographics of providers and availability of culturally and demographically appropriate providers. Finally, and most importantly patients need this information. Due to historic patterns of discrimination against African-Americans and other people of color, immigrants and non-native English speakers, the issue of obtaining culturally competent and non-discriminatory care is paramount in order for the healthcare system to provide equitable access to care. NPPES data can and must provide foundational data to correctly inform patients who are seeking information on providers who speak particular languages, or are of a particular ethnic or cultural background, or a particular age or gender.

CMS itself notes the importance of NPPES for provider lookup in its FAQ (https://www.cms.gov/files/document/nppes-frequently-asked-questions.pdf):
-----------------------
Q: Why does CMS feel that NPPES is good source for provider directories?
A: NPPES provides core directory data elements (provider name, provider specialty, provider address, provider telephone number) for virtually every provider in the country. Collectively, these data elements represent 91% of the CMS provider directory review errors found. NPPES data is available publically in a machine readable format at no cost.
---------------------

Much research indicates that patients have better outcomes with providers who match their needs culturally and demographically, and this remains a critical priority as the country grapples with how address health inequities driven by racial and other discrimination and exacerbated by COVID. Having information on providers’ self-reported race, ethnicity, and languages spoken will further enable this type of research and will be critical for stakeholders to begin to assess diversity in the workforce and identify opportunities to improve health care access and equity.

Checkbook has a great deal of experience using NPPES data to build and maintain online resources for consumers to look up doctors and health plan coverage of doctors. We have learned through this experience that, consistent with the research, many consumers care greatly about attributes that NPPES collects (or proposes to collect), but has proposed to not disseminate, including race/ethnicity, languages spoken, age, etc. Suppression of this data will impede Checkbook’s ability to deliver the products consumers need to make good choices about providers and health plans.

The NPPES system plays a vital role for all stakeholders in the health delivery industry. To meets the needs of these stakeholders, now and going forward, NPPES must continue to serve as a central, authoritative source of provider enumeration, and provider demographic data must made broadly available. CMS must require removal of the green locks that were inappropriately applied, and disseminate data, including the new supplemental demographic data, consistent with the needs of patients, health system stakeholders, researchers, and the public at large


Response:


The Balanced Budget Act of 1997 (BBA) (Public Law 105-33) section 4313, amended sections 1124(a)(1) and 1124A of the Act to require disclosure of both the Employer Identification Number (EIN) and Social Security Number (SSN) of each provider or supplier, each person with ownership or control interest in the provider or supplier, as well as any managing employees.  The Secretary of Health and Human Services (the Secretary) signed and sent to the Congress a “Report to Congress on Steps Taken to Assure Confidentiality of Social Security Account Numbers as Required by the Balanced Budget Act” on January 26, 1999, with mandatory collection of SSNs and EINs effective on or about April 26, 1999.


File Typeapplication/vnd.openxmlformats-officedocument.wordprocessingml.document
AuthorDaVona Boyd
File Modified0000-00-00
File Created2022-08-05

© 2024 OMB.report | Privacy Policy